Forum Discussion
Files shared with Anyone sometimes prompt users to request acccess to the file
My company is experiencing an intermittent problem where sometimes a OneDrive for Business file shared with the setting "Anyone with this link can edit" prompts the user the file is being shared with to request access. If the user tries to open the file a second time, they can then access the file without requesting access. We're wondering why that access request prompt sometimes happens and how to prevent it. It doesn't happen consistently, so we're having trouble reproducing and troubleshooting it. Has anyone seen this before and know how to fix it?
114 Replies
I have a personal One Drive account I sometimes upload files I want to share with others to. I will direct the system to allow users to view files only. This is a consistent behavior I evoke. What I have found is that other end users which have a Microsoft 365 account constantly have this issue when attempting to access the links I send them. What I discovered, and I am greatly surprised MS has NOT corrected this yet, is the browser used by the end user has loaded into cookies or cache the USERS status as a MS 365 user, and then immediately directs the browser to request credentials. What I also discovered is that IF the end user invokes the link using a browser which has NOT had the opportunity to save cookies or the critical date into cache, the problem does not happen. I personally have discovered if I clear cookies and cache data from my default browser, the problem does not appear. Clearly one user below has discovered that MS first looks at the user access status condition, BEFORE looking at the link access status requirements (which would be totally open).
I would have holed that MS would have corrected this since it's been an issue since at least 2017. I HAVE NOT verified if the MS EDGE browser exhibits this behavior. The situation may be corrected in that software since it's under MS control.
Bill_Hawkins wrote Sept 19, 2022:
What I also discovered is that IF the end user invokes the link using a browser which has NOT had the opportunity to save cookies or the critical date into cache, the problem does not happen. I personally have discovered if I clear cookies and cache data from my default browser, the problem does not appear.
For the reasons you give, using an Incognito/Private window to open the link also works around the problem.
tom_tulinsky We send newsletters to 2,000 people, most of whom wouldn't have a clue what an incognito window is, so that wouldn't work for us.
- This is a really frustrating issue. I created an anyone with the link, shared it with our CEO and she couldn't open it, needed to request access. I tested the link in a guest window in Chrome and the file open right up, but when I clicked "sign in" in Word and signed with a personal Microsoft account (Not the tenant where the link was created), I now need to request access. From what I understand this should work just like "anyone with the link" in Google Drive. It should not matter if you have a Microsoft account or are signed in or not, or decide to sign in while you are using the file. Am I missing something with the way this is supposed to work.
- Nope. It should work like that. Microsoft Tries to track who opens the files etc. if they are authenticated and that causes the issues we see with it I think. It mostly works fine but it has its issues sometimes.
- I am not sure 'it should work like that' is a correct statement. I do believe that you are right, that they want to track users, but the result is that Anyone can open it EXCEPT if you are logged in. Which is kind of opposite day. You have successfully shared it with the entire world except the people in your organization.
What Microsoft should so is check how it is being accessed and respond to that. If it is by the shared link than that should be the first check. If it is directly to the file, than that should be the check. But denying access to your organization while opening it up to the world is the opposite of what should happen, IMHO.
🙂
- This issue is still occurring in 2022. I have a series of documents that are shared to different groups as a link that's "available to anyone who has the link". Some individuals are prompted to request access even though the settings are correct and I've personally checked that they're accessible as a guest.
- This is just unbelievable.
I switched my whole Cloud setup to OneDrive and now have to realize that File Sharing is simply completely buggy and not usable.
Minimum 50% of the users I share links with are not able to download.
When sharing folders and not files it ALWAYS happens, so doesn't even seem to be possible.
When trying to debug I found that in Opera browser it ALWAYS asks for login as well.
Expecting OneDrive is a fully developed solution, this is very frustrating.
I think I have no choice but to switch to another Cloud Storage.
Getting eMails from users not being able to access files is just not a possibility.Just ran into this and I am going to suggest a possible conflict. Thank you all for your contributions because it gave me some perspective. I suspect that it is an issue of how MSoft is applying the permissions - or more particularly in what order.
What seems reasonable to me is that if the user is logged on to the system and when the file is first accessed it occasionally tries to see if the user has access initially rather than using the link's permissions. In other words it does not follow this order
1 - does the link give access
2 - does the user have access
rather
1 - does the user have access (chokes)
2 - does the link give access
The idea is that the document may have multiple ways to grant access and the order is important. If it chokes before considering all paths (as it might if it checks for user first) it would prevent the access the link would give.
Just a thought...
🙂
- We also have this issue. Wanted to comment here and follow this thread.
- A data point: The problem continues to happen even though I'm using a completely new install of Windows on a completely new computer (not using same Windows-image).
- Same issue happening to me. Shared folder in OneDrive, selected Anyone with the link can edit, unchecked allow editing and put an expiration date to 6/1/2021. This morning received 5 email from users outside our organization, all of them saying the link is asking them to login. After reading this thread, I see how cached credentials in their browsers could cause an issue since it is supposed to be accessed "anonymously". Having said that, how do we fix this? asking external users to use Incognito mode in browsers, although it works, does not seem to be the most elegant solution, specially when we are talking about hundreds of users accessing these folders. I don't want to suggest my staff to use Dropdbox, please help find a solution!
Kind of same issue:
Go into my business One Drive online, right click on a folder to share,
change "Anyone with link can edit" to "Specific people" and uncheck "allow editing.
Click apply, then in next window type in one of business email addresses of a user.
Send the link, the user receives link in email, they click on the folder link,
chrome launches and they are asked to put in user credentials right away.
The standard Microsoft poup for "remember credentials", yes, then
user gets straight into the shared folder.Every 2 days or so I get message from 2 to 3 end users that this folder has
been shared with, that One Drive is asking for credentials to login.
This is very annoying, we just don't hand out the login password to end users,
so everytime this happens I need to remote into their computer and add the credentials.No idea why this happens, it seems to be after an update and restart to the computer,
or just a power off and restart.I have gone into the credential manager and clicked on "remove" of Office and Microsoft credentials.
Still keeps happening.Computer is updated, Chrome is updated, etc.
My organization is having a similar issue. I work at a university in our online school. We use OneDrive to host all of our curriculum files and we exclusively use Anyone With the Link Can View links to link course files into our LMS. We are running about 300 courses and about 1000 individual course sections each year, with thousands of files shared from our OneDrive into those courses.
We are sporadically getting links that have been set as Anyone Can View prompting users to sign in or getting error messages as some others have stated already. Just last night I had a student submit an issue that a file was giving this error and it did for me as well. But when I got into the office this morning to troubleshoot further, the file link was working properly.
When I access the files through my LMS Administrator account (which has our institutional OneDrive linked to it), I can access the file no problem. But when I test in Incognito Mode or in another browser that does not have my credentials saved, I'm getting the request access or error message.
This is the first forum I have found that has discussed a similar issue.
- If you go into where the file is stored, and click the file then manage access on it, and see the anyone link, copy it, and check it vs. the link you have published, do they match?
StephenRice Our organization has the same problem (for several years) ! I've opened several tickets with Support with no help (other than asking me for fiddler logs when the issue happens). I've even shared Office and Azure audit logs with Support. Just like everyone else, 9 out of 10 will be able to access. the 10th person will be able to access after clicking on the link multiple times.
I've experienced the issue personally (member of IT) so double checked everything was set correctly (links shared vs what is under manage access). In my experience, when it didn't work after clicking on the link a couple of times, I clicked on the link in an incognito browser window and was able to access with no problem. Afterwards, no issues accessing with regular browser. No time to get fiddler logs as needed to collaborate in real time !
- Haven’t read the full threat here but wanted to share that we are seeing a similar behaviour in ODFB in W10 file explorer. We have not done a lot of research yet. But to me, it seems to be a bug that cause the incorrect link type to be generated after you select “anyone with the link” and click “copy link”. The first time you get the link after selecting anyone, it is a link requiring sign in, but if you go back to Share and click “manage access” you will find that an “anyone” link was in fact created and you can copy it from there. Pasting those two links next to each other, we found that they are clearly different. Maybe it has something to do with which link type is default on tenant level. We do not have “anyone” links as default, in fact we are limiting access to those links via a security group so the bug might be related to that.
Anyhow, for us this is quite clearly a bug, at least in the W10 file explorer UI, where the “anyone” selection is not respected when it generates the link and copies it automatically, but it does generate the correct link in the background which can be found under “manage access”.
Hope this makes sense and helps the troubleshooting. We're experiencing the same issue\symptoms that Emily reported but with SharePoint, not surprising because of the since OneDrive\SharePoint integration.
Intermittent problem where sometimes a SharePoint file shared with the setting "Anyone with this link can edit or view" prompts the user to request access to the file. If the user clicks on the shared link a second time, they can then access the file without requesting access.
If the user submits the Access Request, the SharePoint site owner does receive a email to Approve\Reject the request. However, if the user clicks on the link the second time (without the SharePoint Owner approving the request), the user gains access to the file. Approval is not needed and this only happens to some users.
We're trying a custom message for the Access Requests so as to set expectations and to try the link again, but that isn't a fix. We're looking to see whether others have experienced these issues with SharePoint and whether a fix has been found or options to better manage the situation.
- StephenRice
Microsoft
Hi folks,
As a matter of fact I do still show up around here 🙂
Let me kick off a thread with some folks internally to see if we can take a guess as to what's going on. My gut is that Chris is correct and the service is latching on to some cached credentials but as you all know, it's tough to nail it down when it doesn't reproduce regularly. If anyone does manage to snag either a trace of this happening or a correlation ID on a request where it occurred, please shoot me a PM. Thanks!
Stephen Rice
Senior Program Manager, OneDrive
- StephenRice
Hi all,
Unfortunately, we're still not able to identify a root cause here from our side. If anyone here happens to have this issue reproduce, please send me a PM. If we know the link that was used, the organization that experienced it, and the rough timeframe when this occurred, we should be able to pull out some logs on our side to help understand what is going on here. Thanks!
Stephen RiceSenior Program Manager, OneDrive
