Forum Discussion

john john's avatar
john john
Steel Contributor
May 19, 2020

Define "Allow only users in specific security group to share externally" for sharepoint sites only

As per my knowledge if we define that only users inside specific security group can share with external users, as follow:-

 

 

then this will be applied to SharePoint sites + onedrive personal sites. now inside our organization we want everyone to share files with external users inside their one-drives, while only allow users inside the above security group to share the sites with external users.. so is this possible? or the above settings will get applied to sharepoint and onedrive?

  • AnisHKR1710's avatar
    AnisHKR1710
    Copper Contributor

    Hello everyone,

     

    Did someone find a solution to this problem?

    I used the mail enabled security groups BUT the users in that group still can't share files externally. 

     

    Also note that if I untick the box: "Allow only users in specific security groups to share externally", people can share. I'd like to assume that this means that the problem comes from this setting alone and not from other tenant wide configurations.

  • Hi john john,

     

    This particular setting is only available at the organization level today and so is working as expected. The policies here will apply to content stored in OneDrive and in SharePoint. There is no way to configure separate lists of allowed users today. If you have any questions, feel free to let me know! Thanks!

     

    Stephen Rice

    Senior Program Manager, OneDrive

    • HenricStr's avatar
      HenricStr
      Copper Contributor

      StephenRice 

      For me this settings does not work. But that might be because I do not know how to combine this option with the overall tenant sharing settings.

      For OneDrive our setting is least permissive, we only allow sharing withing our organization.

      I would now like for a few users (that are in the same sec.group) to be able to share outside the organisation. But even after enabling the option "Allow only users in specific security group to share externally" it does not work.

      Does our global setting need to be changed, to most permissive? And only then will the option "Allow only users in specific security group to share externally" actually serve it's purpose by actually blocking the sharing option for anyone not included in the sec.group

       

      regards

      • StephenRice's avatar
        StephenRice
        Icon for Microsoft rankMicrosoft
        Hi HenricStr,

        That's correct. The overall tenant sharing settings must be enabled in order for ANY external sharing to occur. Once they are enabled, every other setting applies further restrictions (such as only allowing the external sharing by specific people). Hope that helps!

        Stephen Rice
        Senior Product Manager, OneDrive
    • Tommy Rihu's avatar
      Tommy Rihu
      Copper Contributor
      StephenRice
      so as PeterRising wrote "I just tested this, and with the setting applied it would not allow me to share externally from SharePoint or OneDrive from a user not in the security group. As soon as I turned the setting off again, it allowed me to share once again. So at first glance it sure looks like this is a settings that is either on or off across both SharePoint and OneDrive."

      why this happens have seen this to? does it take time for the group to apply our is it some Token thats taking time?

      regards
      Tommy
  • john john 

     

    I just tested this, and with the setting applied it would not allow me to share externally from SharePoint or OneDrive from a user not in the security group.  As soon as I turned the setting off again, it allowed me to share once again.  So at first glance it sure looks like this is a settings that is either on or off across both SharePoint and OneDrive.

Resources