Forum Discussion
guest expiration
Hi all,
The Expiring External Access feature mentioned in the documentation above hasn't been rolled out yet which is why it's not showing up in your UI 🙂 Looks like our documentation went live a little early. Keep an eye on Message Center for the latest details on this feature! Thanks!
Stephen Rice
Senior Program Manager, OneDrive
MicrosoftYes, this is rolling out now! You should expect to see this in your other tenants in the coming days & weeks!
Stephen Rice
Senior Program Manager, OneDrive
This feature just hit my tenant this week and I'm trying to learn more about it. Will this feature also remove access to sharing links from SharePoint after a defined period of time or only site level access/permissions?
- Hi @Stephen...In my testing, it appears tenant level setting does not need to be On to enable expiration at per-site level.
Steps for a pilot:
1. Do not enable the guest expiration at SPO tenant level,
2. Use PowerShell as below to set the properties for selected pilot sites.
-OverrideTenantExternalUserExpirationPolicy $true -ExternalUserExpirationInDays 30
Have I got it right? Or is there any background process that indeed checks that tenant setting is On for site level settings to be effective. - StephenRiceYes, any AAD backed group will not have users expire out.
So yes, in your example, only Guest2 would be covered by this expiration policy. For expiring users out of AAD groups, you can check out the Azure Access Reviews feature.
Thanks!
Stephen Thank you StephenRice
To clarify, "modern group" is an Azure AD group?
For example:
MySite Members (SPO)
MySite Members (AAD)
Guest1
Guest2
In this example Guest2 will lose access while Guest1 will maintain it?
- StephenRiceHi Roniy,
If the user is just a member of the SharePoint Group (e.g. not a member of the modern group), then they will expire.
And yes, even after a user has expired, they can still be shared to; it will just be like starting fresh.
Thanks!
Stephen Rice StephenRice and another question 🙂
The notification we got from the msg center on Sep. 2020 mentioned that:
"After a guest loses access to a site, any user with the ability to share content externally can re-invite the guest to each document or item as needed."
Is this still true?
Thank you!
Hi StephenRice
What will happen to a guest that is a member of the site members group?
And a guest that is part of a group that has access to a file on the site?
Will they also lose all access?
- StephenRiceSorry for the slow response here!
So the user is not removed from the link itself but they do expire from the site as a whole (e.g. they can no longer access any content that they previously could in the entire site collection). Hope that clears things up! Thanks!
Stephen Rice
Senior Program Manager, OneDrive
