Forum Discussion
Set Default Sharing to "People with Existing Access"
Hi Gilbert Okello,
We do not support setting the default to people with existing access. When the default link is not available, we set the default to the next supported default link (which in the case above, is specific people). If this is a capability you're interested, I'd suggest submitting this to onedrive.uservoice.com to help us prioritize the work. Thanks!
Stephen Rice
OneDrive Program Manager II
MicrosoftArne Vandeleene, thanks for the feedback! Our aim has been to build a lot of great controls here so that admins can tune the experience to fit their specific needs as needed. And we're always looking to improve in this space!
Michael Rennie, the command only works on a per-site basis so if you ran it for mytenant.sharepoint.com, it will only apply on that site collection. You will need to run it for each site collection where you want this default to apply (e.g. tenant.sharepoint.com/teams/team1, tenant.sharepoint.com/sites/projectalpha, etc).
Hope that helps!
Stephen Rice
Senior Program Manager, OneDrive
Any update to this per-site setting of the default sharing link to People with existing access? We would like this to be our tenant default and not have to type in every link to 800 site collections. 
🤞🙏
Hi TedLarsen
Great question - can you set a default sharing setting for every new team you create?
For files you can use the SharePoint admin > Policies > Sharing > File and folder links menu item that is available here
https://<yourTenantName>-admin.sharepoint.com/_layouts/15/online/AdminHome.aspx#/sharing
Here you can set the tenant and onedrive default External sharing (we use "new and existing guests") AND the "File and folder links" options. You can choose between "Only people in your organisation" (we use this setting) or "Specific people (only the people the user specifies)" (we manually set this for some teams).
If you need to alter external guest access to the team e.g. email address removed for privacy reasons you need to do that via the TEAMS admin center policies.
I hope this helps.
Dorje-McKinnon
Sorry for bumping this old thread. Thanks again for providing this script, this was helpful in changing all 400 of our sites default to "Existing Access" as promised. I now would like to know if Microsoft will provide a way to have this be the default when a new Team is created, automatically (without having to manually change it in the admin portal). Is this something that is already possible and I"m missing it, or is Microsoft still working on that functionality?Thank you so much for your help and your detailed description. It worked perfectly when I added your changes!
I wish you a great day and thank you again for your help. You have saved me a lot of headaches and broken nerves
Hi StephanArco
Thanks for letting me know about the problem.
It seems that the way set-pnpsite interprets the -identity value may have changed.
When i run the code I posted it doesn't work any longer.
If you change
- Set-PNPsite -identity $site -DefaultLinkToExistingAccess $true
to - Set-PNPsite -identity $site.url -DefaultLinkToExistingAccess $true
In my testing this change worked.
Below is how I came to that conclusion
I then added in the following to figure out what might be happening
#following row was in original code
$SitesInTenant = Get-PnPTenantSite -Template GROUP#0
#new row to check there are some sites in the variable
$SitesInTenant.count
#then I just want to see what type of thing the $site variable will be so I do the following
ForEach($Site in $SitesInTenant)
{$site
}
#I got back the following, a big list all like this
#Url Template LocaleId
#--- -------- --------
#https://mycompany.sharepoint.com/sites/teamsiteName GROUP#0 5129#Then I did the following to look at one item
write-host $SitesInTenant[0]
#I got back
#PnP.PowerShell.Commands.Model.SPOSite
#this tells me that the $site variable is an object
#so then I used the information from this testing to do the following
ForEach($Site in $SitesInTenant)
{write-host $site.url
}
#to conclude I think the following will work note I changed $site to $site.url
ForEach($Site in $SitesInTenant)
{#reference https://pnp.github.io/powershell/cmdlets/Set-PnPSite.html#-defaultlinktoexistingaccess
Set-PNPsite -identity $site.url -DefaultLinkToExistingAccess $true
#write-host $site.url
}
- Set-PNPsite -identity $site -DefaultLinkToExistingAccess $true
Hi Dorje
Thank you very much for script. However I tried your script and I get this error message for each instance:
Set-PNPsite : Invalid URI: The format of the URI could not be determined.
At line:19 char:1
+ Set-PNPsite -identity $site -DefaultLinkToExistingAccess $true
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Set-PnPSite], PSInvalidOperationException
+ FullyQualifiedErrorId : InvalidOperation,PnP.PowerShell.Commands.Site.SetSiteWhen I enter the URL of the Site directly instead of the $Site variable it works fine. Also I checked the contend of the $Site variable and it inherits the right URL. Therefore I am very confused of this error message as the URL should be correct.
Thank you for your help!
Best
Stephan
Hi LisaJo48 ,
My previous comment was pointing you to creating your own code that did 2 things:
- get a list of all the sites in your tenant
- then for each one of those set the following
Something like the following| NOTE check this with ONE or two sites first, before doing it across all 800 of your sites.
Import-Module Microsoft.Online.Sharepoint.PowerShell -DisableNameChecking #change XXXX for your tenant name $AdminSiteURL="https://xxxx-admin.sharepoint.com" $Credential = Get-credential Connect-PnPOnline -Url $AdminSiteURL -Interactive #sharepoint online list all site collections powershell #Get All Group Sites $SitesInTenant = Get-PnPTenantSite -Template GROUP#0 #for each site then set the property you want ForEach($Site in $SitesInTenant) { #reference https://pnp.github.io/powershell/cmdlets/Set-PnPSite.html#-defaultlinktoexistingaccess Set-PNPsite -identity $site.url -DefaultLinkToExistingAccess $true }NOTE - set-pnpsite code updated 24 Nov to be $site.url
Reference for this is here
https://pnp.github.io/powershell/cmdlets/Set-PnPSite.html#-defaultlinktoexistingaccess
Thank you Dorje-McKinnon, I have the code that you referenced; however, this command requires that a specific site in the tenant ("YourSite" portion) which means that I would need to run the command for each site [collection], one at a time. This is what I want to avoid. I would like to know of a PS command that will set ALL site [collections] in our tenant to 'people with existing access'.
Are you saying that my interpretation of this command is incorrect and it, actually, does affect all sites in a tenant simultaneously? If not, I am looking for a command that does.
Hi LisaJo48 ,
You can do this using PowerShell in a couple of different ways.
If you use Sensitivity labels you can use those to define the type of sharing for each site. More info here https://office365itpros.com/2021/06/08/default-sharing-link-settings/
If you want to set every site to a specific type of sharing you can do that using the following powershell
Set-SPOSite -identity https://YourTenant.sharepoint.com/sites/YourSite -DefaultLinkToExistingAccess 1
Reference https://lightningtools.com/blog/sharepoint-default-sharing-link-people-with-existing-access
You or your IT team should be able to adapt the following, to run the above script for everyone of your sites if that is what you want to do.
I hope this helps.
