Forum Discussion
Site Collection external sharing option -ExternalUserSharingOnly not working as expected for folder
- StephenRiceMar 15, 2018
Microsoft
Deleted,
Can you send a screenshot of the error that you are seeing? Thanks!
Stephen Rice
- DeletedMar 20, 2018
Hi,
sorry for the late response.
Here's a screenshot of the error message. I tried this with another user (my personal Gmail account) but the error message I receive is the same.
Please be advised that this is in German. The translation is:
Access denied.
"emailAddress" has no permission to access this resource.
-> Authenticate with the account that your employer or school has provided you in order to use Office 365 or other Microsoft servies.
Testing further I found out that once my external user received the "access denied" message, sharing another folder (same library) immediately results in the error message. No code will be sent anymore.
The same happens on another site collection.
Next, I tried to paste the link in the sharing invitation email into a private session.
I received this error message:
It translates to:
Sharing link verification
You have received a secure link to:
Folder 1 (icon)
emailAddress exists within the list of people for which this link is secured but you must first login with urn:spo:guest#emailAddress. Login with urn:spo:guest#emailAddress. and we will grant you access instantly.
Next (button)
So when I klick next, I'm redirected to the Microsoft sign-in page.
Obviously, entering urn:spo:guest#emailAddress. won't work so I entered my the regular one (a Gmail address). Then I was prompted to enter my password. I was able to do this but only because in the past I had already linked my Gmail account to an Outlook.com account so I used those credentials.
After that I was asked if I wanted to remain loggin in and the next message was:
Translation (not everything):
Unfortunately, this has not worked.
Unfortunately "emailAddress" was not found in the directory "tenantName". Please try again later. In the meantime we're trying to fix the problem automatically.
Here're a couple of ideas...
So this suggests that the user has to be in the tenant's directory.
Hope that helps.
Thanks.
- DeletedMar 20, 2018Yeah this is happening because that logged in address has been associated before with another account in the tenant. You'll have to basically remove that user and re invite and login with that MSA to be able to use that account. It can be rather annoying for users especially when they are already logged in with another MSA and hit a link that they don't have access too because they have been invited more than once on different e-mails associating different accounts. I've seen it happen a few times in my org where one person invites to a site, then another later uses a different e-mail to invite that same person.