Forum Discussion
Solved
SPO with AD groups - refresh membership
Hello, I use synced AD groups to set permissions on SharePoint Online document libraries. When I remove, let's say 'userA', from my AD group then run a synchronization to O365, userA still have acce...
Yeah, so the Token Cache is the one for on-prem was 24 hours, looks to be the same in 365 "Access Token". Here is article about it, you can apparently change them for your tenant. https://docs.microsoft.com/en-us/azure/active-directory/active-directory-configurable-token-lifetimes
Yeah, so the Token Cache is the one for on-prem was 24 hours, looks to be the same in 365 "Access Token". Here is article about it, you can apparently change them for your tenant. https://docs.microsoft.com/en-us/azure/active-directory/active-directory-configurable-token-lifetimes
Hello,
After severals tests, I think the membership refresh is OK. But I have a stranger user experience.
Case : the user has access to a file (for example a word file), then I remove the access for this user.
=> If the user lets his tab opened in the browser, he is able to modify the document ! I tested several times (with group, direct access and even with anonymous links). From my point of view, it is a big security breach !
Anyone has experiment the same ? How can I handle this ?