Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
SOLVED

Guest users are not showing in document library

Iron Contributor

If I grant guest users rights directly to a SPO document library (after having disabled inheritance), the users will have the expected rights, but they will not show up in the list of users/groups with access to the library. This is of course a security problem, because you can't see (easily) who have access, but it also means that you can't remove or edit the user (in the GUI).

 

If I put the same users in a group, it works as expected.

 

Are you seing the same thing?   

10 Replies
Are you picking the users from the B2B users already invited through Azure AD B2B?

Yes - as I wrote, the same users are working ok, when added via a group.

best response confirmed by Daniel Martins (Microsoft)
Solution

Hello Jakob - 

 

Please refer to this doc  https://docs.microsoft.com/en-us/azure/active-directory/active-directory-b2b-faq.

 

See the question about SPO people picker:

Are B2B collaboration guest users visible in SharePoint Online/OneDrive people picker?

Yes! However, the ability to search for existing guest users in the SharePoint Online people picker is OFF by default to match legacy behavior. You can enable this using the setting 'ShowPeoplePickerSuggestionsForGuestUsers' at the tenant and site collection level. This can be set using the Set-SPOTenant and Set-SPOSite cmdlets, which allow members to search all existing guest users in the directory. Changes in the tenant scope do not affect already provisioned SharePoint Online sites.

 

Please run the above mentioned cmdlets to see the added users in the picker and let us know if that worked for you!

Hi Sarat

 

Thank you for the answer and sorry for the late response.

 

It works!

 

Is it possible to specify that all new sites that are created should have ShowPeoplePickerSuggestionsForGuestUsers set to True?

 

Regards

Jakob Rohde

Hi - picking up on this for my need - I am not sure if I am going mad - running the below is not working, should it be?

 

Set-SPOSite -Identity https://domain.sharepoint.com/sites/testsite -ShowPeoplePickerSuggestionsForGuestUsers $true

 

thanks

In fact - the site does not have this property - do you need to set at tenant first?

I cannot find this setting in either set-spotenant or set-sposite. Is it enabled elsewhere?

I never did find the ShowPeoplePickerSuggestionsForGuestUsers feature on either commandlet. I did get it working this way, though I really don't understand why.

  1. User created via Azure AD New guest user feature
  2. Goto SPO and click Share (or add to a user group in SPO)
  3. Enter the users email address, same as the one used in step 1.

This works. After I did this, I also was able to find the user via their display name in the people picker.

 

 

This is probably from the cache of browser or outlook contact cache.

I’m pretty sure that it is not for two reasons. First, I do all of this administrative work in and in private browser. Second, these are email addresses that I have never seen before or emailed before. They are a list of users sent in from a client partner company.

As a sidenote, what I have started doing is inviting all users to AzureAD using powershell and then adding those invited users to sharepoint groups that have already been added to the document library, also via powershell.
1 best response

Accepted Solutions
best response confirmed by Daniel Martins (Microsoft)
Solution

Hello Jakob - 

 

Please refer to this doc  https://docs.microsoft.com/en-us/azure/active-directory/active-directory-b2b-faq.

 

See the question about SPO people picker:

Are B2B collaboration guest users visible in SharePoint Online/OneDrive people picker?

Yes! However, the ability to search for existing guest users in the SharePoint Online people picker is OFF by default to match legacy behavior. You can enable this using the setting 'ShowPeoplePickerSuggestionsForGuestUsers' at the tenant and site collection level. This can be set using the Set-SPOTenant and Set-SPOSite cmdlets, which allow members to search all existing guest users in the directory. Changes in the tenant scope do not affect already provisioned SharePoint Online sites.

 

Please run the above mentioned cmdlets to see the added users in the picker and let us know if that worked for you!

View solution in original post