cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

File permissions - strange beahvior

ErikKohler
Copper Contributor

‎Jul 06 2023 07:49 AM

‎Jul 06 2023 07:49 AM

File permissions - strange beahvior

Hello all,

 

I am not quite sure if this is the right place, but I'll give it a try. 

 

We have Freelancer, for whom we created an azure ad account in our tenant. He is licensed with a Business Basic license (means he can only use the Microsoft 365 Web Apps). He has a private Office license for the desktop apps.

When he is working on Files (Word, Excel, Powerpoint,..) which are created by a user from our azure ad and saved on sharepoint online, he can't edit them in the Desktop apps. 

But when he tries the same with a file from a customer, who invited him as a guest to their tenant (using the user he has in our Azure AD) he can edit the files.

My guess is, that when he opens the file in the desktop app, the app tries to access the file with his private user, which has no permission on that file, so the apps stays in read-only mode (not sure if my guess is correct). But why would it then work while working with the customers files? I'm super confused atm and don't know what could cause the behavior.

 

Any help will be appreciated.

 

Cheers,

Erik

400 Views
0 Likes
2 Replies
Reply
2 Replies
NikolinoDE

‎Jul 10 2023 03:07 AM

‎Jul 10 2023 03:07 AM

Re: File permissions - strange beahvior

@ErikKohler 

The behavior you described regarding file permissions can occur due to the difference in access rights and permissions between files created within your organization's Azure AD tenant and files shared by external users from a different tenant. Let's break it down:

  1. Files created within your organization's Azure AD tenant: When files are created by users within your organization's Azure AD tenant and stored on SharePoint Online, the permissions and access rights are typically managed by your organization. If the freelancer is using the Microsoft 365 Web Apps, their access may be restricted to online editing only. This can prevent them from editing these files using the desktop apps.
  2. Files shared by external users from a different tenant: When the freelancer is invited as a guest to another tenant and given access to files within that tenant, the permissions and access rights are managed by the guest tenant. Depending on the permissions granted to the freelancer, they may have full access to edit the files using the desktop apps, regardless of their licensing limitations in your tenant.

To resolve the issue and allow the freelancer to edit files within your organization's Azure AD tenant using the desktop apps, you can consider the following options:

  1. Grant appropriate permissions: Ensure that the freelancer has the necessary permissions and access rights to edit the files in SharePoint Online. Check the file-level permissions and the freelancer's user permissions within your organization's Azure AD tenant to confirm they have the required access.
  2. Assign appropriate licensing: Verify that the freelancer has the correct licensing in your organization's Azure AD tenant. If the freelancer requires access to the desktop apps for editing files, ensure that they have the necessary licenses assigned. This might involve licensing adjustments or potentially assigning them a higher-tier license.
  3. Collaborate using shared links: If it is not possible or practical to adjust permissions and licensing, consider using shared links to collaborate on the files. This would allow the freelancer to access and edit the files using the Microsoft 365 Web Apps without requiring the desktop apps.

My knowledge of this topic is limited, but since no one has answered it for at least one day or more, I entered your question in various AI. The text and the steps are the result of various AI's put together.

 

My answers are voluntary and without guarantee!

 

Hope this will help you.

1 Like
Reply
Kidd_Ip

‎Jul 10 2023 06:07 PM

‎Jul 10 2023 06:07 PM

Re: File permissions - strange beahvior

@ErikKohler 

Why don't limit the access through a place say SharePoint Online, Teams even Azure file sharing?

0 Likes
Reply