cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Users are able to access O365 services even after their licenses removed!!

Atul Moghe
Brass Contributor

‎Jul 19 2017 03:00 AM - last edited on ‎Feb 01 2023 01:43 PM by

‎Jul 19 2017 03:00 AM - last edited on ‎Feb 01 2023 01:43 PM by

Users are able to access O365 services even after their licenses removed!!

We have observed that when we remove the licenses of any user, the user is still be able to access the service. I am not sure if this is by design or a bug. However, if you are Office 365 Admin, this behavior is not as per your expectation. When you remove the licenses from the user in Office 365 Admin Portal UI, you tend to believe user will not be able to access the services. But it doesn't work that way.

 

In case of SharePoint, though the license is removed for a user, he could access the site, upload the document and do anything as per the permissions was assigned to him in SharePoint site. So SharePoint doesn't bother to check if the user has license for SharePoint Online or not.

 

Same thing happens with Planner and other several services. What we've seen is only change happens to user is, the tiles of the services(which licenses you removed) will be removed from the quick launch of Office 365. But that's it. If you know the URL of service you could paste in browser and the you could use the service as is without any issue.

 

Is this by design or a bug? Please share your thoughts.

6,409 Views
0 Likes
6 Replies
Reply
6 Replies
Cian Allner

‎Jul 19 2017 04:07 AM

‎Jul 19 2017 04:07 AM

Re: Users are able to access the services(like SharePoint, Planner etc.) after removing O365 license

Is this to do with staff that have left the organisation and blocking their access or more about changing what services are available to staff because of changes in their role etc? 

 

For when staff leave, Microsoft list these steps if wanting to immediately block access, after removing licences - Remove a former employee from Office 365 with this apparent caveat:

 

"Blocking an account can take up to 24 hours to take effect. If you need to immediately prevent a user's sign-in access, you should reset their password and then initiate a one-time event that will sign them out of Office 365 sessions across all devices. See Sign out now!"

1 Like
Reply
best response confirmed by Atul Moghe (Brass Contributor)
Vasil Michev

‎Jul 19 2017 11:01 AM

‎Jul 19 2017 11:01 AM

Solution

Re: Users are able to access O365 services even after their licenses removed!!

Microsoft simply does not enforce license requirements for some services. This has been a "known issue" for SPO for years now, ever since we got Guest access. Other services similarly allow the user to access the functionality without a license. Which doesnt mean that you are not required to have a license, as in most cases you will be breaching the license agreement.

1 Like
Reply
Erin Scupham

‎Jul 19 2017 11:25 AM

‎Jul 19 2017 11:25 AM

Re: Users are able to access O365 services even after their licenses removed!!

We've seen the same thing, and confirmed that's how it functions (as Vasil mentioned).  If you have Azure AD Premium though, you can use conditional access to block users from specific apps, even if their license is enabled.

2 Likes
Reply
Atul Moghe

‎Jul 20 2017 03:44 AM

‎Jul 20 2017 03:44 AM

Re: Users are able to access O365 services even after their licenses removed!!

Thanks Vasil for your quick response.

 

Yes, that seems to be true. But this also means that you as an Admin can not control what services user can/cannot access via Admin portal! That's quite limiting and i think most of the admins wouldn't know that.

 

I think Microsoft should clearly mention this if it is by design.

0 Likes
Reply
Vasil Michev

‎Jul 20 2017 04:52 AM

‎Jul 20 2017 04:52 AM

Re: Users are able to access O365 services even after their licenses removed!!

Agreed, but there are dozens of different teams at Microsoft, and most of them have their own opinion on how things should work with their particular application. Take Groups and Planner as an example - a non-member can see all files/conversations in a Public Group, but cannot see tasks inside the Group's Plan. So some applications enforce license and membership requirements, others do not, it can get messy at times...

1 Like
Reply
Adrian Hyde

‎Jul 20 2017 06:55 AM

‎Jul 20 2017 06:55 AM

Re: Users are able to access O365 services even after their licenses removed!!

Some companies use license enforcement to drive revenue generation and will have a mountain of developers coming up with ways to restrict access to an apps when a license is not present. As Vasil already mentioned, Microsoft has implemented a model that has some flexibility, since there are so many interdependencies of apps that blocking things can cause some very strange consequences. (Great example, look at what happens to companies that block Office Groups, and all the unintended behavior that occurs with other features).
In my opinion, I'd much rather the MS Devs spend their time working on bugs and new features than license enforcement.
1 Like
Reply
1 best response

Accepted Solutions
best response confirmed by Atul Moghe (Brass Contributor)
Vasil Michev

‎Jul 19 2017 11:01 AM

‎Jul 19 2017 11:01 AM

Solution

Re: Users are able to access O365 services even after their licenses removed!!

Microsoft simply does not enforce license requirements for some services. This has been a "known issue" for SPO for years now, ever since we got Guest access. Other services similarly allow the user to access the functionality without a license. Which doesnt mean that you are not required to have a license, as in most cases you will be breaching the license agreement.

View solution in original post

1 Like
Reply