Apr 04 2017 12:57 PM - edited Apr 04 2017 01:15 PM
OD4B seems to get more confusing by the day. I am now presented with 'sharing' and 'get a link'. Not exactly sure what the difference is. However when I choose share and 'can edit' and then select a specific person in my domain, when I later look at the information regarding the file, it tells me a specific link has been shared for 'edit' for anyone who has the link. While I know what this means, why did I share it with a specific person (only one person) and then see this behavior? So how do I actually shar with just one person? It's so hard to gain traction with users when I can't fully explain it myself. Every time I think I have it figured out, I see something like this. Is this behavior due to a universal setting? Thank you in advance. @Salvatore Biscari (Sal usually has the answer..lol)
Apr 04 2017 01:25 PM
Apr 04 2017 01:30 PM
Hi Juan and thank you. But why when I shared a particular document with one person, it shows as a link was created and anyone with the link can edit? Is this do to my universal settings in OneDrive in the Office 365 Admin portal? I shared this file with one person but this is what the info show me? (see attached)
Apr 04 2017 01:30 PM
Apr 04 2017 01:33 PM
See my post above with screenshot. I did do that, I chose 'share' picked one person (in my domain) and when I look at the file info in OD4B I see that it's a link that 'anyone' (if they get the link) can edit. What caused that behavior?
Apr 04 2017 01:39 PM
I just tried again and when I select a file and select 'share' I am presented with the dialog box below. I shared with one person (user5) but it still states anyone with this link can edit. I am assuming that behavior got set somewhere else and I now need to change this every time prior to sharing? It's not a big deal to change it but if I accidently forget, I have, in effect, shared the file for editing with anyone who gets the link correct?
Apr 05 2017 04:17 AM
Hi Mark.
I will try to help:
You have already discovered how to change the type of link on the fly (i.e. clicking on the rather obscure hyperlink).
You can change the default type of link in the ODFB admin center.
Hope it helps...
Apr 05 2017 04:26 AM
Hi Sal, and thank you. So, the only way to change the behavior I posted in the screenshot is on the Admin side? Again, I selected 'share' (one document) and I added one person (domain user), however, as you see, the link it produced states anyone with the link can edit, as default behavior. As you said, I can change it on the fly but you have to "rememember" to do so. If I want the default behavior to only share with that person(s) with the ability to read unless changed, is there a specific in the Admin side? One you go into the Admin piece for OD4B, it gets confusing really quick with all of the seemingly "mix and match" options. My goal is to allow people to select "share" and then select people to share with and make them change the default read-only permissions to edit. As of now the default is anyone with link can edit.
Apr 05 2017 04:43 AM
You could set the default to "Direct" in ODFB admin center:
Hence, when you choose "Share", you will get the following:
Unfortunately, it is not possible to set the a default for the read/edit permission...
Apr 05 2017 06:49 AM
That seemed to solve my use case! As always, thank you @Salvatore Biscari !
Apr 10 2017 11:26 AM
Hi all,
Just popping in to +1 Salvatore's reply. Exactly the right solution and the right explanation for why the product does what it does. Feel free to ping me if you have any other questions/concerns on sharing in ODB & SPO. Thanks!
Stephen Rice
OneDrive Program Manager II
Apr 11 2017 12:39 PM
@StephenRice and @Salvatore Biscari I have a few clarifying questions.
Thankas, Bruce...
Apr 11 2017 02:18 PM
Hi Bruce,
To your first question, if the link is e-mailed through OneDrive & SharePoint, it will show up in the recipient user's Shared With Me view. Otherwise, once they click on the link, the document will also show up in that view. In general, when ODB/SPO can be sure that the user should have access to the content, we will try and make sure it shows up in SWM. The primary cases where we don't know are when you copy the link as then we don't know where it is being sent.
For your second question, anyone who has edit permission to the resource is able to re-share it (assuming the Members Can Share feature is enabled, I can give you more detail on this particular policy if needed). There is an additional sharing policy in the admin portal that prevents external users from re-sharing content they don't own.
Anytime someone clicks on a link while authenticated, they will show up in the "Manage access/permissions" pane and be associated with that link. If the user is not signed in, no information is added to the permissions pane, but we do log an audit event that the anonymous link was used.
Hope that helps!
Stephen Rice
OneDrive Program Manager II
Apr 11 2017 02:52 PM
Apr 11 2017 03:07 PM - edited Apr 11 2017 03:08 PM
No problem! We're trying to make this all as easy to understand as possible. This is definitely one of those places where we have a little more simplification to do 🙂
Feb 13 2019 08:22 AM - edited Feb 13 2019 08:29 AM
@StephenRice Wish the OneDrive sharing policy has an additional policy that prevents internal users from resharing content they don't own. This is becoming a big problem with OneDrive adoption as few members are worried that the content they own is now being modified by people that they didn't intend to.
Feb 13 2019 09:48 AM
Hi @Anantha Dommeti,
There is actually a setting that you can turn on as admin that forces Members Can Share off on OneDrives. You can set thsi via PowerShell (I believe it is ODBMembersCanShareoff). Once off, only the owner will be able to share. Give that a try and let me know if it works! Thanks!
Stephen Rice
OneDrive Program Manager II
Apr 02 2019 12:37 PM
@StephenRice - Apologies for the late response. Yes, ODBMembersCanShareoff setting solved the problem.
Thanks for your help!
Apr 04 2019 09:56 PM - edited Apr 04 2019 10:02 PM
When someone sets up "Share with Specific People "and "External users must accept sharing invitation using the same account that the invitation was sent to". Does MSFT alter the email header to prevent the recipient from forwarding the email with the invite so non-specific people can't view the document? What exactly happens to prevent someone from forwarding the original invitation with the link?
I need to explain to clients why this feature protects their documents from being shared.
Thanks,
Michelle