SOLVED

Share a folder with ALL the organization, not specifying each member

Copper Contributor

Hey all,

I would like to share a folder in my OneDrive with all the people in my organization. I did so a couple of days, then sent the link to a couple of colleagues. They all could open the link and access the folder content. 

Today I sent the same link to other colleagues and when they clicked it, they couldn't access the folder. They landed on the "Request access" page.

 

requestaccess.png

 

I had to manually grant them the access before they could access it. 

In the "Permissions" screen of that folder, I can see that the 3 people I just granted access appear, as well as the colleagues who accessed it 2 days ago : 

 

permissions.png

However, I don't understand why it worked 2 days ago and not anymore today. Does the sharing link expires after some hours or something ? Or did I do something wrong ? 

 

Today I tried again with creating a sharing link and sending it to a colleague : 

 

Capture d’écran 2018-08-09 à 14.02.21.png

It worked for him (the same one that had the "Request access" screen just before. I forwarded this e-mail to 3 other colleagues for which it worked too. 

 

So, I need a few clarifications : 

 

- If I create a sharing link, does it cancel the previous ones ? 

- If I choose to share a file with all the organization, does it change anything to clearly add the person as a recipient of the "share the link by e-mail" tool ? Or if he gives the link to somebody else, would this person have access too ? 

- How to check if a folder is shared to way we would want ? Here is the actual "settings", it says that "every member of XXX having this link can edit this element". 

 

Capture d’écran 2018-08-09 à 14.13.59.png


Thanks a lot !

Erik  

9 Replies
Link should need generated once and if you use that same link it should be fine unless you set the expires value.

Two common things I see happen on this case that would cause that.

1. The user getting access denied is already logged into a non work Microsoft account in the browser session and when they click that link they get access denied because they are not in the org with that account.

2. Probabaly not the case but I’ve seen people click their sharing link to look at a file then they will copy the URL from the browser and send that to someone to access bot realizing that URL isn’t the same as the sharing URL. Once you click a sharing url you go through some kind of link security check where it can add you to that list of users that accessed and added to permission of folder then redirected into the direct OneDrive/Sharepoint url.

Hi Christopher,

 

Thanks for your help on this. The first reason seems relevant but from seeing it yesterday, it was not the case. I'm more curious about the expiry you mention in the beginning. I didn't set any expiry, but can it be something set by our IT department, for security reasons for example ? Is there any way to check the expiry of a sharing link ? 

 

Thanks a lot !

Regards, 

 

Erik 

There is a default expiry setting in the admin center. I've never turned it on to see if it actually shows that expiry to the client. You can't really see the expire notice on the sharing link in the UI from what I've seen, just the ability to remove it.

I haven't checked fora while, but expiry setting was only meant for anonymous links. I don't think organization wide sharing is classified as anonymous.

 

I have no other theories, but i can tell you that OneDrive is very confusing with sharing. Not just for my users. I often can't understand why some links work and other don't. A week or so ago one user shared a folder for another users and she couldn't access it, until i have removed a link and did the same thing again. And the second link worked this time. I will have to check that "copying a link from the browser" part next time i encounter such issues.

Well @Deleted after thinking about it again, the way I sent the link when it didn't work, may have been the browser link finally ! I just had to relive the situation in my head to get it 🙂 

 

So basically, that means the sharing link will work for users who never accessed it, and also for users who already accessed it. 

 

The browser will work for users who already clicked the sharing link first, be it 1 day ago or 3 weeks ago. 

 

Because as soon as people clicked on the sharing link, in my OneDrive, I can see their name appear in the "people can access this folder" section. 

 

Am I right on this ? 

 

Thanks for your help, it saved me a lot of time ! 

 

Greetings, 

Erik 

Yup that’s exactly how it works 🙂
best response confirmed by Erik Collard (Copper Contributor)
Solution

Hi all,

 

Figured I'd pop in here and hopefully provide some clarity (and if there's a bug somewhere, I definitely want to know that too!)

 

  • You can only have one link of each type (one anonymous edit, one anonymous view, one organization edit, one organization view). Links that work for specific people are a little bit different.
  • The browser URL is a kind of "existing access" link in that anyone that we know has the link will be able to use the browser link. There may be some cases where browser links won't work or will do something funky (extra parameters, etc.)
  • OneDrive & SharePoint both follow a principle of "greatest level of access". When you click on any link to an item (regardless of its scope or permission), we will give you the highest level of access you have on that item (that we know of).
    • For example, if I send Erik a view link and then an edit link, even when he clicks on the view link, he'll have edit access.

At this point, I expect you're wondering how ODSP "knows" what you have access to. First, if a user is unauthenticated & clicks on an anonymous link, we obviously don't know that you have access to it. For other cases, we know if you've accessed a link when:

  • You use the "Quick send" (e-mail) flow in the sharing dialog
    • We (ODSP) sent the mail so we "know" that you intended for the recipient to be able to access it
    • To make things work as easily as possible, the recipient can now find the item in Shared With Me and, if they click on an existing access link, it will also work
  • The recipient clicks on a sharing link
    • If you send the link via some other mechanism (let's imagine you copied it to your clipboard), we don't know when the recipient actually receives the link. You may be copying it to put in a document you haven't sent out, or as part of an e-mail that you're drafting
    • Once the user has clicked on the link, we now know that they have it (obvious statement is obvious 🙂 ) and so we mark the user as using that link

 

Hopefully, that helps clear things up! If you have any more questions, or you followed the above steps and something still didn't work, let me know!

 

Stephen Rice

OneDrive Program Manager II

Hi @StephenRice 

 

Thanks a lot for the extensive and "more than clear" explanation you gave here ! I perfectly get it now. Sounds perfectly logical as well. 

 

Thanks for the follow-up and the support here ! 

 

Regards, 

Erik 

Happy to help! Let me know if you have any other questions!

 

Stephen Rice

OneDrive Program Manager II

1 best response

Accepted Solutions
best response confirmed by Erik Collard (Copper Contributor)
Solution

Hi all,

 

Figured I'd pop in here and hopefully provide some clarity (and if there's a bug somewhere, I definitely want to know that too!)

 

  • You can only have one link of each type (one anonymous edit, one anonymous view, one organization edit, one organization view). Links that work for specific people are a little bit different.
  • The browser URL is a kind of "existing access" link in that anyone that we know has the link will be able to use the browser link. There may be some cases where browser links won't work or will do something funky (extra parameters, etc.)
  • OneDrive & SharePoint both follow a principle of "greatest level of access". When you click on any link to an item (regardless of its scope or permission), we will give you the highest level of access you have on that item (that we know of).
    • For example, if I send Erik a view link and then an edit link, even when he clicks on the view link, he'll have edit access.

At this point, I expect you're wondering how ODSP "knows" what you have access to. First, if a user is unauthenticated & clicks on an anonymous link, we obviously don't know that you have access to it. For other cases, we know if you've accessed a link when:

  • You use the "Quick send" (e-mail) flow in the sharing dialog
    • We (ODSP) sent the mail so we "know" that you intended for the recipient to be able to access it
    • To make things work as easily as possible, the recipient can now find the item in Shared With Me and, if they click on an existing access link, it will also work
  • The recipient clicks on a sharing link
    • If you send the link via some other mechanism (let's imagine you copied it to your clipboard), we don't know when the recipient actually receives the link. You may be copying it to put in a document you haven't sent out, or as part of an e-mail that you're drafting
    • Once the user has clicked on the link, we now know that they have it (obvious statement is obvious 🙂 ) and so we mark the user as using that link

 

Hopefully, that helps clear things up! If you have any more questions, or you followed the above steps and something still didn't work, let me know!

 

Stephen Rice

OneDrive Program Manager II

View solution in original post