cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Anonymous Access - User not in the directory

marc_4621
New Contributor

‎May 04 2022 04:34 PM

‎May 04 2022 04:34 PM

Anonymous Access - User not in the directory

 

Hi Everyone,

 

Our company uses SharePoint/OneDrive to allow our customers the ability to share documents with their clients, also allowing clients to upload documents that sync back into our product. 

 

In the last 3-4 weeks, we have had an upsurge in their clients having issues accessing their shared folders - largely receiving the error "User not in the directory" 

 

Very few of the customers use guest access in SharePoint, which will create a guest account in Azure AD - Therefore the majority are using anonymous access to allow customers to open the link provided to them, enter their email address and then the code they receive.

 

This has worked for quite some time without issue. Lately, however, when they first open the link it asks for an email and password, then displays the "User not in the directory" error. During testing, my Gmail account receives a slightly different error - That Microsoft account doesn't exist. Enter a different account or get a new one. In comparison, my Hotmail account receives the user not in directory error as well. 

 

Oddly though, if I close the browser and open the link again and then enter the same email address, it asks for a code... once I enter the code, I can access the shared folders. It appears that something isn't happening the first time, and that failure prompts something to happen so access is given on the second attempt. 

 

If I look at the access permissions on the shared folders, the recipient is there. For whatever reason, they just can't access it....instead they are asked to enter their credentials and receive the error, which is obviously frustrating for them and not ideal for us. 

 

I have tried different browsers, incognito modes and different test clients with different emails... It's very inconsistent, sometimes the code will be requested on the first attempt, and others the email and password are requested. 

 

The hyperlinks in the emails are renamed, however it occurs even if the full URL is pasted into the email. 

 

The audit log scripts for SharePoint that I have come across don't provide anything that points to what happens that first time, or anything of use for that matter. 

 

When the issue started to be reported on a more frequent basis, this article was very much fresh off the press which may or may not be coincidental - https://docs.microsoft.com/en-us/sharepoint/troubleshoot/sharing-and-permissions/error-when-external.... We can see who the link is shared with and it's that account receiving the error. Having to re-invite each time is simply not a solution to the problem, not that I see external users show in the SharePoint shell anyway. 

 

In short - Why are anonymous users being asked for a password when they should be asked for a code. Has something changed recently that interferes with anonymous access? 

 

If any of you could provide some guidance on where I can look or what may be the cause it would be very much appreciated 

852 Views
0 Likes
4 Replies
Reply
4 Replies
best response confirmed by marc_4621 (New Contributor)
ChristianJBergstrom

‎May 08 2022 01:01 AM

‎May 08 2022 01:01 AM

Solution

Re: Anonymous Access - User not in the directory

@marc_4621 Hello, external SharePoint sharing and OTP has been adjusted from time to time and the behavior will look different in tenants depending on the configured settings. To make the whole sharing process as smooth as possible I would verify 1) that the EOTP (Email one-time passcode) feature in Azure AD is toggled to "Enabled". 2) Enable the Azure AD B2B OneDrive and SharePoint integration.

You can read more about these two features here.

 

One-time passcode authentication for B2B guest users - Azure AD | Microsoft Docs

 

Azure AD B2B integration for SharePoint & OneDrive - SharePoint in Microsoft 365 | Microsoft Docs

1 Like
Reply
marc_4621

‎May 16 2022 06:55 PM

‎May 16 2022 06:55 PM

Re: Anonymous Access - User not in the directory

Hi Christian, thanks for the response.
I actually spoke to Microsoft support about this and they provided the same guidance as what you have done here.
The one-time code was already enabled, however we disabled the B2B in our environment when we first started to test the reported issues... safe to say that customers will just need to enable that at this point I believe.
They also asked that we clear out people and groups in OneDrive due to the test accounts already being in there, so for accounts that were earlier provided access they may need to be removed and readded.
Once done, the accounts worked.. Hotmail account didn't need a code (Microsoft account), Gmail account needed to enter the code.
Seems happier now, will see how things go.
Thanks again,
Marc
1 Like
Reply
ChristianJBergstrom

‎May 16 2022 10:14 PM

‎May 16 2022 10:14 PM

Re: Anonymous Access - User not in the directory

Thanks for the update! Try this on an already added user, if you have any left at this point :)

https://docs.microsoft.com/en-us/azure/active-directory/external-identities/reset-redemption-status
0 Likes
Reply
Mel_C13

‎Jul 28 2022 05:44 PM

‎Jul 28 2022 05:44 PM

Re: Anonymous Access - User not in the directory

I have a similar issue but not quite the same.
We are getting an error when users are invited to a folder using the "shared with specific people" link type. We have typed in their email address and they received the invite only to click the link and get the "user does not exist in tenant" error.

I am not seeing anything like this in the help documentation and it seems to only happen when I share files and folders, not libraries. I also cannot see a pattern for which sites it will happen on and which ones it doesn't happen on. I have checked all the sites and they are all enabled with external sharing.

This is a baffling problem and the only workaround is to add each user individually into the tenant and then reshare. I would like to avoid that if it all possilble. Thanks for your help!
0 Likes
Reply