cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

External Sharing

Teemu Strand
Iron Contributor

‎Oct 20 2016 08:19 AM

‎Oct 20 2016 08:19 AM

External Sharing

I have a project site which I want to share with some external user. External Sharing is enabled in site collection level and the new setting "External users must accept sharing invitations using the same account that the invitations were sent to" is disabled:

o365_external_sharing.png

 

Now I share the site with external user with his/hers work email address firstname.lastname@company.com

The external user receives invitation email to his/hers work email address and clicks the link. He/she uses (personal) Microsoft Account firstname.lastname@outlook.com to login the site and gives the username and password.

Then the external user is getting error "User is not found in the directory"

 

This article describes the issue but is somehow misleading when it says "if the user who accepts the invitation signs up by using an account other than the email address to which the invitation was sent, you may encounter an access denied message."

 

Does that mean that the external user has to use MS account, which has the same email address as where the invitation was sent to, to login? This all is a source of big confusion and in large customer projects it adds high management overhead to us and for our clients/customer. Microsoft, make it more simple!

 

Labels:
11.6K Views
1 Like
31 Replies
Reply
31 Replies
Stephen Rice

‎May 25 2017 11:29 AM

‎May 25 2017 11:29 AM

Re: External Sharing

@Reuben, you can enable the flow you're describing by using anonymous access links when you need to share externally. Any user who clicks on these links can view and edit the file without signing in. 

 

Hope that helps!

 

Stephen Rice

OneDrive Program Manager II

0 Likes
Reply
Geoffrey Bronner

‎May 25 2017 12:11 PM

‎May 25 2017 12:11 PM

Re: External Sharing

And those links can be revoked or scheduled to expire.
0 Likes
Reply
Salvatore Biscari

‎May 26 2017 03:53 AM

‎May 26 2017 03:53 AM

Re: External Sharing

@Reuben

The behavior you are looking for is easily implemented going to the OneDrive Admin Center and configure the defaults for your tenant as in the following screenshot (for example):

2017-05-26 12_42_28-OneDrive for Business Admin Preview.jpg

 

Now, when you share an item, the default will be to share it as an anonymous read-only link, which can be used by everyone immediately, without authentication.

The default can be overridden case by case and it will also be possible to set an expiration.

Moreover you will be able to revoke the link in every moment using the details pane in the doc library.

If I have well understood, this is exactly what you are asking.

Hope it helps...

1 Like
Reply
Salvatore Biscari

‎May 26 2017 03:54 AM

‎May 26 2017 03:54 AM

Re: External Sharing

Thanks @Stephen Rice !

It is always a pleasure to read your ultra-clear explanations!

0 Likes
Reply
Reuben

‎May 26 2017 04:57 AM - edited ‎May 26 2017 05:02 AM

‎May 26 2017 04:57 AM - edited ‎May 26 2017 05:02 AM

Re: External Sharing

@Salvatore Biscari 

First: Thank you! That is exactly what we are looking for!

 

Second:

At the risk of sounding dumb.... Does that apply for sharepoint sharing as well? If it is changed in the OneDrive Admin settings will it affect our sharepoint files as well?

I assume it does because you mentioned libraries....

0 Likes
Reply
Dean Gross

‎May 26 2017 06:05 AM

‎May 26 2017 06:05 AM

Re: External Sharing

The setting shown by @Salvatore is for OneDrive only.
0 Likes
Reply
Dean Gross

‎May 26 2017 06:08 AM

‎May 26 2017 06:08 AM

Re: External Sharing

If you need to kill the ability for an external user to open a file they have downloaded, you will need to use Azure Information Protection- which provides this functionality and much more.
0 Likes
Reply
Salvatore Biscari

‎May 26 2017 07:10 AM

‎May 26 2017 07:10 AM

Re: External Sharing

@Reuben

Sorry to disagree this time with @Dean Gross :-), but yes, the setting applies both to ODfB and SharePoint doc libraries, as you can easily verify.

Be aware that, for it to work, anonymous sharing must be enabled both at tenant level and at the single site collection level (which can be done in the UI). For Groups site collections, instead, it can be enabled only by PowerShell (at the moment).

1 Like
Reply
Dean Gross

‎May 26 2017 07:27 AM

‎May 26 2017 07:27 AM

Re: External Sharing

Thanks for the correction. I was thinking about the external sharing setting for OneDrive can be more restrictive than what's allowed for SharePoint Online, but not less restrictive and I thought that the controls in the OD admin center were only for OD, but in this case the settings changes apply to both types of SP sites.  

 

Here is the official documentation, https://support.office.com/en-us/article/Manage-external-sharing-ee8b91c5-05ec-44c2-9796-78fa27ec842...

2 Likes
Reply
Teemu Strand

‎May 30 2017 06:11 AM

‎May 30 2017 06:11 AM

Re: External Sharing

Thanks @Stephen Rice for your excellent answer! Nice to hear that the external sharing experience and functionality is one of your top focuses. Can't wait for the Good Things! I hope that the sharing experience will be consistent when sharing individual files, folders, document libraries or whole sites.

 

I think in our case the MSA user account was configured as an EASI ID and that is why it was giving error. In one of the cases the user had Office 365 in use in their org but didn't realize it and created MSA user account by using the work email as an user name. I think this is not possible anymore which is good, but still there are a lot of early adopter users who have 2 identities (MSA and work account) with the same user name (email address).

0 Likes
Reply
Stephen Rice

‎May 30 2017 09:44 AM

‎May 30 2017 09:44 AM

Re: External Sharing

Hi @Teemu Strand,

 

Glad you were able to identify the root cause! We've been working with the AAD team on a few incidents related to the EASI ID MSA/AAD snafu so I'll be sure to pass this feedback along to the right folks. Let me know if you have any questions!

0 Likes
Reply
Polley Snelson

‎Jul 08 2018 09:06 AM

‎Jul 08 2018 09:06 AM

Re: External Sharing

I am an external user and need to access the tenant site without using the link in the invitation and generating a code each time.

 

I used the link in the invitation, then used the generated code to access the tenant's site. I am able to see and use everything I should. 

 

I am unable to sign in to the tenant site without using the link in the invitation email.

 

My microsoft account signed in with a different email than the email the invitation was sent to.  I have cancelled the microsoft account with the different email.  I now have a microsoft account using the email that the invitation was sent to.

 

I need to be able to sign in to the tenant site without using the link in the invitation email.

 

Thank you!

0 Likes
Reply