SOLVED

Locking down external sharing

Brass Contributor

I've inherited a SharePoint instance that is too open externally for my liking.

 

I plan to make the following changes:

 

1. Change SharePoint and OneDrive sharing from "New and existing guests" to "Only people in your organisation" and

2. Enable the "Limit external sharing by domain"

 

Trying to find out if i make these change will anything already shared be no longer available or will they remain and the changes only apply from that point onward.

 

 

1 Reply
best response confirmed by lfk73 (Brass Contributor)
Solution

@lfk73 

When you change SharePoint and OneDrive sharing settings from "New and existing guests" to "Only people in your organization" and enable "Limit external sharing by domain," it can have immediate effects on existing shared content. Here are the specifics:

Changing Sharing Settings to "Only People in Your Organization"

1. Impact on Existing Shared Content:

  • When you change the sharing setting to "Only people in your organization," any content that has been shared with external users (guests) will lose its external sharing links. This means that external users who previously had access via sharing links will no longer be able to access the content.

2. Immediate Effects:

  • The change is immediate, and external sharing links will be invalidated. This means any previously shared links with external users will no longer work, and those users will lose access.

Enabling "Limit External Sharing by Domain"

1. Impact on Existing Shared Content:

  • When you enable the "Limit external sharing by domain" setting, it restricts new external sharing to specified domains. Existing sharing links to users from non-allowed domains will be disabled.

2. Immediate Effects:

  • Like the change to internal-only sharing, this setting will also take effect immediately. Any existing external shares with users from domains not on the allowed list will be revoked, and those users will lose access.

Planning and Implementation

1. Communicate Changes:

  • Inform your organization about the upcoming changes and their impact on external sharing. Provide a timeline for the changes and guidance on how to manage the transition.

2. Audit Existing Shares:

  • Before making the changes, audit the current external shares. You can do this using SharePoint's built-in sharing reports or PowerShell scripts to get a list of all items currently shared with external users.

3. Notify External Users:

  • Notify external users about the change and the potential loss of access. Provide alternatives for collaboration, such as requesting guest accounts or moving to a more secure sharing method.

4. Make the Changes:

  • Change the sharing settings in the SharePoint Admin Center under the "Sharing" section. Adjust the settings for both SharePoint and OneDrive as planned.

5. Verify and Monitor:

  • After making the changes, verify that the new sharing settings are in effect and monitor for any issues or unintended access losses.

Steps to Change Sharing Settings

1. Change SharePoint and OneDrive Sharing Settings:

  1. Go to the SharePoint Admin Center.
  2. Navigate to "Policies" > "Sharing".
  3. Under "SharePoint" and "OneDrive," change the sharing settings to "Only people in your organization".

2. Enable Domain Restriction:

  • In the same "Sharing" section, find the "Limit external sharing by domain" option.
  • Enable it and specify the allowed domains.

Additional Resources

  • Microsoft Documentation: For detailed steps and more information, refer to the official Microsoft documentation on managing sharing settings in SharePoint and OneDrive:

By following these steps, you can ensure that your SharePoint environment is more secure and that external sharing is appropriately controlled.

My knowledge of the topic is limited, but since no one has answered yet, even though it has been read many times, I posted the question in various AIs and found the above suggested solution for you. The proposed solution is untested.

 

My answers are voluntary and without guarantee!

 

Hope this will help you.

Was the answer useful? Mark as best response and Like it!

This will help all forum participants.

1 best response

Accepted Solutions
best response confirmed by lfk73 (Brass Contributor)
Solution

@lfk73 

When you change SharePoint and OneDrive sharing settings from "New and existing guests" to "Only people in your organization" and enable "Limit external sharing by domain," it can have immediate effects on existing shared content. Here are the specifics:

Changing Sharing Settings to "Only People in Your Organization"

1. Impact on Existing Shared Content:

  • When you change the sharing setting to "Only people in your organization," any content that has been shared with external users (guests) will lose its external sharing links. This means that external users who previously had access via sharing links will no longer be able to access the content.

2. Immediate Effects:

  • The change is immediate, and external sharing links will be invalidated. This means any previously shared links with external users will no longer work, and those users will lose access.

Enabling "Limit External Sharing by Domain"

1. Impact on Existing Shared Content:

  • When you enable the "Limit external sharing by domain" setting, it restricts new external sharing to specified domains. Existing sharing links to users from non-allowed domains will be disabled.

2. Immediate Effects:

  • Like the change to internal-only sharing, this setting will also take effect immediately. Any existing external shares with users from domains not on the allowed list will be revoked, and those users will lose access.

Planning and Implementation

1. Communicate Changes:

  • Inform your organization about the upcoming changes and their impact on external sharing. Provide a timeline for the changes and guidance on how to manage the transition.

2. Audit Existing Shares:

  • Before making the changes, audit the current external shares. You can do this using SharePoint's built-in sharing reports or PowerShell scripts to get a list of all items currently shared with external users.

3. Notify External Users:

  • Notify external users about the change and the potential loss of access. Provide alternatives for collaboration, such as requesting guest accounts or moving to a more secure sharing method.

4. Make the Changes:

  • Change the sharing settings in the SharePoint Admin Center under the "Sharing" section. Adjust the settings for both SharePoint and OneDrive as planned.

5. Verify and Monitor:

  • After making the changes, verify that the new sharing settings are in effect and monitor for any issues or unintended access losses.

Steps to Change Sharing Settings

1. Change SharePoint and OneDrive Sharing Settings:

  1. Go to the SharePoint Admin Center.
  2. Navigate to "Policies" > "Sharing".
  3. Under "SharePoint" and "OneDrive," change the sharing settings to "Only people in your organization".

2. Enable Domain Restriction:

  • In the same "Sharing" section, find the "Limit external sharing by domain" option.
  • Enable it and specify the allowed domains.

Additional Resources

  • Microsoft Documentation: For detailed steps and more information, refer to the official Microsoft documentation on managing sharing settings in SharePoint and OneDrive:

By following these steps, you can ensure that your SharePoint environment is more secure and that external sharing is appropriately controlled.

My knowledge of the topic is limited, but since no one has answered yet, even though it has been read many times, I posted the question in various AIs and found the above suggested solution for you. The proposed solution is untested.

 

My answers are voluntary and without guarantee!

 

Hope this will help you.

Was the answer useful? Mark as best response and Like it!

This will help all forum participants.

View solution in original post