SharePoint Guests are Prompted for Login?

Steel Contributor

We have all the setting open wide for sharing content with external partners.

 

Recently one of the main sites is now requiring users to login. As guests, they haven't had to do this before. 

 

I can see them in the Guests area of the Admin Center. 

 

What is prompting them to login? What login would they be using?

21 Replies
Probably related to the new Azure B2B sharing integration they posted about in message center and the OneDrive / SharePoint blog recently that is rolling out in July. This now creates accounts in Azure so you can apply security policies to them etc.
https://docs.microsoft.com/en-us/sharepoint/sharepoint-azureb2b-integration-preview

Hi @Eric Adler,

 

This is actually not related to the new preview as that is opt-in only (if you did opt in and are seeing these issues though, please let me know!).

 

This looks like a change we actually made last year where, when sharing to an O365 account, the recipient gets asked to sign in with their O365 account instead of the OTP flow. Can you help me understand the error you are seeing in these cases? Thanks!

 

Stephen Rice

OneDrive Program Manager II

This sounds similar to what happened to one of our external users last week. A SharePoint folder was shared with the user via "Share with Specific People" and he received the invitation email as expected.

 

When the user clicked the link in his email to access the folder, he was asked to enter his email, then when he entered his email it says "Sign in to your account and we'll give you access immediately". He clicks Next, sign's in, but then is given a message:

 

"That didn't work:

We're sorry, but "xxxx" can't be found in the "my company's" directory. Please try again later while we try to automatically fix this for you."

 

We tried having him use an Incognito session, but it took him through the exact same steps and produced the same error. 

 

I tried removing his external/guest account from our Azure AD and SharePoint and then add him again, but it kept giving him the same issues. 

 

So far this is the only external user we have encountered this issue with.

Hi @Kevin McKeown,

 

That doesn't sound good at all! Do you know if there is anything special going on with the external user's home tenant? Do you collaborate with other users from that organization who don't have that problem? 


By chance, is it possible for you to send me a fiddler trace of that failed sign-in request? Thanks!

 

Stephen Rice

OneDrive Program Manager II

He is the only external user we currently have from his organization.

 

And he wasn't too helpful with troubleshooting, complaining that he lost an hour of his day clicking shared links, and refused to try anymore. (I sent him maybe four emails, and I spent way more than an hour trying to figure out what was wrong for him). 

 

I am still curious what was going on, but there is no chance he would be willing to help.

 

 

Almost sounds like you invited one e-mail address, and he probably has another alias or login he tried using instead of the one you sent to him possibly?

@Kevin McKeown,

 

Understood, sorry to hear you both ran into issues. If you happen to run into it again, please do let me know so we can try and debug further. In the meantime, I'll keep an eye out for additional reports in case there is something else going on. Thanks,

 

Stephen Rice

OneDrive Program Manager II

I was wondering the same thing, but as far as I could tell from screenshots he sent us, he was using the same email address as what we shared with.
this issue only began the weekend of my post. they had been using the site with this (and two other) guests with no problems for months. that Monday they prompted for a login and received the "not in the directory" error. we added and removed them through normal sharing, checked the site was set for sharing and nothing worked. I finally added them to the "guests" list explicitly as was shown the B2B article and it worked.
exactly what happened with us. my 2 external users did use a work email address, not a personal one. adding them to the new guests' section and then giving them access to the resources they needed worked. They had been working fine for a long time. I am hoping this isn't going to happen to all of our guests. It can be very frustrating for the guest and of course my customer. I was lucky to have guests that were helpful in working with me. That isn't usually the case.
that wasn't our case. we tried several times and I could never find their email address with that EXT# guest account format.
mine were as well. i also checked the site and it was set wide open for external sharing

Hi @Eric Adler,

 

Is this something you can reproduce on demand? And by chance did anyone in this thread enable the new Azure B2B integration preview? Thanks!

 

Stephen Rice

OneDrive Program Manager II

not us (I should have said)

Similar very strange issues. Yesterday shared a OneDrive for business folder with "Specific people" i.e whoxxx@somemail.com. This user gets a link to a dialog with " To verify your identity we'll send a code to you......" This code arrives at the above mail an after entering it access is granted. Very good - a kind of MFA. Today sharing  a similar directory to the same mail creates a link when clicked asks "Sign in to whoxxx@somemail.com and we'll give you access immediately" which in practice will require a O365 of Live account. Deleted the O365 EXT# account but no success

Hi @Tunturi,

 

In the second case, was the user unable to sign-in or is the concern that the same user got different behavior? Thanks!

 

Stephen Rice

OneDrive Program Manager II

@Stephen RiceI was testing different sharing scenarios. And in the second case the user would have had to register a Microsoft account (Live or O365) as I understand it.

As trivial as this sounds, for a one person company, having one mail account and a different identity using the same mail is already confusing.

Hi @Tunturi,

 

Thanks for the feedback! We also don't like users who have to figure out that type of distinction and so we've been working to eliminate it in as many cases as possible. With the new Azure B2B integration (available in preview), guest users should only ever have to deal with a single account. Hope that helps!

 

Stephen Rice

Senior Program Manager, OneDrive