May 28 2020 03:14 AM
I have a new communications site where I need to grant the vast majority of user’s visitor access except for one group of people. I was planning to make use of the dynamic everyone group. Is it possible to add a deny permission for a group to a communications site permissions list?
If not what is the best way to deny a small group of people access? I have considered creating a new group for the users that are allowed access, but this is 1000's of people and has a management overhead.
Any advice gratefully received?
May 28 2020 03:45 AM
No, afraid not you would need to create a new AD group for that. Must be a script out there that adds all your users and then you can remove the ones not needed.
It is a good idea to not use the everyone except external users in my experience in the case of contractors or 3rd party support users getting added to your AD in the future.
May 29 2020 12:59 AM
@Andrew HodgesThanks for the response, looks like a new group is the only option.