Apr 12 2022 01:37 AM - edited Apr 12 2022 02:38 AM
Hello.
We are doing some auditing of our users sharing for Sharepoint in our tenant to get a report of how long each sharepoint item has been shared, who shared the item and who has gotten access. (Made a PowerShell script to request from Graph API, but thats a different story). While looking through the results of said script I noticed that many of the Sharepoint items that were shared didn't show any permissions (other than the owner of the file obviously and some admin accounts). I went to the location of one of the items in SharePoint Online and opened the "manage access" menu and sure enough I could not see any permissions set on the file even though the Sharing attribute was clearly set to "Shared". I clicked the "Advanced" link and then I could see some users that seems to have access through some sharing link even though I can't find said link. All users that have access to the file in the pictrues are internal, but I can find other items in our tenant with the same symptoms which are shared to external users as well. The users you can see under Direct Access in the pictures are 3 admin-accounts and the owner of the file.
So my question then is;
How can we audit and revoke said permissions when you can't even find the sharing link?
We recently turned off Anonymous sharing links and I am wondering if this could be the reason. What would happen if a file was shared with an anonymous link and then we disabled anonymous sharing? Would the permissions get revoked or would there still traces of the sharing as we are probably seeing here?
Any insight or information would be helpful.
Names and filenames has been pixelated/blurred.
Aug 10 2022 05:26 AM
I have a similar issue, were by a user who created share link can no longer manage who can use that link. What I have notices is that only Site Collection Admin have the ability to edit the membership of a share link once it has been created.
The above screen shot shows the options the Site Collection Admin has, after the Add Person icon there is a Link Icon. when clicked the manage link screen appears.
.
site members can created a Share Link and add to that Share Link but they do not get the option to manage the member of the Sharing Link, once created.
I has not always been the case that a Site Collection Admin is the only one who can manage share link membership.
Has anyone else noticed this?
Aug 10 2022 08:19 AM
Here is an article that talks about auditing sharing links. (If you have not run into it already https://www.sharepointdiary.com/2017/05/how-to-disable-external-sharing-in-sharepoint-online.html )