Can I unshare files in OneDrive with Powershell

%3CLINGO-SUB%20id%3D%22lingo-sub-153898%22%20slang%3D%22en-US%22%3ECan%20I%20unshare%20files%20in%20OneDrive%20with%20Powershell%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-153898%22%20slang%3D%22en-US%22%3E%3CP%3EI%20am%20looking%20through%20the%20cmdlets%20available%20in%20PnP-PowerShell%20and%20nothing%20is%20jumping%20out%20at%20me.%20What%20I%20want%20to%20do%20is%20loop%20through%20a%20given%20user's%20OneDrive%20-%20which%20I%20think%20I'm%20okay%20with%20-%20and%20then%20UNSHARE%20anything%20that's%20been%20shared.%20Or%20just%20set%20everything%20to%20Private%20if%20that's%20easier.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EIs%20this%20possible%3F%20With%20PnP%2C%20or%20maybe%20a%20POST%20to%20Graph%2C%20or%20any%20other%20way%3F%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThanks.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-153898%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EOneDrive%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EWindows%20PowerShell%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-154327%22%20slang%3D%22en-US%22%3ERe%3A%20Can%20I%20unshare%20files%20in%20OneDrive%20with%20Powershell%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-154327%22%20slang%3D%22en-US%22%3EYou%20can%20try%20Set-SPOSite%20%E2%80%93SharingCapability%20with%20the%20user's%20OneDrive%20site%20URL%2C%20like%20%3CA%20href%3D%22https%3A%2F%2Ftenant-my.sharepoint.com%2Fpersonal%2Fuser_name_tenant_onmicrosoft_com%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Ftenant-my.sharepoint.com%2Fpersonal%2Fuser_name_tenant_onmicrosoft_com%3C%2FA%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fblogs.office.com%2Fen-us%2F2015%2F09%2F30%2Fextending-it-and-developer-options-for-odb%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fblogs.office.com%2Fen-us%2F2015%2F09%2F30%2Fextending-it-and-developer-options-for-odb%2F%3C%2FA%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-154323%22%20slang%3D%22en-US%22%3ERe%3A%20Can%20I%20unshare%20files%20in%20OneDrive%20with%20Powershell%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-154323%22%20slang%3D%22en-US%22%3EOffice%20365%20cloud%20app%20security%20file%20policies%20is%20only%20available%20for%20E5%20subscriptions%2C%20you%20may%20see%20cloud%20app%20security%20portal%2C%20but%20no%20file%20policies.%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fsupport.office.com%2Fen-us%2Farticle%2Foverview-of-office-365-cloud-app-security-81f0ee9a-9645-45ab-ba56-de9cbccab475%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fsupport.office.com%2Fen-us%2Farticle%2Foverview-of-office-365-cloud-app-security-81f0ee9a-9645-45ab-ba56-de9cbccab475%3C%2FA%3E%3CBR%20%2F%3EThe%20same%20is%20true%20for%20auto%20applying%20labels%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fsupport.office.com%2Fen-us%2Farticle%2Foverview-of-labels-af398293-c69d-465e-a249-d74561552d30%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fsupport.office.com%2Fen-us%2Farticle%2Foverview-of-labels-af398293-c69d-465e-a249-d74561552d30%3C%2FA%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-154320%22%20slang%3D%22en-US%22%3ERe%3A%20Can%20I%20unshare%20files%20in%20OneDrive%20with%20Powershell%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-154320%22%20slang%3D%22en-US%22%3E%3CP%3EThanks%20for%20the%20reply%20-%20this%20is%20good%20to%20know%2C%20though%20it%20doesn't%20really%20apply%20to%20my%20situation%20as%20I%20need%20to%20be%20able%20to%20script%20it%20and%20turn%20off%20the%20sharing%20even%20to%20internal%20users.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EI%20did%20run%20through%20your%20directions%2C%20just%20to%20see%20what%20was%20possible%20and%20it%20can%20be%20done%20in%20our%20tenant%20which%20E3%2C%20in%20case%20that%20helps%20others.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-154016%22%20slang%3D%22en-US%22%3ERe%3A%20Can%20I%20unshare%20files%20in%20OneDrive%20with%20Powershell%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-154016%22%20slang%3D%22en-US%22%3E%3CP%3EIf%20you%20have%20Office%20365%20E5%20go%20to%20Security%20%26amp%3B%20Compliance%20and%20first%20create%20a%20label%20to%20detect%20the%20content%20that%20you%20want%2C%20and%20auto-apply%20it%20on%20OneDrive%20locations%2C%20then%20create%20a%20DLP%20policy%2C%20select%20OneDrive%20locations%20(all%20or%20some%20users)%2C%20in%20Policy%20settings%20select%20%22Use%20advanced%20settings%22%20-%26gt%3B%20Conditions%3A%20content%20is%20shared%20with%20people%20outside%20my%20organization%20-%26gt%3B%20Action%3A%20%22Restrict%20access%20to%20the%20content%20for%20external%20users%22%2C%20then%20also%20select%20to%20notify%20user%20and%20send%20alerts%20to%20admins.%3C%2FP%3E%0A%3CP%3EOr%20you%20can%20also%20use%20Cloud%20App%20Security%3A%20%3CA%20href%3D%22https%3A%2F%2Fportal.cloudappsecurity.com%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fportal.cloudappsecurity.com%3C%2FA%3E%20also%20with%20O365%20E5%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fcloud-app-security%2Fdata-protection-policies%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fcloud-app-security%2Fdata-protection-policies%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Contributor

I am looking through the cmdlets available in PnP-PowerShell and nothing is jumping out at me. What I want to do is loop through a given user's OneDrive - which I think I'm okay with - and then UNSHARE anything that's been shared. Or just set everything to Private if that's easier. 

 

Is this possible? With PnP, or maybe a POST to Graph, or any other way?

 

Thanks.

4 Replies
Highlighted

If you have Office 365 E5 go to Security & Compliance and first create a label to detect the content that you want, and auto-apply it on OneDrive locations, then create a DLP policy, select OneDrive locations (all or some users), in Policy settings select "Use advanced settings" -> Conditions: content is shared with people outside my organization -> Action: "Restrict access to the content for external users", then also select to notify user and send alerts to admins.

Or you can also use Cloud App Security: https://portal.cloudappsecurity.com also with O365 E5

https://docs.microsoft.com/en-us/cloud-app-security/data-protection-policies

Highlighted

Thanks for the reply - this is good to know, though it doesn't really apply to my situation as I need to be able to script it and turn off the sharing even to internal users.

 

I did run through your directions, just to see what was possible and it can be done in our tenant which E3, in case that helps others.

Highlighted
Office 365 cloud app security file policies is only available for E5 subscriptions, you may see cloud app security portal, but no file policies.
https://support.office.com/en-us/article/overview-of-office-365-cloud-app-security-81f0ee9a-9645-45a...
The same is true for auto applying labels
https://support.office.com/en-us/article/overview-of-labels-af398293-c69d-465e-a249-d74561552d30
Highlighted