External Sharing of Site Collections in #Office365 #SharePoint

Who is an external user in Office 365 SharePoint Online environment?

“An external user is someone ‘outside’ of your organization who can access SharePoint Online sites and documents but does not have a license for your SharePoint Online or Microsoft Office 365 subscription. External users are NOT employees, contractors, or onsite agents for you/ your affiliates.”

Types of External Users:

  1. Microsoft Office 365 User (Different Tenant)
  2. Microsoft Account(Live, Hotmail, Outlook etc.,)
  3. Guest users/Anonymous users(Accessing individual documents via guest link)

How to enable External Sharing feature in Office 365 SharePoint Online:

  1. Via SharePoint Online Admin Center or
  2. SharePoint Online Management Shell

External Sharing via SharePoint Online Admin Center

  1. Turn ON External sharing GLOBALLY in the TENANT via SharePoint admin Center > settings > External sharing

ES1

 

  1. Turn ON External sharing for that INDIVIDUAL site collection.
    ES6

External Sharing Options:

  1. Don’t allow sharing outside the organization
    1. Users will NOT be able to share sites or content with users who do NOT have LICENSES to your Office 365 subscription.
    2. External sharing CANNOT be turned on for ANY site collection
  2. Allow external users who accept sharing invitations and sign in as authenticated users
    1. Users with FULL CONTROL permission CAN share sites with external users
    2. ALL external users will be required to sign-in ONLY with a MICROSOFT ACCOUNT before they can view content
    3. Invitations for content share once accepted CANNOT be shared/used by others to gain access. It’s very specific to account that got the invitation.
  3. Allow both external users who accept sharing invitations AND guest links
    1. External users required to sign in before viewing content on a shared site
    2. Full Control users of a site can choose to require Sign-in/ share via guest link for anonymous document access.
    3. Users who are sharing a document in the site can grant permission to view/edit based on their permission level
    4. Guest Links: (PUBLIC documents).Allows external users to view or edit content WITHOUT SIGNING-IN. CAN be shared/ invitation forwarded to ANYONE with the link to access the document

Turn ON External sharing in the tenant DOES NOT MEAN that site collections underneath are automatically shared. We NEED to enable PER site collection as required.

External Sharing via SharePoint Online Management Shell

SharingOptions in Command Line corresponding to GUI options of SP Online Admin Center:

  1. Disabled
  2. ExternalUserSharingOnly
  3. ExternalUserAndGuestSharing

To GET and SET the External sharing options via PowerShell:

  1. Connect-SPOService https://xyz-admin.sharepoint.comES1
  2. GET the site collection and assign it in a variable and verify the Sharing capability$SC=Get-SPOSite  https://xyz.sharepoint.com (root collection)$SC.SharingCapability

    ES3

  3. SET external sharing for site collections viaSet-SPOSite -Identity https://xyz.sharepoint.com/sites/collection -SharingCapability ExternalUserAndGuestSharing
  1. Get ExternalUsers for the site collection and filter them as well as export to .csv/.txt file
    1. Get-SPOExternalUser -SiteUrl https://xyz.sharepoint.com/sites/collection -Filter @Hotmail.com > ExternalUsers.CSV
      Get-SPOExternalUser gets ALL external users in the tenant.
    2. Get-SPOExternalUser -SiteUrl https://xyz.sharepoint.com/sites/collectionES4

Once we enable External Sharing using either one of the above mentioned methods, we can share our sites with users outside of our organization.

Sharing a site with non microsoft/ external organization account like xyz@qwe.com will

Send site invitation to xyz@qwe.comES5

Upon clicking the URL for the shared site, we get redirected to
es8Although External Sharing seemed to work with ANY email account, we require either

  • Office 365 Account (or)
  • Microsoft Account(Hotmail, live, outlook) Accounts work
    for sharing Site with external users.

What to do if we don’t have either? Stay tuned for update! 🙂

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s