First things first, we need to be SharePoint Online Administrators to be able to manage the site collections in our Office 365 tenant using both SharePoint Online Admin Center as well as SharePoint Online Management Shell.
This blog is about the ABCs of connecting to SharePoint Online Management Shell so you can start administering your sites without having to go through GUI. Personally, I like this quite a bit and pretty excitedly PowerShelling(It really doesn’t take much to get me excited, but thats beside the point…so, powerhsell)
To connect to your SharePoint online service using SharePoint Online management shell follow the steps
Start > SharePoint Online Management Shell (PS C:\Windows\system32>)
Script to create new site collection:
New-SPOSite -Url https://wspdc.sharepoint.com/sites/PowerShell
-StorageQuota 500 (quota for all the sites in this collection)
-CompatibilityLevel 15 (SharePoint 2013)
-Template “STS#0” (team site template)
-TimeZoneId 13 (pacific timezone code)
-Title “Shell Site”
This creates a new team site collection with title “Shell Site” with all the default settings in it.
Get-SPOSite https://wspdc.sharepoint.com/sites/PowerShell you can see that your new site collection is ready with the requested owner and storage quota
Get-SPOSite https://wspdc.sharepoint.com/sites/PowerShell | fl shows the properties formatted as list as seen below
Who is an external user in Office 365 SharePoint Online environment?
“An external user is someone ‘outside’ of your organization who can access SharePoint Online sites and documents but does not have a license for your SharePoint Online or Microsoft Office 365 subscription. External users are NOT employees, contractors, or onsite agents for you/ your affiliates.”
Types of External Users:
- Microsoft Office 365 User (Different Tenant)
- Microsoft Account(Live, Hotmail, Outlook etc.,)
- Guest users/Anonymous users(Accessing individual documents via guest link)
How to enable External Sharing feature in Office 365 SharePoint Online:
- Via SharePoint Online Admin Center or
- SharePoint Online Management Shell
External Sharing via SharePoint Online Admin Center
- Turn ON External sharing GLOBALLY in the TENANT via SharePoint admin Center > settings > External sharing
- Turn ON External sharing for that INDIVIDUAL site collection.
External Sharing Options:
- Don’t allow sharing outside the organization
- Users will NOT be able to share sites or content with users who do NOT have LICENSES to your Office 365 subscription.
- External sharing CANNOT be turned on for ANY site collection
- Allow external users who accept sharing invitations and sign in as authenticated users
- Users with FULL CONTROL permission CAN share sites with external users
- ALL external users will be required to sign-in ONLY with a MICROSOFT ACCOUNT before they can view content
- Invitations for content share once accepted CANNOT be shared/used by others to gain access. It’s very specific to account that got the invitation.
- Allow both external users who accept sharing invitations AND guest links
- External users required to sign in before viewing content on a shared site
- Full Control users of a site can choose to require Sign-in/ share via guest link for anonymous document access.
- Users who are sharing a document in the site can grant permission to view/edit based on their permission level
- Guest Links: (PUBLIC documents).Allows external users to view or edit content WITHOUT SIGNING-IN. CAN be shared/ invitation forwarded to ANYONE with the link to access the document
Turn ON External sharing in the tenant DOES NOT MEAN that site collections underneath are automatically shared. We NEED to enable PER site collection as required.
External Sharing via SharePoint Online Management Shell
SharingOptions in Command Line corresponding to GUI options of SP Online Admin Center:
To GET and SET the External sharing options via PowerShell:
- Connect-SPOService https://xyz-admin.sharepoint.com
- GET the site collection and assign it in a variable and verify the Sharing capability$SC=Get-SPOSite https://xyz.sharepoint.com (root collection)$SC.SharingCapability
- SET external sharing for site collections viaSet-SPOSite -Identity https://xyz.sharepoint.com/sites/collection -SharingCapability ExternalUserAndGuestSharing
- Get ExternalUsers for the site collection and filter them as well as export to .csv/.txt file
- Get-SPOExternalUser -SiteUrl https://xyz.sharepoint.com/sites/collection -Filter @Hotmail.com > ExternalUsers.CSV
Get-SPOExternalUser gets ALL external users in the tenant.
- Get-SPOExternalUser -SiteUrl https://xyz.sharepoint.com/sites/collection
Once we enable External Sharing using either one of the above mentioned methods, we can share our sites with users outside of our organization.
Sharing a site with non microsoft/ external organization account like email@example.com will
Send site invitation to firstname.lastname@example.org
Upon clicking the URL for the shared site, we get redirected to
Although External Sharing seemed to work with ANY email account, we require either
- Office 365 Account (or)
- Microsoft Account(Hotmail, live, outlook) Accounts work
for sharing Site with external users.
What to do if we don’t have either? Stay tuned for update! 🙂