Tutorial / Cram Notes
Providing the backbone for file storage and collaboration within the Teams environment. As an IT administrator preparing for the MS-700 Managing Microsoft Teams exam, it is essential to understand how to configure organizational-level sharing settings for both SharePoint and OneDrive to ensure security and compliance while enabling collaboration.
Understanding Sharing in SharePoint and OneDrive
Before diving into configuration, it’s important to understand the different levels of sharing in SharePoint and OneDrive:
- Anyone – Share files and folders with people who don’t have a Microsoft account (sign-in not required).
- New and existing guests – Share with people outside your organization who are not in your directory.
- Existing guests only – Share with people who are already in your directory as guests.
- Only people in your organization – Restrict sharing to people within your organization.
Setting up sharing at the organization level
To configure the organizational sharing settings for SharePoint and OneDrive:
- Go to the SharePoint admin center.
- Click on ‘Policies’, then choose ‘Sharing’.
- Here, you can set the default sharing link type, as well as the default link permission.
- Select the desired level of external sharing from the options provided – anyone, new and existing guests, existing guests only, or only people in your organization.
- Additionally, you may restrict sharing by domain and limit the use of anonymous links.
Example of sharing settings at the organizational level
Suppose your organization needs to allow external sharing with partners but wants to maintain higher security standards. An example configuration might be:
- Default sharing link type: Specific people
- Default link permission: View
- External sharing: New and existing guests
- Anonymous link expiration: 30 days
External Sharing Option | Description |
---|---|
Anyone | Allows sharing files/folders without requiring sign-in. Use with caution. |
New and existing guests | Permits sharing with all external users, sign-in required. Guests can be added to Azure AD. |
Existing guests only | Sharing is allowed only with external users who are already in your directory. |
Only people in your organization | Restricts sharing to internal users only. |
Configuring sharing for SharePoint sites
Each SharePoint site can have its unique sharing settings which may be more or less restrictive than the organizational settings:
- Go to the ‘Active sites’ in the SharePoint admin center.
- Select the site for which you want to configure sharing settings.
- Click on ‘Sharing’ to open the site’s sharing settings.
- Adjust the settings as per the requirement of the site, ensuring they comply with organizational policies.
Example of configuring a SharePoint site
For a site containing sensitive information:
- Use the “Only people in your organization” setting to ensure that only authenticated internal users have access.
Similarly, for a site designed for collaboration with external partners:
- Use “New and existing guests” to enable controlled access for external users.
Adjusting OneDrive sharing settings
OneDrive settings are managed similarly:
- Go to the OneDrive admin center.
- Click on ‘Sharing’.
- Set the default link type that’s generated when users share files.
- Choose the level of external sharing.
Example settings for OneDrive
In an organization where most documents are for internal use, and privacy is a priority, settings might include:
- Setting the default sharing option to “Internal”.
- Disabling the ability to share with “Anyone”.
- Enabling limited external sharing on a per-user basis as necessary.
Monitoring and managing shared content
Once sharing settings are configured, it is also important to monitor and manage how content is being shared. SharePoint and OneDrive offer detailed sharing reports and audit logs. Admins can use the ‘Shared with external users’ report in the SharePoint admin center to review what’s being shared externally.
Conclusion
Configuring SharePoint and OneDrive sharing settings at the organizational level is an essential skill for managing Teams effectively and securely. The settings you choose will dictate how files and folders can be shared both within your organization and with external parties. By understanding and applying these settings correctly, Teams administrators can balance the need for collaboration with security and compliance requirements.
Practice Test with Explanation
True or False: SharePoint and OneDrive sharing settings in Microsoft Teams can be set to allow sharing with anyone, even outside your organization.
- True
- False
Answer: True
Explanation: SharePoint and OneDrive sharing settings can be configured to allow users to share content with anyone, including those outside of your organization.
True or False: Sharing settings for SharePoint and OneDrive are managed separately in Microsoft Teams.
- True
- False
Answer: False
Explanation: SharePoint and OneDrive sharing settings are managed together from the SharePoint admin center, as OneDrive is essentially a user’s personal SharePoint site.
Which of the following options can be set as the default sharing link type in SharePoint and OneDrive?
- Anyone
- New and existing guests
- People in your organization
- Specific people
- All of the above
Answer: All of the above
Explanation: SharePoint and OneDrive allow administrators to set the default sharing link type to any of the mentioned options so that it fits their organizational policies.
True or False: You can enforce expiration dates for shared links in SharePoint and OneDrive sharing settings.
- True
- False
Answer: True
Explanation: Administrators can configure settings to enforce expiration dates for shared links to increase security and control access over time.
True or False: Microsoft Teams leverages SharePoint online sharing settings for file sharing within team channels.
- True
- False
Answer: True
Explanation: Microsoft Teams utilizes SharePoint Online for storing files within team channels, so the sharing settings for SharePoint directly affect how files can be shared in Teams.
When configuring external sharing in SharePoint and OneDrive, what feature can be used to limit sharing by domain?
- Sharing by link
- Limited access
- Domain-based restrictions
- Password-protected sharing
Answer: Domain-based restrictions
Explanation: Domain-based restrictions allow you to limit sharing to certain domains, either allowing or blocking external users based on their domain.
True or False: It is possible to audit external sharing activities in SharePoint and OneDrive by using the audit log search in the Security & Compliance Center.
- True
- False
Answer: True
Explanation: The audit log search feature in the Security & Compliance Center allows administrators to track and audit external sharing activities in SharePoint and OneDrive.
How can administrators customize the sharing experience for end-users in SharePoint and OneDrive?
- By setting up sharing links
- By creating custom permission levels
- By enforcing organization-level sharing policies
- Both A and C are correct
Answer: Both A and C are correct
Explanation: Administrators can customize the sharing experience by setting organizational-level sharing policies and by setting up sharing links with specific permissions.
When setting up external sharing settings for your organization, you can force external users to:
- Create a Microsoft account
- Use a One-time passcode
- Become a member of a Microsoft Team
- A and B
Answer: A and B
Explanation: When setting up external sharing, you can require external users to either create a Microsoft account or use a one-time passcode to access shared content for added security.
True or False: The “Limited-access user permission lockdown mode” feature in SharePoint Online prevents access to shared files via anonymous links.
- True
- False
Answer: True
Explanation: The “Limited-access user permission lockdown mode” feature is a SharePoint security setting that, when enabled, prevents users with limited access from viewing application pages, which includes anonymous link access.
In SharePoint and OneDrive, which sharing option ensures that only people who receive the invitation can access the shared item, and others cannot use the link to access the item?
- Anyone link
- Secure link
- Specific people link
- External link
Answer: Specific people link
Explanation: The “Specific people” link option ensures only the individuals explicitly invited can access the shared item and no one else, even if they have the link.
True or False: Applying sensitivity labels can impact the sharing settings in SharePoint and OneDrive.
- True
- False
Answer: True
Explanation: Sensitivity labels in Microsoft 365 can be used to classify and protect content at the file level, which can include restricting how content is shared from SharePoint and OneDrive.
Interview Questions
What is external sharing in SharePoint and OneDrive?
External sharing is the ability to share content stored in SharePoint or OneDrive with people outside of an organization.
Why would you want to enable or disable external sharing?
You might want to enable external sharing to collaborate with people outside your organization or to work with partners or clients. You might want to disable external sharing to limit the risk of unauthorized access to sensitive information.
How can you enable external sharing for your SharePoint site?
You can enable external sharing for your SharePoint site by navigating to the site settings, selecting the “Site permissions” option, and then selecting “Sharing.”
How can you turn off external sharing for your OneDrive?
You can turn off external sharing for your OneDrive by navigating to the OneDrive settings, selecting the “Sharing” option, and then selecting “Don’t allow sharing outside your organization.”
What are the different levels of external sharing in SharePoint and OneDrive?
There are three levels of external sharing in SharePoint and OneDrive external sharing off, external sharing with external users, and external sharing with anonymous users.
How do you control external sharing at the organization level?
You can control external sharing at the organization level by navigating to the SharePoint admin center, selecting “Sharing,” and then selecting the appropriate settings.
How can you limit external sharing to only certain domains?
You can limit external sharing to only certain domains by selecting the “Only people in your organization” option and then adding the desired domains to the allow list.
What is a guest link in SharePoint and OneDrive?
A guest link is a type of external sharing link that allows external users to access content without requiring them to sign in.
How can you restrict access to a guest link in SharePoint and OneDrive?
You can restrict access to a guest link in SharePoint and OneDrive by setting an expiration date or password for the link.
How can you track external sharing activities in SharePoint and OneDrive?
You can track external sharing activities in SharePoint and OneDrive by navigating to the sharing report in the Microsoft 365 admin center.
How can you prevent external sharing for specific files or folders in OneDrive?
You can prevent external sharing for specific files or folders in OneDrive by navigating to the file or folder, selecting the “Share” option, and then selecting the “Stop sharing” option.
Can you allow external users to edit files in SharePoint and OneDrive?
Yes, you can allow external users to edit files in SharePoint and OneDrive by selecting the appropriate sharing settings.
How can you customize the email message that is sent to external users when sharing content in SharePoint and OneDrive?
You can customize the email message that is sent to external users when sharing content in SharePoint and OneDrive by navigating to the sharing settings and then selecting the “Customize message” option.
How can you restrict external sharing for a specific user or group in SharePoint and OneDrive?
You can restrict external sharing for a specific user or group in SharePoint and OneDrive by navigating to the site or folder settings, selecting the “Permissions” option, and then removing the user or group from the “Members” or “Visitors” group.
What is the impact of external sharing on SharePoint and OneDrive storage usage?
External sharing can increase the storage usage of SharePoint and OneDrive because the files and folders shared with external users are counted against the organization’s storage quota.
Great article on configuring SharePoint and OneDrive for organizational-level sharing settings. Exactly what I needed for my MS-700 exam prep!
Quick question: can someone clarify the difference between the ‘Anyone’ and ‘New and existing guests’ options in SharePoint sharing settings?
Can configuring these settings affect the Teams collaboration experience in any way?
For exam purposes, it’s crucial to understand how these settings affect external users. Anyone has resources or examples?
This post really helped me out! Kudos to the author.
OneDrive’s external sharing settings also need to be aligned with SharePoint for a seamless experience, right?
It wasn’t clear in the blog post: Can you configure organizational sharing settings via PowerShell for SharePoint?
A small suggestion: the article could have included more details about best practices for setting permissions.