Viewing and removing OneDrive for Business Sharing with PowerShell

One of the great abilities of OneDrive for Business and SharePoint Online is the ability to quickly and easily share a link to a file with people outside your organisation.

image

I’m not going to show you how to do this in this article but if you need to see how this is done have a look at:

Share OneDrive files and folders

In the above example you’ll see that the file Employee Engagement Plan.docx has been been shared by the owner with an external user (Lewis Collins).

image

Somewhere else, you can see that this user (Lewis Collins) has the document open to work on.

One of the benefits of sharing using OneDrive for Business is that the sharing rights can easily be revoked by the original user if desired.

image

The easiest way to achieve this would be simply to hit the cross next to the external users name in the web interface as shown above.

image

The original user would then be prompted the Remove the external user, which they would do to remove access.

That all works fine when you have a small number of shared files and a small number of users working with a file. It becomes a lot more problematic when you start scaling to many users as you can see here:

image

What happens when you need to find just one user to remove sharing from amongst a list of hundreds of users?

PowerShell to the rescue!

1. Connect to SharePoint Online via PowerShell. You can use my script at:

https://github.com/directorcia/Office365/blob/master/o365-connect-mfa-spo.ps1

to do this. You’ll need to know the tenant name prior i.e. the part before the .onmicrosoft.com (e.g. mydomain.onmicrosoft.com)

image

2. Run the PowerShell command:

Get-spouser -site https://<mydomain>-my.sharepoint.com/personal/<user>_<mydomain>_onmicrosoft_com -limit all

to display of all the users who have access to the specific OneDrive for Business site.

image

In this list you should find your external user in the format of:

<user@externaldomain.com>#ext#<mydomain>.onmicrosoft.com

This may vary slight but you should also be able to identify the user by their Display name if needed.

3. Run the PowerShell command:

remove-spouser –site https://<mydomain>-my.sharepoint.com/personal/<user>_<mydomain>_onmicrosoft_com&nbsp; -loginname <user@externaldomain.com>#ext#<mydomain>.onmicrosoft.com

image

4. Run a sharing report

image

In the source OneDrive for Business, select the COG in the upper right corner and then the option OneDrive Settings.

image

Now select More Settings on the left and Run sharing report from the options that appear on the right as shown above.

image

Nominate a folder for this report to be sent to.

image

You’ll receive an email when the report is ready. It will be in Excel format as you can see above.

Open the file and do a search for the external email address of the removed users.

image

The removed users should not appear in the report as expected.

image

If you now look at the sharing option for file(s) in that OneDrive for Business you should find that the removed user no longer appears, as shown above.

If the external user, who has just been removed, actually has the file open at the moment that access is removed they will see:

image

and be prompted to Reconnect. If they then attempt to reconnect they will see:

image

and will be denied access going forward.

Note – This removes that users access to ALL files shared in the OneDrive for Business location, not just for a single file.

image

I also have another freely available script at:

https://github.com/directorcia/Office365/blob/master/o365-spo-extusr.ps1

that will display a list of all externally shared across your tenant as shown above.

If you do have a situation where you have large numbers of shared files or shared users in OneDrive for Business and you wish to make bulk removal easier, I’d encourage you to look at PowerShell as an option. However, remember, this option will remove ALL sharing for that user(s) across the WHOLE OneDrive for Business.

CIAOPS Need to Know Microsoft 365 Webinar–March

laptop-eyes-technology-computer

This month I’m going to closer look at OneDrive for Business and hopefully share with you some features that you may not know about. There is more to OneDrive for Business than meets the eye. I’ll have the  the latest Microsoft Cloud updates plus open Q and A as well.

You can register for the regular monthly webinar here:

March Webinar Registrations

The details are:

CIAOPS Need to Know Webinar – March 2020
Thursday 26th of March 2020
10.30am – 11.30am Sydney Time

All sessions are recorded and posted to the CIAOPS Academy.

The CIAOPS Need to Know Webinars are free to attend but if you want to receive the recording of the session you need to sign up as a CIAOPS patron which you can do here:

http://www.ciaopspatron.com

or purchase them individually at:

http://www.ciaopsacademy.com/

Also feel free at any stage to email me directly via director@ciaops.com with your webinar topic suggestions.

I’d also appreciate you sharing information about this webinar with anyone you feel may benefit from the session and I look forward to seeing you there.

That COG is pretty handy!

image

If you visit the page for your OneDrive for Business, you’ll notice a COG in the top right hand corner of the window as shown.

image

If you select that, you’ll see a menu like shown above. Select the OneDrive settings option as shown.

image

Here you’ll find a page with a whole lot more options. In this case select the option, Storage metrics as shown.

You should also note that there is a Run sharing report option as here well.

image

The Storage metrics option allows you to see a breakdown of the data storage in your OneDrive for Business as shown. You’ll also notice in the top right, the total and used capacity of your data.

image

You can drill further into directories by simply clicking on them. The above shows the data break down in the Documents directory below the OneDrive for Business home location.

Microsoft will also be adding more options to the COG over time so make you check there regularly.

Need to Know podcast–Episode 225

FAQ podcasts are shorter and more focused on a particular topic. In this episode I’ll talk about the recommended process for file migrations to Microsoft 365 collaboration.

Take a listen and let us know what you think – feedback@needtoknow.cloud

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-225-process-for-file-migrations/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.

Resources

Process for file migrations to Microsoft 365

Need to Know podcast–Episode 223

FAQ podcasts are shorter and more focused on a particular topic. In this episode I’ll talk about my framework for file migrations to Microsoft 365 collaboration.

Take a listen and let us know what you think – feedback@needtoknow.cloud

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-223-file-migration-framework/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.

Resources

A framework for file migrations to Microsoft 365

Governance is always important

white-paper-with-note-669986

There are many times I’m called in to help people design their Microsoft 365 compliance environment. In other words, help with SharePoint, Teams, etc. I generally use my trusty framework that I have spoken about here before:

A framework for file migrations to Microsoft 365

Most of the time I find that people have already ‘given it a go’ themselves but generally ‘mucked it up’ and that’s the reason I’m now there.

I have no issues if someone has in fact ‘mucked it up’ because at least they have tried and it is generally easy to rectify. What I do seriously wonder about is the response to the first question I ask them – ‘Why did you do it that way?’.

The answer to this question I receive is generally a blank stare or silence, even a shoulder shrug. I point out that this is largely why things has been ‘mucked up’ in the first place,  because there was no governance.

In short, what I really want to see with collaboration in Microsoft 365 is the fact that thought has been invested beforehand. Why? Simple. A collaboration system in Microsoft 365 is something you build, not something you buy or magically appears. Microsoft 365 gives you the tools to create the best system, in the world for you. Tailored exactly to your business. Uniquely flexible for your business. Able to adapt to your needs, unlike any off the shelf system. However, it can never achieve that if it doesn’t know who you are what you want. You have to tell it (via governance) what you want it to be. In short, it is clay that you need to mould and governance tells you the shape into which you want to mould it.

Like any good project, the secret is to stop and think before acting. Planning before diving in makes a world of difference to the outcome. But most importantly, write down what you want to achieve! The one common thing about EVERY ‘mucked up’ Microsoft 365 collaboration project I see is simply the lack of documentation prior to commencement.

This documentation doesn’t have to be complex or involved and should be at the very minimum a single page that defines the ‘need’ for a collaboration system. What business pain point does it need to solve? What are the expected benefits? Why will it be used? Think of this document like a specification for the project, the plans if you like. You’d never build a house without foundations and plumbing before you put the walls up now would you? A plan helps make sure that you know what the desired outcome is, helps you understand how to get there and how avoid problems along the way. Without that, you are building something effectively blindfolded.

That one page governance document should hopefully be born before the Microsoft 365 collaboration project even starts. However it is by no means a static document. It is a living breathing entity. It should be added to, edited, enhanced, expanded constantly. But above all else, it should become the single point of truth for why we have this thing. Having such a document is both a guide and a reference. As you move through the various stages of development, which occur over a period of time, you can reference this document and understand the reasons for doing things the way you did. As the system grows it again becomes the reasons for what you are looking to achieve and how you approached that. If you don’t already have a governance document for your Microsoft 365 collaboration environment, then now is always the best time to start one.

The importance of this is that at some stage, maybe, the people initially charged to build the collaboration system move on or there is a decision to out source or change builders. If you have a document that sets out your manifesto for the Microsoft 365collaboration system it is so much easier for everyone involved. Everyone is on the same page and knows where to go to get answers if needed. That’s what I want to see if I become involved as a ‘collaboration consultant’. It means I can quickly understand what you want Microsoft 365 to achieve for your business. It is the platform on which your future solution is built. Remember, collaboration in Microsoft 365 is not a product you buy it is a solution you build.

Sadly, even the most generally organised business overlooks the need to have governance in any Microsoft 365 collaboration system. Governance at the very least should be everyone’s understanding of what is project is and what the aim is. The best way to achieve that, is to write it down beforehand! Without it then, there is no a single reference point that be used to guide the outcome and things unsurprisingly get ‘mucked up’.

As they say – ‘failing to plan, is planning to fail’. Governance is important for Microsoft 365 collaboration, if for nothing else because it is succeeding through planning!

Need to Know podcast–Episode 215

In this episode I speak with Alex Fields about the power of conditional access. You’ll learn what it is, how to implement it as well as many best practices recommended by Alex based in his experience and knowledge. The great new is conditional access is part of Microsoft 365 Business, so listen in for the way to make it work to protect your information.

Brenton and I also bring you up to speed with all the latest Microsoft Cloud news, so listen in for the latest as always. We hope you enjoy this episode and don’t forget to send us your feedback.

This episode was recorded using Microsoft Teams and produced with Camtasia 2019

Take a listen and let us know what you think – feedback@needtoknow.cloud

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-215-alex-fields/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.

Resources

@vanvfields

@contactbrenton

@directorcia

CIAOPS Patron Community

ITProMentor

ITProMentor – Best parctices

Attacker Kill Chain described

ITProMentor – Free Microsoft 365 Business eBook

ITProMentor – Licensing Guide

Telstra Purple

New version of To-Do

Authenticator backup on Android now available

Prepare for iPadiOS Launch

New webparts coming to SharePoint

Azure QuickStart Center

Top 5 advantages of syncing with OneDrive

Modernize your root site