News & Blogs

Important : Bug in Office 365 External Sharing

External sharing is activated by default on the Office 365 tenants.  This is already a major governance fail in my opinion, but it does get worse.  The security trimming is not working properly.  Security trimming means that you only see what you have been given access to see.  Site Members, Owners and Visitors will all get different menu options accordingly.  However, this is not working when sharing externally, so heads up all extranet administrators!

To make matters worse, external sharing users also don’t go into the Visitors group by default, they are added outside of any groups.  This means you need to manually check the permissions settings on every document and/or folder to see who has access to what.

External Sharing - User with Read Access not in Groups

 

 

 

 

 

 

 

 

 

 

You can configure all the settings from SharePoint Admin down to item level to be read only, and send the links out as read only – users will still see the full menu options.  This is not correct and is a major bug.

External Sharing - Full Menu Available

 

 

 

 

 

 

 

 

 

 

 

Also, users can click on the delete or rename options, and that’s when they get an error.  The error messages are also not consistent which will compound the issues training users on this.

External Sharing - You Don't Have Rights

 

External Sharing - Sorry Screen

 

 

 

 

 

 

 

 

 

 

 

 

 

 

So now think about it when you have hundreds of external users, with access to hundreds of documents – and you have to manually go through each one to figure out who has access where; let alone the not so great end user experience.  It’s a big problem guys.

We did log a call with Microsoft to escalate this, they said they would but advised us to add it to Uservoice, which we also did.  If you think this is a concern, please vote it up so Microsoft can fix it.

Share this awesome content

2 Comments

  1. Steven Collier

    November 5, 2017 at 22:18

    All of that looks to be working correctly to me, the read only permission means you can’t update a file, it doesn’t mean you can’s download a file. To prevent download see https://support.office.com/en-gb/article/Prevent-users-from-downloading-content-from-a-site-e17bf52b-fa5d-41cf-9eb0-d3812542424e

  2. Veronique Palmer Says :

    November 9, 2017 at 09:05

    It’s not working correctly. But thanks for the link on preventing downloads.

Leave a comment

Your email address will not be published. Required fields are marked *