Share via

Not able to share outside the organization from OneDrive.

Karan Bhatt 67 Reputation points
2026-05-29T20:56:08.4333333+00:00

Getting a strange issue while sharing files and folder outside the organization from M365 user OneDrive. I verified all the sharing policies in SharePoint admin, and Microsoft Entra ID still not able to find out the reason. does new rollout by Microsoft "EnableAzureB2BIntegration" could be creating the issue?

User's image

2

3

4

Microsoft 365 and Office | OneDrive | For business | Windows

Answer accepted by question author

Jay Tr 12,965 Reputation points Microsoft External Staff Moderator
2026-05-29T23:03:52.2966667+00:00

Hi @Karan Bhatt

I hope you are doing well. 

Thank you for reaching out and for sharing those screenshots. They were very helpful in identifying the issue.  After reviewing your configuration, I can confirm that your SharePoint and Entra ID sharing policies appear to be set correctly. The issue you are experiencing is caused by a recent change Microsoft has rolled out (referenced in Message Center post MC1243549), which retires SharePoint's own One-Time Passcode (OTP) authentication for external users and enforces all external sharing to go through Microsoft Entra B2B Invitation Manager.  Previously, disabling EnableAzureB2BIntegration let SharePoint and OneDrive manage external sharing separately from Entra ID. Now, Entra B2B domain and cross-tenant policies fully control sharing, causing the error that the domain isn’t allowed due to Azure AD B2B restrictions. 

To resolve the issue, please follow these steps: 

Step 1: Sync Entra B2B policy to SharePoint using PowerShell 

  • Open SharePoint Online Management Shell and connect to your tenant. 
  • Run the following command to force SharePoint to pick up the latest Entra B2B collaboration settings: Set-SPOTenant -SyncAadB2BManagementPolicy $true 
  • This step is important because after the rollout, SharePoint may still reference stale policy data. Changes can take up to 24 hours to fully propagate. 

Step 2: Verify cross-tenant access settings 

  • Navigate to Microsoft Entra admin center > External Identities > Cross-tenant access settings. 
  • Under Default settings, select the Inbound access tab and ensure that B2B collaboration is set to Allow. 

User's image

  • If not, select Edit inbound defaults, allow access under External users and groups, Application. 
  • Select Save. 
  • Under Organizational settings, check if the recipient's domain is explicitly listed. If it is, verify that inbound B2B collaboration is set to Allow for that domain. 

Step 3: Verify guest invite settings 

  • Navigate to Microsoft Entra admin center > External Identities > External collaboration settings. 
  • Under Guest invite settings, ensure the option is not set to "No one in the organization can invite guest users including admins." 
  • User's image
  • I recommend setting it to at least: "Member users and users assigned to specific admin roles can invite guest users including guests with member permissions." 

I hope this information is helpful. Please follow the steps above and let me know if it works for you. If not, we can continue working together to resolve the issue.  

Thank you for your patience and understanding. If you have any questions or need additional assistance, please don’t hesitate to reach out so I can continue to support you. If you found the response useful, please consider marking it as accepted, as this may help other community members who are looking for similar guidance.  

I look forward to continuing the conversation. 

If you have extra questions about this answer, please click "Comment". 

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.     

Was this answer helpful?

5 people found this answer helpful.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest

  1. AI answer

    2026-05-29T20:56:26.9966667+00:00

    The error shown in the screenshot is caused by a restriction in the Azure AD/Microsoft Entra B2B domain settings, not by the SharePoint or OneDrive sharing configuration itself.

    Even if SharePoint/OneDrive external sharing is set to Anyone and OneDrive shows Allow sharing with anonymous guest links and authenticated users, sharing to a specific external domain will be blocked if Azure AD B2B collaboration policies or cross‑tenant access settings disallow invitations to that domain.

    To resolve the issue, verify that external sharing is allowed end‑to‑end:

    1. In the Microsoft 365 admin center, open the SharePoint admin center → Policies → Sharing and confirm that for OneDrive the external sharing level is Anyone or New and existing guests.
    2. In the Microsoft 365 admin center, under Users → Active users → [affected user] → OneDrive → Manage external sharing, ensure:
      • Let people outside your organization access your site is turned on.
      • Either Allow sharing with anonymous guest links and authenticated users or Allow sharing to authenticated guest users with invitations is selected.
    3. If the error persists for specific domains, adjust the Azure AD B2B domain restriction or cross‑tenant access policy so that invitations to those domains are allowed. Once the Azure AD restriction is lifted, OneDrive sharing to those external users will succeed without further changes to SharePoint/OneDrive settings.

    The EnableAzureB2BIntegration rollout surfaces these Azure AD B2B restrictions more directly in the OneDrive/SharePoint sharing experience, but it does not itself block sharing; the underlying Azure AD B2B domain restriction is what must be changed.

    References:

    AI-generated content may be incorrect. Read our transparency notes for more information.

    Was this answer helpful?

    1 person found this answer helpful.

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.