OneDrive: Shared read-only "direct access" data cannot be shared by users

yetanotheruser-4819 0 Reputation points
2023-06-09T09:11:02.2366667+00:00

Hello at all!

We have a problem with users using "direct access" shares in our company.

Setup:

We have a OneDrive "master account" that holds all data. This data is shared with other users using "direct access", some of these folders are shared read-only and some are shared read-write.

At admin.microsoft.com in the "SharePoint Admin Center" we set the following:

External sharing: everyone, no restrictions for users in special groups or anything else.

The problem:

It's possible for users to create links for "everyone" with data in read-write "direct access" shares.

But it is not possible to do this with data inside read-only direct access shares. Absolutely no sharing is possible - not even with other users within the company. Everything is greyed out with the message "Your organisation prevents you from selecting this option".

Setting each share to read-write is not an option!
I cannot find anything related to this feature in the "SharePoint Admin Centre". Perhaps there is a powershell command for this?

Thank you for your help!

Microsoft 365 and Office | SharePoint | For business | Windows
Microsoft 365 and Office | OneDrive | For business | Windows
{count} votes

1 answer

Sort by: Most helpful
  1. Xyza Xue_MSFT 30,176 Reputation points Microsoft External Staff
    2023-06-12T07:36:23.7633333+00:00

    Hi @yetanotheruser-4819 ,

    "Direct access" shares is actually the process of changing file/folder permission. When you grant read-write "direct access" shares, it is equivalent to granting the Edit permission to the user. Edit permission can manage file/folder, in other words, people with Edit permissions can forward the link, change the list of people sharing the files or folder, and change permissions for recipients. Also people with Edit permissions can can copy,move, edit, rename,share, and delete anything in the file/folder. But if you only grant "read-only" direct access shares, the user does not have permission to change the file/folder permission setting, you can only view the documents shared to you, and you cannot do any other operations.

    So for users who need to continue to grant permissions to others, it is recommended that you grant read-write "direct access" shares.


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.