Expectations for automatic guest creation when sharing through OneDrive using Azure B2B integration

GregT8 46 Reputation points
2023-09-15T11:00:18.7066667+00:00

Can anyone confirm, after enabling Azure B2B integration, whether guest accounts are automatically created when using sharing links in OneDrive?

I can confirm that guest accounts are automatically created when using sharing links through SharePoint. But I'm not finding that guest accounts are created when using sharing links through OneDrive.

Furthermore, the documentation for the article SharePoint and OneDrive integration with Azure B2B seems to indicate that guest are invited when sharing from SharePoint (implying perhaps not OneDrive).

2023-09-15_05-53-24

Here's more info on our enviornment:

  • OneDrive sharing settings: Anyone: users can share files and folders using links that don't require sign-in
  • Azure AD external collaboration settings: Anyone in the org can invite guest users including guest and non-admins

Thank you!

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
2,166 questions
SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
8,077 questions
OneDrive Management
OneDrive Management
OneDrive: A Microsoft file hosting and synchronization service.Management: The act or process of organizing, handling, directing or controlling something.
975 questions
Accepted answer
  1. Yanli Jiang - MSFT 16,666 Reputation points Microsoft Vendor
    2023-09-18T07:16:01.99+00:00

    Hi @GregT8 ,

    According to the article SharePoint and OneDrive integration with Azure AD B2B, guest accounts are automatically created when using sharing links in OneDrive, just like in SharePoint. The article states:

    Once the integration is enabled you and your users don’t have to reshare or do any manual migration for guests previously shared with. Instead, when someone outside your organization clicks on a link that was created before Azure AD B2B integration was enabled, SharePoint will automatically create a B2B guest account. This guest account is created for the user who originally created the sharing link. (If the user who created the link is no longer in the organization or no longer has permission to share, the guest won’t be added to the directory and the file will need to be reshared.)

    This implies that the same behavior applies to both SharePoint and OneDrive, since they are both part of the same integration. In your environment, since OneDrive sharing settings are set to "Anyone: users can share files and folders using links that don't require sign-in" and Azure AD external collaboration settings are set to "Anyone in the org can invite guest users including guest and non-admins", guest accounts should be created automatically when sharing links through OneDrive. However, there are some caveats and limitations that you should be aware of, such as:

    • The guest account creation may take some time to complete after the link is clicked. You can check the status of the guest account in the Azure portal under Azure Active Directory > Users.
    • The guest account creation may fail if the email address of the guest user is already associated with another account in your directory or another directory that you have a trust relationship with.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.
    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. GregT8 46 Reputation points
    2023-09-21T13:31:45.29+00:00

    As a follow up for others visiting this thread experiencing the same problem...

    The root cause turned out to be related to the default sharing link type configured in SharePoint Admin. By default, invites are sent out with Anyone with the link. This applies for OneDrive and for SharePoint's root site. But it does not apply for other SharePoint sites, including sites linked to Microsoft Teams.

    enter image description here

    When you send a sharing link from a non-root SharePoint site, the sharing link defaults to Only people in your organization. When you then share with an external person, the sharing link type changes to Specific people.

    Here's the catch: guest accounts are only created when using a sharing link type Specific people.

    When you share a link in OneDrive, the default sharing link type is Anyone with the link. This sharing link type doesn't create guest accounts.

    The fix here is to update the default sharing link type in SharePoint Admin to Only people in your organization or Specific people. This changes the default OneDrive sharing link type and subsequently enables for guest accounts to be created.

    1 person found this answer helpful.