External Sharing exclusion on top of Allowed Domains

Ankit Pandey 0 Reputation points
2024-08-12T13:54:40.44+00:00

I have a scenario where I would like to enable external sharing for some users (via security group) on top of already existing Domain Whitelist setting on. Is it possible to allow only some users to be able to share externally to anyone outside the already allowed domains ?

The permission sliders for both Sharepoint and OneDrive is set to New & Existing Guests right now.

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
4,729 questions
OneDrive
OneDrive
A Microsoft file hosting and synchronization service.
1,070 questions
SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
10,562 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Xyza Xue_MSFT 23,936 Reputation points Microsoft Vendor
    2024-08-13T01:57:06.8633333+00:00

    Hi @Ankit Pandey ,

    External sharing restrictions

    You can restrict external sharing with these options:

    • Restrict which domains users can share with.
    • Limit external sharing to people in a specific security group.
    • Expire guest access after a specified period.
    • Require reauthentication after a specified period for users using a verification code.

    Yes, it is possible to allow only some users to be able to share externally to anyone outside the already allowed domains. For detail steps, Please refer to this article: https://learn.microsoft.com/en-us/sharepoint/manage-security-groups#allow-only-members-in-specific-security-groups-to-share-sharepoint-and-onedrive-files-and-folders-externally


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


  2. Xyza Xue_MSFT 23,936 Reputation points Microsoft Vendor
    2024-08-21T09:43:23.26+00:00

    Hi @Ankit Pandey ,

    This time, you have to fulfill both allow domain settings and security group settings , they need to be satisfied at the same time. (Only people in the security group can share to users in the allowed domain, all other cases will report this error). The setup condition for organizations in sharepoint is an “AND” relationship.

    After you have created the domain allowlist,there is no way to get around this restriction, or create exceptions. This is the expected behavior by microsoft.

    Sorry, I apologize for misunderstanding you at first. In a word, allowing some users to share externally with anyone outside of the allowed domain is not possible to accomplish. I deeply regret this.

    Hope the information can help you. Your understanding and patience will be highly appreciated! Hope you have a good day and keep safe!


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.