Some guests are added to AAD automatically, but setting is turned off

Schwarzer ADM 26 Reputation points
2021-04-02T09:27:29.86+00:00

Hello!

I have a problem with creating guest accounts in AAD.
I don't want them to be created automatically.

1) In the External collaboration settings the following is set:

  • No one in the organization can invite guest users including admins (most restrictive).
  • Enable guest self-service sign up via user flows = set to no
  1. External Identities are not yet configured.
  2. Sharing in OneDrive is set to: New and existing external users

Problem:
When I share a file from OneDrive with an external person a guest account is created immediately.
BUT: This is not the case for all external persons. With my private email address this does not happen.

Questions:
a) Why are guest accounts created automatically despite my configuration?
b) Why are guests only partially created?
c) How do I turn this off?

Kind regards
Margit

OneDrive Management
OneDrive Management
OneDrive: A Microsoft file hosting and synchronization service.Management: The act or process of organizing, handling, directing or controlling something.
1,103 questions
0 comments No comments
{count} vote

Accepted answer
  1. Emily Hua-MSFT 27,506 Reputation points
    2021-04-05T06:30:52.717+00:00

    @Schwarzer ADM

    The tag "office-onedrive-client-itpro" focus more on general issues of OneDrive client, but you issue is more realted to OneDrive Admin Center, which is not supported on Q&A forum currently.
    To better help you, I would suggest you post a new question on the following forum.
    Microsoft Tech Community for Admin Center

    The following content is my personal opinion.

    Did you enable SharePoint and OneDrive integration with Azure AD B2B?
    According to this article, "Secure external sharing recipient experience", if you enable this feature, after the external user enters the one-time passcode, they will authenticate with their account and have a guest account created in the host's organization.
    84412-untitled1.png

    Besides, you set "New and existing external users" for OneDrive, the new external users would have their guest account after passing the identity verification.
    I suggest you change the organization-level external sharing setting to "Existing guests", then it would allow sharing only with guests who are already in your directory.


    If an Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

0 additional answers

Sort by: Most helpful