In this video, get a brief introduction of what an external user is and how an external user is different from an internal user when leveraging SharePoint Online for collaboration.
- [Instructor] One of the awesome things you can do with SharePoint Online is allow external users to access your files. A good example of this would be if you had a Board of Directors and you needed to distribute paperwork to that Board. You could easily allow them access, whether you want to restrict that access or have it anonymous, and they could pull down those files as required. If you are working with a Microsoft partner, he or she will also need access to your SharePoint Online environment. One thing I just want you to remember 'cause you may still see this on occasion, when Office 365 was first launched, it came with a public website.
Unfortunately, that feature has been deprecated as of March 2015. Before we start allowing external users access to our documents, we need to understand what our external users can and cannot do. Our external users can use Office Online to edit and view our documents. They can also view the SharePoint content. When you setup these external users, you will provide the level of permission for them to be able to access your document. You're gonna wanna use best practice here and give them the least amount of privilege that they actually need.
Your external users will also require a Microsoft account or an Office or a work account as well. You may be thinking, fantastic! I'm gonna use one of my licenses from my Office Pro Plus subscription for these external users. That would be awesome. Unfortunately, the external users cannot use the licensing from your tenant. Personally, I think it's more important to understand what your external users cannot do. First of all, they can't edit their profiles and they can't create personal sites within you SharePoint tenant.
External users also cannot access OneDrive for Business, administer a site collection, or add storage to the site. If you have a company newsfeed in your SharePoint Online tenant, your external users will not be able to see it. They won't be able to use eDiscovery. Your external users will not be able to search everything and they do not have access to site mailboxes. If you would like them to have access to site mailboxes, they will require a license. If your external users try to open up a document that has Information Rights Management permissions applied to it, they will be unable to do so.
Finally, they will not be able to access any of the BI features within SharePoint Online. Now that you understand what your external users can and cannot do, now we have to decide how we wanna share information. When we talk about sharing in SharePoint Online, we have two levels of sharing. First of all, we have to actually enable sharing for the tenant itself. Second, then we have to enable site sharing for the site collection. If you do not enable sharing globally, then you will not be able to share the site collection.
This is a two-step process that you have to be aware of. Your global settings will override your site settings. For example, if you would like to have anonymous links from your site collection, you will also have to allow that functionality at the global level. Now that I've explained a little bit about sharing within SharePoint Online, let's show you how to do it. I've already logged into my Office 365 tenant with an Admin account and I've logged into the Admin center.
To access the SharePoint Admin Center, I'm gonna go ahead and click Admin Centers. You may have to scroll down a little bit. I'm gonna click on SharePoint and this will open up the SharePoint Admin Center for us. The first thing we have to do to share out our SharePoint site globally is click on sharing. You will notice here we have four levels of sharing that we can choose from. The first level, don't allow sharing outside of your organization, is probably the most clear.
We will not allow external users to access our data. If we select this option, any external users that we currently have in our organization's directory will be able to access the data. We will not be able to add in new users. Our third option, allow users to invite and share with authenticated external users. This enables users to send an invitation to external users. The external users will click the link in the invitation to be able to access the shared SharePoint content.
Invitations can only be redeemed once and these invitations can be forwarded or used by other users. The invited external user will need to have either a Live account or an Office 365 account in order to access our SharePoint Online content. Only site owners or users with full control rights can send these types of invitations. Finally, our last option. Allow sharing to authenticate external users using anonymous links.
In this scenario, a user would share the link either via an email, or direct message, or any other means. The recipient would then click that link to access the shared content. The recipient does not require a Microsoft account to access the content, but you can request that they do sign in. Personally, I find this a good solution when I need to share nonconfidential or company information to a large group of people. Again, think back to your Board of Directors. If you are gonna use anonymous links, you can set them to expire as well.
For example, if I click on expire, I can go ahead and say I'm gonna expire these links in 30 days by default. If you are gonna select this option, I would recommend that you understand exactly what you are sharing out and the implications that could evolve. Next, we choose the default link type. When our users need to share out a document, they will be presented with a link that they can send to the external user. We, as the administrators, can control what that default link will be like.
Now, the user will have option to change that, but this just makes it a little bit easier for that user. For our demonstration purposes, I'm gonna go ahead and turn on anonymous access. Next, we have additional settings. Our first option, limit external sharing using domains, selecting this option will force your users to only share documents with domains that you specify, such as externalusersfrommycompany.com. Additional settings, external users must accept sharing invitations using that same account that that invitation was sent to.
By using this feature, the external users will only be able to access your SharePoint data using the link that was sent to that specific email. Finally, notifications. Do you want to be notified if others invite additional people to shared files or when external users accept invitations to access files? When you have selected all of your options, go ahead and click OK. After clicking OK, you will be presented with a warning, letting you know that you are now enabling sharing globally for your site and do you really want to do this? In our case, yes we do.
It will take a few moments for these settings to be applied to your SharePoint tenant. After the settings have been applied, you will be back into the SharePoint Admin Center. At this point, you can now go ahead and start to configure your site collections for sharing.
- Configuring site collections
- Managing access of internal and external users
- Sharing data
- Adding site collection admins
- Assigning resources
- Configuring Yammer and Office 365 groups
- Accessing files across multiple client devices
- Migrating files to OneDrive for Business
- Implementing enterprise eDiscovery
- Configuring data loss protection