'Retirement of SharePoint One-Time Passcode' - how are people handling this change?!

The MC1243549 notes state:

  • Admins can manually create a guest account for the external user at any time.
  • Alternatively, an internal user with permissions needs to share or re-share at least one file, folder, or site, which will automatically create the guest account and restore access to all previously shared content.

Are MS being completely blasé here? Having users, or admins, reshare ALL sites/folders/files with external guests is a massive task.

In relation to the first bullet point, could someone please clarify this for me:

We have 100s of native SharePoint users. There is no reference to native SP users on the update. Do I need to create an Entra guest account for them? Is that enough, or do I need to add the newly created Entra user to their native SharePoint group, or do I need to create a new Entra group and add the new Entra group to the SharePoint site/library?

I would really appreciate any advice as this is becoming a nightmare for our org.

reddit.com
u/psgda — 10 days ago

Issues with the recent update - "Retirement of SharePoint One-Time Passcode (SPO OTP) and transition to Microsoft Entra B2B"

MC1243549 - Retirement of SharePoint One-Time Passcode (SPO OTP) and transition to Microsoft Entra B2B | Microsoft 365 Message Center Archive

We are receiving reports of external users not being able to access SharePoint sites and folders. I'm guessing it's linked to the above change but it doesn't completely line up with expected behaviour.

According to the change, it will only affect "specific people links". Our setup is as a mix of the below for external users, which I don't believe is a "specific people links" method.

  1. For older, classic sites - create native SharePoint (SP) user in SP, add that user to a SP group. That group will have access to a library, or specific folders. The link to the library or folder is sent to the user.

  2. For modern, and some classic, sites - create user in Entra, add to an Entra group, add that Entra group to the SP Members group. That group will have access to a library, or specific folders. The link to the library or folder is sent to the user.

Is there any reason why external users are now getting "You don't have access to this item" for certain sites/folders? Is the issue related to native SP users and groups? Or classic sites?

u/psgda — 13 days ago

Is anyone else experiencing permission issues with external guests?

We're having reports from external users that they can no longer access certain folders/libraries in SharePoint Online.

Case 1:

Classic site. User was created in SharePoint (SP) and added to a SP group. They had access to folders and files in the past. Last week, they no longer have access. We created the user in Entra, they accepted the invite, added them to the site, library and folders, but still they didn't have access (even 3 days later, so sync/delay not an issue). Confirmed on the call that they were using the correct email address.

In the end, we created a new Entra group, added them to the group, then added that group to the library and folder and it worked.

Case 2:

Classic site. User was created in Entra last week. Added them to an existing Entra group. Other users in that group can access folders, but this new user can't, even today. Haven't found a solution yet, have a call with them tomorrow.

Can someone shed any light on why this happened, and why those steps in Case 1 fixed the issue?

reddit.com
u/psgda — 14 days ago

PowerShell script to find user in all sites - not working for some users

Hi,

I'm using the below script to find if a user exists in a site, across all our sites. It works brilliantly for one user. I tried with another user and they don't return in the results. They exist in sites and their email address is correct. Any ideas as to why this is happening? Thanks

--Script

#Parameters

$AdminCenterURL = "xxx"

$UserID = "xxx"

# Connect to SharePoint

Connect-SPOService -Url $AdminCenterURL

#Get all site collections in the tenant - Excluding specific site types such as redirect site, search center, etc.

$Sites = Get-SPOSite -Limit All | Where -Property Template -NotIn ("SRCHCEN#0", "REDIRECTSITE#0", "SPSMSITEHOST#0", "APPCATALOG#0", "POINTPUBLISHINGHUB#0", "EDISC#0", "STS#-1")

# Loop through each collection and check if the user has access

foreach ($Site in $Sites) {

Write-host -f Yellow "Searching site:"$Site.URL

Try {

# Get the user's permissions for the site collection

$Permissions = Get-SPOUser -Site $Site.Url -LoginName $UserID

If ($Permissions) {

# If the user has permissions, output the site collection URL

Write-Host -f Green "User $UserID has access to $($site.Url)"

}

}

Catch { }

}

reddit.com
u/psgda — 19 days ago
▲ 1 r/Adobe

Retention Period for Signed Agreements

Adobe said the following on live chat, which I find ridiculous - "With an Education license, signed agreements (completed e-sign documents) cannot be deleted due to compliance and audit requirements. This applies across most Adobe Acrobat Sign plans."

I'm wondering if others here are on a different plan and are able to set a period of time for agreements to get deleted? Ideally we don't want sensitive contracts and agreements being stored for too long on adobe cloud. We just want the fully signed document stored on our servers. Has this worked out for others?

Thanks

reddit.com
u/psgda — 28 days ago

Is the DocuSign Standard plan sufficient for small organisations?

We have 30 staff. Only our Sales and Senior Mgmt team (approx 5 staff) require DocuSign to collect signatures on contracts. We'd also like to delete any signed contracts that are saved to the cloud, as we will store them on SharePoint. Would the Standard Plan suffice or is there really much more benefit in getting the Business Pro plan?

reddit.com
u/psgda — 28 days ago

Do I need to add myself as Site Admin on all sites, even if I have the SharePoint Administrator role?

I have the SharePoint Administrator role assigned to me. When trying to remove a user from a SP site using powershell, I get "Attempted to perform an unauthorized operation." When I add myself as Admin for that specific site, the command works. The command I'm running is - Remove-SPOUser -Site "xxx" -LoginName "xxx"

Does this mean I must add myself as Admin to all sites in SP? Are there any drawbacks to doing this? I would have thought being SharePoint Admin would overside this or allow me to carry out commands like this.

reddit.com
u/psgda — 1 month ago

Hi.

Site permissions have Group A read only access. When I change that to Edit access, only 1 document library updates the group to have edit access. The other one stays as read only. Is there any reason behind this or something I can look into?

reddit.com
u/psgda — 2 months ago