🎉 Our Office 365 Reporting Tool is now available in Azure Marketplace 🚀
This website uses cookies to improve your experience. We'll assume you're ok with this. Know more.
SharePoint Online

How to Audit Sharing Settings in SharePoint Online

Have you examined who can access your organization's crucial files in Microsoft 365? What if unauthorized users could view, edit, or share sensitive information without your knowledge? In such cases, the risk of data leaks and security breaches becomes massive. This guide will walk you through the key steps to monitor sharing setting changes in SharePoint Online and provide valuable insights to manage them securely.

Solution 1
Solution 2
Solution 3
Important Tips
Errors and Resolution Steps
FAQs

Using Microsoft 365 Purview Portal

Microsoft 365 Permission Required
Global Admin, Exchange Admin, or Compliance Admin.
  • Login to the Microsoft 365 Purview Portal.
  • Navigate to the Audit page under Solutions.
  • Customize the required date and time range.
  • Click on the Activities-friendly names drop-down and select the operations mentioned below.

    Modified access request setting, Modified 'Members Can Share' setting, Broke sharing inheritance, Restored sharing inheritance, Changed a sharing policy.

  • Click on Search. Once the search is completed, you can export the Microsoft 365 sharing setting changes report.
Using Microsoft 365 Purview Portal
Note: You need to have an Audit Premium license to access audit logs older than the default period of 180 days.

Using Windows PowerShell

Microsoft 365 Permission Required
Global Admin, Exchange Admin, or Compliance Admin.
  • Connect to the Exchange Online PowerShell using the below cmdlet.
  • Windows PowerShell Windows PowerShell 
     Connect-ExchangeOnline
  • Run the below cmdlet to track SharePoint Online sharing setting changes.
  • Windows PowerShell Windows PowerShell 
     Search-UnifiedAuditLog -StartDate mm/dd/yyyy -EndDate mm/dd/yyyy -RecordType SharePointSharingOperation -Operations WebRequestAccessModified, WebMembersCanShareModified, SharingInheritanceBroken, SharingInheritanceReset, SharingPolicyChanged |Format-Table CreationDate,UserIds,Operations -AutoSize
Using Windows PowerShell
AdminDroid SharePoint Online Reporter

Take control of your SharePoint Online sharing settings!

The AdminDroid SharePoint Online auditing tool keeps you updated on all changes to sharing settings in your organization. By regularly monitoring these changes, you can revert any unwanted modifications and prevent unauthorized access to crucial data.

Monitor Sharing Invitations in SPO

Explore AdminDroid’s reports on SharePoint Online sharing invitations and update the sharing settings if there are any unintended recipients.

Track Anonymous Sharing Link Creations

Audit anonymous link creations in SharePoint Online to determine if any confidential files have been shared using these links.

Manage Micorosoft 365 Compliance Requirement

AdminDroid's specialized compliance reportboard allows you to track sharing and access activities, ensuring that Microsoft 365 regulatory compliance requirements like ISO, GDPR, SOX, etc., are met.

Verify Permission Levels of Shared Items

Verify the "Shared Permission" column from the SharePoint Online Shared Items report, which will help you to restrict sharing permissions for sensitive files.

Alert on Changes to Sharing Policies

Utilize AdminDroid's alerting feature to receive real-time alerts whenever someone changes the organization-wide sharing policy settings.

Check External Sharing Activities in SharePoint Online

Run a external sharing report in SharePoint Online to check whether your organization’s legal documents are safe.

Therefore, the AdminDroid SharePoint Online reporting and auditing tool keeps you informed about sharing setting changes, helping you in the following scenarios:

  • Monitor and analyze user sharing patterns to identify trends and detect unusual activities.
  • Assess the effectiveness of current sharing settings and make data-driven decisions to secure sharing practices.
  • Trace the origin and extent of data breaches to aid in remediation efforts.

Explore a full range of reporting options
Download Live Demo

Important Tips

Reset SPO sharing setting changes with Microsoft365DSC automatically if any undesired modifications are made to these settings.

Monitor SharePoint Online access request setting changes to ensure that only authorized users have permission to approve these requests.

Utilize the sharing links report in SharePoint Online to gain insights into how files are shared through different link types.

Common Errors and Resolution Steps

The following are the possible errors and troubleshooting hints while dealing with sharing setting changes in SharePoint Online.

Error Your org doesn't allow sharing with people who use this email domain.

This happens because sharing with the external user’s domain may be blocked by your organization.

Fix Run the below PowerShell cmdlet to enable external sharing with the domain. 
Set-SPOTenant -SharingDomainRestrictionMode "AllowList" -SharingAllowedDomainList "<DomainName>"

Error "Anyone with the link" is Greyed Out.

This error occurs when you attempt to share content from a SharePoint site which prevents sharing with 'Anyone’.

Fix Run the below PowerShell cmdlet to set the external sharing level for a SharePoint site. 
Set-SPOSite -Identity <SiteURL> -SharingCapability ExternalUserSharingOnly

Error Sorry, access to this document has been removed.

This error occurs when the document owner has removed the sharing link for the file or folder.

Fix Contact the document owner to grant access to the resource.

Error Write-ErrorMessage|Microsoft.Exchange.Management.UnifiedPolicy.ErrorRuleNotFoundException|There is no rule matching identity '<LabelName>'.

This error happens when you specify a wrong value for the sensitivity label name.

Fix Run the below cmdlet to get the exact name of the sensitivity label from the “Name” value. 
Get-Label
SharePoint Online
Frequently Asked Questions

Manage SharePoint Online Sharing Settings to Safeguard Data in Microsoft 365

How to manage sharing settings in SharePoint Online?
Why do SharePoint site external sharing settings differ from org-wide settings?
How to change the default sharing settings of a SharePoint site?
How to prevent team members from sharing content on your SharePoint site?
How to remove shared links in SharePoint Online?

1. How to manage sharing settings in SharePoint Online?

For organizations collaborating with a wide range of users, including external parties, it's crucial to manage access permissions levels to site contents. You can change the sharing settings by navigating to the Sharing page of your SharePoint admin center.

  • SharePoint external sharing settings: You can choose the desired external sharing level based on your requirements. The four sharing levels available are:
    • Anyone
    • New and existing guests
    • Existing guests
    • Only people in your organization.
  • Limit external sharing by domain: Here, you have the option to allow sharing with only specific domains or to block certain domains.
  • Allow only users in specific security groups to share externally: With this option, you can choose specific security groups in your organization whose members are only authorized to share externally.
  • Guests must sign in using the same account to which sharing invitations are sent: This setting requires guests to sign in with the same account in which they receive the invitation. By default, they can use any account to login and access the content.
  • Set guest user access expiration: This setting allows you to define a time period for which the guest users are allowed to access a SharePoint site. After the specified time ends, their access to the site is revoked automatically.
  • Set default sharing link type: In this setting, you can specify the default link that is selected when users share files in SharePoint Online. You can also choose the default access permission level for these links.
  • Choose expiration and permissions options for ‘Anyone’ links: You can set expiration days and permission levels for files and folders shared with "Anyone" links. This option appears only when the "Anyone" link is chosen in the external sharing settings.

Access a detailed report on site collection sharing settings available in AdminDroid to get an overview of various sharing configurations for all the site collections in your Microsoft 365 organization.

  • This report helps you to identify the external sharing level, sharing allowed and blocked domains, etc., of all the site collections.
  • Use AdminDroid’s built-in charts to visually classify your site collections based on their sharing levels.
spo-sharing-configurations

Handy Hint: You can use the Report scheduling functionality to receive a weekly report on the sharing settings of your SharePoint Online sites.

2. Why do SharePoint site external sharing settings differ from org-wide settings?

The organization-wide sharing setting is not applied to all the SharePoint sites in your organization. Each site type has its own default sharing level irrespective of the organization-wide setting.

The default external sharing setting of each site type is mentioned below.

  • Classic Site: Only people in your organization.
  • Group-connected sites (including Teams): New and existing guests (if the Microsoft 365 groups have ‘Let group owners add people outside the organization to groups’ option is 'On'),

    Existing guests (if the Microsoft 365 groups have ‘Let group owners add people outside the organization to groups’ option is 'Off').
  • Communication Site: Only people in your organization.
  • Modern sites with no group: Only people in your organization.

Note: Classic, communication, and modern sites (without a group) will always have the Only people in your organization setting, regardless of the organization-wide setting. However, for group-connected sites, the default setting may vary based on your organization-wide setting.

For example, if your organization-wide setting is restrictive, such as Existing guests, then all group-connected sites will adopt this as default setting. Similarly, if the organization-wide setting is set to the most restrictive level like Only people in your organization, then all group-connected sites will have this as the default setting.

3. How to change the default sharing settings of a SharePoint site?

The default sharing setting based on site types may not suit your organization’s purpose. Some confidential sites may require more restricted access, while common sites may require more permissive access.

Follow the steps below to change the sharing settings for individual sites in SharePoint Online.

  • Login to the SharePoint Online admin center.
  • Navigate to Sites»Active Sites. Select the desired SharePoint site and hit on the Settings tab.
  • Click on the "More sharing settings" link. You can choose an external sharing level, change the default sharing link type, and the default sharing link permission.
  • Once done, click on Save.

Note: Here, you may notice that some of the sharing settings are greyed out. This is because you might have restricted those settings in your organization-wide sharing settings.

You can also use Microsoft 365 sensitivity labels to control the default sharing link settings for sites and documents. The more restrictive setting between these two will be the default sharing link for the documents.

Run the below PowerShell cmdlet to configure the default sharing link type of sensitivity labels.

Connect-IPPSSession -UserPrincipalName <UPN>
Set-Label -Identity "<LabelName>"-AdvancedSettings @{DefaultShareLinkPermission = "View" DefaultSharingScope = "SpecificPeople"}

Note: Make sure to replace <UPN> and <LabelName> with the appropriate values before executing the cmdlets.

Now, the documents or sites with this label will have the default sharing link as "People you choose" and sharing permission as "View". If required, you can also customize the DefaultShareLinkPermission and DefaultSharingScope parameters with other values as mentioned below.

  • DefaultShareLinkPermission -Edit
  • DefaultSharingScope -Organization, Anyone

4. How to prevent team members from sharing content on your SharePoint site?

If everyone on a SharePoint Online site can share the site and its content, it raises the risk of document overwrites, which could result in data loss or corruption. Without proper management, confidential documents may be exposed to unwanted users.

You can prevent users from sharing files in SharePoint Online by following the steps below.

  • Navigate to the desired SharePoint Online site.
  • Tap on the Settings (gear) icon and select Site permissions.
  • Under Site Sharing, select the "Change how members can share" link.
  • Here, you have three site sharing settings as mentioned below.
    • Site owners and members can share files, folders, and the site. People with Edit permissions can share files and folders.
    • Site owners, members, and people with Edit permissions can share files and folders, but only site owners can share the site.
    • Only site owners can share files, folders, and the site.
  • Choose the required sharing permission and click on Save.

You can audit sharing permission setting changes by selecting the "Modified Members Can Share" setting under Activity in your Office 365 audit logs. However, preparing the report may take more time if it includes multiple events.

Utilize the Member's Sharing Permission Setting Changes report in AdminDroid to track all sharing permission changes within a click.

  • This report provides information on who modified the setting and the time it was modified.
  • You can use the Site URL easy filter to view the sharing permission modifications for specific SharePoint Online sites.
sharing-permission-changes

Kickstart Your Journey With
AdminDroid

Your Microsoft 365 Companion with Enormous Reporting Capabilities

Download Now
Browse All Guides
User Help Manuals Compliance Docs
All Guides 99+
SharePoint Online
How to Audit Sharing Settings in SharePoint Online
SharePoint Online Guides
x
Delivering Reports on Time
Delivering Reports on Time
Want a desired Microsoft 365 reports every Monday morning? Ensure automated report distribution and timely delivery with AdminDroid's Scheduling to your email anytime you need.
Delivering Reports on Time
Schedule tailored reports to execute automatically at the time you set and deliver straight to the emails you choose. In addition, you can customize report columns and add inteligent filtering to the activities just from the previous day to suit your Microsoft 365 report requirements.
Set It, Schedule It, See Results- Your Reports, Your Way, On Your Time!
Time Saving
Automation
Customization
Intelligent Filtering
Give Just the Right Access to the Right People
Give Just the Right Access to the Right People
Grant fine-tuned access to any Microsoft 365 user with AdminDroid’s Granular Delegation and meet your organization’s security and compliance requirements.
Give Just the Right Access to the Right People
Create custom roles loaded with just the right permissions and give access to admins or normal users within AdminDroid. The result? A streamlined Microsoft 365 management experience that aligns your organization's security protocols and saves your invaluable time and effort.
Align, Define, Simplify: AdminDroid's Granular Delegation
Smart Organizational Control
Effortless M365 Management
Simplified Access
Advanced Alerts at a Glance
Advanced Alerts at a Glance
Receive quick notifications for malicious Microsoft 365 activities. Engage with the AdminDroid’s real-time alert policies crafted to streamline your security investigations.
Advanced Alerts at a Glance
Stay informed of critical activities like suspicious emails and high-risk logins, bulk file sharing, etc. Through creating and validating ideal alert policies, AdminDroid provides a comprehensive approach to real-time monitoring and management of potential threats within your organization.
AdminDroid Keeps You Always Vigilant, Never Vulnerable!
Proactive Protection
Real-time Monitoring
Security Intelligence
Threat Detection
Merge the Required Data to One Place
Merge the Required Data to One Place
Combine multiple required columns into one comprehensive report and prioritize the information that matters most to you with AdminDroid’s Advanced Column Customization.
Merge the Required Data to One Place
This column merging capability offers a flexible way to add different columns from various reports and collate all the essential data in one place. Want to revisit the customized report? Save it as a 'View’, and your unique report is ready whenever you need it.
Merge with Ease and Save as Views!
Custom Reporting
Unique View
Desired Columns
Easy Data Interpretation
Insightful Charts and Exclusive Dashboards
Insightful Charts and Exclusive Dashboards
Get a quick and easy overview of your tenant's activity, identify potential problems, and take action to protect your data with AdminDroid’s Charts and Dashboards.
Insightful Charts and Exclusive Dashboards
With AdminDroid charts and dashboards, visualize your Microsoft 365 tenant in ways you've never thought possible. It's not just about viewing; it's about understanding, controlling, and transforming your Microsoft 365 environment.
Explore Your Microsoft 365 Tenant in a Whole New Way!
Executive overviews
Interactive insights
Decision-making
Data Visualization
Efficient Report Exporting for Microsoft 365
Efficient Report Exporting for Microsoft 365
Downloading your reports in the right file format shouldn’t be a hassle with AdminDroid’s Report Export. Experience seamless report exporting in various formats that cater to your needs.
Efficient Report Exporting for Microsoft 365
Navigate through diverse options and export Microsoft 365 reports flawlessly in your desired file format. Tailor your reports precisely as you need them and save them directly to your computer.
Take Control, Customize and Deliver- Your Office 365 Data, Exported in Your Way!
Easy Export
Seamless Downloading
Data Control
Manage Microsoft 365

Get AdminDroid Office 365 Reporter Now!

Free Download Live Demo