While trying to configure a 2016 hybrid SharePoint
environment, I wanted to explore the features of a O365 Extranet. Having never
set one up before, I turned to Microsoft for articles on how to simply set it
up. I found many articles on what they were and why they would be useful, even
pitfalls to avoid. However, I never came across a step by step guide, or if I
did, it seemed like it was written pretty early in the lifecycle and Microsoft
had already made changes to the product that made the article null and void. So,
I ended up spending vast amounts of time getting my environment set up and
configured as securely as possible. It is possible that I am spoiled as
Extranet Collaboration Manger for On Prem takes about 10 minutes using the
helpful wizard. What you find below are the notes of the steps that I took.
Hopefully you find these instructions and are able to get your o365 extranet
configured in much less time than it took me!
I should note that before enabling external sharing for SharePoint,
you'll have to make sure it's enabled for your Office 365 tenant as a whole.
This can be found under the Security & Privacy tab of your Settings menu
within your Tenant Admin Console. There, you can control external sharing
globally first.
- From the Tile screen click on admin
- Next click on Security & privacy link in the left Nav
3. Click the Edit button and ensure that “Let users add
new guests to the organization” is set to.
4. From your Office 365 home screen, navigate to your
Admin center
- From the Admin center, choose the "Admin Centers" tab on the left-hand side and then "SharePoint .” This will take you to the SharePoint admin settings page, where you can configure external sharing.
- Click the "Sharing " link to view all of the sharing options.
The image
you see is not the default image but the settings that were chosen for our
specific environment.
Here are the
available options that you can choose from when configuring external sharing:
"Don’t
allow sharing outside of your organization."
This option
will turn off sharing to anyone outside your organization – Very well named
"Allow
sharing only with the external users that already exist in your organization’s
directory."
This option
tells your SharePoint environment that only existing users can be granted
access to content in your tenant. But you may be saying to yourself that you do
not want external users in your Azure AD. When an External User is added to
your organization, They are added to your Azure Active Directory, just as a
guest. In the below image you can see
two users that were invited and added as Guest users in my Azure AD.
An admin can
manually create these external users in their Azure Active Directory via the
Azure Portal, but SharePoint will not facilitate the creation of new users
through its' sharing interface. For some, this option may be desireable as you
may want your SharePoint Admin to create all the external users. If you want to
delegate some onboarding to internal users, keep reading.
"Allow
users to invite and share with authenticated external users."
Enabling
sharing with authenticated external users means allowing your employees to
invite new guest users to your directory and share specific content with them,
without an administrator’s direct approval.
"Allow
users to invite and share with authenticated external users and using anonymous
access links."
Authenticated
external users can be invited to log in and view or edit documents, but
anonymous users can also be shared with if the owner of the document chooses to
share an anonymous link. Be VERY careful with this option. For the most
part, I think you will want to avoid this option.
Depending on which option you chose, you should now be able to browse out to a SharePoint site and click the Share option on the page and start your external collaboration.
No comments:
Post a Comment