Don’t you hate when your friends give you something for your Birthday that they, in turn, got as a gift themselves? Oh, don’t tell me, you never did this yourself! I will admit it, I did this a few times myself (this is what happens when your friends buy you cheap gifts from Walmart®). We kind of have the same ability in SharePoint, where we can share files and folders with others, and the recipients can reshare it without our knowledge of it. While we can’t stop those “regifters” in real life, we can in SharePoint and OneDrive (to some extent). So with this post, I would like to explain how to stop re-sharing of content in SharePoint and OneDrive.
Stop re-sharing of content for Internal Users
It is somewhat impossible to prevent internal users from resharing content from SharePoint and OneDrive. Anyone with the Edit permissions to the content can further share it with anyone they want. For example, if I (Greg) share a file or folder with Mary, and leave the Edit checkbox checked (which is usually the default setting), then Mary will be able to further re-share the file or folder I shared with anyone she wants.
Me sharing a file with Mary
Mary re-sharing the file with John
The only way to prevent re-sharing is to Grant the recipient Read-Only Access to the content AS WELL AS Share via Specific people link. Only when these two conditions are met, and you share a document or folder with the recipient…
…the recipient will not be able to easily re-share further. What will happen is that when the recipient tries to reshare content to someone else, two of the sharing links will be gone. The only choices available are People with existing access and Specific People. The first link type guarantees that no new users who do not have access already will be able to be the new recipients. When the user chooses Specific People link type and invites someone else, upon sharing, he/she will be presented with the following pop-up.
The original user who shared the document will then get an email asking to approve or decline the sharing request.
The above workaround kind of depends on the sharing links chosen by originator, however, link types can be set as defaults in the SharePoint Admin Center. Please reference this post to learn more.
Stop re-sharing of content for External Users
Luckily, when it comes to external sharing, we have better controls in place to stop re-sharing of content in SharePoint and OneDrive.
- Navigate to the Office 365 Admin Center
- Under Admin centers, choose SharePoint
- Under Policies, click on Sharing
- Under More external sharing settings, uncheck the box next to Allow guests to share items they don’t own
- Click Save at the bottom of the page
- Next, when you share a file or folder with an external user (I described that process here), and the external user tries to re-share the content to someone else, they won’t be able to as all of the link types except for People with existing access will be grayed out.
- The only remaining link type above assures no new users can be added to the file unless they already got access to it.
Just like with the SharePoint Admin Center, OneDrive Admin Center has the same checkbox.
- Using the steps above, navigate to Office 365 Admin Center.
- Click on OneDrive Admin Center
- Under Sharing > Advanced settings for external sharing uncheck the box next to Let external users share items they don’t own. Click Save
- And just like in the previous example, when the external user tries to re-share the file – there is no such option!