As an MSP, you may want to allow your clients to collaborate with outside organizations to work on projects or share documentation. Additionally, you may want to share internal dcuments and with your clients and have access to some of their informaiton. This article is part of a 5 article series that will explain the ways we can use Office 365 for Inter-tenant collaboration. This article will be focusing on Sharepoint and OneDrive.
Goals of Inter-Tenant Collaboration
- Central location for files and conversations
- Sharing Of Calendars
- Using IM
- Audio/video calls for communication
- Securing access to resources and applications
Sharing Options
*Note that external sharing is turned on by default for your entire SharePoint Online environment and the site collections in it.*
No Sharing
- Sites and documents can only be shared with internal users in your Office 365 subscription.
- Sites, folders, and documents can only be shared with external users who are already in your Office 365 user directory
- Users who have previously accepted a sharing invitation or users who you have imported from another Office 365 or Azure Active Directory tenant.
Sharing with authenticated external users
- Sites can be shared with external users who have a Microsoft account or a work or school account from another Office 365 subscription or an Azure Active Directory subscription
- Not required to login but receive on time code
- Documents and folders (but not sites) can be shared via an anonymous link where anyone with the link can view or edit the document, or upload to the folder
Types of Users
Authenticated External Users
Business Scenrio
Lets say I have created a site in sharepoint for an upcoming project and i want to add a business partner from another firm
Site Permissions
Go to Settings>Site Permissions
Invite External User
Click on Invite People Type in the email address of the external user
Invite External User
Click Share Site Only and Type in the email address of the external user
Customize the Text in Email
You can write a message that will go in the email inviting the user to the site
The end user will get an email with a subject line of "*Invitee Name* wants to share *site name* and the following body with a link to get to the sharepoint site
Authenticate
Once the link is clicked the user will be ask to sign in with a Microsoft account
Directory Add
Once the user successfully authenticates, they will be added to your directory in 365, distinctly labeled with #EXT# and Guest
Anonymous Users
Business Scenrio
Lets say I have some files or documents I want outside users to edit without editing. View and edit links are created separately and can be set to expire at a specified time. Anonymous users are not added to the user list in Office 365. You can discontinue sharing with them by going to the document or folder that you shared and deleting the anonymous link.
Share
Choose the documenet you want to share and click on the share icon in the right-hand corner
Custom Settings
Click the link settings and choose "Specific People"
Designate User
Add the outside users email address and click Send
Doc Link
The user will get an email with a link to the Document. Clicking on this link will take them to the doc where they can view/edit depending on what permissions you gave them.
Share Settings
All share settings can be customized in the Sharepoint and OneDrive admin Centers.
Security Considerations
*If you have confidential information that should never be shared with external users, consider having one or more site collections where external sharing is turned off where you keep your confidential information.*