Updates from: 04/29/2021 03:31:23
Service Microsoft Docs article Related commit history on GitHub Change details
SharePoint External Sharing Overview https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointOnline/external-sharing-overview.md
When users share *sites*, recipients will be prompted to sign in with:
When users share *files and folders*, recipients will also be prompted to sign in if they have: - A Microsoft account
-These recipients will typically be added to your directory as guests, and then permissions and groups work the same for these guests as they do for internal users. (To ensure that all guests are added to your directory, use the [SharePoint and OneDrive integration with Azure AD B2B](./sharepoint-azureb2b-integration-preview.md).)
+These recipients will typically be added to your directory as guests, and then permissions and groups work the same for these guests as they do for internal users. (To ensure that all guests are added to your directory, use the [SharePoint and OneDrive integration with Azure AD B2B](./sharepoint-azureb2b-integration.md).)
Because these guests do not have a license in your organization, they are limited to basic collaboration tasks:
SharePoint Modern Experience Sharing Permissions https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointOnline/modern-experience-sharing-permissions.md
Azure AD B2B provides authentication and management of guests. Authentication ha
With SharePoint and OneDrive integration, the Azure B2B one-time passcode feature is used for external sharing of files, folders, list items, document libraries and sites.
-With Azure B2B integration, all guests are added to the directory and can be managed using Microsoft 365 security and compliance tools. We encourage you to try the [SharePoint and OneDrive integration with Azure AD B2B](sharepoint-azureb2b-integration-preview.md).
+With Azure B2B integration, all guests are added to the directory and can be managed using Microsoft 365 security and compliance tools. We encourage you to try the [SharePoint and OneDrive integration with Azure AD B2B](sharepoint-azureb2b-integration.md).
## See also
SharePoint Restricted Domains Sharing https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointOnline/restricted-domains-sharing.md
description: "Allow sharing only with guests on specific domains, or block shari
If you want to restrict sharing with other organizations (either at the organization level or site level), you can limit sharing by domain. > [!NOTE]
-> If you have enrolled in the [SharePoint and OneDrive integration with Azure AD B2B](sharepoint-azureb2b-integration-preview.md), invitations in SharePoint are also subject to any [domain restrictions configured in Azure Active Directory](/azure/active-directory/b2b/allow-deny-list).
+> If you have enrolled in the [SharePoint and OneDrive integration with Azure AD B2B](sharepoint-azureb2b-integration.md), invitations in SharePoint are also subject to any [domain restrictions configured in Azure Active Directory](/azure/active-directory/b2b/allow-deny-list).
## Limiting domains
You can limit domains by allowing only the domains you specify or by allowing al
2. Under **Advanced settings for external sharing**, select the **Limit external sharing by domain** check box, and then select **Add domains**.
-3. To create an allow list (most restrictive), select **Allow only specific domains**; to block only the domains you specify, select **Block specific domains**.
+3. To create an allowlist (most restrictive), select **Allow only specific domains**; to block only the domains you specify, select **Block specific domains**.
4. List the domains (maximum of 3000) in the box provided, using the format *domain.com.* If listing more than one domain, enter each domain on a new line.
You can also limit domains at the site collection level. Note the following cons
- In the case of conflicts, the organization-wide configuration takes precedence over the site collection configuration. -- If an organization-wide allow list is configured, then you can only configure an allow list at the site collection level. The site collection allow list must be a subset of the organization's allow list.
+- If an organization-wide allowlist is configured, then you can only configure an allowlist at the site collection level. The site collection allowlist must be a subset of the organization's allowlist.
-- If an organization-wide deny list is configured, then you can configure either an allow list or a deny list at the site collection level.
+- If an organization-wide blocklist is configured, then you can configure either an allowlist or a blocklist at the site collection level.
- For individual OneDrive site collections, you can only configure this setting by using the [Set-SPOSite](/powershell/module/sharepoint-online/Set-SPOSite) Windows PowerShell cmdlet.
You can also limit domains at the site collection level. Note the following cons
2. Under **Advanced settings for external sharing**, select the **Limit external sharing by domain** check box, and then select **Add domains**.
-3. Select **Allow only specific domains** to create an allow list (most restrictive), or to block only the domains you specify, select **Block specific domains**.
+3. Select **Allow only specific domains** to create an allowlist (most restrictive), or to block only the domains you specify, select **Block specific domains**.
4. List the domains (maximum of 100) in the box provided, using the format *domain.com.* If listing more than one domain, enter each domain on a new line.
SharePoint Sharepoint App Bar https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointOnline/sharepoint-app-bar.md
The SharePoint app bar brings together intranet resources and personalized conte
> - The SharePoint app bar is not available on classic SharePoint sites today, however soon administrators will be able to add it to classic sites manually. > - The SharePoint app bar may impact current page customizations specifically those that appear on the left side. > - Personalized content in the SharePoint app bar is enabled by Microsoft Graph.
+> - The SharePoint app bar will not display in SharePoint for external or guests users.
> - When Microsoft Graph is disabled, the news and sites experience will be degraded. > - The SharePoint app bar can be temporarily disabled between today and when it becomes available to all customers to give customers more time to prepare for this change. Temporarily disabling the app bar will delay the rollout of this feature in your organization until October 31, 2021.
SharePoint Sharepoint Azureb2b Integration https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointOnline/sharepoint-azureb2b-integration.md
+
+ Title: Azure AD B2B integration for SharePoint & OneDrive
++++
+recommendations: true
+audience: Admin
+f1.keywords:
+- CSH
++
+localization_priority: Priority
+search.appverid:
+- MET150
++
+ - Adm_O365
+ - seo-marvel-apr2020
+description: In this article, you'll learn about the SharePoint and OneDrive integration with Azure AD B2B.
++
+# SharePoint and OneDrive integration with Azure AD B2B
+
+This article describes how to enable Microsoft SharePoint and Microsoft OneDrive integration with Azure AD B2B.
+
+Azure AD B2B provides authentication and management of guests. Authentication happens via one-time passcode when they don't already have a work or school account or a Microsoft account.
+
+With SharePoint and OneDrive integration, the Azure B2B one-time passcode feature is used for external sharing of files, folders, list items, document libraries and sites. This feature provides an upgraded experience from the existing [secure external sharing recipient experience](what-s-new-in-sharing-in-targeted-release.md).
+
+Enabling this integration does not change your sharing settings. For example, if you have site collections where external sharing is turned off, it will remain off.
+
+Once the integration is enabled you and your users do not have to reshare or do any manual migration for guests previously shared with. Instead, when someone outside your organization clicks on a link that was created before Azure AD B2B integration was enabled, SharePoint will automatically create a B2B guest account. This guest account is created on behalf of the user who originally created the sharing link. (If the user who created the link is no longer in the organization or no longer has permission to share, the guest will not be added to the directory and the file will need to be reshared.)
+
+SharePoint and OneDrive integration with the Azure AD B2B one-time passcode feature is currently not enabled by default. Later, this feature will replace the ad-hoc external sharing experience used in OneDrive and SharePoint today.
+
+Advantages of Azure AD B2B include:
+- Invited people outside your organization are each given an account in the directory and are subject to Azure AD access policies such as multi-factor authentication.
+- Invitations to a SharePoint site use Azure AD B2B and no longer require users to have or create a Microsoft account.
+- If you have configured Google federation in Azure AD, federated users can now access SharePoint and OneDrive resources that you have shared with them.
+- SharePoint and OneDrive sharing is subject to the Azure AD organizational relationships settings, such as **Members can invite** and **Guests can invite**.
+
+This integration is not supported in the following Microsoft 365
+- Office 365 Germany
+- Office 365 operated by 21Vianet
+- GCC High and DoD
+
+## Enabling the integration
+
+This integration requires that your organization also enable [Azure AD email one-time passcode authentication](/azure/active-directory/b2b/one-time-passcode).
+
+To enable Azure AD passcode authentication
+1. Sign in to the [Azure portal](https://portal.azure.com) as an Azure AD global admin.
+2. In the nav pane, select **Azure Active Directory**.
+3. Under **Manage**, click **External identities**.
+4. Click **External collaboration settings**.
+5. Under **Email one-time passcode for guests**, choose **Enable email one-time passcode for guests effective now**.
+6. Select **Save**.
+
+To enable SharePoint and OneDrive integration with Azure AD B2B
+1. [Download the latest SharePoint Online Management Shell](https://go.microsoft.com/fwlink/p/?LinkId=255251).
+
+ > [!NOTE]
+ > If you installed a previous version of the SharePoint Online Management Shell, go to Add or remove programs and uninstall "SharePoint Online Management Shell." <br>On the Download Center page, select your language and then click the Download button. You'll be asked to choose between downloading a x64 and x86 .msi file. Download the x64 file if you're running the 64-bit version of Windows or the x86 file if you're running the 32-bit version. If you don't know, see [Which version of Windows operating system am I running?](https://support.microsoft.com/help/13443/windows-which-operating-system). After the file downloads, run it and follow the steps in the Setup Wizard.
+
+2. Connect to SharePoint as a [global admin or SharePoint admin](./sharepoint-admin-role.md) in Microsoft 365. To learn how, see [Getting started with SharePoint Online Management Shell](/powershell/sharepoint/sharepoint-online/connect-sharepoint-online).
+3. Run the following cmdlets:
+ ```PowerShell
+ Set-SPOTenant -EnableAzureADB2BIntegration $true
+ Set-SPOTenant -SyncAadB2BManagementPolicy $true
+ ```
+
+## Disabling the integration
+
+You can disable the integration by running `Set-SPOTenant -EnableAzureADB2BIntegration $false`.
+Content that was shared externally while the integration was enabled will need to be shared again with those people.
+
+## See also
+
+[Set-SPOTenant](/powershell/module/sharepoint-online/set-spotenant)
+
+[External sharing overview](./external-sharing-overview.md)
SharePoint What S New In Sharing In Targeted Release https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointOnline/what-s-new-in-sharing-in-targeted-release.md
description: "In SharePoint, if you share with a user who is not in the director
In SharePoint, if you share with a person who is not in the directory, they're sent a one-time code that they can use to verify their identity.
-This article describes the current default one-time-passcode experience. However, we recommend that you enable [SharePoint and OneDrive integration with Azure AD B2B](sharepoint-azureb2b-integration-preview.md), which will replace this experience.
+This article describes the current default one-time-passcode experience. However, we recommend that you enable [SharePoint and OneDrive integration with Azure AD B2B](sharepoint-azureb2b-integration.md), which will replace this experience.
Recipients of secure external sharing who also use Microsoft 365 in their organization can sign in using their work or school account to access the document. After they have entered the one-time passcode for verification the first time, they will authenticate with their work or school account and have a guest account created in the host's organization. IT admins can manage them like any other guest account in their directory.