Listen to this Post
Concerned about external users’ access to your organization’s sensitive data? Never allow resources to fall into the wrong hands!
As an admin, it’s crucial to know who’s sharing resources with people outside your organization and with whom. Unfortunately, Microsoft doesn’t provide a built-in report for this. So, how can you address this challenge?
The solution is right here! Download and run the script below. It helps you keep tabs on who’s sharing files externally and when. Plus, you can schedule it to generate reports automatically.
You can download the script from GitHub: https://lnkd.in/dUF4GyxF
You Should Know:
To effectively audit and report SharePoint Online external sharing using PowerShell, follow these steps:
1. Install Required Modules:
Ensure you have the SharePoint Online Management Shell installed. Run the following command to install it:
Install-Module -Name Microsoft.Online.SharePoint.PowerShell -Force
2. Connect to SharePoint Online:
Use the following command to connect to your SharePoint Online tenant:
Connect-SPOService -Url https://<your-tenant>-admin.sharepoint.com
3. Run the External Sharing Audit Script:
Download the script from the provided GitHub link and execute it. Here’s a sample command to run the script:
.\Audit-ExternalSharing.ps1 -ReportPath "C:\Reports\ExternalSharingReport.csv"
4. Schedule the Script:
Use Task Scheduler to automate the script execution. Create a basic task and set the action to run the PowerShell script at your desired frequency.
5. Review the Report:
The script generates a CSV report detailing external sharing activities. Use tools like Excel or Power BI to analyze the data.
6. Enhance Security:
Based on the report, take necessary actions such as revoking access or updating sharing policies. Use the following command to revoke external access:
Set-SPOSite -Identity <SiteURL> -SharingCapability Disabled
What Undercode Say:
Auditing and reporting external sharing in SharePoint Online is a critical task for maintaining data security. By leveraging PowerShell, admins can automate this process and ensure compliance with organizational policies. Below are additional commands and tips to enhance your SharePoint Online management:
- List All Sites with External Sharing Enabled:
Get-SPOSite | Where-Object { $_.SharingCapability -ne "Disabled" } | Select-Object Url, SharingCapability -
Check External Users for a Specific Site:
Get-SPOExternalUser -SiteUrl <SiteURL>
-
Disable External Sharing for a Specific Site:
Set-SPOSite -Identity <SiteURL> -SharingCapability Disabled
-
Enable External Sharing for a Specific Site:
Set-SPOSite -Identity <SiteURL> -SharingCapability ExternalUserSharingOnly
-
Monitor User Activity:
Use the following command to retrieve user activity logs:Get-SPOUserActivityReport -PeriodType D7
For more advanced auditing, consider integrating Azure Sentinel or Microsoft 365 Defender. These tools provide comprehensive insights into user activities and potential security threats.
By following these steps and utilizing the provided commands, you can ensure a secure and well-managed SharePoint Online environment.
Reference:
References:
Reported By: Jake Admindroid – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅



