Creating the report
A CSV file can be created that shows the permissions for each unique folder, file, user, permission and link on a SharePoint site or OneDrive. This can help you see how sharing works and if any files or folders are shared with guests.
If you want to run the report from a SharePoint site (Only site admins can run the report in SharePoint). In Microsoft SharePoint, you can create a folder with different permissions where only site owners can see the report if you don't want site members to access the report.
- Open the site where you want to run the report
- Click on the gear in the upper right hand corner to access the Settings menu, click Site usage.
- In the Shared with external users section, click Run report.
- Choose a location to save the report, and then click Save.
To run the report in your OneDrive
- From the Microsoft 365 app launcher, select the OneDrive tile.
- On the Settings menu, click OneDrive settings.
- Click More settings, and then click Run sharing report.
- Choose a location to save the report, and then click Save.
Depending on how big the site is and how much content is shared, it might take a while for the report to run.
When the report is finished running you will receive an email with a link to the report.
CSV output format
For items shared with direct access, the report contains one row for each user / item combination. SharePoint groups are shown in the report, but not individual users inside them.
For items shared with a link, the report contains a row for each signed-in user who has used the link or has been sent the link through the sharing dialog. Links emailed directly that haven't been clicked, and Anyone links are not included in the report.
For more detains on the contents of the report see here ► Report on sharing - SharePoint in Microsoft 365 | Microsoft Learn
Working with the report
Below are some tips to help SharePoint site administrators as they review the report.
- Be aware that people who have left Northwestern, no matter how long ago, will still appear on this report. (Their access, however, is removed as part of Northwestern’s NetID policies.) You can remove their access for to clean up permission if desired.
- Some Collaboration Service administrative accounts (example: “SharePoint Admins”, “CS O365 Admin”) may have access via site collection admins. How to add and remove site collection admins to a SharePoint site ► Article - How to Add and Remove Share... (northwestern.edu)
- The report will show permissions granted to internal, Northwestern accounts as well as permissions granted to external third parties as well as “Everyone except external users”.
- While this report looks at the entire SharePoint site, it’s also possible to look at access to a specific folder or document using the “Manage Access” functionality.
Once the report is generated the, there are several important actions they can take based on the insights provided:
- Review Sharing Patterns:
- Examine the report to understand how files and folders are being shared. Look for any unexpected or unauthorized sharing.
- Identify which items are frequently shared and with whom.
- Remove access.
- Audit External Sharing:
- Pay close attention to files and folders shared with external users (guests). Ensure that these external users have a legitimate reason to access the content.
- If any sensitive or confidential information is being shared externally, consider restricting access or implementing additional security measures.
- Evaluate Permissions:
- Check the permissions granted to users. Are they appropriate for the content being shared?
- Consider adjusting permissions if necessary. For example, limit editing access to read-only or restrict sharing options or removing permissions. Removing access at the document library, the folder, then the document level will have the most impact on permissions respectively.
- Monitor User Behavior:
- Keep an eye on user behavior patterns. Are there specific users who frequently share files? Are there unusual sharing activities?
- Address any anomalies promptly.
Reference
More information regarding the Report ► Report on sharing - SharePoint in Microsoft 365 | Microsoft Learn
How to remove a single user from an entire SharePoint site or OneDrive ► Article - How to Remove a User from a... (northwestern.edu)
Stop sharing OneDrive or SharePoint files or folder, or change permissions ► https://support.microsoft.com/en-us/office/stop-sharing-onedrive-or-sharepoint-files-or-folders-or-change-permissions-0a36470f-d7fe-40a0-bd74-0ac6c1e13323
How to add and remove a SharePoint site collection admins ► Article - How to Add and Remove Share... (northwestern.edu)
Customize permissions on a SharePoint list or library ► https://support.microsoft.com/en-us/office/customize-permissions-for-a-sharepoint-list-or-library-02d770f3-59eb-4910-a608-5f84cc297782?ui=en-us&rs=en-us&ad=us
Manage permissions on SharePoint files or folders ► https://support.microsoft.com/en-us/office/share-sharepoint-files-or-folders-1fe37332-0f9a-4719-970e-d2578da4941c
Your feedback on this article is welcome, and we review comments regularly. However, if you have an issue or question requiring immediate attention or want to discuss your feedback on this article, please get in touch with the Northwestern IT Service Desk at 847-49
1-4357 (1-HELP) or
consultant@northwestern.edu.