SharePoint Online: Using PowerShell, enable or disable the “Everyone” group

Leave a Comment / Office 365, Other, PnP, PowerShell, SharePoint / By

Overview

All users who already have access to the site are included in “everyone” claims in SharePoint Online. This includes both accounts from the authentication provider (usually Active Directory) and any external accounts that have been invited to the tenant. This is comparable to the requirement for “all authenticated users” to log in. (not anonymous users).

Using PnP PowerShell, turn on “Everyone” or “Everyone Except External Users”

To enable Everyone and Everyone except external users in the SharePoint Online persons picker, use this PnP PowerShell script.

$adminUrl = "https://mysptenant-admin.sharepoint.com"
Connect-PnPOnline -Url $adminUrl -Interactive
 
#To hide "Everyone Except External Users" in People Picker
Set-PnPTenant -ShowEveryoneExceptExternalUsersClaim $True
 
#To show "Everyone" in people picker
Set-PnPTenant -ShowEveryoneClaim $True

Remove “Everyone” from SharePoint Online except for external users.

The “Everyone except external users” group, which by default is given member permissions of the site, is immediately added to when a new user is added to Office 365. Use the “Everyone except external users” Group to provide all internal users (workers) access to a SharePoint site.

It is customary to use the “Everyone except external users group” rather than the “Everyone” Group when you need to make a site accessible to everyone in your organization. If necessary, you may adjust the “ShowEveryoneExceptExternalUsersClaim” option to “False” to prevent “Everyone Except External Users” from making a claim.


$adminUrl = "https://mysptenant-admin.sharepoint.com"

Connect-SPOService -url $AdminURL
 
#To disable Everyone group
Set-SPOTenant -ShowEveryoneExceptExternalUsersClaim $False

Enable “Everyone” group in SharePoint Online

Enable the “Everyone” group using the PowerShell commands below if it isn’t already.


Set-SPOTenant -ShowEveryoneClaim $True

How can the “Everyone” Group be disabled in SharePoint Online?


$adminUrl = "https://mysharepointtenant-admin.sharepoint.com/"
 

Connect-SPOService -url $adminUrl
 

Set-SPOTenant -ShowEveryoneClaim $False

Now that’s another tip! Hope it helps somehow. Let me know if you have questions or just leave a comment if we missed something.

Happy SharePointing! #SharingIsCaring

Automation Check Current User Is External User CLI Content Type CopyExcelRecordToList DenyAddAndCustomizePages Design ExcelPowerAutomate Expand Flows Issues Javascript Limitation Limitations List Templates Metadata ModernScriptEditor Node NodeJs Node Versioning NVM O365 o365 Cli OneDrive People People Metadata Permission PnP Power Automate PowerShell Rest Endpoint Save as Template ScriptEditor Send an HTTP Request to SharePoint SharePoint SharePoint Architecture SharePoint Designs SharePointList SharePoint Modern SharePoint Online SPFX SPO Sync Versioning Workflows

Leave a Comment

Your email address will not be published. Required fields are marked *