SharePoint Online: Using PowerShell, enable or disable the “Everyone” group


Overview

All users who already have access to the site are included in “everyone” claims in SharePoint Online. This includes both accounts from the authentication provider (usually Active Directory) and any external accounts that have been invited to the tenant. This is comparable to the requirement for “all authenticated users” to log in. (not anonymous users).


Using PnP PowerShell, turn on “Everyone” or “Everyone Except External Users”


To enable Everyone and Everyone except external users in the SharePoint Online persons picker, use this PnP PowerShell script.

$adminUrl = "https://mysptenant-admin.sharepoint.com"
Connect-PnPOnline -Url $adminUrl -Interactive
 
#To hide "Everyone Except External Users" in People Picker
Set-PnPTenant -ShowEveryoneExceptExternalUsersClaim $True
 
#To show "Everyone" in people picker
Set-PnPTenant -ShowEveryoneClaim $True

Remove “Everyone” from SharePoint Online except for external users.


The “Everyone except external users” group, which by default is given member permissions of the site, is immediately added to when a new user is added to Office 365. Use the “Everyone except external users” Group to provide all internal users (workers) access to a SharePoint site.

It is customary to use the “Everyone except external users group” rather than the “Everyone” Group when you need to make a site accessible to everyone in your organization. If necessary, you may adjust the “ShowEveryoneExceptExternalUsersClaim” option to “False” to prevent “Everyone Except External Users” from making a claim.


$adminUrl = "https://mysptenant-admin.sharepoint.com"

Connect-SPOService -url $AdminURL
 
#To disable Everyone group
Set-SPOTenant -ShowEveryoneExceptExternalUsersClaim $False

Enable “Everyone” group in SharePoint Online

Enable the “Everyone” group using the PowerShell commands below if it isn’t already.


Set-SPOTenant -ShowEveryoneClaim $True

How can the “Everyone” Group be disabled in SharePoint Online?


$adminUrl = "https://mysharepointtenant-admin.sharepoint.com/"
 

Connect-SPOService -url $adminUrl
 

Set-SPOTenant -ShowEveryoneClaim $False

Now that’s another tip! Hope it helps somehow. Let me know if you have questions or just leave a comment if we missed something.

Happy SharePointing! #SharingIsCaring


Accounting.js Automation Collaboration Competitors Connect Content Type Design Expand Flows Hillbilly Tabs Issues Javascript Limitation Limitations Microsoft Teams ModernScriptEditor NodeJs Node Versioning Numeral.js O365 Office 365 OneDrive Out Of The Box PnP Power Automate PowerShell Pwermissions Rest Endpoint ScriptEditor Send an HTTP Request to SharePoint SharePoint SharePoint Architecture SharePoint Designs SharePoint Modern SharePoint Online SharePoint Tabs ShellScript SPFX SPO Sync Teams Transform JS TypeScript Versioning Workflows

Leave a Comment

Your email address will not be published. Required fields are marked *