This article is aimed at supporting Local Administrators (LAs) with controlling user access to both SharePoint and OneDrive.
Microsoft provide a standard grace period for these applications, meaning even when toggled off in a user policy via the NHSmail portal, there will be a period in which users can continue to access and use both applications.
This article provides guidance on how Local Administrators (LAs) can take additional steps to restrict access appropriate.
Disabling application access via user policies:
Step 1: Login to the NHSmail portal, select Admin> User Policy Management and select the policy you wish to disable
Step 2: Click SharePoint (includes OneDrive toggle) to off
Step 3: This action has disabled SharePoint/OneDrive for all the users within that policy
If you wish to prevent further access during the grace period with Microsoft, please follow the guidance below:
Removing access from SharePoint Site collections:
Step 1: Log in to your Office 365 account and navigate to the SharePoint site that requires management. Select Setting via the cog icon in the top right-hand corner of the window
Step 2: Select Site permissions to continue to the management window
Step 3: Select members or visitors based on the level of permission provided to the user you wish to remove.
Warning: removing an owner may cause access issues and result in being locked out of the SharePoint site.
Step 4: Select the individual users to remove from the SharePoint site, or, select all users by selecting the multi-select button
Step 5: Select Actions and then Remove Users from Group
Step 7: The user(s) will be removed
OneDrive Access:
Access to the OneDrive application cannot be further restricted within the Microsoft grace period. Local Administrators (LAs) can delete the contents of a user’s OneDrive if appropriate.
Please see the guidance on how to delete a user’s data on OneDrive for further information. Please read the important considerations when looking to complete this action and ensure it complies with your local organisation data retention policies.