1. Home
  2. NHSmail Refresh
  3. Local Administrator Guidance
  4. Disabling SharePoint & OneDrive Access

Disabling SharePoint & OneDrive Access

This article is aimed at supporting Local Administrators (LAs) with controlling user access to both SharePoint and OneDrive.

Microsoft provide a standard grace period for these applications, meaning even when toggled off in a user policy via the NHSmail portal, there will be a period in which users can continue to access and use both applications.

This article provides guidance on how Local Administrators (LAs) can take additional steps to restrict access appropriate.

Important Note

A OneDrive instance is automatically created when an O365 licence is applied to a user and as such this feature cannot be fully disabled for a user as this is tied directly to Teams access for users.

This is a limitation of the Microsoft product itself rather than something which is specific to the NHSmail shared tenant and cannot currently be resolved.

Disabling application access via user policies:

Step 1: Login to the NHSmail portal, select Admin> User Policy Management and select the policy you wish to disable

Step 2: Click SharePoint (includes OneDrive toggle) to off

Step 3: This action has disabled SharePoint/OneDrive for all the users within that policy

Important Note

It is expected behaviour that OneDrive/SharePoint access will continue for a period (defined by Microsoft) after the toggles are turned off by an LA.

If you wish to prevent further access during the grace period with Microsoft, please follow the guidance below:

Removing access from SharePoint Site collections:

Step 1: Log in to your Office 365 account and navigate to the SharePoint site that requires management. Select Setting via the cog icon in the top right-hand corner of the window

 

Step 2: Select Site permissions to continue to the management window

Step 3: Select members or visitors based on the level of permission provided to the user you wish to remove.

Warning: removing an owner may cause access issues and result in being locked out of the SharePoint site.

 

Step 4: Select the individual users to remove from the SharePoint site, or, select all users by selecting the multi-select button

 

Step 5: Select Actions and then Remove Users from Group

Step 6: If prompted, click OK

Step 7: The user(s) will be removed

Important Note

For Teams SharePoint sites, access can easily be revoked by removing the user from the Team. This can be done via the NHSmail Portal or directly in the Teams application. Only Team owners can remove members.

OneDrive Access:

Access to the OneDrive application cannot be further restricted within the Microsoft grace period. Local Administrators (LAs) can delete the contents of a user’s OneDrive if appropriate.

Please see the guidance on how to delete a user’s data on OneDrive for further information. Please read the important considerations when looking to complete this action and ensure it complies with your local organisation data retention policies.

Important Note

Following the disablement of OneDrive, users will still be able to:

  • Share files directly in Teams one to one chats and across Teams Channels
  • Access links (URLs) to OneDrive content previously shared with them

Updated on 23/03/2021

Related Articles

Need Support?
Can’t find the answer you’re looking for? Don’t worry we’re here to help!
Contact Support
back to top