Configure OneDrive access delegation up on account removal

When you remove a user from Office 365 or Active Directory, you can decide what to do with this user’s content, e-mail account and related product licenses. For more information on this refer to my previous article- Things to consider when deleting a user account from an Office 365 subscription.

Access%20Delegation-01

With this article, we will discover how we can configure OneDrive to automatically delegate access to someone else up on a user’s departure (after the removal of the account). In simple terms, let’s configure delegation.

Default setting for a deleted user is- the access granted to the Manager of the particular user for 30 days period (unless you have customized the retention period). But, what if a user has no Manager defined and access delegation is disabled, too ? In that case, OneDrive will follow the steps described in my previous article (Things to consider when deleting a user account from Office 365). So make sure you read through that, too.

Here are the steps:

Sign in to Office 365 Admin Center as an Global Admin. If you are prompted with a Access message, probably you do not have Global Admin rights. You may either have to request or perhaps you may not be the right person to do this task in your organization so refer to the right guy.

Next up, Expand the navigation with “Show all” option.

clip_image002_thumb[2]

Head on to “All admin centers

clip_image003_thumb[2]

And choose “SharePoint Admin Center

1

From here let’s head on to Classic SharePoint Admin site because these settings we are going to manage are not yet available in Modern SharePoint Admin Interface.

2

Once you are in the classic page, go to “User profiles” tab.

4 

Then “Setup My Sites” from My Site Settings tab.

3

Now scroll down to the bottom of Setup My Sites page till you see the following screen.

Enable the access delegation here and define a secondary owner as well. As it described well in the description:

  • Access delegation option allows OneDrive to automatically delegate the control to Manager up on any user identity removal.
  • If you define a secondary owner, that might be useful in a scenario where the Manager of a particular user is unavailable but OneDrive is still delegated to the secondary owner.

5

Additionally, you can enable this option as well. It simply means that you can have a one person who is the secondary owner of all user’s Mysite/OneDrive content.

6

Read my previous post to understand the fundamental things to be considered when deleting a user account from Office 365 and Customize OneDrive retention period article to set your own retention period for OneDrive accounts.

DISCLAIMER NOTE: This is an enthusiast post and is not sponsored by Microsoft or any other vendor.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s