GCC High file sharing Sharepoint
Posted by Titanium125@reddit | sysadmin | View on Reddit | 4 comments
I am having a problem with a GCC High Microsoft tenant. Attempting to share files to some users is working fine but not others. We have made the sharing options within sharepoint as open as possible, we have made the sharing options in the Entra ID portal as open as possible.
Whem choosing to share a document or folder in Sharepoint using the "People you choose option" I get this error.
Please configure B2B collaboration settings correctly and troubleshoot first, "https://aka.ms/b2b-troubleshoot". Error from Entra B2B: At least one invitation failed. Error: ResponseStatusNotOK, message: This invitation is blocked by cross-tenant access settings. Admins in both your organization and the invited user's organization must configure cross-tenant access settings to allow the invitation..
So I go an check the invitation settings for the external users. It's set so that any user can send an invitation, and it can be sent to any domain. B2B collaboration settings are wide open.
Is this issue just that sharing between GCC High and Commercial is a pain? Am I missing some setting somewhere?
Reo_Strong@reddit
We got this setup and working for some of our customer employees who refuse to use their portals. For us, we are strictly a grant by exception group, so we have ours all tied to a specific group membership.
For the error you're getting, I would check Entra\External Identities\Cross-tenant access settings\Microsoft cloud settings. Also External collaboration settings may have something wrong.
Titanium125@reddit (OP)
Microsoft cloud I have only Microsoft Azure Commericial as an option, but it's checked and enabled.
External collaborations we've got anyone in the org can invite a user and allow invitations to be sent to any domain.
Reo_Strong@reddit
I wonder if it's an issue with the other end's config.
Can you test with non Azure email and/or investigate the domains of those that are failing? (https://gettenantpartitionweb.azurewebsites.net/)
Titanium125@reddit (OP)
This does lead me to believe it’s possibly an issue on the other side. To non Azure emails hosted in Gmail and Outlook with the exact same settings I can share no problem. I forgot to mention that in my post.