EVERYONE permission group from the people picker controls throughout the O365 SPO tenant can be hidden with the PowerShell command Set-SPOTenant -ShowEveryoneClaim $false . This change hides the Everyone group but it does not disables it from using it from anywhere.
The Everyone permission allows all accounts from the Active Directory as well as any external account that has been invited from anywhere in the tenant.
A site collection owner could choose not to have the invite external accounts option enabled for their site collection, but by adding the Everyone group, they would invite external participants from across the organisation to have access to their content.
For those who wish to have an open permission for their content, the “Everyone except external users” group can be applied
In addition, individual external accounts can be added to the site, which requires that a more controlled and considered approach is taken when sharing content.
Here is our caveat; this just hides EVERYONE doesn’t disable it, Let’s see where and all we can see EVERYONE group.
From SharePoint admin (tenant), you could still see EVERYONE group getting displayed when you’re trying to add owners/edit the owners from the ribbon.
Assume I would like to change an owner for one my site collection, here is what I would do from the tenant; select the site collection click the owner tab in the ribbon
Select manage administrators underneath it;
Under ALL USERS I could still see Everyone:
2. Next place to see Every One is in our One Drive;
a. Go to One drive site and go to site content
Check the permission of the Document folder that gets created by default by clicking the 3 dots
Click permissions for this document library
Selected the second link; “There are limited access users on this site. Users may have limited access if an item or document under the site has been shared with them”
You will see everyone with limited access;
Conclusion:
After of search and research here is what MS says
This behaviour seen is Intended. The ShowEveryoneClaim setting is meant to be a visibility setting, not a security one.
More details on this can be found here. A bit more investigation revealed that; as we all know SharePoint has got lot of hidden list and libraries and for those to function properly MS still keeps this Everyone group visible in some cases.
Leave a comment