管理共享设置Manage sharing settings

本文介绍了 Microsoft 365 中的全局和 SharePoint 管理员如何更改其组织级别的 Microsoft SharePoint 和 Microsoft OneDrive 的共享设置。This article describes how global and SharePoint admins in Microsoft 365 can change their organization-level sharing settings for Microsoft SharePoint and Microsoft OneDrive. (如果要共享文件或文件夹,请参阅 共享 SharePoint 文件或文件夹共享 OneDrive 文件和文件夹。 ) (If you want to share a file or folder, read Share SharePoint files or folders or Share OneDrive files and folders.)

有关如何在 Microsoft 365 中配置来宾共享的端到端指南,请参阅:For end-to-end guidance around how to configure guest sharing in Microsoft 365, see:

若要在设置组织级共享设定后更改网站的共享设置,参见“开启或关闭网站外部共享”。To change the sharing settings for a site after you've set the organization-level sharing settings, see Turn external sharing on or off for for a site. 若要了解如何更改用户的 OneDrive 的外部共享设置,请参阅更改用户的 OneDrive 的外部共享设置To learn how to change the external sharing setting for a user's OneDrive, see Change the external sharing setting for a user's OneDrive.

视频演示Video demonstration

该视频演示 SharePoint 管理中心中共享页面上的设置如何影响用户可用的共享选项。This video shows how the settings on the Sharing page in the SharePoint admin center affect the sharing options available to users.

更改组织级别外部共享设置Change the organization-level external sharing setting

  1. 转到新的 SharePoint 管理中心的“共享”页,然后使用在组织中具有管理员权限的帐户进行登录。Go to the Sharing page of the new SharePoint admin center, and sign in with an account that has admin permissions for your organization.

    备注

    如果使用的是 Office 365 Germany,请登录 Microsoft 365 管理中心,然后浏览到 SharePoint 管理中心并打开“共享”页面。 If you have Office 365 Germany, sign in to the Microsoft 365 admin center, then browse to the SharePoint admin center and open the Sharing page.

    如果使用的是由世纪互联(中国)运营的 Office 365,请登录 Microsoft 365 管理中心,然后浏览到 SharePoint 管理中心并打开“共享”页面。If you have Office 365 operated by 21Vianet (China), sign in to the Microsoft 365 admin center, then browse to the SharePoint admin center and open the Sharing page.

  2. 在“外部共享”下,指定 SharePoint 和 OneDrive 的共享级别。Under External sharing, specify your sharing level for SharePoint and OneDrive. 两者的默认级别是“任何人”。The default level for both is "Anyone."

    备注

    SharePoint 设置适用于所有网站类型,包括那些连接到 Microsoft 365 组的网站。The SharePoint setting applies to all site types, including those connected to Microsoft 365 groups.

    OneDrive 设置可以比 SharePoint 设置更具限制性,但不是更宽容。 The OneDrive setting can be more restrictive than the SharePoint setting, but not more permissive.

    此页面上的 SharePoint 外部共享设置与 Microsoft 365 管理中心中“设置”>“服务和加载程序”>“网站下的设置相同。The SharePoint external sharing setting on this page is the same as the one in the Microsoft 365 admin center, under Settings > Services & add-ins > Sites. 这些设置也与 OneDrive 管理中心中的设置相同。These settings are also the same as those in the OneDrive admin center.

    外部共享设置

    此设置适用于整个组织。This setting is for your organization overall. 每个网站都有自己的共享设置,可以单独进行设置,但必须具有与组织相同或更具限制性的设置。Each site has its own sharing setting which you can set independently, though it must be at the same or more restrictive setting as the organization. 有关详细信息,请参阅更改网站的外部共享设置See Change the external sharing setting for a site for more information.

选择哪个选项...Which option to select...

选择此选项:Select this option: 如果需要:If you want to:
任何人Anyone
允许用户使用链接共享文件和文件夹,该链接允许任何拥有该链接的人未经身份验证访问这些文件或文件夹。Allow users to share files and folders by using links that let anyone who has the link access the files or folders without authenticating. 此设置还允许用户与经过身份验证的新来宾和现有来宾共享网站。This setting also allows users to share sites with new and existing guests who authenticate. 如果选择此设置,则可以限制“任何人”链接,以使它们必须在特定天数内过期,或者只能授予“查看”权限。If you select this setting, you can restrict the Anyone links so that they must expire within a specific number of days, or so that they can give only View permission.

文件请求要求 OneDrive 已设置为“任何人”且已启用对“任何人”链接的编辑权限。File requests requires that OneDrive be set to Anyone and edit permissions for Anyone links be enabled. 除“任何人”之外,其他 OneDrive 设置均禁用文件请求。OneDrive settings other than Anyone disable file requests.

有关详细信息参见有关与身份未经验证用户共享文件和文件夹的最佳做法See Best practices for sharing files and folders with unauthenticated users for more information.
新来宾和现有来宾New and existing guests
要求已收到邀请的人员使用其工作或学校帐户(如果其组织使用 Microsoft 365)或 Microsoft 帐户登录,或者提供用于验证其身份的验证码。Require people who have received invitations to sign in with their work or school account (if their organization uses Microsoft 365) or a Microsoft account, or to provide a code to verify their identity. 用户可以与组织目录中已有的来宾共享,并且他们可以向登录时将添加到目录的人员发送邀请。Users can share with guests already in your organization's directory, and they can send invitations to people who will be added to the directory if they sign in. 有关验证代码的详细信息,请参阅 SharePoint 中安全的外部共享For more info about verification codes, see Secure external sharing in SharePoint

仅可兑换一次查看内容的邀请。Invitations to view content can be redeemed only once. 在接受邀请后,其他人将无法共享或使用它来获取访问权限。After an invitation has been accepted, it can't be shared or used by others to gain access.
现有来宾Existing guests
仅与目录中已有的来宾共享。Allow sharing only with guests who are already in your directory. 这些来宾可能存在于你的目录中,因为它们之前已接受共享邀请,或者因为它们是手动添加的,例如通过 Azure B2B 协作These guests may exist in your directory because they previously accepted sharing invitations or because they were manually added, such as through Azure B2B collaboration. (要查看组织中的来宾,请转到 Microsoft 365 管理中心的“来宾”页面)。(To see the guests in your organization, go to the Guests page in the Microsoft 365 admin center).
仅组织内部人员Only people in your organization
禁用外部共享。Turn off external sharing.

备注

如果你关闭组织的外部共享,然后再将其重新打开,则以前拥有访问权限的来宾将重新获取它。If you turn off external sharing for your organization and later turn it back on, guests who previously had access regain it. 如果您知道先前已启用外部共享,并且不希望来宾重新获得访问权限,则首先关闭这些特定网站的外部共享。If you know that external sharing was previously turned on and in use for specific sites and you don't want guests to regain access, first turn off external sharing for those specific sites.

如果你限制或关闭外部共享,来宾通常会在一小时的更改中失去访问权限。If you restrict or turn off external sharing, guests typically lose access within one hour of the change.

更多外部共享设置More external sharing settings

更多外部共享设置

按域限制外部共享Limit external sharing by domain

如果你希望限制与特定合作伙伴的共享,或者帮助阻止与某些组织的人员共享,则此功能非常有用。This is useful if you want to limit sharing with particular partners, or help prevent sharing with people at certain organizations. 此页面上的组织级别设置会影响所有 SharePoint 站点和每个用户的 OneDrive。The organization-level setting on this page affects all SharePoint sites and each user's OneDrive. 若要使用此设置,在框中使用 domain.com 格式列出域(最大为 3000)。To use this setting, list the domains (maximum of 3000) in the box, using the format domain.com. 若要列出多个域,在添加每个域后按 Enter。To list multiple domains, press Enter after adding each domain.

您还可以通过使用 Set-SPOTenant Microsoft PowerShell cmdlet -SharingDomainRestrictionMode 和 -SharingAllowedDomainList 或 -SharingBlockedDomainList 按域限制外部共享。You can also limit external sharing by domain by using the Set-SPOTenant Microsoft PowerShell cmdlet with -SharingDomainRestrictionMode and either -SharingAllowedDomainList or -SharingBlockedDomainList. 有关在网站级别按域限制外部共享的信息,请参阅受限域共享For info about limiting external sharing by domain at the site level, see Restricted domains sharing.

仅允许特定安全组中的用户在外部共享Allow only users in specific security groups to share externally

有关此设置的信息,请参阅 Manage security groupsFor info about this setting, see Manage security groups.

来宾必须使用发送共享邀请的同一帐户登录Guests must sign in using the same account to which sharing invitations are sent

默认情况下,来宾可以在一个帐户收到邀请,但使用其他帐户登录。By default, guests can receive an invitation at one account but sign in with a different account. 来宾兑换邀请后,不能与任何其他帐户一起使用。After they redeem the invitation, it can't be used with any other account.

允许来宾共享不属于他们的项目Allow guests to share items they don't own

默认情况下,来宾必须具有在外部共享项目的完全控制权限。By default, guests must have full control permission to share items externally.

在此天数后,使用验证代码的用户必须重新进行身份验证People who use a verification code must reauthenticate after this many days

如果使用验证代码的用户已在浏览器中选择 "保持登录",他们必须证明他们仍然可以访问用于兑换共享邀请的帐户。If people who use a verification code have selected to "stay signed in" in the browser, they must prove they can still access the account they used to redeem the sharing invitation.

当用户获得链接时,选择你希望默认显示的选项。Choose the option you want to show by default when a user gets a link.

默认链接

备注

此设置指定组织的默认设置,但网站所有者可以为网站选择其他默认链接类型。This setting specifies the default for your organization, but site owners can choose a different default link type for a site.

  • 特定人员 -此选项最受限制,并妨碍广泛的内部共享。Specific people - This option is most restrictive and impedes broad internal sharing. 如果允许外部共享,则此选项允许用户与组织外部的特定人员共享。If you allow external sharing, this option lets users share with specific people outside the organization.

  • 仅组织内部人员 - 如果转发链接,组织中的任何人都可以使用这些链接。Only people in your organization - If links are forwarded, they'll work for anyone in the organization. 此选项最适合组织在内部广泛共享且很少在外部共享。This option is best if your organization shares broadly internally and rarely shares externally.

  • 使用该链接的任何人 - 仅当你的外部共享设置设置为“任何人”时,此选项才可用。Anyone with the link - This option is available only if your external sharing setting is set to "Anyone." 转发的链接在内部或外部工作,但您不能跟踪谁有权访问共享项目或访问过共享项目的用户。Forwarded links work internally or externally, but you can't track who has access to shared items or who has accessed shared items. 如果 SharePoint 和 OneDrive 中的大多数文件和文件夹不敏感,这最适合无摩擦共享。This is best for friction-free sharing if most files and folders in SharePoint and OneDrive aren't sensitive.

    重要

    如果选择 "任何人都可以使用链接",但网站或 OneDrive 设置为只允许与登录或提供验证代码的来宾共享,则默认链接为 "仅组织中的人员"。If you select "Anyone with the link," but the site or OneDrive is set to allow sharing only with guests who sign in or provide a verification code, the default link is "Only people in your organization." 用户需要将链接类型更改为 "特定人员",以在外部共享网站或 OneDrive 中的文件和文件夹。Users need to change the link type to "Specific people" to share files and folders in the site or OneDrive externally.

新 SharePoint 管理中心中的设置

链接到期 - 你可以要求所有“任何人”链接到期,并指定允许的最大天数Link expiration - You can require all "Anyone" links to expire, and specify the maximum number of days allowed

链接权限 - 你可以限制“任何人”链接,以便他们只能提供文件或文件夹的查看权限。Link permissions - You can restrict "Anyone" links so that they can only provide view permission for files or folders.

如果你正在使用文件请求,则对文件而言,必须设置针对查看和编辑的链接权限,对文件夹而言,必须设置针对查看、编辑和上传的链接权限。If you are using file requests, the link permissions must be set for View and edit for files and View, edit, and upload for folders.

其他Other

其他共享设置

向所有者显示其文件的查看者名称Display to owners the names of people who viewed their files

通过此设置,可以控制共享文件的所有者能否在文件卡上查看对 OneDrive 中的文件具有只读权限(而无编辑权限)的人员。如果用户将鼠标悬停在 OneDrive 中的文件名或缩略图之上,将会显示文件卡。统计信息包括文件的查看次数、查看人数以及文件查看者列表。有关文件卡的详细信息,请参阅在 OneDrive 中查看你共享的文件This setting lets you control whether the owner of a shared file can see on the file card the people who only view (and don't edit) the file in OneDrive. The file card appears when users hover over a file name or thumbnail in OneDrive. The info includes the number of views on the file, the number of people who viewed it, and the list of people who viewed it. To learn more about the file card, see See files you shared in OneDrive.

备注

默认情况下,此设置处于选中状态。This setting is selected by default. 如果清除此功能,则仍会录制文件查看器信息,并可供您以管理员身份审核。OneDrive 所有者还可以通过从 Office.com 或 Office 桌面应用程序中打开文件,来查看已查看其共享 Office 文件的人。If you clear it, file viewer info is still recorded and available to you to audit as an admin. OneDrive owners can also still see people who have viewed their shared Office files by opening the files from Office.com or from the Office desktop apps.

让网站所有者选择显示已在 SharePoint 中查看文件或页面的人员名称Let site owners choose to display the names of people who viewed files or pages in SharePoint

通过此设置,可以指定网站所有者是否允许有权访问文件、页面或新闻文章的用户在文件卡上查看项目的查看者。This setting lets you specify whether site owners can allow users who have access to a file, page, or news post to see on the file card who has viewed the item.

文档文件卡查看器信息。

默认情况下,将在组织级别启用此设置,并在现有网站的网站级别关闭此设置。This setting is turned on by default at the organization level and off at the site level for existing sites. 仅当在组织和网站级别都启用该设置时,才会显示查看者信息。Viewer information is shown only when the setting is on at both the organization and site level. 我们建议网站所有者仅在不包含敏感信息的团队网站上启用此功能。We recommend that site owners turn on this feature only on team sites that don't have sensitive information. 了解网站所有者如何启用此功能Learn how site owners can turn on this feature.

备注

启用此设置后,将包含历史数据。Historical data is included when this setting is enabled. 同样,如果在组织级别或站点级别关闭该设置,并将其重新打开,则历史记录中将包含该时间段内的视图。Likewise, if the setting is turned off and back on at the organization level or site level, the views during the off period are included in the history.

在经典共享页面上,你可以通过安全组限制外部共享,并缩短共享链接或更改其默认权限。On the classic Sharing page, you can limit external sharing by security group and shorten sharing links or change their default permission.

需要更多帮助吗?Need more help?

提出问题 如果您有关于本主题的技术问题,您可能会发现将其发布到SharePoint 讨论论坛非常有用。 Ask a question If you have technical questions about this topic, you may find it helpful to post them on the SharePoint discussion forum. 这是一个很好的资源,用于查找已处理类似问题的其他用户或遇到相同情况的用户。It's a great resource for finding others who have worked with similar issues or who have encountered the same situation.

你还可以在这些来自 SharePoint 社区专家的 YouTube 视频中找到关于安全和权限的帮助。You can also find help on security and permissions in these YouTube videos from SharePoint community experts.

另请参阅See also

Limit accidental exposure to files when sharing with guests(与来宾共享时限制文件意外曝光)Limit accidental exposure to files when sharing with guests

Create a secure guest sharing environment(创建安全的来宾共享环境)Create a secure guest sharing environment

停止共享文件或文件夹或更改权限Stop sharing files or folders or change permissions

外部共享 & 与 OneDrive、SharePoint & 团队 (Ignite 2020) 协作 External sharing & collaboration with OneDrive, SharePoint & Teams (Ignite 2020)