管理共用設定Manage sharing settings

本文說明 Microsoft 365 中的全域和 SharePoint 系統管理員如何為 Microsoft SharePoint 和 Microsoft OneDrive 變更其組織層級共用設定。This article describes how global and SharePoint admins in Microsoft 365 can change their organization-level sharing settings for Microsoft SharePoint and Microsoft OneDrive. (如果您想要共用檔案或資料夾,請閱讀共用 SharePoint 檔案或資料夾共用 OneDrive 檔案和資料夾。)(If you want to share a file or folder, read Share SharePoint files or folders or Share OneDrive files and folders.)

如需有關如何在 Microsoft 365 中設定來賓共用的端對端指導,請參閱:For end-to-end guidance around how to configure guest sharing in Microsoft 365, see:

若要在設定組織層級共用設定之後變更網站的共用設定,請參閱開啟或關閉網站的外部共用To change the sharing settings for a site after you've set the organization-level sharing settings, see Turn external sharing on or off for for a site. 如需了解如何變更使用者 OneDrive 的外部共用設定,請參閱開啟或關閉網站的外部共用To learn how to change the external sharing setting for a user's OneDrive, see Change the external sharing setting for a user's OneDrive.

影片示範Video demonstration

此影片顯示 SharePoint 系統管理中心的 [共用] 頁面上的設定如何影響使用者可用的共用選項。This video shows how the settings on the Sharing page in the SharePoint admin center affect the sharing options available to users.

變更組織層級的外部共用設定Change the organization-level external sharing setting

  1. 移至新 SharePoint 系統管理中心的 [共用] 頁面,並使用具有組織系統管理員權限的帳戶登入。Go to the Sharing page of the new SharePoint admin center, and sign in with an account that has admin permissions for your organization.

    注意

    如果您使用 Office 365 Germany,請登入 Microsoft 365 系統管理中心,然後瀏覽至 SharePoint 系統管理中心,並開啟 [共用] 頁面。 If you have Office 365 Germany, sign in to the Microsoft 365 admin center, then browse to the SharePoint admin center and open the Sharing page.

    如果您使用由 21Vianet (中國) 提供的 Office 365,請登入 Microsoft 365 系統管理中心,然後瀏覽至 SharePoint 系統管理中心,並開啟 [共用] 頁面。If you have Office 365 operated by 21Vianet (China), sign in to the Microsoft 365 admin center, then browse to the SharePoint admin center and open the Sharing page.

  2. 在 [外部共用] 下,指定 SharePoint 和 OneDrive 的共用層級。Under External sharing, specify your sharing level for SharePoint and OneDrive. 兩者的預設層級是「任何人」。The default level for both is "Anyone."

    注意

    SharePoint 設定會套用至所有網站類型,包括連線至 Microsoft 365 群組的網站。The SharePoint setting applies to all site types, including those connected to Microsoft 365 groups.

    OneDrive 的設定可以比 SharePoint 設定更嚴格,但不能比較寬鬆。 The OneDrive setting can be more restrictive than the SharePoint setting, but not more permissive.

    本頁面上的 SharePoint 外部共用設定與 Microsoft 365 系統管理中心中,[設定] > [服務與增益集] > [網站] 下的共用設定相同。The SharePoint external sharing setting on this page is the same as the one in the Microsoft 365 admin center, under Settings > Services & add-ins > Sites. 這些設定與 OneDrive 系統管理中心中的設定相同。These settings are also the same as those in the OneDrive admin center.

    外部共用設定

    此設定適用於您的整體組織。This setting is for your organization overall. 每個網站都有您可以單獨設定的專屬共用設定,但該設定必須使用與組織相同或更嚴格的設定。Each site has its own sharing setting which you can set independently, though it must be at the same or more restrictive setting as the organization. 如需詳細資訊,請參閱變更網站的外部共用設定See Change the external sharing setting for a site for more information.

要選取哪個選項...Which option to select...

選取此選項:Select this option: 如果您想要:If you want to:
任何人Anyone
允許使用者使用可讓擁有連結的任何人都能未驗證存取檔案或資料夾的連結,藉此共用檔案和資料夾。Allow users to share files and folders by using links that let anyone who has the link access the files or folders without authenticating. 此設定還能讓使用者與經過身份驗證的新來賓和現有來賓共用網站。This setting also allows users to share sites with new and existing guests who authenticate. 如果選取這個設定,則可以限制 [任何人] 連結,讓連結必須在特定天數內過期,或是只授與 [檢視] 權限。If you select this setting, you can restrict the Anyone links so that they must expire within a specific number of days, or so that they can give only View permission.

檔案要求要求 OneDrive 設定為 [任何人] 並編輯 [任何人] 連結的使用權限為啟用。File requests requires that OneDrive be set to Anyone and edit permissions for Anyone links be enabled. [任何人] 以外的 OneDrive 設定會停用檔案要求。OneDrive settings other than Anyone disable file requests.

如需詳細資訊,請參閱與未驗證使用者共用檔案和資料夾的最佳做法See Best practices for sharing files and folders with unauthenticated users for more information.
新的或現有來賓New and existing guests
要求已收到邀請的人員使用其工作或學校帳戶 (如果其組織使用 Microsoft 365) 或 Microsoft 帳戶登錄,或者提供可驗證其身分的代碼。Require people who have received invitations to sign in with their work or school account (if their organization uses Microsoft 365) or a Microsoft account, or to provide a code to verify their identity. 使用者可以與已存在組織目錄中中的賓客共用,並且他們可以向登入時將新增到目錄的人員發送邀請。Users can share with guests already in your organization's directory, and they can send invitations to people who will be added to the directory if they sign in. 如需驗證碼的詳細資訊,請參閱保護 SharePoint 中的外部共用For more info about verification codes, see Secure external sharing in SharePoint

檢視內容的邀請只能兌換一次。Invitations to view content can be redeemed only once. 接受邀請後,就無法共用該邀請或由其他人用來取得存取權。After an invitation has been accepted, it can't be shared or used by others to gain access.
現有的來賓Existing guests
僅與您目錄中已存在的來賓共用。Allow sharing only with guests who are already in your directory. 這些來賓已存在目錄中,是因為他們先前接受了共用邀請,或者他們是以手動方式新增,例如,透過 Azure B2B 共同作業These guests may exist in your directory because they previously accepted sharing invitations or because they were manually added, such as through Azure B2B collaboration. (若要查看您組織中的來賓,請移至 Microsoft 365 系統管理中心的來賓頁面)。(To see the guests in your organization, go to the Guests page in the Microsoft 365 admin center).
僅限您組織中的人員Only people in your organization
關閉外部共用。Turn off external sharing.

注意

如果您為組織關閉外部共用,然後之後又重新打開,之前有存取權的來賓將可重新獲得存取權。If you turn off external sharing for your organization and later turn it back on, guests who previously had access regain it. 如果您知道之前已開啟並使用特定網站的外部共用,但您不希望來賓重新獲得存取權,請先關閉這些特定網站的外部共用。If you know that external sharing was previously turned on and in use for specific sites and you don't want guests to regain access, first turn off external sharing for those specific sites.

限制或關閉外部共用後,來賓通常會在變更後的一小時內失去存取權。If you restrict or turn off external sharing, guests typically lose access within one hour of the change.

其他外部共用設定More external sharing settings

其他外部共用設定

使用網域限制外部共用Limit external sharing by domain

如果您希望限制與特定合作夥伴之間的共用,或者要協助防止與某些組織的人員共用,這個功能非常有用。This is useful if you want to limit sharing with particular partners, or help prevent sharing with people at certain organizations. 此頁面上的組織層級設定會影響所有 SharePoint 網站和每位使用者的 OneDrive。The organization-level setting on this page affects all SharePoint sites and each user's OneDrive. 若要使用這項設定,請在方塊中以 domain.com 格式列出網域 (最多 3000 個)。To use this setting, list the domains (maximum of 3000) in the box, using the format domain.com. 若要列出多個網域,請在新增每個網域後按下 Enter。To list multiple domains, press Enter after adding each domain.

您也可以使用 Set-SPOTenant Microsoft PowerShell Cmdlet 搭配 -SharingDomainRestrictionMode 以及 -SharingAllowedDomainList 或 -SharingBlockedDomainList 任一個來依照網域限制外部共用。You can also limit external sharing by domain by using the Set-SPOTenant Microsoft PowerShell cmdlet with -SharingDomainRestrictionMode and either -SharingAllowedDomainList or -SharingBlockedDomainList. 如需在網站層級依照網域限制外部共用的詳細資訊,請參閱限制網域共用For info about limiting external sharing by domain at the site level, see Restricted domains sharing.

僅允許特定安全性群組中的使用者在外部共用Allow only users in specific security groups to share externally

如需此設定的相關資訊,請參閱管理安全性群組For info about this setting, see Manage security groups.

來賓必須使用傳送共用邀請的相同帳戶登入Guests must sign in using the same account to which sharing invitations are sent

依照預設,來賓可以使用一個帳戶接收邀請,但使用另一個帳戶登入。By default, guests can receive an invitation at one account but sign in with a different account. 當來賓兌換邀請後,就不能使用任何其他帳戶。After they redeem the invitation, it can't be used with any other account.

允許來賓共用非他們擁有的項目Allow guests to share items they don't own

根據預設,來賓必須具有完整的控制權才能向外部共用項目。By default, guests must have full control permission to share items externally.

使用驗證碼的人必須在此天數後重新驗證People who use a verification code must reauthenticate after this many days

如果使用驗證碼的使用者已在瀏覽器中選取 [保持登入],他們必須證明他們仍可存取其用於兌換共用邀請的帳戶。If people who use a verification code have selected to "stay signed in" in the browser, they must prove they can still access the account they used to redeem the sharing invitation.

當使用者獲得連結時,選擇您預設要顯示的選項。Choose the option you want to show by default when a user gets a link.

預設連結

注意

此設定可指定組織的預設設定,但網站擁有者可以為網站選擇其他預設連結類型。This setting specifies the default for your organization, but site owners can choose a different default link type for a site.

  • 特定人員 - 此選項最具限制性,並且會防礙廣泛的內部共用。Specific people - This option is most restrictive and impedes broad internal sharing. 如果您允許外部共用,則此選項可讓使用者與組織外部的特定人員共用。If you allow external sharing, this option lets users share with specific people outside the organization.

  • 只有貴組織中的人員 - 如果連結是轉寄連結,則組織內的所有人都可使用此連結。Only people in your organization - If links are forwarded, they'll work for anyone in the organization. 如果您的組織大部分在內部共用,而很少在外部共用,則非常適用這個選項。This option is best if your organization shares broadly internally and rarely shares externally.

  • 擁有連結的任何人 - 當您的外部共用設定設定為 [任何人] 時,才能使用這個選項。Anyone with the link - This option is available only if your external sharing setting is set to "Anyone." 轉寄的連結可在內部或外部作用,但您將無法追蹤誰有權存取共用項目或誰已存取過共用項目。Forwarded links work internally or externally, but you can't track who has access to shared items or who has accessed shared items. 如果 SharePoint 和 OneDrive 中的大多數檔案和資料夾不屬於敏感資訊,則最適合不衝突的共用。This is best for friction-free sharing if most files and folders in SharePoint and OneDrive aren't sensitive.

    重要

    如果您選取 [擁有連結的任何人],但該網站或 OneDrive 設定為僅允許與登入或提供驗證碼的來賓共用,則預設連結會是 [只有貴組織中的人員]。If you select "Anyone with the link," but the site or OneDrive is set to allow sharing only with guests who sign in or provide a verification code, the default link is "Only people in your organization." 使用者必須將連結類型變更為 [特定人員] 才能在網站或 OneDrive 向外部共用檔案和資料夾。Users need to change the link type to "Specific people" to share files and folders in the site or OneDrive externally.

新 SharePoint 系統管理中心中的設定

連結到期 - 您可以要求所有 [任何人] 連結到期,並指定允許的天數上限Link expiration - You can require all "Anyone" links to expire, and specify the maximum number of days allowed

連結權限 - 您可以限制 [任何人] 連結,讓它們僅提供檔案或資料夾的檢視權限。Link permissions - You can restrict "Anyone" links so that they can only provide view permission for files or folders.

如果您使用檔案要求,連結使用權限必須針對檔案設定為 [檢視及編輯],針對資料夾設定為 [檢視、編輯及上傳]If you are using file requests, the link permissions must be set for View and edit for files and View, edit, and upload for folders.

其他Other

其他共用設定

將檢視其檔案的人員名稱顯示給擁有者Display to owners the names of people who viewed their files

此設定可讓您控制共用檔案的擁有者是否可以在檔案卡片上查看僅在 OneDrive 中檢視 (且不編輯) 檔案的人員。當使用者將游標移暫留在 OneDrive 中的檔案名稱或縮圖上時,檔案卡片便會出現。該資訊包含檔案的檢視次數、檢視它的人員數目,以及檢視它的人員清單。若要進一步了解檔案卡片,請參閱在 OneDrive 中查看您共用的檔案This setting lets you control whether the owner of a shared file can see on the file card the people who only view (and don't edit) the file in OneDrive. The file card appears when users hover over a file name or thumbnail in OneDrive. The info includes the number of views on the file, the number of people who viewed it, and the list of people who viewed it. To learn more about the file card, see See files you shared in OneDrive.

注意

根據預設,系統會自動選取此設定。This setting is selected by default. 如果您清除它,仍會記錄檔案檢視者資訊,而且您可用系統管理員身分稽核此資訊。OneDrive 擁有者仍能夠從 Office.com 或 Office 桌面應用程式開啟檔案,查看檢視其共用 Office 檔案的人員。If you clear it, file viewer info is still recorded and available to you to audit as an admin. OneDrive owners can also still see people who have viewed their shared Office files by opening the files from Office.com or from the Office desktop apps.

讓網站擁有者選擇顯示在 SharePoint 中檢視檔案或頁面的人員名稱Let site owners choose to display the names of people who viewed files or pages in SharePoint

此設定可讓您指定網站擁有者是否能夠允許可存取檔案、頁面或新聞文章的使用者,可在檔案卡片上查看已檢視該項目的人員。This setting lets you specify whether site owners can allow users who have access to a file, page, or news post to see on the file card who has viewed the item.

文件的檔案卡片上的檢視者資訊。

預設會針對現有網站在組織層級開啟此設定,並在網站層級關閉此設定。This setting is turned on by default at the organization level and off at the site level for existing sites. 只有在組織和網站層級的該設定同時為開啟時,才會顯示檢視者資訊。Viewer information is shown only when the setting is on at both the organization and site level. 建議網站擁有者僅在沒有敏感性資訊的小組網站上開啟此功能。We recommend that site owners turn on this feature only on team sites that don't have sensitive information. 了解網站擁有者可以如何開啟此功能Learn how site owners can turn on this feature.

注意

啟用此設定時會包含歷程記錄資料。Historical data is included when this setting is enabled. 同樣地,如果在組織層級或網站層級關閉並重新開啟此設定,則會將關閉期間的檢視次數包含在歷程記錄中。Likewise, if the setting is turned off and back on at the organization level or site level, the views during the off period are included in the history.

在傳統的 [共用] 頁面上,您可以依安全性群組限制外部共用,並縮短共用連結或變更其預設權限。On the classic Sharing page, you can limit external sharing by security group and shorten sharing links or change their default permission.

需要其他協助嗎?Need more help?

詢問問題 如果您有關于本主題的技術問題,將這些問題張貼到 SharePoint 討論論壇中,可能會對您很有幫助。 Ask a question If you have technical questions about this topic, you may find it helpful to post them on the SharePoint discussion forum. 這是一種很好的資源,可協助您找出有類似問題或遇到相同狀況的使用者。It's a great resource for finding others who have worked with similar issues or who have encountered the same situation.

您也可以在SharePoint 社群專家的 YouTube 影片找到安全性和權限的說明。You can also find help on security and permissions in these YouTube videos from SharePoint community experts.

另請參閱See also

與來賓共用時限制意外暴露檔案Limit accidental exposure to files when sharing with guests

建立安全的來賓共用環境Create a secure guest sharing environment

停用共用檔案或資料夾,或停止變更權限Stop sharing files or folders or change permissions

使用 OneDrive、SharePoint 和 Teams 進行外部共用與共同作業 (Ignite 2020)External sharing & collaboration with OneDrive, SharePoint & Teams (Ignite 2020)