How to remove admin’s access to SharePoint Online and OneDrive for Business sites.

How to remove admin’s access to SharePoint Online and OneDrive for Business sites.

Problem


When you configure backups for SharePoint Online and OneDrive for Business sites using RecoveryManager Plus, the admin whose account is used to configure the product is provided access to all SharePoint Online and OneDrive for Business sites by the product. If you decide not to back up particular SharePoint Online and OneDrive for Business sites, you’ll have to manually revoke access from the admin.

This document will show you how you can manually revoke an admin’s access to sites.

Solution
            $Username="account@company.onmicrosoft.com"
            Here, account@company.onmicrosoft.com is the e-mail address of the admin.
            Note: The e-mail address of the admin should be enclosed in double quotes (")
            
            $userCredentials = Get-Credential -Credential $Username
            Provide the credentials of the admin in the pop-up that appears.
            
            Import-Module Microsoft.Online.SharePoint.PowerShell
            Connect-SPOService -Url https://<tenant>-admin.sharepoint.com -Credential $userCredentials
            Here, <tenant> is the name of your Office 365 tenant. 

You can now remove the admin's access to particular sites or to all sites. 

Removing admin access to particular sites. 

To remove the admin’s access from particular sites, you’ll need the URL of those sites. To get the site URL, 

  • Log in to RecoveryManager Plus as an administrator.
  • Navigate to SharePoint & OneDrive tab > Backup Settings.
  • Click the Create Backup button located in the top-right corner of the screen.

  • Select the tenant that contains the site URL you wish o find, and then click on the icon-add icon in the Select Sites field.

  • In the pop-up that appears, click List View in the top-right corner. The list of all sites in the selected tenant will be displayed. Copy the URL of the required sites. To search for particular sites, use the icon-search  icon.  

  • Once you have the URL of the sites, switch to SharePoint Online Management Shell and enter the following command.
            $SiteURL = "CopiedURL" 
            Replace CopiedURL with the URL of the site.
            Note: The URL of the site should be enclosed in double quotes (").
            
            Set-SPOUser -Site $SiteURL -LoginName $Username -IsSiteCollectionAdmin $false -ErrorAction SilentlyContinue
            
If you want to remove the admin's access to multiple sites, enter the following commands in the SharePoint Online Management Shell.
 
            $SiteURLs = "URL1", "URL2"
            Replace URL1 with the URL of the first site, URL2 with the URL of the second site, and so on.
            Note: The URL of the sites should be enclosed in double quotes (").
            
            foreach($SiteURL in $SiteURLs) {Set-SPOUser -Site $SiteURL -LoginName $Username -IsSiteCollectionAdmin $false -ErrorAction SilentlyContinue}        
            


                New to ADSelfService Plus?