How to remove admin’s access to SharePoint Online and OneDrive for Business sites?

How to remove admin’s access to SharePoint Online and OneDrive for Business sites?

Problem   

When you configure backups for SharePoint Online and OneDrive for Business sites using RecoveryManager Plus, the admin whose account is used to configure the product is provided access to all SharePoint Online and OneDrive for Business sites by the product. If you decide not to back up a particular or all SharePoint Online and OneDrive for Business sites, you’ll have to revoke access from the admin manually.

This document will show you how you can manually revoke an admin’s access to sites.

Solution   
  • Once the installation is complete, open it and execute the following commands.

$Username="account@company.onmicrosoft.com"

Here, account@company.onmicrosoft.com is the e-mail address of the admin.

Note: The e-mail address of the admin should be enclosed in double quotes (").

 

$userCredentials = Get-Credential -Credential $Username

Provide the credentials of the admin in the pop-up that appears.

 

Import-Module Microsoft.Online.SharePoint.PowerShell
Connect-SPOService -Url https://<tenant>-admin.sharepoint.com -Credential $userCredentials

Here, <tenant> is the name of your Microsoft 365 tenant.

 

 Removing admin access to particular sites.   

To remove the admin’s access from particular sites, you’ll need the URL of those sites. To get the URL,

  • Log in to RecoveryManager Plus as an administrator.

  • Navigate to the SharePoint & OneDrive tab > Backup Settings.

  • Click the Create Backup button located in the top-right corner of the screen.

  • Select the tenant that contains the site URL you wish to find, and then click on the Icon in the Select Sites field.

  • In the pop-up that appears, click List View in the top-right corner. The list of all sites in the selected tenant will be displayed. Copy the URL of the required sites. To search for particular sites, use the .

  • Once you have the URL of the sites, switch to SharePoint Online Management Shell and enter the following command.

$SiteURL = "CopiedURL"

Replace SiteURL with the URL of the site.

Note: The URL of the site should be enclosed in double quotes (").

Set-SPOUser -Site $SiteURL -LoginName $Username -IsSiteCollectionAdmin $false
-ErrorAction SilentlyContinue

If you want to remove the admin's access to multiple sites, enter the following commands in the SharePoint Online Management Shell.

$SiteURLs = "URL1", "URL2"

Replace URL1 with the URL of the first site, URL2 with the URL of the second site, and so on.

Note: The URL of the sites should be enclosed in double quotes (").

foreach($SiteURL in $SiteURLs) {Set-SPOUser -Site $SiteURL -LoginName $Username
-IsSiteCollectionAdmin $false -ErrorAction SilentlyContinue}

 


                  New to ADSelfService Plus?

                    • Related Articles

                    • How to restore AD groups using RecoveryManager Plus

                      Active Directory (AD) groups play a crucial role in managing user permissions and access control in an organization's network. They enable administrators to efficiently manage user permissions, access control, and resource sharing by grouping users ...
                    • How to backup Active Directory using RecoveryManager Plus

                      Active Directory (AD) is crucial to the day-to-day operations of most modern organizations, as it manages users, computers, applications, and resources within a network. It is designed to centralize and streamline access control to ensure only ...
                    • How to configure backup repositories for your backups in RecoveryManager Plus?

                      RecoveryManager Plus provides support for multiple repositories to store your Active Directory, Entra ID, Microsoft 365, Exchange, Google Workspace, and Zoho WorkDrive backups. This post will explain how you can configure these repositories in ...
                    • A guide to backing up AD users using RecoveryManager Plus

                      Active Directory (AD) is the foundation of most enterprise networks, providing a central repository for authentication, authorization, and user management. User accounts in AD form the backbone of identity management, enabling secure access to ...
                    • How to install SSL certificates for RecoveryManager Plus

                      RecoveryManager Plus supports an SSL connection to ensure the security of data transferred between the browser and the product server. Protecting data transferred during remote access requires a secure connection between the web browser and the ...