AdditionalStorageProvidersAvailable Setting Replaces Two Deprecated Settings
In April, I wrote about the ThirdPartyFileProvidersEnabled setting in OWA mailbox policies. The setting controls if OWA users can access third-party storage providers like Dropbox and Google Drive. At the time, I said that the setting wasn’t well known. Maybe that was for the best because now we learn from Office 365 Notification MC186732 that Microsoft has decided to expand the set of third-party providers to include Facebook and OneDrive personal. As part of the change, they have deprecated the ThirdPartyFileProvidersEnabled and OneDriveAttachmentsEnabled (to control access to OneDrive personal accounts) settings and replaced them with AdditionalStorageProvidersAvailable, a new setting for OWA mailbox policies to control access to all storage providers, both first-party (like OneDrive) and third-party.
Access Enabled by Default
The new setting is now in OWA mailbox policies. This is easily checked with PowerShell:
|
1 2 3 4 5 6 7 8 |
Get-OwaMailboxPolicy | Format-Table Name, AdditionalStorageProvidersAvailable Name AdditionalStorageProvidersAvailable ---- ----------------------------------- OwaMailboxPolicy-Default True Restricted Download Access True OWAFullAccess True NoOfflineAccess True |
As you can see, the default setting is True (as Microsoft says, it is “on by default”), which means that any OWA user can access storage providers to browse for files to attach to messages (Figure 1).
Adjusting Access for Some OWA Mailbox Policies
The new setting becomes active for Targeted Release users on August 15 and Standard Release users on August 30. Before then, you might want to turn the AdditionalStorageProvidersAvailable setting to Off in the OWA mailbox policies where ThirdPartyFileProvidersEnabled is currently set to Off so that users see no change in behavior. Again, this is easily done with PowerShell.
|
1 |
Get-OWAMailboxPolicy | ? {$_.ThirdPartyFileProvidersEnabled -eq $False} | Set-OWAMailboxPolicy -AdditionalStorageProvidersAvailable $False |
A Matter of Policy
There’s goodness and badness in allowing users to access third-party file providers. It’s good that they attach files stored in the providers to bring them into Exchange Online and so expose the content to Office 365 data governance. It’s bad if it encourages the long-term use of third-party file providers for business information. Each organization will have to make up its mind how to handle the situation and decide if they want to enable access to other file services.
For more information about using OWA mailbox policies, see the Office 365 for IT Pros eBook.
Hi Tony, thanks for the clear write-up! I believe though you mean:
Get-OWAMailboxPolicy | ? {$_.ThirdPartyFileProvidersEnabled -eq $True}
To set it to false where it’s by default set to true 🙂
No, I’m looking for OWA mailbox policies where the ThirdPartyFileProvidersEnabled setting is False to set the new AdditionalStorageProvidersAvailable setting to False as well.
Mon dieu, how could I have misread that one. My bad, and, I will set that setting myself as well first thing in the morning. Thanks!