This has to be one of my favourite features from OneDrive, manager access to a leavers OneDrive storage. It makes managing leavers a lot easier and stops all those awkward conversations around why someone’s data was deleted who left 5 years ago and no one was told about it (all organisations should have an excellent backup solution but is it always possible to retain leavers data forever?!)

The solution

Step in My Site Cleanup, Delegated Access. This wonderful little tick box will cause an email to be fired off to the leavers line manager when they are deleted. This email will give them a link to the leavers OneDrive will full access for 30 days (or more if the tenant has been set to retain the data for longer) – it will even send chasers/reminders. This gives the manager ample opportunity to deal with any documents left behind and move them to a more appropriate location for retention.

Now, this is something that is turned on by default, but all too often I have seen tenants, a few years old, that have had admin after admin put their ‘mark’ on the environment and somehow little features like this become disabled. So here is how to check/set it back up again!

Login to https://admin.microsoft.com

Go to the SharePoint admin center

Click More features

Under User profiles, click Open

Under My Site Settings click Setup My Sites

Scroll down to My Site Cleanup and ensure that the Enable access delegation tick box is ticked

Optionally, you can also specify a Secondary Owner, this is a sort of catch all this secondary owner gets the delegated access and the email linking them to the leavers OneDrive, even if they don’t have a manager specified.

Prerequisites

Of course, there must be some prerequisites here, otherwise, how is Microsoft going to know who a persons manager is?

The prerequisites are simple and here is how to set them

For Hybrid environments

Open Active Directory on-premise

Locate the user, right click, Properties

Switch to the Organization tab

Populate the Manager field. The manager must be an account in AD so this will be an account lookup.

Once the manager is populated, click OK

For Azure AD users

Navigate to Azure Active Directory

Locate the user

Click on the user to open their profile card

Click Edit

Locate the Manager field and click Change

Populate the Manager field. The manager must be a pre-existing user so this will be an account lookup

Add the manager and remember to click Save on the Azure AD user

What the users see

Once this has been setup, the users will get an email from SharePoint Online confirming what they do next. The email comes after around 24 hours from disabling the account and is triggered by a backend OneDrive clean-up process.

The users will receive reminder emails about this at specified intervals. If they miss one or forget to take action, there is opportunity to get access to the data.

Here is a copy of an email that the user will receive. As you can see, in this tenant, the retention has also been set to 90 days, up from 30 days.