SharePoint Online: Enable or Disable “Everyone” Group using PowerShell

Requirement: Disable Everyone group in SharePoint Online.

“Everyone” claims in SharePoint Online consists of all users already having access to the site – This includes all accounts from the authentication provider (typically Active Directory) as well as any external accounts that are invited to the tenant. This is equivalent to the “all authenticated users” who need to login (not anonymous users).

sharepoint online enable disable everyone group

Check if the “Everyone” group is enabled or Disabled:

From SharePoint Online Management Shell, Type: Get-SPOTenant to get all properties of the SharePoint Online tenant which tells us whether “Everyone” and “Everyone Except External Users” groups are hidden. The “Everyone” group can be hidden from Office 365 SharePoint Online tenant people picker with the below PowerShell script.

How to disable everyone Group in SharePoint Online?

To disable everyone, enter the below PowerShell snippet in SharePoint Online Management Shell.

#SharePoint Online Admin Center URL
$AdminURL = ""

#Connect to SharePoint Online
Connect-SPOService -url $AdminURL -credential (Get-Credential)

#Disable Everyone group
Set-SPOTenant -ShowEveryoneClaim $False

SharePoint Online – enable everyone group:

If everyone group is missing, you can enable it with below PowerShell.

#Disable Everyone group
Set-SPOTenant -ShowEveryoneClaim $True

SharePoint Online: Remove Everyone except external users

When you add a new user in Office 365, The user becomes a member of the “Everyone except external users” group automatically which is granted with member permissions of the site by default. To grant all internal users (employees) access to a SharePoint site, You can use the “Everyone except external users” Group.

Typically, when you need to make a site available to everyone in your organization (E.g. Intranet Site) you use “Everyone except external users group” instead of “Everyone” Group. In case, If you want to disable “Everyone Except External Users”, you can set “ShowEveryoneExceptExternalUsersClaim” value to “False”

#SharePoint Online Admin Center URL
$AdminURL = ""

#Connect to SharePoint Online
Connect-SPOService -url $AdminURL -credential (Get-Credential)

#Disable Everyone group
Set-SPOTenant -ShowEveryoneExceptExternalUsersClaim $False 

This hides “everyone except external users” in SharePoint Online. Similarly, If everyone except external users is not working in SharePoint Online, You can enable it with:

Set-SPOTenant -ShowEveryoneExceptExternalUsersClaim $True 
SharePoint Online Remove Everyone except external users

Please note, these changes do not impact any existing permissions. and we can’t add/remove users to these two built-in groups!

Salaudeen Rajack

Salaudeen Rajack is a SharePoint Architect with Two decades of SharePoint Experience. He loves sharing his knowledge and experiences with the SharePoint community, through his real-world articles!

One thought on “SharePoint Online: Enable or Disable “Everyone” Group using PowerShell

  • Is there a way to do this in SharePoint 2019 or 2016?


Leave a Reply