Microsoft and ShareGate Apricot both allow you to govern external sharing and guest access for the teams and groups in your environment.
In the Microsoft 365 admin center, you have the ability to modify your organization-wide external sharing settings and organization-wide guest access settings. If you have an Azure AD Premium P1 license, you can create and publish sensitivity labels from the Microsoft 365 compliance center.
If any of these settings are applied to the teams or groups in your Microsoft environment and are more restrive than the security settings in ShareGate Apricot, the app's less restrictive sensitivity tags and security settings will be invalid.
For example, the following message will appear in ShareGate Apcirot if you try to apply less restrictive security settings for a team or group that has a Microsoft sensitivity label applied:
The privacy setting couldn't be changed. Please try again later
Solution - Modify your ShareGate Apricot settings
You can update your ShareGate Apricot settings to be more restrictive and match your Microsoft settings:
- From the Settings. For more information, see Create and edit sensitivity tags.
- From the team and group details window. For more information, see Team and group security settings.
Solution - Modify your Microsoft settings
You can update your Microsoft settings to be less restrictive. Then you can use the ShareGate Apricot security features to govern your environment. For more information, see the following Microsoft articles:
- Allow external sharing - Manage sharing settings: Change the organization-level external sharing setting.
- Allow guest access - Manage guest access in Microsoft 365 Groups: Manage groups guest access.
- Remove or reduce sensitivity labels - Use sensitivity labels to protect content in Microsoft Teams, Microsoft 365 groups, and SharePoint sites: Sensitivity label management.