When a former employee leaves your organization, their OneDrive files are typically locked down. Project teams that need to access those files for ongoing work often see an access denied error. This happens because the former employee’s OneDrive is placed in a retention or deletion state that removes sharing permissions for everyone except site collection administrators. This guide explains why the access denied error occurs and provides the exact steps to restore access for project team members.
Key Takeaways: Restoring OneDrive Access for Project Teams
- Microsoft 365 admin center > User management > Active users > Delete user: Assign the former employee’s OneDrive ownership to another user before deletion to prevent access loss.
- Microsoft 365 admin center > Setup > Data migration > OneDrive access delegation: Grant a project lead or IT admin access to the former employee’s OneDrive files.
- SharePoint admin center > More features > User profiles > Manage user profiles: Use the Manage User Profiles feature to restore deleted user accounts temporarily if the OneDrive is in a deleted state.
Why Project Teams See Access Denied on a Former Employee’s OneDrive
When an employee is removed from Microsoft Entra ID formerly Azure Active Directory, OneDrive applies a retention policy. By default, OneDrive retains the files for 30 days after the user account is deleted. During this period, only the site collection administrator typically an IT admin or the global admin can access the files. All previously shared permissions, including those granted to project team members, are revoked.
The access denied error appears because the former employee’s user account no longer exists in the directory. OneDrive treats this as a security measure to prevent unauthorized access after account termination. However, project teams often need to retrieve documents, spreadsheets, or project plans that are stored only in that user’s OneDrive.
Two main scenarios cause this problem. First, the user account was deleted without reassigning OneDrive ownership. Second, the OneDrive is still in the retention period but the project team was not explicitly granted access through the SharePoint admin center. Understanding these scenarios helps you choose the correct fix.
Steps to Restore Access to a Former Employee’s OneDrive
You need global admin or SharePoint admin permissions to perform these steps. If you do not have these roles, contact your IT department.
- Verify the user account status in Microsoft Entra ID
Sign in to the Microsoft 365 admin center at admin.microsoft.com. Go to Users > Active users. Search for the former employee’s name. If the account is listed as Deleted users, proceed to step 2. If the account is still active but disabled, you can skip the restore step and go directly to step 3. - Restore the deleted user account temporarily
In the admin center, go to Users > Deleted users. Find the former employee, select the user, and click Restore user. This action restores the account and its associated OneDrive for 30 days. The user will appear in Active users with a status of Sign-in blocked. This is expected — you do not need to unblock sign-in. - Access the former employee’s OneDrive
Go to the SharePoint admin center at admin.microsoft.com/SharePoint. In the left navigation, select More features. Under User profiles, click Open. On the User profiles page, enter the former employee’s name in the search box and click Find. Select the user profile and click Manage user profile. In the dropdown menu, choose Manage site collection owners. Add the project lead or an IT admin as a site collection administrator. Click OK. - Grant project team members direct access
Open the former employee’s OneDrive URL directly. The URL format ishttps://[tenant]-my.sharepoint.com/personal/[user_upn]. Replace[user_upn]with the user’s email prefix for example,john.doe_contoso_com. Sign in as the site collection administrator you added in step 3. Click the gear icon Settings and select Site permissions. Click Share site and enter the email addresses of the project team members. Choose Edit or Full control permission level. Click Share. - Notify the project team
Send an email to the project team with the direct URL to the former employee’s OneDrive. Each team member will see the files they were previously denied access to. Ask them to sign in with their work account and test access.
If OneDrive Access Denied Persists After These Steps
OneDrive is in a deleted state and cannot be restored
If the former employee’s OneDrive was deleted more than 30 days ago, the files are permanently removed from OneDrive. You cannot restore them through the admin center. Check if the files were moved to a SharePoint team site or if a backup solution exists. If your organization uses Microsoft 365 Backup or a third-party backup tool, restore the files from there.
Project team sees access denied even after being added as site members
This usually happens when the project team members do not have a valid SharePoint license. Each user who accesses a OneDrive or SharePoint site must have a SharePoint Online license assigned. In the Microsoft 365 admin center, go to Users > Active users, select the user, click Licenses and apps, and ensure SharePoint Online is checked. Wait 30 minutes for the license assignment to propagate, then test access again.
OneDrive shows access denied for the site collection administrator
If you added yourself as a site collection administrator but still get access denied, the OneDrive URL may be incorrect. Verify the URL format. Go to the SharePoint admin center, select More features, then User profiles. Search for the former employee, click Manage site collection owners, and copy the site collection URL shown at the top of the page. Use that exact URL to access the OneDrive.
File Access Methods for Former Employee OneDrive: Admin Delegation vs Direct Sharing
| Item | Admin Delegation (Site Collection Admin) | Direct Sharing (Invite Members) |
|---|---|---|
| Description | IT admin or project lead is granted full control of the entire OneDrive | Individual files or folders are shared with specific users |
| Permissions needed | Global admin or SharePoint admin to assign site collection admin role | Site collection admin or owner to share individual items |
| Scope of access | All files and folders in the OneDrive | Only the specific files or folders that were shared |
| Best for | Project teams that need full access to all project-related files | Quick retrieval of a few specific documents |
| Risk | Overexposure if the delegated admin is not trusted | Time-consuming if many files need to be shared individually |
After you restore access, consider moving the former employee’s project files to a SharePoint team site. This prevents future access issues when users leave. Use the Move to or Copy to command in OneDrive or SharePoint to transfer files to a shared location. Set up a retention policy for the SharePoint team site to preserve project data permanently.