When a user transfers to a new department, their OneDrive access and permissions may not update automatically. The former department’s team members can still see files they should no longer access, and the new department’s users might be missing the required permissions. This happens because OneDrive permission inheritance is tied to user and group memberships, not department metadata. This article explains how to verify and correct OneDrive sharing settings after a department transfer using the Microsoft 365 admin center and OneDrive sync client.
Key Takeaways: Checking OneDrive Access After Department Transfer
- Microsoft 365 admin center > Users > Active users > OneDrive tab: Displays the user’s OneDrive storage status, sharing links, and current permission inheritance.
- OneDrive sync client > Settings > Account > Manage backup: Shows which folders are synced and whether the user’s account reflects the new department group memberships.
- SharePoint admin center > Site permissions > Check permissions: Tests a specific user’s access to the transferred user’s OneDrive site to confirm or deny access.
Why Department Transfers Affect OneDrive Permissions
OneDrive for Business sites are SharePoint-based. Each user’s OneDrive is a site collection with its own permission set. When a user moves to a new department, their Microsoft 365 group memberships and Azure AD attributes change. However, existing sharing links, direct permissions, and site-level access do not update automatically. The former department’s users who had direct access or were part of a group that had access to the OneDrive site retain that access until an administrator revokes it. Similarly, the new department’s users do not gain access unless an administrator explicitly adds them or the user shares files with them. This is by design — OneDrive does not read department fields from Azure AD to adjust permissions. You must manually review and update who has access.
Permission Inheritance Model
OneDrive sites use unique permissions by default. They do not inherit permissions from the parent SharePoint tenant. When a user transfers departments, their OneDrive site remains independent. The only automatic change is that the user’s display name and email alias may update if the IT team runs a directory sync. Group memberships that grant access to the OneDrive site — such as the “Everyone except external users” group — continue to apply. If the user previously shared files with specific people, those sharing links remain active. The user’s new department groups do not appear in the OneDrive permission list unless an administrator or the user adds them.
Steps to Verify OneDrive Access After Department Transfer
- Open the Microsoft 365 admin center
Go to admin.microsoft.com and sign in with a Global admin or SharePoint admin account. Do not use a user account with limited permissions. - Navigate to Active Users
Select Users from the left navigation, then Active users. Search for the transferred user by name or email. - Open the OneDrive tab
Click the user’s display name to open the detail panel. Select the OneDrive tab. You will see the user’s storage usage, sharing links, and a list of users who have access to the OneDrive site. Review the list for any users from the former department who should no longer have access. - Check site permissions in SharePoint admin center
Open admin.microsoft.com/SharePoint. Under Sites, select Active sites. Find the transferred user’s OneDrive site — it is named after the user’s email address. Click the site name, then select Permissions. Under Advanced permissions settings, select Check Permissions. Enter the email of a user from the former department. The tool shows whether that user has direct or group-based access. Repeat for a user from the new department to confirm they lack access. - Review sharing links on the user’s OneDrive
In the Microsoft 365 admin center, on the user’s OneDrive tab, scroll to Sharing links. This shows all external and internal sharing links created by the user. Any link with type “Anyone” or “People in your organization” still works. Revoke specific links by clicking the three dots next to a link and selecting Remove link. - Verify sync client status on the user’s device
On the transferred user’s Windows 11 or Windows 10 device, open OneDrive. Select Help & Settings > Settings > Account. Under Account, the email address and the organization name should match the new department. If the user has multiple accounts, remove the old one by selecting Unlink this PC. Then sign in with the current work or school account. Under Manage backup, confirm that the folders syncing are correct — for example, Desktop, Documents, and Pictures should reflect the user’s new role.
If OneDrive Access Issues Persist After the Transfer
The user cannot see their own OneDrive files after transfer
This happens when the user’s license was removed during the department transfer and then reassigned. OneDrive sites become orphaned if the license is removed for more than 30 days. To fix this, the Global admin must go to the SharePoint admin center, select Active sites, find the user’s OneDrive site, and assign a new primary administrator. The user must then sign out and sign back into OneDrive on their device.
Former department users still have access
Open the transferred user’s OneDrive site in the SharePoint admin center. Go to Permissions > Advanced permissions settings. Remove any direct permissions for users who should no longer have access. For group-based access, edit the group membership in Azure AD — do not remove the group from the OneDrive site, as that would affect all members.
New department users cannot access shared files
The transferred user must reshare the files with the new department’s users. Alternatively, a SharePoint admin can add the new department’s security group to the OneDrive site permissions. In the SharePoint admin center, select the user’s OneDrive site, go to Permissions, select Add people, enter the group name, and choose the permission level Read or Contribute.
Manual Permission Management vs Automated Group-Based Access
| Item | Manual Permission Management | Automated Group-Based Access |
|---|---|---|
| Description | Admin or user adds or removes individual users from OneDrive site permissions | Azure AD security groups are added to OneDrive site permissions; membership changes propagate automatically |
| Best for | One-time transfers or small teams | Recurring transfers or large organizations with frequent department moves |
| Maintenance effort | High — each transfer requires manual permission updates | Low — group membership changes flow to OneDrive within 24 hours |
| Risk of orphaned access | High — former department users may be overlooked | Low — removing a user from the group revokes access automatically |
After a department transfer, you can now verify OneDrive access using the Microsoft 365 admin center and SharePoint admin center. Start by checking the user’s OneDrive tab for existing sharing links and permission lists. Then use the Check Permissions tool to confirm whether specific users from the former or new department have access. To prevent future issues, consider adding Azure AD security groups to OneDrive site permissions so that department changes propagate automatically. The OneDrive sync client’s Account tab shows the user’s current identity and synced folders, which helps confirm the transfer was applied correctly on the device.