When an employee leaves your organization, HR or IT needs to grant another user access to the former employee’s OneDrive for Business. In many cases, the access request is routed to the wrong approver, delaying the handover of critical business files. This misrouting typically occurs because the site collection administrator or the primary site owner is not correctly set, or because the access approval policy in SharePoint Admin Center is misconfigured. This guide explains why the wrong person gets the approval request and provides step-by-step fixes to ensure the correct manager or admin approves the handover.
Key Takeaways: Fixing OneDrive Access Approval Routing for Former Employees
- SharePoint Admin Center > Access requests > Allow or deny access requests: Controls whether access requests are enabled and who receives them.
- OneDrive site collection owner in SharePoint Admin Center: Sets the primary contact for access requests on the former employee’s OneDrive.
- Microsoft 365 admin center > Users > Active users > former employee > Licenses and apps: Removing the OneDrive license prevents the former employee from being listed as an approver.
Why OneDrive Access Requests Go to the Wrong Approver
OneDrive for Business access requests are governed by SharePoint site-level permissions. When a user requests access to a former employee’s OneDrive, SharePoint sends the approval request to the site collection administrator. By default, the site collection administrator for a OneDrive is the user who owns that OneDrive, which is the former employee. If the former employee’s account is still active or if their license is not removed, SharePoint continues to treat them as the site owner and sends the approval request to them.
Additionally, if an admin has not explicitly assigned a new site collection owner or if the access request settings in SharePoint Admin Center are set to send requests to the site owner only, the request will not reach the HR manager or IT admin. The problem worsens when the former employee’s mailbox is still active, because SharePoint may also attempt to send an email notification to that mailbox, which nobody monitors.
Role of the Site Collection Administrator
Each OneDrive site is a SharePoint site collection. The site collection administrator has full control over the site, including the ability to approve or deny access requests. If the former employee is still the site collection administrator, they remain the default approver. Changing the site collection owner to a manager or IT admin is the primary fix.
Access Request Settings in SharePoint Admin Center
The SharePoint Admin Center has a tenant-wide setting for access requests. By default, access requests are sent to the site owner. You can change this to send requests to a specific email address or to a security group. If this setting is misconfigured, requests may go to a general mailbox or to the wrong person.
Steps to Redirect OneDrive Access Requests to the Correct Approver
Follow these steps in order. The first two steps fix the routing issue for the current handover. The third step prevents the problem from recurring with future departures.
Step 1: Remove the Former Employee as Site Collection Owner
- Sign in to the SharePoint Admin Center
Go tohttps://admin.microsoft.comand select SharePoint from the Admin centers list. Alternatively, navigate directly tohttps://admin.microsoft.com/SharePoint. - Locate the former employee’s OneDrive site
In the left navigation, select Sites then Active sites. In the search box, type the former employee’s name or their OneDrive URL. The URL typically looks likehttps://yourtenant-my.sharepoint.com/personal/username_domain_com. - Open the site properties
Click the site name to open the details panel. Scroll down to the Site collection admins section. - Add the correct approver as a site collection admin
Click Add a site collection admin. Enter the email address of the HR manager, IT admin, or the user who should approve the access request. Click Save. - Remove the former employee as a site collection admin
In the same section, find the former employee’s name. Click the X next to their name to remove them. Click Save again.
Step 2: Configure Access Request Settings for the Site
- Open the OneDrive site settings
While still in the site details panel, scroll to the Settings section. Click View site settings. This opens the classic SharePoint site settings page. - Navigate to Access requests
Under Users and Permissions, select Access requests and invitations. - Change the access request recipient
Select the radio button for Send access requests to the following email address. Enter the email address of the HR manager or the IT admin who should handle the handover. Clear the checkbox for Also send access requests to site owners if you want to avoid duplicate notifications. Click OK.
Step 3: Remove the Former Employee’s OneDrive License
- Go to the Microsoft 365 admin center
Openhttps://admin.microsoft.com. In the left navigation, select Users then Active users. - Select the former employee
Find the former employee in the list and click their name to open the details pane. - Remove the OneDrive license
Select the Licenses and apps tab. Uncheck the box for SharePoint Online (Plan 2) or OneDrive for Business depending on your licensing. Click Save changes. This action removes the former employee’s ability to be a site owner or receive approval notifications.
If OneDrive Access Requests Still Go to the Wrong Person
Access request is sent to a shared mailbox or distribution group
If you configured a shared mailbox or distribution group as the access request recipient, check whether that group has the correct members. Open the Microsoft 365 admin center, go to Teams & groups then Active teams & groups. Select the group and verify its membership. Remove any users who should not approve requests and add the correct HR manager or IT admin.
Former employee still appears as a site owner after license removal
Removing the license does not automatically remove the user from the site collection administrators list. You must manually remove them as shown in Step 1. If the user still appears, run a SharePoint PowerShell command to confirm. Open SharePoint Online Management Shell as an admin and run: Set-SPOUser -Site <OneDrive URL> -LoginName <UPN> -IsSiteCollectionAdmin $false. Replace the placeholders with the actual URL and user principal name.
Access request email goes to the former employee’s mailbox
If the former employee’s mailbox is still active, SharePoint may still send the email notification there even after you change the site owner. To stop this, convert the mailbox to a shared mailbox or remove the Exchange Online license. In the Microsoft 365 admin center, select the user, go to Mail tab, and select Convert to shared mailbox. This preserves the data but stops the user from receiving new emails. Then repeat Step 2 to ensure the access request recipient is set to the correct email.
Access Request Methods: Site Owner vs Custom Email vs Security Group
| Item | Send to site owner | Send to custom email | Send to security group |
|---|---|---|---|
| Description | Request goes to the site collection administrator listed in SharePoint Admin Center | Request goes to a specific email address you enter | Request goes to all members of a security group |
| Best for | Small teams where the site owner is always available | HR handover where one person handles all requests | IT departments where multiple admins share responsibility |
| Risk with former employees | High – former employee remains the owner and receives the request | Low – owner change is not required but the email must be monitored | Low – requires group membership update after departure |
| Setup complexity | Low – default setting | Medium – must enter email and verify delivery | Medium – must create and maintain the security group |
After applying the fix, you can now redirect OneDrive access requests from a former employee to the correct HR manager or IT admin. The key actions are removing the former employee as site collection owner, setting the access request recipient to a monitored email address, and removing the OneDrive license to prevent future misrouting. For ongoing management, consider creating a standard operating procedure that includes updating the site owner within 24 hours of an employee departure. As an advanced tip, use the SharePoint Online Management Shell to script the owner change for all departing users in bulk, reducing manual errors.