When a user leaves the organization, their Onedrive folders/files remain until either the user is permanently deleted or the retention policy covering their data expires.
Many organizations have set up a retention policy in Office 365 to retain data in Onedrive for several years, sometimes even indefinitely.
Few know, that as long as you retain a user’s onedrive, the files and folders that were shared, by default, remain shared and accessible by those they were shared with, including externals.
This is often undesirable, and can easily be remediated by running a very simple unshare-orphanedOnedriveForBusinessSites.ps1 PowerShell function I’m hereby sharing with you 🙂
Above function detects all Onedrive Sites that no longer have an active associated user, and disables any sharing links on them.
The actual line that unshares an individual site could also be used directly if you have an automatic offboarding process.
[…] Unsharing Orphaned Onedrive for Business sites with active sharing links. Few people know that as long as you keep a user’s onedrive service active (say, after the user has left the company), files and folders that have been shared remain shared and accessible to everyone with whom they have been shared, including external users. […]