This chapter covers SharePoint Online and OneDrive for Business, two core Microsoft 365 workloads for content management and collaboration. For the MS-900 exam, approximately 10-15% of questions relate to these services, focusing on their capabilities, licensing, and integration with other M365 apps. You will learn the architecture, key features, sharing and security settings, and how they differ from each other and from other storage solutions like Teams files.
Jump to a section
Imagine a company with a central filing room (SharePoint Online) and personal lockers (OneDrive). The filing room has cabinets organized by department (site collections), each with labeled folders (document libraries). Employees can access files from any device, but only if they have the right key (permissions). OneDrive is like a personal locker that syncs with the filing room: you can work on documents locally, and when you put them back, the locker automatically updates the central copy. However, if two people try to edit the same file simultaneously, the system uses a check-out/check-in mechanism (co-authoring with version history) to prevent conflicts. The filing room also has a log (auditing) that records who accessed or changed each document. This mirrors how SharePoint Online stores files in Azure SQL databases and blob storage, with OneDrive syncing via the OneDrive sync client using differential uploads and download-on-demand to save bandwidth.
What are SharePoint Online and OneDrive for Business?
SharePoint Online is a cloud-based service hosted by Microsoft as part of Microsoft 365. It is designed for enterprise content management, intranet portals, and team collaboration. SharePoint Online allows organizations to create sites for teams, departments, or projects, where users can store, organize, share, and access information from any device. It is built on a multi-tenant architecture, where each tenant's data is isolated and stored in Azure data centers.
OneDrive for Business is a personal cloud storage service integrated with Microsoft 365. Each user gets a personal library (OneDrive) that is private by default but can be shared with others. OneDrive is essentially a personal SharePoint site (a site collection) with a document library. It allows users to sync files to their local devices, work offline, and collaborate on documents in real time.
Both services use the same underlying storage infrastructure: Azure Blob Storage and SQL Azure. Files are stored as blobs, and metadata (e.g., permissions, version history) is stored in SQL databases. The services are accessed via REST APIs and the SharePoint Framework (SPFx) for customizations.
Key Features and Capabilities
SharePoint Online: - Site Collections and Sites: A site collection is a top-level container that has its own permissions, navigation, and features. Within a site collection, you can create subsites (though modern SharePoint discourages deep hierarchies). Each site can have document libraries, lists, pages, and web parts. - Document Libraries: The primary storage for files. Libraries support versioning (major and minor versions), check-in/check-out, content approval, and metadata (columns). The default version limit is 500 major versions, but this can be increased. - Lists: Similar to libraries but for structured data (e.g., tasks, contacts, custom lists). Lists can have columns, views, and validation rules. - Permissions: SharePoint uses a role-based security model. You can assign permissions at the site, library, folder, or item level. Default groups include Owners, Members, and Visitors. Permissions can be inherited or unique (broken inheritance). - Search: SharePoint Online has a powerful search engine that indexes content from all sites, including file contents, metadata, and people. It uses the Microsoft Search index, which also powers search in other M365 apps. - Workflow and Automation: Power Automate (formerly Flow) can be used to create automated workflows. SharePoint also has legacy workflows (SharePoint 2013 workflow) but Microsoft recommends Power Automate. - Integration: SharePoint integrates with Microsoft Teams (each team gets a SharePoint site for files), Power BI, Power Apps, and Yammer.
OneDrive for Business: - Personal Storage: Each user gets a default storage quota of 1 TB, which can be increased up to 5 TB (or more with support). The tenant admin can set a default quota. - Sync Client: The OneDrive sync client allows users to sync files to their Windows or Mac computer. It uses differential sync (only changes are uploaded) and supports Files On-Demand (files appear in File Explorer but are downloaded only when opened). - Version History: OneDrive retains version history for up 500 versions per file. Deleted files are moved to the recycle bin (site recycle bin then second-stage recycle bin) and retained for 93 days. - Sharing: Users can share files or folders with internal or external users. Sharing links can be set to allow edit or view, and can be configured to expire or require a password. - Personal Vault: A protected area in OneDrive that requires additional authentication (e.g., MFA, fingerprint) to access. It holds up to 3 files (or unlimited if you have a paid subscription).
Architecture and Data Flow
When a user uploads a file to SharePoint Online or OneDrive, the file is broken into chunks and uploaded to Azure Blob Storage. Metadata (file name, size, permissions, version) is written to SQL Azure. The service then indexes the content for search. When a user accesses a file, the service checks permissions, retrieves the blob, and streams it to the client.
For synchronization, the OneDrive sync client communicates with the OneDrive service via HTTPS. It maintains a local sync database (in %LocalAppData%\Microsoft\OneDrive\settings) that tracks file states. When a file changes locally, the client uploads the differential changes. When a file changes in the cloud, the client downloads the changes. Conflicts are resolved by creating a copy with the computer name and timestamp.
Key Settings and Defaults
Storage Limits: SharePoint Online per-site storage: 1 TB plus 10 GB per licensed user (e.g., if you have 100 users, each site can use up to 1 TB + 1000 GB = 2 TB). OneDrive default: 1 TB per user, can be increased to 5 TB.
File Size Limit: 250 GB per file in SharePoint and OneDrive.
Path Length: Maximum 400 characters for the full path (including filename).
Version History: 500 major versions by default. Admins can adjust via PowerShell.
Recycle Bin: Users have a recycle bin (retains items for 93 days). Site collection recycle bin (second-stage) also retains for 93 days. After that, items are permanently deleted.
External Sharing: Can be controlled at tenant, site, and file level. Default: allow sharing with authenticated external users (guests). Admins can restrict sharing to specific domains or require a Microsoft account.
Sync Client: Default download-on-demand enabled. Files are shown as online-only (cloud icon) until opened.
Security and Compliance
Data Encryption: Data at rest is encrypted using BitLocker and Azure Storage Service Encryption. Data in transit is encrypted using TLS 1.2+.
Information Rights Management (IRM): Can be applied to restrict actions like printing, forwarding, or copying content.
Data Loss Prevention (DLP): Policies can be created to detect and protect sensitive information (e.g., credit card numbers) in documents.
Auditing: Audit logs capture events like file access, sharing, and permission changes. Logs are retained for 90 days (standard) or 1 year (with add-on).
Compliance Center: eDiscovery cases can be used to hold and search content in SharePoint and OneDrive.
Differences Between SharePoint Online and OneDrive
Purpose: SharePoint is for team collaboration and intranet; OneDrive is for personal file storage and sync.
Default Permissions: SharePoint sites are visible to all members of the site; OneDrive is private to the user.
Storage Quota: SharePoint storage is shared across site collections; OneDrive storage is per user.
Sync: OneDrive sync is primarily for personal files; SharePoint libraries can be synced but are often accessed via browser or Teams.
External Sharing: OneDrive sharing is more restrictive by default (only with authenticated users). SharePoint can allow anonymous links.
Integration with Microsoft Teams
Every Microsoft Team has a SharePoint site (the 'Files' tab). Files stored in Teams are actually stored in the underlying SharePoint document library. This means all SharePoint features (versioning, permissions, co-authoring) apply to Teams files. OneDrive is not directly integrated with Teams, but you can attach OneDrive files via the 'Attach' menu.
User uploads file to SharePoint
The user opens a SharePoint document library in a browser and drags a file into the upload area. The browser sends an HTTP POST request with the file content to the SharePoint REST API endpoint. The request includes authentication tokens (OAuth 2.0) and metadata like the target folder. SharePoint validates permissions (the user must have Contribute or higher permissions on the library). If validation passes, the file is chunked (if large) and uploaded to Azure Blob Storage. Metadata is written to the SQL database, including file name, size, content type, and a new version number. The file is then indexed by the search service. The user sees the file appear in the library.
User shares file with external guest
The user selects the file, clicks Share, and enters an external email address. SharePoint checks tenant-level external sharing settings (e.g., allowed domains, whether guests must sign in). If allowed, a sharing invitation is sent via email. The recipient receives a link that redirects to a Microsoft login page (if authentication required) or directly to the file. If the recipient does not have a Microsoft account, they may be prompted to create one. Once authenticated, a guest user object is created in Azure AD, and permissions are assigned at the file/folder level. The guest can then access the file within the limits set (view or edit).
OneDrive sync client syncs file
The OneDrive sync client runs as a background process on the user's device. It periodically polls the OneDrive service for changes (every ~30 seconds). When a change is detected (e.g., a new file uploaded from another device), the client downloads the file's metadata and then the file content if needed. For differential sync, the client compares local and remote file hashes. If a file is modified locally, the client uploads only the changed blocks. The sync client also handles conflicts: if a file is changed both locally and remotely, the client creates a copy with the computer name appended. The sync status is shown via icons in File Explorer (green check mark = synced, blue cloud = online-only, red circle = error).
Co-authoring a document in real-time
Two users open the same Word document stored in SharePoint. The document is opened in Word Online (browser) or Word desktop app with AutoSave enabled. The server locks the file for co-authoring. Each user's changes are sent as small deltas (JSON patches) to the server via WebSocket (SignalR). The server merges changes and broadcasts updates to all active co-authors. The merge logic uses a last-writer-wins approach for simple edits, but for conflicting edits (e.g., both edit the same paragraph), the server uses a conflict resolution protocol that may create a version conflict. Users see each other's cursors and changes in near real-time. The document automatically saves every few seconds (AutoSave).
Admin configures retention policy
A compliance admin navigates to the Microsoft Purview compliance portal and creates a retention policy for SharePoint and OneDrive. They specify a retention period (e.g., 7 years) and action after retention (e.g., delete). The policy is applied to all sites or specific sites. The policy is stored in the compliance center and enforced by the SharePoint retention engine. When a file is deleted, the retention engine checks if it falls under a retention policy. If so, the file is moved to the Preservation Hold library (a hidden document library) instead of being permanently deleted. The file remains there for the retention period, accessible only to compliance administrators. After the retention period ends, the file is permanently deleted.
In a multinational corporation with 10,000 employees, SharePoint Online is used as the intranet portal. The IT team creates a root site collection for the company-wide homepage, with subsites for each department (HR, Finance, Engineering). Each department site has document libraries with custom metadata columns (e.g., document type, approval status). Permissions are managed using Azure AD groups: the 'HR Employees' group has read access to the HR site, while the 'HR Managers' group has edit access. External sharing is enabled only for specific sites (e.g., the 'Vendor Portal' site) and restricted to authenticated guests from approved domains. The team uses PowerShell to set storage quotas: each department site gets 500 GB, and the overall tenant storage is 10 TB + 10 GB per user. They also configure DLP policies to prevent sharing of files containing credit card numbers. A common issue is users accidentally breaking permission inheritance on folders, causing admin overhead. To mitigate, they train users to use SharePoint groups instead of individual permissions.
A mid-sized law firm uses OneDrive for Business for attorney document storage. Each attorney has 1 TB of storage. They use the sync client to access files offline on laptops. The firm enables Personal Vault for sensitive case files, requiring MFA to open. They set sharing links to expire after 30 days and require a password for external sharing. A frequent problem is users syncing entire SharePoint document libraries to their devices, causing network congestion and local storage issues. The IT team educates users to use Files On-Demand and sync only needed folders. They also monitor sync health using the OneDrive sync admin report in the M365 admin center.
A non-profit organization uses SharePoint Online to manage grant applications. They create a list with columns for applicant name, grant amount, and status. Power Automate sends an email when a new application is submitted. They also use versioning to track changes to applications. A challenge they face is the 250 GB file upload limit; they work around it by splitting large files into parts. They also encounter the 400-character path limit when users create deeply nested folders, so they enforce a flat folder structure.
The MS-900 exam (objective 2.3: Describe the productivity solutions of Microsoft 365) tests SharePoint Online and OneDrive primarily in the context of their capabilities, licensing, and integration with other services. Expect 2-4 questions on this topic. Key areas:
Storage quotas: Know the defaults: SharePoint per-site storage = 1 TB + 10 GB per licensed user; OneDrive per user = 1 TB (can be increased to 5 TB). The exam often tests that OneDrive storage is per user, not per tenant.
External sharing: Understand the difference between sharing with authenticated guests (requires Microsoft account) and anonymous links (anyone with link). The exam may ask which setting allows sharing with external users who don't have a Microsoft account.
Sync client: Know that OneDrive sync client supports Files On-Demand (online-only files) and differential sync. The exam might ask what happens when a file is modified both locally and in the cloud (conflict resolution creates a copy).
Integration with Teams: Remember that Teams files are stored in SharePoint. A question might ask: 'Where are files stored when a user uploads them to a Teams channel?' Answer: SharePoint document library.
Version history: Default is 500 major versions. The exam may ask about the default number of versions retained.
Recycle bin: Two-stage recycle bin with 93-day retention for each stage. Total retention up to 93 days (not 186).
Common wrong answers: Candidates often confuse SharePoint and OneDrive storage quotas (e.g., thinking OneDrive has a 5 TB default). Another trap: thinking that OneDrive is for team collaboration (it's personal). Also, candidates may think that external sharing in OneDrive is enabled by default (it is, but only with authenticated users).
Edge cases: The exam might test that you cannot increase OneDrive storage beyond 5 TB without a support request. Also, that SharePoint storage is pooled across sites (total tenant storage = 1 TB + 10 GB per user + any purchased add-on storage).
Elimination strategy: For questions about where files are physically stored, eliminate options that mention on-premises servers (SharePoint Online is cloud-only). For questions about sharing, eliminate options that say 'anonymous sharing is always allowed' (it must be enabled by admin).
SharePoint Online is a cloud-based collaboration platform; OneDrive for Business is personal cloud storage for each user.
SharePoint storage pool: 1 TB base + 10 GB per licensed user. OneDrive default: 1 TB per user.
File size limit is 250 GB; path length limit is 400 characters.
Version history retains 500 major versions by default.
Recycle bin retains deleted items for 93 days (two-stage).
External sharing: OneDrive requires authentication by default; SharePoint can allow anonymous links if enabled.
OneDrive sync client supports Files On-Demand and differential sync.
Teams files are stored in SharePoint document libraries.
Co-authoring allows multiple users to edit documents simultaneously with AutoSave.
Security features include IRM, DLP, auditing, and encryption at rest and in transit.
These come up on the exam all the time. Here's how to tell them apart.
SharePoint Online
Team collaboration and intranet portal
Storage quota: 1 TB + 10 GB per licensed user per tenant
Permissions managed via site groups (Owners, Members, Visitors)
External sharing can be anonymous if enabled
Integrated with Microsoft Teams, Power Platform
OneDrive for Business
Personal file storage and sync
Storage quota: 1 TB per user (up to 5 TB)
Permissions: private by default, share individual files/folders
External sharing requires authenticated guests by default
Primarily accessed via sync client or browser
Mistake
OneDrive for Business and OneDrive consumer are the same service.
Correct
They are separate services with different storage, features, and licensing. OneDrive for Business is part of Microsoft 365 and provides 1 TB storage per user, integration with SharePoint, and enterprise security. OneDrive consumer is a free personal service with 5 GB storage, no integration with SharePoint, and different sharing options.
Mistake
SharePoint Online and OneDrive both sync the same way.
Correct
OneDrive syncs personal files via the OneDrive sync client. SharePoint libraries can also be synced using the same client, but SharePoint is primarily accessed via browser or Teams. The sync client for SharePoint libraries is essentially the same, but permissions and sharing are managed differently.
Mistake
Files deleted from OneDrive are permanently lost after 30 days.
Correct
OneDrive has a two-stage recycle bin: first-stage (user's recycle bin) retains items for 93 days, and second-stage (site collection recycle bin) also retains for 93 days. Total retention is up to 93 days, not 30. After that, items are permanently deleted.
Mistake
External sharing in SharePoint allows anyone to access files without signing in.
Correct
By default, external sharing requires recipients to sign in with a Microsoft account or Azure AD guest account. Anonymous sharing (anyone with link) must be explicitly enabled by the admin at the tenant level and then at the site level.
Mistake
SharePoint storage quota is per user.
Correct
SharePoint storage is pooled at the tenant level: 1 TB base + 10 GB per licensed user. Each site can use up to that total, but the quota is not per user per site. OneDrive storage is per user (1 TB default).
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
SharePoint Online is designed for team collaboration and intranet portals, with shared document libraries and sites. OneDrive for Business is personal cloud storage for individual users, with private files that can be shared. SharePoint storage is pooled across the tenant; OneDrive storage is per user. Both use the same underlying infrastructure but serve different purposes.
The default OneDrive storage per user is 1 TB. An admin can increase it up to 5 TB via the SharePoint admin center (or PowerShell). To go beyond 5 TB, you must contact Microsoft Support and provide a valid business reason. The increase applies to individual users.
The maximum file size is 250 GB per file. This applies to both SharePoint Online and OneDrive for Business. Files larger than that cannot be uploaded. For very large files, consider compressing or splitting them.
Deleted files in OneDrive go to the first-stage recycle bin (user's recycle bin) and are retained for 93 days. If the user deletes from there, files go to the second-stage recycle bin (site collection recycle bin) for another 93 days. Total retention is up to 93 days from the original deletion date, not 186. After that, files are permanently deleted.
Yes, by default OneDrive allows sharing with external users who sign in with a Microsoft account or are added as guests in Azure AD. Admins can restrict sharing to specific domains or require a password. Anonymous sharing (anyone with link) is not enabled by default for OneDrive; it must be turned on by the admin.
Syncing a SharePoint library uses the same OneDrive sync client but syncs a team library to your device. OneDrive sync is for your personal OneDrive. The behavior (Files On-Demand, differential sync) is identical. However, permissions are managed differently: SharePoint library permissions are controlled by site owners, while OneDrive permissions are controlled by the user.
Co-authoring allows multiple users to edit a document simultaneously. The document must be stored in SharePoint or OneDrive. AutoSave must be enabled (default in Office 365 apps). Changes are synced in near real-time via WebSocket. If conflicts occur (e.g., both edit the same paragraph), the server creates a version conflict that the user must resolve.
You've just covered SharePoint Online and OneDrive — now see how well it sticks with free MS-900 practice questions. Full explanations included, no account needed.
Done with this chapter?