We recently had many Customer’s report the behavior where they are able to Resolve ” Everyone” Or “Everyone Except External Users” Group via the People picker control on their SharePoint online Tenant , while
Trying to Share a Site / List / Document
Adding Permissions via UI
Even when the Admin have set the following properties to Hide these claims at the Tenant Level
PS C:\Windows\system32> Set-SPOTenant -ShowEveryoneClaim $false
PS C:\Windows\system32> Set-SPOTenant -ShowEveryoneExceptExternalUsersClaim $false
PS C:\Windows\system32> Set-SPOTenant -ShowAllUsersClaim $false
This behavior seen is Intended. The ShowEveryoneClaim setting is meant to be a visibility setting, not a security one. The parameters above are used to prevent end users from accidentally sharing a document . The goal is to make it harder for end users to accidentally share something with these aliases, not prevent the action entirely. If a user is determined to do so (and if they are familiar with some more advanced SharePoint constructs), they will still be able to do so.
These Permissions /Claims cannot be Completely disabled as many of the services in Office 365 SPO require the “Everyone” & “Everyone except external users” which is why they can still be resolved even when the admin has signaled their intent to hide the claims.
Here is more Information about the Default SharePoint Groups in Office 365 :
Post By : Rajan Kapoor [MSFT]