Flexible and easily administrable by both end-users and by system administrators alike, SharePoint is a powerful addition to any organization. With the ability to quickly share documents and information comes the need to easily manage permissions. SharePoint has a robust permission management system that can make securing either sections or entire sites easy to do.
Accessing SharePoint Site Permissions
Once you have navigated to a SharePoint site, click on the Gear icon in the upper right to access the Site permissions link.
For Modern SharePoint sites, which are assumed to be in use for this article, you will find a simplified permission view. This view allows you to invite additional members or groups quickly and easily to a site, and assign the necessary pre-built permission level.
In addition to adding a new group or user, you can also choose to quickly change how members can share. Once you have opened the Site sharing settings pane, you will see a number of options. Most of these are self-explanatory from the screen itself, but they offer fast access to useful options. Many times system administrators or site administrators will turn off the allowing of access requests. This is because many access requests are explicit permissions added, often from outside ticket systems.
Navigating Advanced Site Permissions
Finally, if you click on the Advanced permission settings link, you will be directed to the traditional site permissions page that uses the older and more traditional SharePoint interface. This screen allows you to do a few different tasks.
- Define custom permission levels
- Modify Access Request Settings
- Modify Site Collection Administrators
- Check Permissions for a specific group or user
- Create, Edit, and Remove Groups
- Grant permissions to a specific user or group and a given permission level
Taking a look at the Site Collection Administrators, we can see that the default created owners group currently exists as the only set of administrators. A Site Collection Administrator has full control over that given site and overrides and specific permissions set on a document library, list, or another resource.
There are a number of default permission levels as seen below. These are usually enough for many sites, but there is a wide range of permissions that when set correctly, can unlock a number of different and useful scenarios.
- Full Control – All available permissions.
- Design – Can view, add, update, delete, approve, and customize the site.
- Edit – Can add, edit, and delete lists. Can view, add, update, and delete list items and documents.
- Contribute – Can view, add, update, and delete list items and documents.
- Read – Can view pages and list items, and download documents.
Of course, we may want to create a custom permission level. This is a permission level that is uniquely tailored to a specific use case. There are a large number of permissions available for this which you can read about here. Once this permission level has been created, you will be able to assign this permission level to a given group or user.
Granting Permissions and Modifying Groups
Back on the Advanced Site Permissions page, if you click on the Grant Permissions button you will have the option to grant permissions to a user or group with a given permission level.
A useful ability is that mail-enabled security groups will show up in the list. This applies to nested groups as well, provided each group is mail-enabled down to the user.
Once you have added a person to a given group, you are able to modify those settings by navigating to the group itself and click on the Settings drop-down.
There are a few useful options available in the Group Settings that you may find you want to change further on. These settings are options such as the Group Owner, membership viewing options (i.e. public roster), and if group join requests are allowed.
Creating a Group
Additionally, the ability to create a group in SharePoint exists so that you are able to quickly provision the necessary groups to divide access. Simply providing a name, description, owner, membership settings, and request settings will get you started. Finally, provide the access level that you want to assign to the group, this will include any custom levels that you have created as well.
SharePoint offers a flexible and useful set of solutions for sharing data in a formatted and powerful way. Though the permissions look deceptively simple, there is some complexity when it comes to managing those permissions across large environments. The skills and tools shown here will provide a strong basis in everything you need to succeed in going forward and creating a robust and manageable SharePoint environment!