SharePoint Team Site Permissions #Share4Biz

  • 1,265 views
Uploaded on

Presented at Share Conference in Jhb on 12 March 2013. Apologies for uploading the PDf, Slideshare keeps rejecting the Ppt version. I can Dropbox it if required.

Presented at Share Conference in Jhb on 12 March 2013. Apologies for uploading the PDf, Slideshare keeps rejecting the Ppt version. I can Dropbox it if required.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
No Downloads

Views

Total Views
1,265
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
23
Comments
2
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Access Denied!How to Successfully Manage Team Site Permissions in SharePoint 2010 Veronique Palmer, Lets Collaborate SHARE 2013| 1
  • 2. Getting on the Same Page
  • 3. Site Types Internet Sites Extranet SitesIntranet Sites Team Sites My Sites Built on Publishing or Team Site Templates, etc
  • 4. 2 questions to ask when uploading content
  • 5. 1. Whoneeds to see it
  • 6. Everyone Your Team Just You Intranet Team Site My SiteWho Are We Shared Shared DocsWhat We Do Operational Personal DocsContact Us Working Docs
  • 7. 2. Whatmust theydo with it
  • 8. Default Team Site Permissions Members Owners Visitors
  • 9. Read / Download Site VisitorsEdit / Upload / Delete Site Members Manage Site Owners
  • 10. Default Team Site Permissions
  • 11. Super Power Rights Site Collection Administrators
  • 12. Considerations
  • 13. Build sites firstAdd users last
  • 14. Naming Standards Content owners = Site OwnersContent Creators = Site Members Consumers = Site Visitors Avoid confusion
  • 15. Add users to groups!
  • 16. Add users to groups!
  • 17. Planning!
  • 18. LC IntranettimeFull time Part staff contractors Accountant Future?
  • 19. InformationArchitecture …
  • 20. Can’t expectbeginners to just get this!
  • 21. Training! Site Collection Administrator SharePoint Advanced Advanced Intermediate Lists and Libraries Beginners START HERE
  • 22. What Can You Restrict?
  • 23. Site Level (Unique or Inherited Permissions)List and Library Level Document (Item) Level
  • 24. Called “Breakinginheritance”
  • 25. Bad idea on document level!
  • 26. SHAREPoint remember?
  • 27. Unique vsInherited Site Permissions
  • 28. U = Unique Site Top : HR Site Collection What you do on the siteI = Inherited Site HR Members, below affects the site Owners Visitors above, and vice versa! I Training U Performance I Recruitment HR Members, Performance Members, HR Members, Owners, Visitors Owners, Visitors Owners Visitors U Course Packs I Disciplinaries I Internal Only Course Packs Members, Performance Members, HR Members, Owners, Visitors Owners, Visitors Owners Visitors Inheritance is broken, U Exco Reviews I CV Management what you do here will not Exco Reviews Members, HR Members, affect the site above it. Owners, Visitors Owners Visitors
  • 29. Everyone Your Team Intranet Team SiteWho Are We SharedWhat We Do OperationalContact Us Working Docs Inherited Unique
  • 30. “Too many groupswith unique sites” So…?
  • 31. SharePoint can handle it! 500 million social tags, notes and ratings  5000 groups is how many each user can belong to 30 million documents per library  5000 users can be in one Active Directory group 30 million items in a list  2000 site collections per content database 2 million users per service application  2000 subsites under View All Site Content 1 million alerts on Searches  1000 comments per blog post 1 million terms and terms sets  1500 projects deliverables per Project Server plan 400 000 major versions per document  1800 documents in a SharePoint Workspace 250 000 site and subsites per site collection  100 items at a time you can bulk edit 10 000 user groups per site collection  99 people editing Word / PowerPoint simultaneously 10 000 metadata tags recognised per item when searched  25 web parts per page / wiki 5000 documents or list items displayed per page  2GB per document upload size 5000 blogs per site Can you handle it?
  • 32. ALWAYS click More Options first!
  • 33. The defaultsetting isto inherit, change!
  • 34. Watch the Visitors group
  • 35. Watch the Visitors group
  • 36. Unique permissions correct
  • 37. LimitedAccess
  • 38. = Limited Access Chaos
  • 39. Don’t just delete these! = Access Denied No undo button
  • 40. Document it!
  • 41. Check who or what is unique What Who
  • 42. But!Per site only!
  • 43. CustomGroups
  • 44. Where possible,stick to default groups, but…
  • 45. Tie groups to lists / libraries
  • 46. PS : Delete site – delete customgroups manually
  • 47. Active Directory vsSharePoint Groups
  • 48. Pros Cons SharePoint Groups• Can see the users in the • Cannot have duplicate groups group names• Site Owners can add and • Must delete users manually remove users • Can’t add a group into a• Displays sites in your My group Sites Memberships list • Strain on Site Owners
  • 49. Pros Active Directory Groups• Groups can be in groups• Easier to add / remove a user to multiple site collections
  • 50. Cons Active Directory Groups• Can’t see users in • Person / Group SharePoint metadata Column• Dependent on accurate AD doesn’t work• Red tape to update (3rd • Disempowers users party workaround) • Strain on AD team
  • 51. HybridSharePoint Approach Groups AD Groups
  • 52. SPAD
  • 53. Governance
  • 54. Control orenablement
  • 55. Who can beSite Owners or SCA’s?
  • 56. AddingNT AUTHORITYauthenticated users?
  • 57. Delete Rights
  • 58. Site Permissions
  • 59. Site Members can delete content and versions!
  • 60. Cannot change setting On a subsite level
  • 61. Only on sitecollection level!
  • 62. Item level permissions(top of the food chain)
  • 63. Options available whencreating a new group or assigning permissions
  • 64. Communicate!!
  • 65. Management Tools
  • 66. Farm level changes? Specific user report?Specific document report? etc…
  • 67. KeyInsights
  • 68. Enemy?Can’t preventBreed cultureEducateAutomate
  • 69. Switch off?
  • 70. Planning TrainingGovernance 3rd Party Tool
  • 71. Ideas to Action
  • 72. Search for “sensitive” content Review permissions Clean up
  • 73. ResourcesSharePoint 2010 Permissions for Site Owners – 3 Part Serieshttp://veroniquepalmer.com/2012/03/18/sharepoint-2010-permissions-for-site-owners-part-1-creating-a-team-site/http://veroniquepalmer.com/2012/03/19/sharepoint-2010-permissions-for-site-owners-part-2-members-owners-and-visitors/http://veroniquepalmer.com/2012/03/24/sharepoint-2010-permissions-for-site-owners-part-3-creating-a-new-group/SharePoint Permissions Song for Funhttp://veroniquepalmer.com/2010/01/14/sharepoint-permissions-song/Site Collection Administrator and Farm Administrator Dutieshttp://office.microsoft.com/en-us/sharepoint-server-help/permissions-for-site-collection-administrators-HA101943260.aspx?CTT=1More Info for Site Collection Administratorshttp://office.microsoft.com/en-us/sharepoint-server-help/control-user-access-with-permissions-HA101794487.aspx?CTT=5&origin=HA101794118SharePoint 2010 Groups and Permissions Reference Charthttp://office.microsoft.com/en-us/templates/results.aspx?qu=SharePoint&origin=HA101943260&CTT=5#ai:TC101977256|Control Access to a Specific Piece of Contenthttp://office.microsoft.com/en-us/sharepoint-server-help/control-access-for-a-specific-piece-of-content-HA101805400.aspx?CTT=5&origin=HA101794118Information Rights Managementhttp://office.microsoft.com/en-za/sharepoint-server-help/apply-information-rights-management-to-a-list-or-library-HA101790603.aspxWindows Rights Management Services Downloadhttp://www.microsoft.com/en-us/download/details.aspx?id=13781SharePoint 2013 Permissionshttp://technet.microsoft.com/en-us/library/cc262939.aspx
  • 74. Office 365 Permissions Basicshttp://community.office365.com/en-us/blogs/office_365_technical_blog/archive/2012/05/30/understanding-permissions-in-office-365-the-basics.aspxWorking with Permission Levelshttp://office.microsoft.com/en-us/sharepoint-server-help/edit-create-and-delete-permission-levels-HA101805381.aspx?CTT=5&origin=HA101794118Choosing a Security Grouphttp://technet.microsoft.com/en-us/library/cc261972.aspxManage Memberships of SharePoint 2010 Groupshttp://office.microsoft.com/en-us/sharepoint-server-help/manage-membership-of-security-groups-HA101794106.aspx?CTT=5&origin=HA101794118Setting Permissions on Viewshttp://www.sharepoint911.com/blogs/laura/Lists/Posts/Post.aspx?ID=76Allowing Anonymous Users to Comment on Blogshttp://www.sharepointedutech.com/2011/01/20/how-to-allow-anonymous-users-to-comment-on-a-sharepoint-2010-blog/TechNet Explanation of Permission Levelshttp://technet.microsoft.com/en-us/library/cc721640(v=office.14).aspxRestricting Access for Search Purposeshttp://office.microsoft.com/en-us/sharepoint-server-help/enable-content-to-be-searchable-HA010379092.aspxSharePoint Security Issueshttp://community.bamboosolutions.com/blogs/sharepoint-2010/archive/2010/06/09/teched-2010-sharepoint-security-permissions-identities-amp-objects-including-a-gotcha-that-breaks-security-trimming.aspx
  • 75. Veronique Palmer Lets Collaborate @veroniquepalmerveronique@letscollaborate.co.za Phone +27 11 966 8060