SharePoint 2013 Team Site Permissions Tip

I didn’t think it would be possible to make SharePoint permissions worse in 2013, but it is.  Much worse.  SharePoint 2007 and 2010 Site Collection Administrators and Site Owners are going to have to really keep their heads to effectively manage permissions in 2013.  The need for a third party tool is actually no longer a luxury but an outright necessity.

Microsoft, please, you need to stop messing this up and fix it.  It’s becoming a nightmare and serious operational risk for businesses trying to demonstrate security.

Anyway, while by no means a perfect solution, adding a Site Page with multiple versions of the Site Users Web Part on it can maybe assist Site Owners in seeing instantly who has access on their site.  Deep-diving into the site to find out where these people and groups all have access is another matter altogether and I’m far too tired to write the 10 page book it would take to explain. :-S

Create a new Site Page and insert Site Users from the Social Collaboration Web Parts.

SharePoint 2013 Site Users Web PartEdit the web part to show members of a specific group, then insert the name of the group.  Don’t forget to edit the title of the web part so they all reflect the group name.  Change the Toolbar type to show no toolbar.

SharePoint 2013 Site Users Web Part Settings

Add the web part 4 times so you can display the default Members, Owners and Visitors groups as well as direct access.

SharePoint 2013 Site Permissions

Slightly shleppy to set up, but it should help new SharePoint users get a handle on things and bring a level of comfort to nervous users with sensitive content.

About Veronique Palmer

Empowering people one at a time.
This entry was posted in SharePoint 2013, Tutorial. Bookmark the permalink.

12 Responses to SharePoint 2013 Team Site Permissions Tip

  1. Pingback: How To Build A Team Site In Sharepoint | Africabank

  2. They may recommend that, but not many clients AD’s are in good condition to use in the first place. No, this doesn’t show the members of the AD group, still need a 3rd party tool to do that.

    Like

  3. Microsoft recommends using AD groups to manage permissions. I’m guessing this doesn’t populate the members of an AD group which is in a SharePoint group eh?

    Like

  4. But why use the Target Audience here? The whole point of putting a page like this up is to show everyone on the site who has access to the site. It is to promote transparency, not hide content.

    Like

  5. Pingback: SharePoint 2013 Team Site Permissions Tip - The SharePoint Blog

  6. Mu Zik says:

    Veronique

    Add SiteUsers WebPart from Social Collaboration
    Use Target audience if need be.
    Remember to pick specific groups for each group
    repeat for each group (say Members, visitors, etc)

    Thnx to Rob’s book @rgarrettpro
    Its a treasure trove!
    🙂

    Like

  7. Mu Zik says:

    Add Webpart[Social Collab>Site Users] +use w Target audience. Just remember 2 pick specific groups for each group!
    BTW: Thats thanks to Rob Garret

    Site Users

    Add SiteUsers WebPart from Social Collaboration
    Use Target audience if need be.
    Remember to pick specific groups for each group
    repeat for each group (say Members, visitors, etc)

    Thnx to Rob’s book @rgarrettpro
    Its a treasure trove!
    🙂

    Like

  8. @Robert, phew I wouldn’t have done that. 🙂 But each to their own, I think we all just have to do what works for us in this complicated space. I am having endless permissions issues in 2013…

    @Lisa, yep, I agree. It’s now a standard on anything we build. Glad it helped.

    Like

  9. Lisa says:

    This is actually a great idea for 2010 too. I have a lot of people who are new to handling permissions and it would be a lot easier if they could see everyone in all the groups without having to click on them. Heck, having a page like this on every site would make my life easier too.. lol.

    Like

  10. Hi Veronique,

    While I completely agree that the mechanics of Security within SharePoint need to be more transparent, I do disagree that 2013 is “worse”. The only thing different in 2013 is that there are handy-dandy SHARE buttons all over the place. They don’t actually change how security is handled in 2010.
    One solution that I have come across while instructing classes is to create a new permission level that is essentially “full control minus”. You take away the ability to manage permissions in this permission level and permissions become a centralized role for a select set of individuals that make use of 2013’s permission request system. Perhaps even create a permission level with only the ability to edit permissions which would work well with SharePoint’s cumulative style permission management.
    While this does create some more bureaucracy, security is a trade-off on usability. At the very least this allows accountability to be placed into the hands of a select few. I would love to see a security dashboard created by someone out there. Have you had any good experiences with 3rd party products?

    Regards,
    Robert

    Like

  11. Because that only shows the groups, not the users Inside the groups – which is what most Site Owners want to know.

    Like

  12. just helping says:

    Hi Veronique, why not use the top radio button thats shows all groups of the site in 1 webpart?

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s