首页 > 代码库 > 【转】必需知道的 SharePoint 权限 Tips

【转】必需知道的 SharePoint 权限 Tips

SharePoint Tips about Permissions: What you need to know

    

I have been writing tips about SharePoint from last two years now. After a great popularity and huge following of my SharePoint tips section, recently I received a very interesting request to Summarize\Categorize\Tag the tips that are most useful or used by all SharePointers out there.

Hereby, today I am going to summarize SharePoint Tips specifically related to Permissions or Permission levels that you use daily on your SharePoint site.

SharePoint Tip of the Day - To Open and edit a SharePoint site in SharePoint Designer, a user must have “Design” Permissions assigned to him or her. You can simply add the users to the Designers group (under People and Group) on the site to do this task.

SharePoint Tip of the Day – Related to above, if a user with Full Control access gets Access Denied while opening “Master Page gallery” or “Page layouts and site templates” in a SharePoint site, the user might simply be missing “Design” permissions on the site.

SharePoint Tip of the day - Every SharePoint site has a default group called “Style Resource Readers” that provides Limited Access to all Authenticated Users by default. This allows all authenticated users to have access to display SharePoint master pages and styles for the pages on their SharePoint site.

Definition: “Members of this group are given read permission to the master page gallery and the Restricted read permission to the Style Library. By default, all authenticated users are a member of this group.”

SharePoint Tip of the day - If you want to add a Super Admin or Full Control user for all Sites or Site Collections in a Web application, simply add them to the Web App’s Policy also known as “Policy of Web Application” with appropriate rights and that will Override any permissions added for the user on Individual sites across the web app.

SharePoint Tip of the day - Related to the above, if your user has access to the site but you do not see him in “Check Effective Permissions”, the permissions for that user were probably added a Web application Policy level.
As said earlier, permissions given at Web application Policy level overrides all permissions given to a user at site or site collection level.

SharePoint Tip of the day - You probably would have seen “Limited Access” Permissions assigned to users on your SharePoint Site. Here are some Important things to know about it.

1. You cannot assign a Limited Access permission to a user. SharePoint assigns it automatically.

2. You cannot Customize Limited Access Permission Level. It’s restricted.

3. Limited Access is given when you break the Inheritance of a document library and give a user access to the document library but NO access to the parent site. SharePoint automatically gives that user “Limited Access” to the parent site to ensure that he has the rights to traverse the site in order to reach the document library.

SharePoint 2013 Tip of the Day - Two Permission levels that you cannot Customize in a SharePoint site are – Full Control and Limited Access. Site Admins can edit all other Permission levels to select or choose permissions that they want to add\remove.

SharePoint Tip of the day - Permission levels are defined at the site collection level and are inherited from the parent object by default.See more SharePoint tips.

SharePoint Tip of the day - Another Versioning tip, If a user with Read permissions is getting Access denied on Documents, be sure that the document is Published as Major Version and not is in Draft’s mode. A Document in Drafts mode will give access denied to any Read-only user despite of Read permissions assigned to it. You can also change the “Draft Item Security” in Version Settings to allow readers to see the Draft versions as well.

SharePoint 2013 Tips

SharePoint 2013 Tip of the Day - Did you know in SharePoint 2013 the default Permission level for Members group(default one) is the new permission level called “Edit” (and not Contribute). With Edit Permission level, in addition to the Typical Contribute Permissions, Members are now have Capabilities to “add, edit and delete lists” in your SharePoint 2013 Site.

SharePoint 2013 Tip of the Day -
If you are missing the “Design Manager” Option in your site, Consider the following -
* Enable Publishing feature on your site.
* Add yourself to the “Designers group” on your SharePoint site.

SharePoint 2013 Tip of the day -
Before you use the new Machine translation service in SharePoint 2013… make sure that the Machine translation service’s App Pool account has Full access to the User Profile service and the Web applications itself.