JoelBlogs - Joel Jeffery's Microsoft 365 Blog

Microsoft 365, SharePoint, Teams and Office 365 Architecture, Development, Administration and Training

  • Home
    • Sitemap
  • Articles
    • #SPThingADay
    • SharePoint Online
      • SharePoint Online – Drag and Drop and Large File Uploads
    • SharePoint 2016
    • SharePoint 2013
      • Content Database Changes to the AllUserData Table
    • SharePoint 2010
      • Administration
        • Disable CRL Checking
        • Excel 2010 & PowerPivot
        • Limits & Thresholds
        • PeoplePicker AD Errors
        • Recycle Bin Behaviour
        • Renaming a Server
        • Service Pack 1
        • Unattended Installs
        • Uninstall All SharePoint 2010 Solutions via PowerShell
        • User Alert Management
        • Virtualised SharePoint
        • Visio Stencils for Administrators
      • Development
        • Audience Membership Workflow Activity
        • Base Types, Lists & Content Types
        • BCS & Offline Sync
        • Debugger Skipping Lines
        • Development Laptop Spec
        • Enabling JavaScript IntelliSense
        • Event Receivers & Deployment Jobs
        • FavIcons & SPUrl
        • Google Maps Sandbox Web Part
        • Group By Content Type for List Views
        • Locale Stapler / Master or Default Locale
        • Removing Default Editor Parts
        • Sandbox Embedding Resources
        • Solution Sandbox Introduction
        • SPPersistedObject
        • Restoring Deleted SPSites in SP1
        • SPWebConfigModification 1
        • SPWebConfigModification 2
        • STSADM copyappbincontent vs. Install-SPApplicationContent
        • Workflows for Beginners
        • Workflow InitiationData Seralizer
    • SharePoint 2007
      • Alternate Access Mappings
      • Excel Services
      • Excel Services UDFs & Excel Client 2007
      • Experiences from the Field
      • InfoPath & Forms Server
      • Kerberos & SSRS
      • Records Management
      • Web Application Service
      • WSS vs MOSS
  • Training
    • SharePoint Admin Links
  • Downloads
    • Summary Slides for PowerPoint
    • CodePlex Projects
      • Audience Membership Workflow Activity
      • Google Maps Sandbox Web Part
      • Group By Content Type in List Views
      • Locale Stapler / Master or Default Locale
      • SharePoint Outlook Connector
  • Hire Me!
    • MCP Transcript
    • Résumé/CV

SharePoint Thing a Day – 022 – Security. Don’t go Mad with it, 007.

December 23, 2017 by Joel Jeffery

Don’t go Mad with it, 007

View this post on Instagram

A post shared by JFDI Consulting #spthingaday (@jfdiconsulting)

In Thing a Day 21, we talked about applying Permission Levels to People and Things. (http://1jj.uk/spthing021)

Every time you apply permissions to a specific item in SharePoint – whether it’s a Sub-site, List, Library, Folder, File or Item, you break inheritance of permissions.

And SharePoint’s performance suffers a little more each time.

People often come to SharePoint with the idea that “Folders are Evil.” See Thing a Day 3 and 4. (http://1jj.uk/spthing003, http://1jj.uk/spthing004)

But Folders can be your friend.

A common mistake in large libraries is to allow users to secure individual documents.

SharePoint will only let you do this up to 50,000 times in any one library.

Avoid securing a lot of individual files. Group them in Folders, and secure those instead.

Better still, try and design your hierarchy to have as few instances of broken inheritance as possible.

To sum up, why secure a File, when you can secure a Folder?

Why secure a Folder, when you can secure a Library?

Why secure a Library, when you can secure a Site?

For best performance, apply Permissions only at the Site Collection level.

Filed Under: SharePoint, SharePoint 2007, SharePoint 2010, SharePoint 2013, SharePoint 2016, Training Tagged With: office365, Permissions, Security, SharePoint, SharePoint Online, SharePoint Videos, SPThingADay

SharePoint Thing a Day – 021 – Security. SharePoint Permissions in 60 Seconds.

December 22, 2017 by Joel Jeffery

SharePoint Permissions in 60 Seconds

View this post on Instagram

A post shared by JFDI Consulting #spthingaday (@jfdiconsulting)

SharePoint Permissions are almost, but not quite similar to those on an NTFS file share.

The big difference, is there is no “break inheritance and cascade”. Other than that, it works like this:

SharePoint can use its own groups, or Active Directory or Claims groups.

Every new Site Collection you create, you have to recreate and populate any groups you want to be consistent across your Tenancy.

If you can use AD or claims groups, it’s easier to manage.

In SharePoint you can permission: Sites, Libraries, Folders, Files, List Items and many more.

There are 33 Permissions that can be granted.

That’s everything from View, Open, and Delete Items,

to Manage Alerts, Customize Pages and Manage Permissions.

You can’t grant these directly.

Bundle them up into a Permission Level, and grant that instead.

To grant permission is to give a Person or Group a Permission Level on a Thing.

To do that you must Break Inheritance of permissions of the Site, Library, Folder, etc that you are granting permission on.

Tada!

Filed Under: SharePoint, SharePoint 2007, SharePoint 2010, SharePoint 2013, SharePoint 2016, Training Tagged With: office365, Permissions, Security, SharePoint, SharePoint Online, SharePoint Videos, SPThingADay

Next Page »

Joel is a full-stack cloud architect who codes. He is a Microsoft Certified SharePoint Online, SharePoint Server and Azure specialist and Microsoft Certified Trainer.
He has over 20 years' experience with SharePoint and the Microsoft .NET Framework.
He's also co-founder of Microsoft Gold Partner JFDI Consulting Ltd. Read More…

Recent Posts

  • Microsoft Flow Tip #1 – Word Templates and Hiding Empty Repeating Sections
  • SharePoint PowerShell Tip #1 – Select-Object and FieldValues
  • Popular Misconceptions – Microsoft Teams relationship with SharePoint
  • Course: Microsoft 365 Certified Teamwork Administrator
  • Audience Targeted Searches in Modern SharePoint Online
MCT 2020-2021
Microsoft Teamwork Administrator Associate
Joel's Acclaim Profile
Joel's Microsoft Profile

Tags

Administration Architecture Certification Cloud Development freetraining Information Architecture intranets MCP Microsoft Microsoft Architecture Microsoft Azure microsoftsharepoint migration Mobile Development MOSS Office 365 office365 Office 365 Permissions PowerShell SaaS SharePoint SharePoint 2010 SharePoint 2010 Training SharePoint 2013 SharePoint Administration SharePoint Administrator SharePoint Architecture SharePoint Developer SharePoint Development sharepointia SharePoint Online sharepointonline SharePoint Search SharePoint Training SharePoint Videos Silverlight SOA SPThingADay TechEd 2007 Training Videos Windows Phone 7 WSS

Copyright © 2022 Joel Jeffery, SharePoint Architect