💻 Want to confidently navigate SharePoint and Microsoft 365? Enroll in my revamped On-Demand SharePoint and Microsoft 365 Academy 👉 academy.sharepointmaven.com/
THANK YOU Maven 🙏🏼. Glad I'm not the only one who doesn't favour folder/file level permissions just because it's a Networks Nightmare 😱. Learning alot from you Maven, thanks again.
another great video!!! I have a list that i want to hide from site content without removing any user permission. the list is available for all site viewer as a web part in a page where i can hide the command bar. But it is still available if the user comes through setting>site content. Thank you !
Thank you for a great video! Is there a way to revert all permissions back to the main site permission? I made unique permissions and stopped inheriting from the main site and I regret it. Lol
I have a main site with several subsites. Within each subsite I have several document libraries. Each subsite has unique permissions. Each document library has unique permissions. What permission type does a user of a particular DL need in the main site and the subsite, if each has unique permissions, in order to get to the DL? For example: Main Site Subsite 1 DL 1
Hi, excellent video. Just curious, is it possible to keep members from creating new folder within “Documents” and/or keep them from uploading stuff in “Documents” itself? I would like to manage the folder structure in “Document” but let members edit/add within folders as they wish.
Thanks for the feedback. Yes, you can do this by creating read-only access for the library itself (instructions here - Option 2: sharepointmaven.com/6-locations-can-set-security-files-sharepoint-office-365/) and then setting Edit access for each and every top-level folder in that library
Hi, Great video. Thanks a lot! I am trying to give access to a folder within a library to some people but don't want this people having access to the other folders in the same library. Is this possible? Thanks,
Thanks, Lisardo, glad you found it helpful. Yes, it is possible. You have to options: Option 1: Just share the folder with others by clicking the share button and sending a link to others (this way they only get access to the folder, not the site). Option 2: Share the whole site, but hide all the other folders by following instructions in this video.
Thanks for the video's, they've been very helpful. Hopefully this question is clear. I have a template for a bunch of properties, is there a way I can setup permissions on the template and copy the template while maintaining the desired permissions?
I'm working on a company SharePoint communication site as our new intranet. I can set permissions in the Documents folders. How do we set permissions for individual pages or the navigation so certain groups will be unable to see content or those pages? I cannot find anything on this topic, only on Document folder permissions. Thanks!
Good to create a separate document library but also isn't it best practice to put members into groups and put groups onto assets with permissions? Granting user-level permissions is a short road to chaos.
If you don't recommend unique permissions for folders, what do you recommend instead when there are subsets of employees who do not and SHOULD not view certain documents? Update: Ahhhh. At the verrrry end of the video. The alternative. Good thing I kept this playing in the background so I could perk up at that part! czcams.com/video/cG6CtuTHp6k/video.html Minute 08:47.
@@SharePointMaven Sorry, question for you as I prepare to pitch this idea to my team... If you create a separate site to avoid building a maintenance nightmare with permissions, how do you manage document/folder sharing amongst the two groups? Right now we use links in document libraries to point to other folders, but I feel like this sets us up for failure since it doesn't allow for flexibility. (i.e. what happens if we change the location of the folder it links to?) Context: Imagine we're a school and have some teachers who need to see their students' evaluations, but assistant teachers do not and SHOULD not see these evaluations. Administrators also need to see these student evaluations. So now do we have a total of three SharePoint sites and the Admin site has an "evaluations" document library with students names and all of those just house links to the Teacher site where the evals actually live??
Purchasing Subfolder 1 Subfolder 2 Profit Loss Report I have this folder structure in my SharePoint, the purchasing and all subfolders inherit permission from the site. But for the “Profit Loss Report” folder I stopped the inherit permission and gave access only to the department head. The problem is when the department head gives a direct access to someone to the purchasing folder it inherits to the “Profit Lost Report” folder. So he can open and see the contents in this folder. Which is a big issue for us. I thought if the folder has unique permission, it won’t affect the users adding the parent folder.
Hi Greg, I'm creating a folder structure on the primary site documents library. Now I would like the set advanced permissions on each folder with security groups for read, edit and ownership. I want users of the edit group to allow to create and delete files within folder 1, but I do not want them to delete this folder. Even when they have read membership on the documents library, because they have the edit permission on folder 1, they are allowed to delete this folder also. Could you help me?
Hello Mark - this is "by design". When you have edit perm level - you can add/edit/delete. If you do not want users to delete Folder 1, then make it read only to everyone, but then you will need to make individual subfolders inside of it editable (Edit Perm Level). Perhaps might even make sense instead of Folder 1, 2, 3 create separate libraries, such that users can add/edit/delete folders inside but at least not delete the library.
what about custom level permission? For example if i make another set of permission, how do i assign yhis to users because for the moment you can share it only with edit or read
Hi Greg. Thanks for your video. I am trying to limit access to one folder within a tree structure. I have removed access as you've suggested but people are still able to see / access the folder. Within the Manage Access dialog box of the folder i'm trying to restrict, there is a message that says "This folder is shared because the folder it is in is shared". I assume this is causing the issue but I have no idea what causes this cascading sharing.
Hi Dave, by default security is inherited, but you should be able to break the inheritance. Hard for me to specify exactly what is happening without seeing the setup. Try to see if there are no additional links shared to that folder (in that same Manage Access screen). Also, click on Advanced Permissions at the bottom of that Manage Access screen - it might provide additional clues. From there, you can click on the Check Access button (in the ribbon) and it might tell you how/why users still have access to that subfolder.
Thanks this is very useful! One thing I still cannot work out how to do is give a user read only permissions to the whole site, and then Edit permissions only to the Site Pages library. I have set this up as per the section on Library permissions, broken the inheritance and then added the user with Edit permission. The user can now edit, copy & delete pages but not add a new site page. It always brings up the Request Access screen. Is there a way to do this that you know of? Thanks!
Hello Janie, glad you found this helpful. I believe this is because Add New Page is sort of related to site-level features. I just validated - behaves the same in my tenant too.
@@SharePointMaven Thank you so much! It was driving me crazy. I can see now I will need to set the permissions at the site level and then remove permissions from other folders and pages as needed...
Hi, good video! We have a Board communications site shared with Board members. The CEO would like to share the site in view only with some executives, except for the CEO section of the site. Is this possible without having to edit permissions on each page since the site sections are all in the same library?
Hi Maven, how to block files(filetype: pdf) be downloaded by groups that can view them? Thanks. Have any other method can be successd except the links access method?
Hi Greg, Thanks for this video. We have a SharePoint document library(unique permissions) with many folder and documents. Some documents are shared to a user and they can only access those documents. Like this there are many folders/documents shared to users where SharePoint assign them permissions as Limited access. Now if we wanted to remove a user from the site how to find which folder/document the access is provided or is there any other way to revoke there access. Please help.
My pleasure, Sarath. Out of the box, it is not easy to do. Try this: sharepointmaven.com/how-to-list-unique-permissions-for-files-and-folders-on-a-sharepoint-site/ Otherwise, you might need to use PowerShell or acquire a 3rd party tool
@@SharePointMaven Hi Greg, thanks for quick reply. If I want to delete them from the complete site, can I use the below Url and delete them. /_layouts/15/people.aspx?MembershipGroupId=0
@@SharePointMaven I can understand. Thanks for your advice with the above link. We have the option only to create top level sites(we use team site template mostly) sub sites are disabled. So all the top team sites are associated to hub site. In general I tested by sharing a document inside a unique document library and deleted the user from above shared URl(people.aspx) and it worked.
How can I implement the below scenario in SharePoint document library? I have 4 levels of folder structure and in every folder I have documents. Folder 1-> Folder 2-> Folder 3-> Folder 4 I want to give Read permissions to Folder 4 for user. So that he can see and open documents that are available in Folder 4. But I don't want the user to open or see the documents which are available in Folder 1, Folder 2, and Folder 3.
Hi Greg, are these AD Security Groups please? If I have a Sharepoint Teams Site that I set up via an O365 Group and I want to set overriding permissions on certain folders or sub folders in the files tab, is this the same process? Is it possible to assign new groups, say as per your example, a management group. Where or how to create that group, in AD or as an O365 Group, is this possible please? Thanks for your video.
In advanced permissions it only shows a couple people who can access the folder. But when I check permissions many more people, like SharePoint Owners are able to access it even though they are not listed. How do I truly limit a folder access to only a specific person and not let admins have access?
@@SharePointMaven in ntfs permissions, Traverse is the right to pass thru a folder to get to the actual subfolder where the user has edit/read . I read on internet that it must be something named Limited access in sharepoint, but i can't find it
💻 Want to confidently navigate SharePoint and Microsoft 365? Enroll in my revamped On-Demand SharePoint and Microsoft 365 Academy 👉 academy.sharepointmaven.com/
THANK YOU Maven 🙏🏼. Glad I'm not the only one who doesn't favour folder/file level permissions just because it's a Networks Nightmare 😱. Learning alot from you Maven, thanks again.
My pleasure, thanks for kind comments
Exactly what I was looking for, and confirmed my thinking (and some experience) manipulating SharePoint permissions. Much appreciated
My pleasure!
Great video! Exactly what I needed. Subscribed! 🙌
Thanks
wow! thank you so much . I have been trying to figure this out all this while.
My pleasure, Anu - happy to be of assistance!
Hi! Thank you for this video. Does the permissions carry over to Teams?
Yes, it does. Teams uses SharePoint for file management, so anything you do in SharePoint "carries over" to Teams
Thanks!
@@Tee_Why777 You welcome
another great video!!! I have a list that i want to hide from site content without removing any user permission. the list is available for all site viewer as a web part in a page where i can hide the command bar. But it is still available if the user comes through setting>site content. Thank you !
This is not possible
Thank you for a great video! Is there a way to revert all permissions back to the main site permission? I made unique permissions and stopped inheriting from the main site and I regret it. Lol
Yes, just choose Delete Unique permissions in Advanced Permissions Settings screen
@@SharePointMaven thank you!
I have a main site with several subsites. Within each subsite I have several document libraries. Each subsite has unique permissions. Each document library has unique permissions.
What permission type does a user of a particular DL need in the main site and the subsite, if each has unique permissions, in order to get to the DL?
For example:
Main Site
Subsite 1
DL 1
Chris, you need to have at least Read Only perm level at the site levell
Hi, excellent video. Just curious, is it possible to keep members from creating new folder within “Documents” and/or keep them from uploading stuff in “Documents” itself? I would like to manage the folder structure in “Document” but let members edit/add within folders as they wish.
Thanks for the feedback. Yes, you can do this by creating read-only access for the library itself (instructions here - Option 2: sharepointmaven.com/6-locations-can-set-security-files-sharepoint-office-365/) and then setting Edit access for each and every top-level folder in that library
Hi, Great video.
Thanks a lot!
I am trying to give access to a folder within a library to some people but don't want this people having access to the other folders in the same library. Is this possible?
Thanks,
Thanks, Lisardo, glad you found it helpful. Yes, it is possible. You have to options: Option 1: Just share the folder with others by clicking the share button and sending a link to others (this way they only get access to the folder, not the site). Option 2: Share the whole site, but hide all the other folders by following instructions in this video.
Thanks for the video's, they've been very helpful. Hopefully this question is clear. I have a template for a bunch of properties, is there a way I can setup permissions on the template and copy the template while maintaining the desired permissions?
This is not possible out of the box, you have to use Power Automate or Site Scripts/Designs to achieve this
@@SharePointMaven Thanks for the reply, I'll check out those options.
Hello, thanks for sharing - is there a way to manage 30 groups with very few people automatically?
Not OOTB. You need some sort of governance tool
I'm working on a company SharePoint communication site as our new intranet. I can set permissions in the Documents folders. How do we set permissions for individual pages or the navigation so certain groups will be unable to see content or those pages? I cannot find anything on this topic, only on Document folder permissions. Thanks!
Check out this article: sharepointmaven.com/how-to-prevent-team-site-members-from-editing-sharepoint-pages/
Good to create a separate document library but also isn't it best practice to put members into groups and put groups onto assets with permissions? Granting user-level permissions is a short road to chaos.
You are correct, that is the best practice, but sometimes you just need to hide 1 folder
If you don't recommend unique permissions for folders, what do you recommend instead when there are subsets of employees who do not and SHOULD not view certain documents?
Update: Ahhhh. At the verrrry end of the video. The alternative. Good thing I kept this playing in the background so I could perk up at that part! czcams.com/video/cG6CtuTHp6k/video.html
Minute 08:47.
Thanks yeah, glad you watched this till the end 😊😊
@@SharePointMaven Sorry, question for you as I prepare to pitch this idea to my team... If you create a separate site to avoid building a maintenance nightmare with permissions, how do you manage document/folder sharing amongst the two groups? Right now we use links in document libraries to point to other folders, but I feel like this sets us up for failure since it doesn't allow for flexibility. (i.e. what happens if we change the location of the folder it links to?)
Context: Imagine we're a school and have some teachers who need to see their students' evaluations, but assistant teachers do not and SHOULD not see these evaluations. Administrators also need to see these student evaluations. So now do we have a total of three SharePoint sites and the Admin site has an "evaluations" document library with students names and all of those just house links to the Teacher site where the evals actually live??
@@learningeachday There are pros and cons to each method. You should use technique that works best on your use case.
Purchasing
Subfolder 1
Subfolder 2
Profit Loss Report
I have this folder structure in my SharePoint, the purchasing and all subfolders inherit permission from the site. But for the “Profit Loss Report” folder I stopped the inherit permission and gave access only to the department head. The problem is when the department head gives a direct access to someone to the purchasing folder it inherits to the “Profit Lost Report” folder. So he can open and see the contents in this folder. Which is a big issue for us. I thought if the folder has unique permission, it won’t affect the users adding the parent folder.
OK
Hi Greg, I'm creating a folder structure on the primary site documents library.
Now I would like the set advanced permissions on each folder with security groups for read, edit and ownership.
I want users of the edit group to allow to create and delete files within folder 1, but I do not want them to delete this folder.
Even when they have read membership on the documents library, because they have the edit permission on folder 1, they are allowed to delete this folder also. Could you help me?
Hello Mark - this is "by design". When you have edit perm level - you can add/edit/delete. If you do not want users to delete Folder 1, then make it read only to everyone, but then you will need to make individual subfolders inside of it editable (Edit Perm Level). Perhaps might even make sense instead of Folder 1, 2, 3 create separate libraries, such that users can add/edit/delete folders inside but at least not delete the library.
Thank you! That's a good solution, I will look into that :)!
@@markschuilenburg7624 You are welcome, good luck!
what about custom level permission? For example if i make another set of permission, how do i assign yhis to users because for the moment you can share it only with edit or read
You would need to break inheritance and assign it via classic/advanced permissions screen
@@SharePointMaven thank you. I discovered the advanced settings the other days.
@@nicu9028 Great!
Hi Greg. Thanks for your video. I am trying to limit access to one folder within a tree structure. I have removed access as you've suggested but people are still able to see / access the folder. Within the Manage Access dialog box of the folder i'm trying to restrict, there is a message that says "This folder is shared because the folder it is in is shared". I assume this is causing the issue but I have no idea what causes this cascading sharing.
Hi Dave, by default security is inherited, but you should be able to break the inheritance. Hard for me to specify exactly what is happening without seeing the setup. Try to see if there are no additional links shared to that folder (in that same Manage Access screen). Also, click on Advanced Permissions at the bottom of that Manage Access screen - it might provide additional clues. From there, you can click on the Check Access button (in the ribbon) and it might tell you how/why users still have access to that subfolder.
Thanks this is very useful! One thing I still cannot work out how to do is give a user read only permissions to the whole site, and then Edit permissions only to the Site Pages library. I have set this up as per the section on Library permissions, broken the inheritance and then added the user with Edit permission. The user can now edit, copy & delete pages but not add a new site page. It always brings up the Request Access screen. Is there a way to do this that you know of? Thanks!
Hello Janie, glad you found this helpful. I believe this is because Add New Page is sort of related to site-level features. I just validated - behaves the same in my tenant too.
@@SharePointMaven Thank you so much! It was driving me crazy. I can see now I will need to set the permissions at the site level and then remove permissions from other folders and pages as needed...
Hi, good video! We have a Board communications site shared with Board members. The CEO would like to share the site in view only with some executives, except for the CEO section of the site. Is this possible without having to edit permissions on each page since the site sections are all in the same library?
Yes, possible, but you would need to manage permissions of each page that makes up the CEO section.
@@SharePointMaven thanks for your quick response! I was afraid that would be the answer, but appreciate it.
@@GB-uv4cv my pleasure
Hi Maven, how to block files(filetype: pdf) be downloaded by groups that can view them? Thanks.
Have any other method can be successd except the links access method?
Not possible using out of the box functionality
@@SharePointMaven Okay, thanks Maven.
Hi Greg, Thanks for this video. We have a SharePoint document library(unique permissions) with many folder and documents. Some documents are shared to a user and they can only access those documents. Like this there are many folders/documents shared to users where SharePoint assign them permissions as Limited access. Now if we wanted to remove a user from the site how to find which folder/document the access is provided or is there any other way to revoke there access. Please help.
My pleasure, Sarath. Out of the box, it is not easy to do. Try this: sharepointmaven.com/how-to-list-unique-permissions-for-files-and-folders-on-a-sharepoint-site/ Otherwise, you might need to use PowerShell or acquire a 3rd party tool
@@SharePointMaven Hi Greg, thanks for quick reply. If I want to delete them from the complete site, can I use the below Url and delete them. /_layouts/15/people.aspx?MembershipGroupId=0
@@sarathnaidu2725 I can't make a recommendation without seeing the setup, especially about user removal.
@@SharePointMaven I can understand. Thanks for your advice with the above link. We have the option only to create top level sites(we use team site template mostly) sub sites are disabled. So all the top team sites are associated to hub site. In general I tested by sharing a document inside a unique document library and deleted the user from above shared URl(people.aspx) and it worked.
Legend!
Wow, thank you! Did not expect it, but I will take it!
@@SharePointMaven Been trying to fulfill this request for a user, if i had any hair left i would have pulled it all out by now. Thank you so much!
@@SolidDragonUK The pleasure is all mine, Stephen. Happy to be of assistance!
How can I implement the below scenario in SharePoint document library?
I have 4 levels of folder structure and in every folder I have documents.
Folder 1-> Folder 2-> Folder 3-> Folder 4
I want to give Read permissions to Folder 4 for user. So that he can see and open documents that are available in Folder 4. But I don't want the user to open or see the documents which are available in Folder 1, Folder 2, and Folder 3.
This scenario is not possible
@@SharePointMaven Thanks
is there "list folder contents" permission in a SharePoint like a file server?
No
Hi Greg, are these AD Security Groups please? If I have a Sharepoint Teams Site that I set up via an O365 Group and I want to set overriding permissions on certain folders or sub folders in the files tab, is this the same process? Is it possible to assign new groups, say as per your example, a management group. Where or how to create that group, in AD or as an O365 Group, is this possible please? Thanks for your video.
Yes, you can set foder-level permissions using AD or any other sec group
How can we make particular document accessible and editable outside organisations.
You need to share it externally - I have instructions on my blog + CZcams
How can you grant access to folder but have them not see everything in folder that is there? Only what they've submitted.
You have to set unique permissions for each subfolder/file inside of that folder
I have similar interface but I can't change/toggle who can edit/can't view
OK, must be a permission issue for you then
In advanced permissions it only shows a couple people who can access the folder. But when I check permissions many more people, like SharePoint Owners are able to access it even though they are not listed. How do I truly limit a folder access to only a specific person and not let admins have access?
That's not possible. Admins will always have access to it. That is a definition of an Admin
@@SharePointMaven Ok thanks for the info.
@@DougGay You are welcome!
is there an equivalent option in sharepoint for Traverse permission from regular file share?
You can set permissions for individual folders in SharePoint. I am not familiar with Traverse functionality in file shares
@@SharePointMaven in ntfs permissions, Traverse is the right to pass thru a folder to get to the actual subfolder where the user has edit/read . I read on internet that it must be something named Limited access in sharepoint, but i can't find it
@@nicu9028 I have no knowledge of this feature, so hard to comment
How come you didn't break inheritance for the folder?
I did. That's the whole idea of this video
@@SharePointMaven normally isn't there a icon on the top left that you click? Or is that for the entire library?
@@amjidali588 Not aware of this, you must be referring to classic SP permission management
All sorted :)