Easy-to-follow video tutorials help you learn software, creative, and business skills.Become a member
In many companies, we're used to IT being the ones who handle user and group security. Well, in SharePoint, it's your job, it's your problem. Or certainly if you're expecting to be someone who creates and customizes SharePoint sites, it's your job. The security settings in SharePoint aren't hidden away in central administration only for the admin guys. They are right there in a regular site, and it's intended that if you are a site owner or a site collection owner that you understand and work with security. But it's really not that bad, and here's why.
SharePoint, when its installed, is typically hooked up to an existing user directory, usually Active Directory on a Microsoft platform, but it could be something different. It's usually configured to import and stay synchronized with that user information on a regular basis. What that means is that SharePoint knows about your users. You don't have to tell SharePoint, hey, there's a user called Bob Franklin, because SharePoint already knows. But you do have to tell SharePoint what Bob Franklin is allowed to do.
The way you work with this is that SharePoint has what it calls permission levels, which you can think of as roles. Reader, for example, can visit and read a SharePoint site. You've got Contributor who can then edit. You have Full Control. These are the big three roles. There are a few more esoteric ones, but we'll start with these. If you don't have one of these permissions granted on the SharePoint site, you'll get an Access Denied message when you go there. Now, there are two levels of permissions above this.
There's the idea of being a site collection administrator, in charge of a site collection, and the farm administrator. We are not going to talk about those roles, because they are unique. They are granted in central administration and we're working with day-to-day operations of SharePoint. So going back to the user called Bob. Maybe Bob is a Reader in one part of SharePoint, a Contributor in another part of SharePoint, and has Full Control somewhere else. So how do we work with this? Well, first, you have to understand the idea of the site collection.
When a site collection is created, SharePoint makes three security groups for you. A security group in SharePoint is really just a bucket, a container to hold users. These buckets, the Owners group, the Members group, and the Visitors group, can be granted permissions. Owners group has full control, Members group has contribute, Visitors group has read permissions. So rather than individually grant individual users different permissions, which you could do but it's going to get old very quickly, you put your users in the relevant bucket.
Now, you typically set permissions at the top level site of your site collection. So those permissions can be very different across different site collections, and you allow them to cascade down to your sub-sites in your site collection. Now, while you can change the settings so that a top level site and a sub-site have different security settings, it makes it much more of a headache to maintain. Now, in a typical collaboration site, most people will be contributors in the Members group. Few Readers, few Owners.
If you're using SharePoint to make large intranet sites, say for an entire organization, that ratio will change. More Readers, less Contributors. So we're going to work with these SharePoint security groups, these buckets inside SharePoint, and we'll see how to get people in and out of them.
Get unlimited access to all courses for just $25/month.Become a member
Access exercise files from a button right under the course name.
Search within course videos and transcripts, and jump right to the results.
Remove icons showing you already watched videos if you want to start over.
Make the video wide, narrow, full-screen, or pop the player out of the page into its own window.
Click on text in the transcript to jump to that spot in the video. As the video plays, the relevant spot in the transcript will be highlighted.
Your file was successfully uploaded.