Join Simon Allardice for an in-depth discussion in this video Understanding permissions, part of SharePoint 2010 Essential Training.
In many companies, we're used to IT being the ones who handle user and group security. Well, in SharePoint, it's your job, it's your problem. Or certainly if you're expecting to be someone who creates and customizes SharePoint sites, it's your job. The security settings in SharePoint aren't hidden away in central administration only for the admin guys. They are right there in a regular site, and it's intended that if you are a site owner or a site collection owner that you understand and work with security. But it's really not that bad, and here's why.
SharePoint, when its installed, is typically hooked up to an existing user directory, usually Active Directory on a Microsoft platform, but it could be something different. It's usually configured to import and stay synchronized with that user information on a regular basis. What that means is that SharePoint knows about your users. You don't have to tell SharePoint, hey, there's a user called Bob Franklin, because SharePoint already knows. But you do have to tell SharePoint what Bob Franklin is allowed to do.
The way you work with this is that SharePoint has what it calls permission levels, which you can think of as roles. Reader, for example, can visit and read a SharePoint site. You've got Contributor who can then edit. You have Full Control. These are the big three roles. There are a few more esoteric ones, but we'll start with these. If you don't have one of these permissions granted on the SharePoint site, you'll get an Access Denied message when you go there. Now, there are two levels of permissions above this.
There's the idea of being a site collection administrator, in charge of a site collection, and the farm administrator. We are not going to talk about those roles, because they are unique. They are granted in central administration and we're working with day-to-day operations of SharePoint. So going back to the user called Bob. Maybe Bob is a Reader in one part of SharePoint, a Contributor in another part of SharePoint, and has Full Control somewhere else. So how do we work with this? Well, first, you have to understand the idea of the site collection.
When a site collection is created, SharePoint makes three security groups for you. A security group in SharePoint is really just a bucket, a container to hold users. These buckets, the Owners group, the Members group, and the Visitors group, can be granted permissions. Owners group has full control, Members group has contribute, Visitors group has read permissions. So rather than individually grant individual users different permissions, which you could do but it's going to get old very quickly, you put your users in the relevant bucket.
Now, you typically set permissions at the top level site of your site collection. So those permissions can be very different across different site collections, and you allow them to cascade down to your sub-sites in your site collection. Now, while you can change the settings so that a top level site and a sub-site have different security settings, it makes it much more of a headache to maintain. Now, in a typical collaboration site, most people will be contributors in the Members group. Few Readers, few Owners.
If you're using SharePoint to make large intranet sites, say for an entire organization, that ratio will change. More Readers, less Contributors. So we're going to work with these SharePoint security groups, these buckets inside SharePoint, and we'll see how to get people in and out of them.
- Understanding a SharePoint team site
- Navigating lists and libraries
- Creating Document Workspaces
- Using versioning and check-in/check-out
- Integrating with Office 2010 applications
- Adding and deleting users
- Creating workflows
- Working with server site templates
- Creating a wiki and a blog
- Working with rich media
- Managing documents and other content
- Sharing information with charts and status indicators
Skill Level Beginner
Q: In the "Adding a user to a site" movie, the instructor shows how to add a user to SharePoint and demonstrates by adding a user named “gini.” But gini is already set up and recognized by SharePoint. What if I have no users set yet? How can I add someone?
A: SharePoint doesn't store a separate user database; it wants to be pointed to an existing source of users, like Active Directory. If you don't have that, you need to first add your new users as local accounts on the Windows box you installed SharePoint on. Only then will you be able to give them permission on a SharePoint site.
1. SharePoint 101
2. Core SharePoint Sites: Team Sites
3. Core SharePoint Sites: Document Workspaces
4. Core SharePoint Sites: Meeting Workspaces
5. SharePoint Lists and Libraries
6. SharePoint 2010 and Office 2010
7. SharePoint Sites and Site Collections
8. SharePoint 2010 Security
9. SharePoint Workflows
10. SharePoint 2010 Server Site Templates
11. SharePoint Documents and Content
12. SharePoint Communities
Creating a SharePoint blog2m 48s
13. SharePoint Search
14. SharePoint Business Intelligence
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.