Solved

Sharepoint Permission

Posted on 2013-06-05
12
672 Views
Last Modified: 2013-06-29
Hi I have a question on permission for Sharepoint. Our departments are categorized into different sites. For example, a finance user need to access a document library in the trading site. She should only see that DL "abc" and mustn't see the rest. I have stop inheritance for DL "abc" and give her permission to it. However, she can only access äbc through the web link. I want her to be able to access the whole of Trading site but only able to view "äbc". May I know how do i achieve that pls?
0
Comment
Question by:totallypatrick
  • 6
  • 6
12 Comments
 

Author Comment

by:totallypatrick
ID: 39224793
I have given permission to the user in the document library and i read that Sharepoint would automatically give permission to that user in that site but that does not happen. Is there anything i should do to have that user assigned with "limited permission" on that site?
0
 
LVL 35

Expert Comment

by:Bembi
ID: 39226403
Usuall, if you assign permissions on a sub level, Sharepoint assignes "Limited Access" to the containing container. So it depends, were you habe broken the inhertage of permissions.

Means, if you have set dedicated permissions on a document, the user gets "Limited Access" to the document library, but not necessarily to parent items, if the permission in broken again on a higher level.

To do what you intend to do (to be able to click on a link as well as to click through the hierarchy), the user needs at least "Limited Access" on all parent containers...

Site Collection - Site - Library where the item resides.
0
 

Author Comment

by:totallypatrick
ID: 39233586
Hi Bembi, I have broken the hierachy but SharePoint doesnt give me persmission to that particular site. I can only access the site through the url but not when I click the home page of that site unless I share the site and the person can then view everything in that site which i do not want.
0
 
LVL 35

Expert Comment

by:Bembi
ID: 39234820
Yes, I understand, but this is the contruction how Sharepoint handles permissions.
If you want a user to klick through, you have to assign at least limited access the the user on each page / site on the way to the document. And this "Limited Access" permission gives the user the right, to read the content (but not to open documents) on the way to the target.

There are some costructional solution for such "cross-organizational" access needs.
Just for you to think about, if one of them is suitable for you. But some of them may depend on the general structure of your Sharepoint.

Lets assume, we have department A and B, nobody of DepA should acces DepB and vice versa..., with the exception of some documents / items / pages.

With item-level permissions (not recommended at all, but sometimes not avoidable), you can give a person of DepA access to items in DepB

To avoid the pass-though path, you can.
1.) Place a link to the document on the DepB page (direct access to the item)
2.) Place a "shared" document library somewhere in Sharepoint on a common level, give access permissions to DepA and item permissions on DepB. Insert the library somewhere inside the DepA site, where it should be visible. You can also insert the library somewher in DepB. DepB can see the whole library, but only open document they have permissions for.
3.) Also a possiblity would be - as a Sharepoint library is also a data provider - the grab data from one Sharepoint library into a second one. A little bit more complicate, as you need propably SharePoint Designer to construct such a connection.
0
 

Author Comment

by:totallypatrick
ID: 39236677
hi Bembi, I understand that it may be a bit complicated if we were to go down to multiple levels/folders in each document library. But i just need some users outside Dept A to be able to access an entiire Document Library in Dept A. Other document librarys are hidden/inaccessible. Is that possible to do?
0
 
LVL 35

Expert Comment

by:Bembi
ID: 39237603
You can of course...
But in this case, you would break the inheritage for each item an DepA site.
Lets say, we have DepA site with 3 doc libraries, 1 Taskslist etc. And you want to give DepB only access to the tasklist.
Then you break the inheritage for the three doc libraries and give only DepA permissions.
Dep B has "Limited Access" on the root site and the according permissions to the task list.

If this is a simple site, it is easy to handle.
If the site is compalex, you have to change a lot of permission.

Disadvantages:
a.) Even if DepA creates new content, they have additionally to break the permission to make it invisible for DepB.
b.) Item level permissions are not recommended for SharePoint as performance critical.
c.) Item level permissions are not quite easy to follow up.
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:totallypatrick
ID: 39238251
Hi Bembi, that is to say if i have 10 doc libraries under DeptA, I will need to break permission inheritance for the other 9 doc libraries if i were to give permission to the 10th library to user abc. What permission do i need to give user abc to let him access Dept A site?
0
 
LVL 35

Expert Comment

by:Bembi
ID: 39238589
Limited Access...
This is needed to be allowed to see the DepA site...
0
 

Author Comment

by:totallypatrick
ID: 39239864
Hi Bembi, may i know how to give limited access to a user to the site? I gave the user access to a document library within the site but this does not automatically give him limited access permission to the site.
0
 
LVL 35

Expert Comment

by:Bembi
ID: 39249452
Limited Access is granted automatically as far as the user don't have permissions on the root level. You cannot grant it directly.
This should work anyway as far as the list / library, which has got permissions, is on the same site.

http://stackoverflow.com/questions/2911537/sharepoint-you-cannot-grant-limited-access-permission-level
http://technet.microsoft.com/en-us/library/cc721640.aspx

If this doesn't work, something may be wrong with the site. You may use the  "Check Permissions" Button to check, if the user has any permissions due to membership within another group.

You may also try another user.

Last option is of course to create your own access level with similar permissions and grant this permission for that user.
0
 

Author Comment

by:totallypatrick
ID: 39262060
Yes. the problem is Limited Access is not granted automatically in my case :( I've got to grant restricted reader permission
0
 
LVL 35

Accepted Solution

by:
Bembi earned 500 total points
ID: 39287012
> Yes. the problem is Limited Access is not granted automatically in my case
This should be the case...
Maybe you should try to patch Sharepoint to the latest release?
http://technet.microsoft.com/en-US/office/ee748587.aspx

> I've got to grant restricted reader permission
This is the work around. You can create your own permission level (to reuse it)
Limited access is
LIST
- View Application Pages
SITE
- Browse User Information
- Use Remote Interfaces
- Use Client Integration Features
- Open (site)
If you use the same permissions for your custom oermission level, the effect is the same with the difference, that this permission level can be assigned manually.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
These days socially coordinated efforts have turned into a critical requirement for enterprises.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now