?
Solved

SharePoint 2013 Security Question

Posted on 2014-01-24
2
Medium Priority
?
491 Views
Last Modified: 2014-01-24
SharePoint 365 (SharePoint 2013)

When I am on a subsite under the root site, if I use the share feature and add a user, it looks like this automatically changes the root site users and permissions as well if I do not go to the site settings for the subsite and tell it to stop inheriting permissions. Is it true that someone can actually change the users and permissions when on a substite for multiple other sites or the global users and groups, if that site inherits permissions from the parent? I thought it used to be that one had to explicitly break permissions with the parent first before any changes could be made. Now, it looks like someone can be effecting more permissions than just the subsite without even knowing it. Is this true? If so, this would be really bad.
0
Comment
Question by:BobHavertyComh
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 38

Accepted Solution

by:
Justin Smith earned 2000 total points
ID: 39806697
If you are sharing a subsite that is inheriting permissions, yes, it will adjust the permissions on the site it is inheriting from.  And yes, this would affect any other subsite that is inheriting from the same site.
0
 
LVL 9

Author Comment

by:BobHavertyComh
ID: 39806823
The problem I have is that someone could think they are adding a user or group to the particular site they are on when in fact they are entering this in many more spots than they think. In the case of 8 different subsites that inherit from the root site, if all 8 of them inherited from the root, someone could make a change to one subsite and effect all other subsites without realizing it. Very dangerous. I thought that it used to be in 2010 that you were forced to break permissions first, or forced to explicitly edit the parent on it's edit page, before changes like this could be made. Now power users have a share button that allows them to edit the parent settings from the child without any notice? So then every site should theoretically break permissions from the parent to prevent this? Doesn't this defeat the purpose of inheritance in many ways?
0

Featured Post

How Blockchain Is Impacting Every Industry

Blockchain expert Alex Tapscott talks to Acronis VP Frank Jablonski about this revolutionary technology and how it's making inroads into other industries and facets of everyday life.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SharePoint Designer 2010 has tools and commands to do everything that can be done with web parts in the browser, and then some – except uploading a web part straight into a page that is edited in SPD. So, can it be done? Scenario For a recent pr…
These days socially coordinated efforts have turned into a critical requirement for enterprises.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question