Forum Discussion

Ted McLaughlin's avatar
Ted McLaughlin
Brass Contributor
May 18, 2018

Adding Admin permissions to every SPO and Teams sites that gets created?

I heard that there was a way that for every SP Online and Teams site that got created that you could grant permissions to the Admins automatically, that way they didn't have to click on the request a...
SharePoint Online
Ted McLaughlin's avatar
Ted McLaughlin
Brass Contributor
May 21, 2018

Dean,

 

That looks interesting.  Thanks for the link.

 

Do you know if it would work the same for Teams creation? I know that each new team creates a new group, but I wasn't sure if that flow would work the same for creating a new team and linking it to the new group.

 

Thanks.

Ted

 

Dean_Gross's avatar
Dean_Gross
Silver Contributor
May 21, 2018

When you create a new Team, you have the choice of connecting to an existing Group or getting a new Group. If you have limited who can create new Groups, that effectively limits who can create new Teams also. 

  • Steven Collier's avatar
    Steven Collier
    MVP
    May 21, 2018

    I really wouldn't want my admins to have standing access to every Team, Group or Site. They should either ask an owner to invite them, or if that's not possible grant themselves access using their admin rights, then after they've finished they should leave the team. Imagine how dangerous their Delve would be with access to everything all the time!

     

    If you really must you can automate this by applying a site design to the default teamsite template, then in the design trigger a flow to make your changes.

      • Ted McLaughlin's avatar
        Ted McLaughlin
        Brass Contributor
        May 23, 2018

        After reading through the whole page on PIM I still can't see how that would enable me to get into some Teams Site.  How does PIM do anything that Global Admin doesn't?

         

        What's aggravating about this is that my Admin account is domain admin, farm admin, (for 8 production SP farms including our ecommerce farm), global backup admin, (meaning I really can see everything), exchange admin, has full control on our Payroll, Board of Directors sites, plus our Mergers & Acquisition's sites, (where all the seriously confidential stuff is stored).  But I can't help Suzy at the factory the next state over because Bill was the one who stood up the team she is on, and he is out of the office today and no one else can give me access.

         

        Grrrrrr..  Is this progress?

         

        Ted

         

Resources