Forum Discussion

Erik63's avatar
Erik63
Copper Contributor
Aug 04, 2023

Default type=user permission issue

Hello,   I am having a security issue with SharePoint permissions, seems the access requests come in 3 forms depending on the URL used to make the request.  One puts the person in the correct group...
Permissions
Lalit Mohan's avatar
Lalit Mohan
Iron Contributor
Aug 05, 2023

Hi Erik63 

It appears that you are facing a security issue related to SharePoint permissions, specifically with default type=user permissions. This issue is causing access requests to be granted improperly, allowing users access to sites with different permissions, which is leading to unauthorized file edits.

To resolve this security concern, you can follow these steps:

  1. Review Existing Permissions: Start by reviewing the current permission settings in SharePoint. Ensure that all the sites and document libraries have the correct permissions assigned, and there are no unexpected inheritance settings.

  2. Check Permission Levels: SharePoint offers different permission levels such as Read, Contribute, Edit, Full Control, etc. Make sure you are using the appropriate permission levels for different user groups. Avoid using the "Full Control" level unless absolutely necessary.

  3. Manage SharePoint Groups: Create SharePoint groups with specific permission levels and add users to these groups accordingly. Avoid directly assigning permissions to individual users whenever possible.

  4. Disable Access Requests: To prevent the issue where type=user grants access to other sites, you can disable the access request feature or limit its usage. You can do this by accessing the SharePoint site settings, going to "Site permissions," and then "Access Request Settings."

  5. Manage User Permissions: If you find users who were granted access inappropriately, immediately remove them from unauthorized groups or sites.

  6. Break Inheritance: For sensitive sites or document libraries, consider breaking inheritance from parent sites and manually managing permissions. This way, changes in parent sites won't automatically affect the child sites' permissions.

  7. Regular Audits: Perform regular security audits to identify any potential security loopholes and unauthorized access. It will help you stay on top of potential issues and mitigate risks.

  8. Educate Users: Ensure that all users are aware of SharePoint's permission structure and the importance of handling sensitive information responsibly. Offer training if needed to help users understand how to request access properly.

  9. Involve IT/Administration Team: If you are still unable to determine the cause of the issue or find a suitable solution, involve your IT or SharePoint administration team. They might have deeper insights into the configuration and can provide more targeted assistance.

By following these steps and making necessary adjustments to your SharePoint permissions, you should be able to mitigate the default type=user permission issue and enhance the overall security of your SharePoint environment. Always remember to monitor the system regularly and be proactive in addressing any potential security concerns to maintain a secure collaboration platform for your organization.