Forum Discussion
Solved
Permission inheritance
I am confused on how permission inheritance works in the modern experience. I have created a couple of sites that will make up our intranet (will be adding more in the future). Do I need to go to eac...
- Site Collections are a permissions boundary. This means that they do not share the same permissions and/or membership. You must add members to each site individually.
You can use a solution such as Azure Access Packages to automatically provision users into multiple locations or Azure AD Dynamic security groups (these cannot be nested into Microsoft 365 Groups, though). Access Packages require Azure AD P2 licensing for all users.
Lastly, you can set your M365 Group for Teams/Team sites to dynamic and create rules for them but you'd need to do this with each Group.
Dynamic groups require Azure AD P1 licensing for all users.
Hi cbolwerk, you are correct every new SharePoint site is a site collection in the modern experience, so sub-sites inheriting permissions is a thing of the past!
If you look in the advanced permissions settings, from there you are able to leverage any existing Microsoft 365 or security groups into the SharePoint groups that are created when the site is provisioned (Owners, Members, Visitors).
Here's some more information on sharing and permissions in the modern experience: https://docs.microsoft.com/en-us/sharepoint/modern-experience-sharing-permissions#hub-site-permissions
As part of your wider intranet build, have you looked at SharePoint home sites and hubs? If not, I'd suggest taking a look as they may shape your thinking:
Hub sites: https://docs.microsoft.com/en-us/sharepoint/planning-hub-sites
Home sites: https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/sharepoint-home-sites-a-landing-for-your-organization-on-the/ba-p/621933
If you look in the advanced permissions settings, from there you are able to leverage any existing Microsoft 365 or security groups into the SharePoint groups that are created when the site is provisioned (Owners, Members, Visitors).
Here's some more information on sharing and permissions in the modern experience: https://docs.microsoft.com/en-us/sharepoint/modern-experience-sharing-permissions#hub-site-permissions
As part of your wider intranet build, have you looked at SharePoint home sites and hubs? If not, I'd suggest taking a look as they may shape your thinking:
Hub sites: https://docs.microsoft.com/en-us/sharepoint/planning-hub-sites
Home sites: https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/sharepoint-home-sites-a-landing-for-your-organization-on-the/ba-p/621933