Forum Discussion
Restrict acces to Admins to some sites / libraries
I asked this in the regular community, my mistake. We are a smaller company committed to Teams on the front end with Sharepoint on the back end. We have three people set up as Admins for Office ...
I'm going to respectfully disagree Trevor Seward
Having spent more than 40 years in Information and Communication Tech, you don't need to tell me how to boil water. Stratified administration rights are not unusual and have existed in other systems for decades.
I now understand that while Sharepoint does offer multiple levels of admin, there is no clarity in the documentation about who can do what with the data. That's a missing element and bad design.
Checking the audit logs works. It is identical to the old concept of locking the barn door after the horse is gone. And thus, of dubious and limited value.
When we look at Microsoft/UN*X systems design, this is a universal truth that the sysadmin/root has full control over the system and all data over it. Global Admins are the equivalent (with SharePoint Admin role being scoped to ODfB/SPO).