Forum Discussion
Remediate broken inheritance
Hello, as we know the action "share" in Sharepoint actually breaks the inheritance cascading from the object that is shared. I have a scenario where a user must be granted access to entire SP sites or libraries (not through share but through direct access, action performed by the IT admin) bu this causes this user to have access to the whole library until there's a shared folder... he has not access to that folder and the folder tree below. Is this situation remediable or not? My users are starting complaining about that and I do not believe it works in this way.
- mauros801Copper Contributorok so you mean that each object should have only permission on the three standard groups and that I need to populate these groups with users/other groups?
- mrehmatBrass Contributor
mauros801 wrote:
ok so you mean that each object should have only permission on the three standard groups and that I need to populate these groups with users/other groups?Once inheritance is broken, its not necessary that each 'shared entity' would only have permissions on those three default groups. When people share, depending on how they share, they introduce granular permissions. This means that after the 'share' action, the 'shared entity' would have more permissions than the three default groups.
what I am suggesting is that you can add people to one of those default groups and not worry about what share is doing. So yes, you need to populate the three default groups.