Jun 22 2018 02:55 PM
I have a single tenant with several domains inside of it - Office 365. The issue now is setting up SharePoint permissions properly now... before it becomes a spaghetti disaster.
How would you recommend I structure it so that each domain has its own SharePoint site without granting permissions to the other domains? That's ultimately where I think I'm headed. Ideas? Experiences? Thank you!
Jun 23 2018 12:30 AM
Jun 25 2018 12:30 PM
Aaron Spatz is correct - it's basically a question of governance. When I talk to users, I tell them we have two domains in our tenant > (1) internal access only (2) available for external sharing. But in reality, it's all the same. The externally-facing sites are regular site collections like the internal "domain", we just won't flip the switch for external-sharing unless the site complies with certain guidelines.
I would recommend that you follow best practices in your hierarchy design - however you define that for your organization. Microsoft wants everything flat with no subsites, and that works if you're going with the modern hub/communication/team site model. We're not using O365 groups yet for permissions, so I personally prefer a limited subsite model with a top level parent for each department and a single vertical layer of subsites because it does allow me to use inheritance when necessary. You'll have to come up with what works best for your organization, DOCUMENT IT, and then enforce it.