Document storage in sharepoint library

Copper Contributor

Hi all!

I need to set up folders in office365 (~220 folders) and each one with different permissions.

These permissions will change pretty often.

The folder will contain sensitive data, so the users can not share, just the department principal, each folder will be shared with 6-7 people.  So i need an easy and user friendly way to manage these folders, like in Onedrive (simpler if it is possible).

As far i can see it is possible in sharepoint online, but its really complicated to set the permissions.

Any idea?

11 Replies

With that many to create and manage, rather than folders I'd suggest you create separate document libraries with appropriate permissions. The easiest way would be to look at using the PnP powershell commands, and feed a csv file with the folder names, these could also be used to create sharepoint groups to control the permissions and can be created/updated as need via the PnP powershell commands

Agree with Suzanne in the part that managing that amount of folders is not going to be easy...so the idea of using separate document libraries could work, but in the end as advised by Suzanne you are going to need some programming either using PowerShell or other approach

Can i do something to make it more user friendly? As i said soem folder permissions will change often, others not. Some automated method witch create libarys from idk a Sharepoint list, and set the permissions based on the sharepoint columns?

In fact this is a special school, with children who needs custom teaching plan. I have to find a way to store these files, and a way to make it secure. The best would be if i could fin a way to create librarys automaticli whan a Sharepoint list item created, and based on this sharepoint list item the library have info about the necessary permissions. I cant find In Sharepont Designer Workflows a way to create new librarys. Is there any Powershell command i could use? I don't mean creating library, but creating az automated library creation based on sharepoint list, and of course if the item updated then the permissions have to change.

Still not found the solution.

Could you create an Office 365 Group for each plan and assign membership of the group to the people who need access?

 

The advantage of this approach is that it uses standard Office 365 functionality (each group has a SharePoint document library) and can all be automated with PowerShell. 

Like managing permissions on a file system, so many unique and changing requirements are not easy. The best option is probably a third party tool. Otherwise, you'd need to use something 'unfriendly' like PowerShell to automate the process if you don's want to change the way that you are structuring your data.

 

As other have suggested, you may want to consider a different structural arrangement like Groups or Teams to solve this issue.

Like @Tony Redmond I would suggest a group per student with a plan, or maybe even better use a separate Team for each. This way you'll have a simple permission structure and be easily able to delegate permissions to the groups members.

 

The groups email address or chat will allow you to keep conversations related to the plan in one place with the same security, its far better to understand the context around some documents thsn receive them cold.

Thanks for your reply. Is there any way to manage the permissions for Teams a faster way? For example based on a sharepoint list?

As i said there would be ~220 group/team. This means a lots of permission setting. Especialy in september and february.

Teams and Groups are represented in AzureAD, you can manage members using powershell or the AzureAD Admin Portal. You can also use tools like Flow to automate adding/removing users based on more or less anything, a SharePoint list, a From etc. etc.

You can manage the list any way you like as long as you can read from it with PowerShell, If that's possible, you can then run the Add-UnifiedGroupLinks and Remove-UnifiedGroupLinks cmdlets to add or remove someone from the permissions. Groups is a much simpler permissions regime than SharePoint, and that's the major benefit I see here... The browser UI to maintain group membership is also pretty good and can be delegated to someone for each group,