cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Advice for creating and migrating to a SharePoint Intranet

ObiquitechAdmin
Copper Contributor

‎Jul 23 2023 06:31 PM

‎Jul 23 2023 06:31 PM

Advice for creating and migrating to a SharePoint Intranet

Hi all,

I'm relatively new to SharePoint Online, having done a course in it and mostly self-practice since then, but I've never had to create an intranet for a company before and I just got a new job where one of my tasks is to create an intranet for a client using SharePoint Online. (I'm essentially a paid intern.)

Before I give you the rundown, here is the premise and 'heads up':
  • I'm aware of the different types of sites, such as Communication and Team sites which include M365 Groups, as well as the sites that don't include M365 Groups (for niche purposes I've heard.)
  • I'm aware of the ability to set different permission levels at site level, library/list level, file/folder level, user level (though this is not recommended I've heard), and group level.
  • I'm also aware (but not familiar with) Azure AD and having the ability to set separate permissions in the database for internal and external users, as well as some authentication biz you can do.
Here's the rundown:
  1. The client has only ever used Windows File Explorer for document storage and email for sharing, never any cloud services. They want to switch to using cloud services as they are a new company and would like to set up an intranet for all their employees-to-come when they grow more. Currently, afaik, they are about 5 strong with 2 of those being the founders.
  2. We are trying to set up a SharePoint Online intranet for them where they ideally have separate places for each department, and within those departments they have a section each one can store restricted documents and collaboration in. (For example, HR restricted files would not be accessible by anyone but HR employees and CEO potentially, Finances would have reports only accountants and Managers/CEO could see etc.) The other sections of their departments can be accessible to anyone within the company, but not externally, for when they need to collaborate on things as a company. (Not sure if this is best practice though?)
    1. Suggestions on intranet structure using different SharePoint sites would be helpful.
  3. On the point of sharing, I have been trying to figure out the best way to be able to allow one of the founders, for example, to share a restricted document with one person for a limited time that is outside the company, but they need to be authenticated. This whole process kind of goes over my head. From what I've seen, the default permission setting for a SharePoint site/library can be set to a group or level you choose (the CEO/Founders level for example) but if they, on the off chance, need to send a single document to a contractor for say 6 months, is there a way to do this with permissions and Azure AD? I've read through this link from Microsoft, but I think I could use some extra help if possible.

 

I could use the motto of "Muck around and find out", but I want to do a good job and save time with as few logic/set up mistakes as I can, hence my question here.

Thanks in advance for taking the time to read this and reply if you do.

(If this isn't the correct forum to ask this, please point me to a place I can ask in.)

1,409 Views
0 Likes
2 Replies
Reply
2 Replies
SvenSieverding

‎Jul 23 2023 11:15 PM - edited ‎Jul 23 2023 11:16 PM

‎Jul 23 2023 11:15 PM - edited ‎Jul 23 2023 11:16 PM

Re: Advice for creating and migrating to a SharePoint Intranet

Hi@ObiquitechAdmin ,

Regarding 2)
See my answer (that you already liked) here .
I would create a team site with a Microsoft team for each department. That site is meant for internal collaboration inside of the department, so all members can access and edit all files.

Then I would create a communication site, invite the "Everyone"  group inside the SharePoint "Visitors" group and invite the M365 group of the team site into the SharePoint "Members" group. That communication site can than be used to share information with the rest of the company. You also can put some  "Who we are/What we do/Our News" pages in that site and link them in your intranet navigation.

Regarding 3)
You as a user can share files directly. If you press the three dots next to a file and then select "Share"

SvenSieverding_0-1690178641610.png

then you can share that single file with people in your organization

SvenSieverding_1-1690178692194.png

You can change the sharing mode, if you press the little gear at the top 

SvenSieverding_2-1690178807162.png

People in <Your tenant> means that that everyone in your tenant will have access to that file using the sharing link you create
People with existing access means that you create a link and only the people that already had access will be able to access that file using the link
People you choose let's you choose the people you want to give access to. You can also share that file with external people, If external sharing is enabled for your site. They have to authenticate using an M365 Account from their organization or by creating a microsoft account.
Anyone Creates a sharing link that does not require an external user to sign in. This is normally disabled on communication sites, but you can enable that.

External Sharing can be enabled and disabled by a SharePoint admin on individual site collections in the SharePoint admin center. 

So you just need to enable external sharing on the site that your document is on (if it is not already activated) and share that file with an external contractor using their email and the "People you choose" Option.

Best Regards,
Sven





 

0 Likes
Reply
ObiquitechAdmin

‎Jul 24 2023 03:54 PM

‎Jul 24 2023 03:54 PM

Re: Advice for creating and migrating to a SharePoint Intranet

Thank you @SvenSieverding for your detailed reply.

Re: the point about the intranet and department set up, that definitely helps clarify some structure for me, thanks. I did see that answer and I did get a lot of value out of it but I think I needed this simpler version to understand it. :smile:

 

Re: the last point with sharing. I was actually aware of those sharing capabilities and that you can set the organisation level sharing settings as well, like in this image:

SharePointAdminCentre1.png

I apologise for not clarifying in my post. What I am trying to achieve is for a single folder containing restricted files in the OneDrive of one of our Global Admin's (in this case, the client business owner(s)) to not be accessible by any other Global Admin. (See the "Get access to files" option in the right window in the following image.)

MAdminCentre1.png

I have read this post relating to this exact question, but obviously that doesn't solve my issue.

OneDriveUser1.png

So, obviously it's not an inherent Microsoft Office365/OneDrive feature, but I'm trying to figure out how the best way to go about this would be without this feature? I.e: A client (the business owner who we are their IT/admin for) requires a place to put their non-sensitive documents in (this will be put in a collaborative Document Library on SharePoint), and a place to put restricted files in that only the two owners of the business should have access to.

I'm not opposed to out-of-the-box solutions, or accepting that they might need to use personal OneDrive's etc, but hence my question here to see if this is possible keeping it all in the business account. So far I've found that if they password protect their office documents then it's inaccessible by anyone without the password, but I feel this might be a slapstick solution rather than a permanent and "best practice" solution. Especially considering the issue of "what if I have 1000 restricted documents to upload?" I don't know if it's possible to batch-protect documents but this seems like a headache, with the sub-issue of not being able to use Power Automate to auto-protect them because then the password would be exposed in one of the steps. It also doesn't protect the file from seeing the metadata afaik, and filename.

MyOneDrive1.png

 

If you have any ideas please feel free to share them, otherwise I have a feeling I might have to resort to telling them they have to use their personal OneDrives for protected documents, which means when I port them to a SharePoint library I'll need to set user-specific permissions on that specific library for the owners to view, add, and edit files and no one else. 

 

Thanks for your time taken.

Lunar

 

0 Likes
Reply