May 02 2022 05:31 AM
We built outlook 365 share point portal wherein we need block downloading ( ppt) where as the Read access allows to download . Restricted view is not allowing to access the site and it ask for access . How do i block the download through front end rather preventing from the remote setting. Pl suggest how do i control through permission level shown below to prevent the downloading ?
May 02 2022 06:20 AM
Hi @aravind_c ,
I have a question for you - Would you like to download only one file? Or just the site? Or for the entire SharePoint site in your tenant?
May 02 2022 06:35 AM
Hello @Adin_Calkic
We have constructed web page like this .
If you click inside product ( say example) ,
When I provide the Read option , it is allowing to access all the pages + also downloading the ppt .. But for some users, I need to restrict them from down loading the ppt or any other file but they need to view all the contents & pages ..How do I do this through permission level for some users .
May 02 2022 04:59 PM
Hi @aravind_c ,
In your case, I would deploy Conditional Access with Session Control and block downloads. You can block whoever you want individually. To implement this, you'll need Premium P1. If your users have Business Premium, that will do. Check here details, and youtube video is on how it looks like to deploy and on users side: Protect with Microsoft Defender for Cloud Apps Conditional Access App Control | Microsoft Docs
Please see here: Restrict user file downloads in SharePoint - YouTube
It's important to note that when it comes to SharePoint permissions, you can grant Site permissions read access, but library permissions can be set to Restricted view. Also when doing this, it's important to remove targeted user from SharePoint site membership, because you are going to assign individual permissions.
1. At site level, you assign read permission to targeted user.
2. Now select Document library (where your documents are) to go Settings > Library settings. Click on Permissions for this Document library.
Click on Grant permissions and assign permissions. Make sure that you remove inherited permissions for your targeted users from the site level.
That should do the trick, but the best option is to use CA policy.
Good luck.