Jun 25 2019 05:36 AM
Hi Good People,
I am building a Sharepoint 365 site to replicate the structure of our existing Sharepoint Foundation site.
Background
We upload documentation to Sharepoint for our clients to collect.
Each client has their own subsite and they use this to upload documentation for us to process and download information provided from us. It is a daily occurrence.
There is also a top level site 'ClientHub' where clients can download standard form, read notices from us, keep up to date with news.
Each user has 'read' only access to ClientHub. They cannot see who else has access to this site.
Simple structure below:
Client Hub - read only to all users (Clients can access standard docs and notices)
- ClientA - ClientA users can upload and download into their own private subsite
- ClientB - ClientB users can upload and download into their own private subsite
- ClientC - ClientC users can upload and download into their own private subsite
Problem
I want to replicate this secure setup and at the moment I can only do this if my users only have access to their own sub-site. If I add users as 'read' only to the main ClientHub site each user can view all users and bulk email to all users by using the 'share' option.
We obviously do not want our users to know the email addresses of other clients and/or email everyone in the whole directory!
However, we do want all users to have access to standard documents and news announcements as this is essential to our business.
I have tried adding users to their own private groups and adding the group to ClientHub with Read only access, but the directory still lists all individual users for all to see.
Can anyone recommend a workaround? Surely, other businesses do not want users seeing everyone else who has access to a site?
I am not a developer - just a lowly administrator trying to setup up Sharepoint 365 to do exactly what Sharepoint Foundation was capable of. Much appreciated to any advice you can give.
Regards
Jun 25 2019 06:40 AM
Hi @Spidermonkey168 - is there a business case for your customers to share from your site? if they just need to download, maybe try turning off the ability for non-owners to share items they don't own. This is in the admin center.
Jun 25 2019 06:56 AM
@Kelly_Edinger Hi, thank you for your reply.
External users are not permitted to share. Only Admin users within a security group at AD have permission to share.
I have attached a screenshot of the current settings.
The problem I have is if users are added to the top site so they can rightly access standard documentation, policies etc they can view all users of that site by clicking on the 'Share' icon at the top of the screen. An option is to email 'everyone'!!
How can I provide access to standard documents for all clients without them seeing who else has access?
Jun 25 2019 09:42 AM
@Spidermonkey168 - oh ok, I don't see that option on any of my sites. I know it's not ideal, but could you use CSS to hide the share button?
Jun 25 2019 10:19 AM
I haven't tried it for this scenario, but you could look into using the Restricted Read, View-only, or a custom permission level instead of the default Read permission level that is assigned to the Visitors group.
Permission levels: https://docs.microsoft.com/en-us/sharepoint/understanding-permission-levels
You might take a look into the "Browse User Information" permission setting.
Jun 26 2019 04:14 AM
Thank you for this, and like you I thought this would sort out my problem. But the permission level allocated to the users already has this option removed. Still they can view all users of the root directory despite whether in their own group or not.
Any further options gratefully received 🙂
Jun 26 2019 04:17 AM
HI@Kelly_Edinger ,
This certainly is an idea. Do I need a developer to modify in CSS? I would need just the root site changed to remove the share button.
Jun 26 2019 06:07 AM
@Spidermonkey168 - yes, that's likely needed. it's not like the old days when we could just add a web part and add our CSS and be done. Check out https://tahoeninjas.blog/2018/10/29/update-inject-custom-css-on-sharepoint-modern-pages-using-spfx-a...
Jun 26 2019 06:14 AM
Jun 09 2022 01:01 PM