cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Restrict "Create Site" permissions to "Restricted Read" users

Ashish Jain
Copper Contributor

‎Jul 09 2017 09:52 AM

‎Jul 09 2017 09:52 AM

Restrict "Create Site" permissions to "Restricted Read" users

I have give all users of my tenant "Restricted Read" permissions on the root site collection so that they cannot create site collections and sub-sites in the tenant. When any such user logs into the sharepoint site, s/he cannot see the SharePoint link in the top bar that navigates to SharePoint page.

 

However when the user types in the browser window the direct URL:

 

https://mytenant.sharepoint.com/_layouts/15/SharePoint.aspx

 

s/he can navigate to the page and can see the "Create Site" link at the top. Although s/he cannot create a site, but can still see the option. Am I missing adding/removing any specific permission or this is an expected bahvior?

Labels:
1,715 Views
0 Likes
4 Replies
Reply
4 Replies
Juan Carlos González Martín

‎Jul 09 2017 11:08 AM

‎Jul 09 2017 11:08 AM

Re: Restrict "Create Site" permissions to "Restricted Read" users

You need to disable self-service site creation in SharePoint Online configuration
1 Like
Reply
Ashish Jain

‎Jul 09 2017 11:12 AM

‎Jul 09 2017 11:12 AM

Re: Restrict "Create Site" permissions to "Restricted Read" users

I can do it. But I want specific userrs to have access to the same. Lets say, I have a security group which should have access to create site collections for users. 

0 Likes
Reply
Alan Marshall

‎Jul 09 2017 12:54 PM

‎Jul 09 2017 12:54 PM

Re: Restrict "Create Site" permissions to "Restricted Read" users

An option is to use a SharePoint List, Flow and Azure Function. Configure SharePoint settings as suggested and then create a list that only allowed users can add to, create a Flow for when an item is added. Create an Azure Function to create a SharePoint site or O365 group. Get Flow to call the Azure Function. As a last step, you might want to email the user.
You can also change the Create Site link to go to a custom page to create a list item but need to have some messaging for users who can't create items.
There is a blog on this but I can't find the link.
0 Likes
Reply
Ashish Jain

‎Jul 09 2017 08:17 PM

‎Jul 09 2017 08:17 PM

Re: Restrict "Create Site" permissions to "Restricted Read" users

Agreeed. However that's an alternate solution. What I am talking about is the default behavior. When restricted read permission level does not have "Use Self-Service Site Creation" permissions, that how is the user still able to view the "Create Site" option. 

0 Likes
Reply