Jan 29 2021 03:42 AM
Hi,
I have been tasked to setup a SharePoint Site for my company which i have nearly completed, i have uploaded all files that are accessible by me. My CEO now wants to add his files but i cannot see a way of him doing this without removing me from being SharePoint Admin.
If i make myself "Admin" instead of "Primary Admin", then i can remove my access to the secure "Corporate" site but i can still go back to SharePoint Admin and change myself to Primary Admin and then gain access. Is there a way to stop this please? (i am self taught so i am possibly missing a glaring option somewhere or maybe looking at it from the wrong angle or something!!)
Any help greatly appreciated.
Nathan Humphreys
Jan 29 2021 03:51 AM
Solution
Short answer no. As a SharePoint Admin or Global Admin you will always be able to add yourself back into the site.
Best practice it to have one user account and one Admin account, so your user account would never have access but your Admin account could add you back in as an Admin if the CEO needed support. In these situations you need to be trusted that you wouldn't look at the content in the site and the Audit logs are there to prove this if that were ever needed.
Jan 29 2021 03:59 AM
Thanks for taking the time and confirming that.
The other option is great except i will be doing lots of changes over the coming weeks and he wants to upload soon.
I have suggested he use ODfB for the ultra secure files and share those which need to be shared. We shall see what the outcome of that is. :)
We will discuss this on Monday.
Thanks Nathan
Jan 29 2021 08:48 AM
Jan 31 2021 05:20 AM
@Juan Carlos González Martín Thanks. I will look into that.
Might be just what my CEO needs to put his mind at ease. :)
Jan 29 2021 03:51 AM
Solution
Short answer no. As a SharePoint Admin or Global Admin you will always be able to add yourself back into the site.
Best practice it to have one user account and one Admin account, so your user account would never have access but your Admin account could add you back in as an Admin if the CEO needed support. In these situations you need to be trusted that you wouldn't look at the content in the site and the Audit logs are there to prove this if that were ever needed.