SOLVED

Subsite Document Library Unique Permissions Not Working

Copper Contributor

Hello there, I am the site owner for the main site as well as the subsite. Here's a rundown of what's going on.

 

In the main site, we'll call it X, the permission level is set to read for an AD group users_all, (basically everyone in the org), then full control as myself the site owner. In the subsite, we'll call it Y, the same read level access is set for the site, users_all. I confirmed both X and Y have the exact same permission settings, with full control being delegated to myself the site owner. In subsite Y, I have two document libraries I'm trying to restrict access to. I revoked inherit permissions from parent site for both libraries, and removed all access except for myself having full control as the site owner. I then added one AD group to have read access for each one, each group only contains roughly 3-4 people

 

The problem is even after all of this, everyone in the org can still view the doc libraries, download the files, etc. I tried repeating the entire process by resetting the perms for the doc libraries, revoke inherit from parent site, remove all other perms except myself as site owner, then adding the two AD groups again. I waited multiple sync cycles, waited 24 hours, same issue is still occurring. I read something online about anonymous access being enabled for the parent site, but couldn't find any setting related to this

 

Hope someone can help

8 Replies
best response confirmed by Tylerhows (Copper Contributor)
Solution
Hello,

I could try to help you out. Would you like to have a Teams call to look into it?
Are you using SharePoint On-premises or SharePoint Online?
Double check there are no unique permissions within the libraries, you can see this from the classic permissions page, also ensure you are adding the AD groups within SharePoint permission groups
Hello, yes sorry for the late reply. When would you have time to jump on a call? I'm available for the rest of the day today as well as tomorrow
I am interested in a solution as well - please publish the outcome if the call takes place.
I have folders set to unique permissions for them and all subfolders. When I add a person with read rights and *uncheck* the "Share everything in this folder, even items with unique permissions." - the person still gets read rights to all subfolders. This happens sometimes, not all the times.
Hmm sorry I missed your reply. Are you possibly available tomorrow?
Hi Aref, I actually figured it out. So the permissions were correct, for some reason after another day it seemed to take effect. Not sure if this was due to something with SharePoint's online sync client, but the library is now not accessible for anyone except the groups I mentioned. Thank you for your reply!
1 best response

Accepted Solutions
best response confirmed by Tylerhows (Copper Contributor)
Solution
Hello,

I could try to help you out. Would you like to have a Teams call to look into it?
Are you using SharePoint On-premises or SharePoint Online?

View solution in original post