Remove Site Owner from SharePoint Site sub-folders.
Hi My company used to have a file server where we created folders for the different departments, IT, Finance etc. We created security groups and gave full access to these groups to their department folder and added all the staff from that department to the security group - giving them full access to all sub-folders in the department folder. We then had the option to create sub-folders in the department folders for specific users, like if some of the team worked on a specific project, we could give only those users access to that project folder that was in their main department folder. We would remove inheritance from the parent folder and control access this way individually. Since moving to SharePoint a few years ago, we set up SharePoint Sites, SharePoint-IT, SharePoint-Finance etc. and moved all data from the file server folders to these sites. All users now became Owners to their SharePoint Site, and so had access to all folders, even the ones they did not before, which was okay. We would now like to start doing the same as what we did with the file server, create a folder in a departments' Site and remove access to all Site owners and then give individual users access to that sub-folder. From what I can see, and have read, Site Owners will always have access to all folders and inheritance cannot be broken or removed? Is this still correct and is there any way to get past this? How would I give access to a manager who might want to save a private department related document to the SharePoint Site and restrict access to the rest or some of their team. We do not want to use OneDrive for these situations, we would like to keep all department related documents and files in the relevant department Sites.
Allow users to share files with colleagues without approval request
Hey, I have this Sharepoint library that has a very limited access; only a few people in my company have access to it. In addition to these people specific file accesses are given to specific users based on the following scenario: Files are "uploaded" to this Library through a Microsoft form: there is a flow in place that will copy the file uploaded through the Form and place it into the Library. The flow will grant Read access to the file for the user who made the upload. These users will only have access to the files they have uploaded. Now it happens that these extra users might want to share the file they have access to to some colleagues. Right now, they can do it but it sends a access request to the administrator of the site... Is there a way to let these users share those files without sending a request? If that is not possible, is there a way to have these requests sent to the Library owners/administrators instead of the site admin?Which permission is the one allowing users to share a document without sending an access request?
Hey I have currently given users a read access to certain documents through a powerautomate flow. However when a use that has this read access wants to share a doc with another user it triggers a request access to the site owners. What is the permission that I need to check for these users to be able to share documents without sending a sharing request.
SharePoint Home page using Chrome Browser keep requesting for credential.
Each time I launch Chrome Browser to access my SharePoint Default Home page, It prompt for credentials. Once i close the browser and launch it again, the same popups. Edge browser works fine... Action already taken..... 1. I have added the SharePoint URL to Chrome trusted site. 2. I have allowed cookies for SharePoint in the browser This is really frustrating. Any Help will be much appreciated. Chrome Browser shouldn't request for my credentials again because I have already done that. Thank you AndrewSharePoint 'sites' API Doesn't Return All Sites
I'm new to SharePoint, so bear with me. I have 100+ users, all of whom have been given access to a SharePoint site called 'NetSuite BluDocs' through a group called 'NetSuite BluDocs Members' which has 'Edit' permissions. A third-party NetSuite app called 'bluDocs' (that I don't control) runs in NetSuite and will display folders and files for projects. Users have to authenticate with SharePoint the first time they open the bluDocs list in NetSuite. A 'refresh_token' returned by SharePoint is stored in NetSuite, which is then used for authentication whenever the NetSuite user wants to view folders and files. Every user can go directly to SharePoint and find any folder/file they want since they all belong to the 'NetSuite BluDocs Members' group. However, there are 7 users for whom the bluDocs in NetSuite don't display. The reason is that the 'sites' API is not returning the 'NetSuite BluDocs' site infoeven though it's returning other sites the user has access to. I've had users reauthenticate bluDocs several times without success. If I copy the refresh_token from a user who is working properly in NetSuite and paste it into the refresh_token for a user who can't see the bluDocs in NetSuite, the usercan see the bluDocs, but anything they upload is shown as belonging to the user whose token I copied. I don't know how permissions are stored in SharePoint, but it looks like some user refresh_tokens aren't being linked to the 'NetSuite BluDocs' site – or the opposite; 'NetSuite BluDocs' isn't being linked to the refresh_token. Given that all 7 affected users can go directly to SharePoint and see all folders and files, why isn't the 'sites' API returning 'NetSuite BluDocs' in the list of sites the user is assigned to?
External User Invite
I have a large group of persons; I only have their email addresses and names. I want to be able to send them an email with a link to a single page on my SharePoint site. The page will contain one or more links to list items specific to them. I want them to be able toclick on a list item link and then edit that item in a customized edit form (SPFx app) and save the results. Is there any way to do this without having to make them create full-blown user accounts? Thanks
Allowing users to submit data to a SP list but disable the Add new Button
Hi, I'm trying to stop users from accessing the SP list directly and using the 'Add new item' button, but still allow them to submit a record via a PowerApp. I've looked this up and what I found was. As long as the owner or co-owner of the app have the appropriate permissions (Edit, Full Control) in the list permissions the group that contains 'Every one except external users' normally in the visitors group, can be set to Read. This will stop the users accessing the list?? I'm the owner of the app and have edit permission for the site and the list, but it seems to cause issues with users submitting new records via the PowerApps. When I change the permissions back to Contribute the records are submitted. Sometimes, if the user as submitted two records these are both submitted? Can someone please confirm if this process is correct and suggest if I'm doing anything wrong?? Regards ChrisSharepoint site permissions issues - Visitors group users not granted access
Hey there, One of our colleague was wrongly given the "owner" role for a SP site. That person went to the advanced permissions settings panel and randomly deleted the site default "Visitors" group. Then of course every persons depending on that permissions level to visite the site received a "Denied access" error when trying to reach the site. What we saw was no more "visitors" group in the advanced permissions settings panel BUT; "visitors" group still appearing in the basic consol on the website (gear icon>site permissions) and enclosing users; when checking access to specific pages or content "visitors" group was missing. We then recreated a new "Visitors" group with "read only" classic permissions. Yet same issue "Denied access" and same observations made (see bullets list above). We did it again creating a very similar group called "Read-only". After several trials. we asked permissions to access the page directly from the error page "Denied access". User was then able to access the site. From there we checked the permissions status for that user, from that check we can see that this user is depending on the "Visitors" and "Read-only" groups... Yet we can't see that user withing these groups... Of course if we deleted the user from all users and add it in one of these two groups, it can't access the site. We read a lot on permissions lately but can't find anyone else experiencing this. Additional info: This site is part of a hub and is the only one affected All sites are configured the same way The only settings that changes was that deleted default "visitors" group on that specific website. (so it has to come from that) We won't be asking people to ask for permissions from the "Denied access" error page since it would not solve the original issue and we set up groups within Active Directory to easily manage users and their permissions across MS apps. Should anyone have a solution ;)... Cheers
