Users unable to determine who has access to document library due to security groups
Greetings, Maybe I went about this the wrong way. Looking for advice on either the proper way we should be moving forward on this or any other comments or insight we should be considering. This is for SharePoint online via Microsoft 365 Business license. Scenario: 1. SharePoint Document Library per department (Each Document Library exists in its own SharePoint site), essentially being used as a company drive. 2. Some users should only officially have access to specific folders in some of the document library. 3. If say a person in accounting has access to some specific folders, and either they are replaced or a new accounting user comes in.... should be able to reference the access the existing person has in order to give the same access to the new user. 4. Common Request: Give UserB the same folder access as UserA. 5. Some users should have access to the entire document libraries while other users only have access to specific subfolders. Current Implementation: 1. In Entra, created Security Groups that tied to specific folders. -- For Example for the accounting folder, only management has access to the entire folder but the accounting staff only have access to specific folders. So like there is a FiscalYear2024 folder, so I created a security group called sec-Accounting-FiscalYear2024 and assigned the members that should only have access to that folder and not the rest of the library. -- My thought behind this was if a new user was replacing the existing user or joining the department, I can just reference the existing user security group membership and copy it to the new user. 2. In the SharePoint document Library, I create a shareLink that is assigned to the security group I made for that access. Then I give that link to the users I assigned the membership to. Current Issue: 1. Aside from the official document sharing/access that is being done from the security groups above. There are occasions where users of a sharepoint need to share specific files or folders to other users. 2. However, they are all panicking and confused because aside from themselves they are unsure who has access to the existing folders/files in the document library. 3. When going to manage permissions of a file/folder, it only shows the group assigned to it but not the members of the group. 4. So since users can't see the members of the group assigned to a folder, they have no idea who has access to that folder and are getting confused. If this was an NTFS drive, it would be super easy for users to see who has access and etc by looking at the properties but I'm stuck behind some limitations of sharepoint I didn't realize existed until I tried to implement certain workflows. Any advice here would be greatly appreciated, as my implementation has turned into a point of frustration for end users. Thank you in advance!
SPFx Debug Manifests Not Loading localhost - Debug Query String Not Recognised
Hi everyone, We are currently facing an issue with debugging an SPFx solution in SharePoint Online. Previously, we were able to debug our solution using the standard debug query string: ?debug=true&noredir=true&debugManifestsFile=https://localhost:4321/temp/build/manifests.js However, recently this has stopped working in our development environment. Current Behaviour When we paste the debug query string into the SharePoint page URL, the page loads normally but the debug manifests are not recognised or loaded. The “Allow debug scripts” warning banner does not appear on the page as expected. Even after clicking “Load debug scripts”, the browser still does not load the debug manifests. The browser does not attempt to load https://localhost:4321/temp/build/manifests.js. Because of this, our local debug build is not injected into the page, making it impossible to debug the solution. Additional Observations There are no console errors at the moment. The issue occurs across multiple machines (Windows and Mac). Tested on multiple browsers: Microsoft Edge Google Chrome Safari The SPFx solution itself has no issues and previously worked correctly with the same debugging method. Troubleshooting Already Attempted We followed the recommended steps, including: Allowing the browser permission to access local network devices Running gulp trust-dev-cert Verifying the debug query string format Confirming the manifest path: https://localhost:4321/temp/build/manifests.js Checking browser console logs Testing with CSP parameters Allowed to run custom scripts in the site from the SharePoint Admin centre. None of these resolved the issue. Microsoft Support Response We also contacted SharePoint Technical Support through the Microsoft Service Hub, and the response we received was that this behaviour is now "by design" and that serving debug manifests through the debug query string is no longer supported. The workaround suggested by Microsoft Support was to package the solution and deploy it to test changes instead of using the debug query string. Potential Impact If this change is indeed by design, it could have a significant impact on development workflows for organisations building SPFx solutions. The ability to load debug manifests from localhost is a core part of the SPFx development and debugging process. Without it, developers would need to package and deploy the solution for every small change, which would introduce a considerable amount of additional time, effort, and overhead during development and testing. Questions Has anyone else recently experienced this issue with SPFx local debugging? Has the debugManifestsFile query string approach been deprecated or restricted in SharePoint Online? If so, what is the recommended approach for debugging SPFx solutions locally now? Any insight from the community would be greatly appreciated. Thanks.
Microsoft 365 Purview Logs not showing Export List Events
We recently conducted an audit on our system - as we are part of a regulated industry - and had to clarify exactly which user events are captured in the Unified Audit Log. We did the usual confirmations and provided evidence of events where users add, update, delete items in SharePoint Lists and Libraries, however, we were asked specifically if events for exporting List Items to CSV or Excel were captured in the Log. We performed the usual test and waited for the events to appear in Purview, but to our suprise, there was nothing in the Log to indicate a user exporting to CSV or Excel. Can anyone confirm whether Export to CSV or Excel from a SharePoint List should be captured and is reportable in the Audit Log? This seems to be a massive oversight if these events are not auditable?Add items Permission level
Hi, I'd like to know a way to set permissions on a list so that users in the SharePoint site - Members group can't see existing items in the list that don't have unique permissions assigned. They can only add new items in this list. Once an item is created, a workflow would be triggered that would add a unique permission only for that item. The problem is that when creating a Permission Level with only the ability to add items, the user loses access to the custom item creation form.Sharepoint deleting data and sites
Hello, We have noticed an issue that started about a year ago in which data is being deleted in Sharepoint. When looking at this data in the Recycle bin, it will show it was modified/deleted by specific Users but these user deny ever doing such a thing. It is at the point in which we believe the Sharepoint system itself is actually deleting data possibly due to a bug. It would be odd for the employees tagged in the Modified By field to have deleted it. Our data is backed up so recovering any deleted items isn't the issue. The issue is that we are trying to get Microsoft to investigate. We have submitted tickets through the MS 365 portal but they state they only work on break/fix issues. Any recommendations? I can see searching the internet this issue has come up for many others in the past.
Unusual Activity for a User
Hi, I have an issue with a user who raised a query that they are having issues syncing files to SharePoint. Whilst I'm investigating this another query came in advising that this same user has been creating folders and uploading documents...... They have confirmed that there account has not been shared and can confirm from the signing in logs on Entra that no suspicious IP address is being used. Anyone have any idea of what is occurring?? I've advised the user to delete any links they have and stop syncing. Regards Chris
Issue with ribbon permissions in Microsoft Project.
I am working on Microsoft Project (EPM) and want to hide the Status button from the ribbon for the Project Manager role. I have already tried adjusting the permissions in PWA settings, but the button is still visible. Could you please suggest an alternative method?SharePoint Missing Authentication for _vti_bin
The issue with the vti_bin folder is that it is accessible without authentication. However, the remediation measures outlined below are not technically feasible for SharePoint Online (O365). I found few remediations for this issue which are as follows: Configuration Options: Administrators can configure authentication for _vti_bin through various methods, such as: Enabling anonymous access:This allows anyone to access the site and its resources, including _vti_bin URLs, without logging in. Restricting access in Web.config:The Web.config file can be modified to deny access to anonymous users for specific _vti_bin paths. Using the ViewFormPagesLockDown feature:This feature can help restrict access to certain SharePoint resources, including those within _vti_bin The below links are for reference: https://www.c-sharpcorner.com/uploadfile/Roji.Joy/how-to-secure-external-anonymous-access-to-sharepoint-2010-sites/#:~:text=Even%20when%20lockdown%20mode%20is, https://learn.microsoft.com/en-us/archive/blogs/fabdulwahab/security-protecting-sharepoint-server-applications https://sharepoint.stackexchange.com/questions/167264/restricting-access-to-contents-in-vti-bin-for-both-authenticated-as-well-as-a I would like to verify whether the provided fixes are applicable to O365 SharePoint. If they are not, could you please advise on alternative solutions that can be implemented to mitigate this issue?
problems with sharepoint subscription edition post updates. psconfig fails.
We are facing 2 issues, but i suspect its related. OS is server 2025. Patches are current. We applied the sharepoint upgrade: KB5002784 yesterday. At that time we discovered psconfig failed to complete. Initially it was due to a problem with the sharepoint admin service. Of note it would not start. I found this to be a problem with windows exploit protection. Exempting the exe associated with the admin service fixed this and the service now starts. PSconfig still fails, its failing at the spcopysidebyside step. of note the sidebyside log that the error references is never created. additionally running the spcopysidebyside powershell script, and specifiying a log file location also results in no log being created. i suspect this may be another windows exploit protection exemption that needs to be created. at this time im not sure what one is required, nor how this is not effecting all installs vs just ours.
