What are the best practices for creating unique permissions? #M365AMA

In this episode, the #M365AMA panel discusses the following community question:

“We have a group “All employees” in SharePoint. The group exists in every SharePoint site. It previously had the permission “Contribute”. I should change this to “Read” which worked fine with Powershell. Background is that from now on only people should edit files in SharePoint sites who are owner or member. Now to the problem: I didn’t know before the difference to Member/Owner and Site-Member/Website-Owner. In our project sites only member and owner were maintained. Now when I set the “All employees” group to “Read”, no “Member” can edit files on the SharePoint site anymore. I think I need to change all people who are “Member” to “Site Member”. Or can I set the permission so that members can edit files? It all has to be done via Powershell – does anyone have any idea?”

Check out the discussion here:

 

Participating in this discussion were:

Some relevant notes/links shared by the team:

  • Unique permissions are not great for DIY projects. Our shared recommendation is to hire a professional.

Christian Buckley

Christian is a Microsoft Regional Director and M365 Apps & Services MVP, and an award-winning product marketer and technology evangelist, based in Silicon Slopes (Lehi), Utah. He is a startup advisor and investor, and an independent consultant providing fractional marketing and channel development services for Microsoft partners. He hosts the weekly #CollabTalk Podcast, weekly #ProjectFailureFiles series, monthly Guardians of M365 Governance (#GoM365gov) series, and the Microsoft 365 Ask-Me-Anything (#M365AMA) series.

2 Responses

  1. November 5, 2023

    […] What are the best practices for creating unique permissions? #M365AMA […]

  2. December 9, 2023

    […] are the best practices for creating unique permissions? #M365AMA [blog | […]