What level of permissions to give per site
https://sharepoint.stackexchange.com/questions/18249
-
22-10-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
What is best practice for departmental sites' permissions? Should certain users within each department have permission to create objects (pages, lists, etc.) or should the permissions only allow them to edit already existing objects?
From our experience, when creating lists, it might be necessary to create site columns and content types, so that adds to the training necessary for the end users if they're given permission to create lists.
Obviously, it has to be a balance between user empowerment and central administration to maintain security and best practices. What approach do you take on this? Thanks.
Solution
To be honest, the best practice is to figure out what works best for your organisation. As you've noticed, there are a large number of factors involved - the cost of centralising administration, the expertise and training of the users, what permissions levels you need within a site, do you give different rights at the list level, and so on. It very much depends on what you're trying to do.
I tend to approach the problem by identifying the types of users within a site, and then the rights they need at each level (e.g. lists or site), and then try setting one up with those rights to see if there is anything that I've missed (e.g. needing read rights on lists used by lookup columns, etc.).
OTHER TIPS
As far as departmental site is concerned each department has a seperate site. So its better to provide users with both create and edit permission. But with in that, if you need to restrict the permission create groups with unique permissions and add users to it.
