Need Clarification on SP Permission
https://sharepoint.stackexchange.com/questions/275900
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianDomanda
I have created Site Collection (Site Collection A) and with its Subsite (Subsite A) with Broken Inheritance. Added User A to Subsite A. In the Site Collection A, User A is not showing with Limited Access.
I have read some articles that say when we share some documents or list item SP will automatically add that user to the Site with Limited Access.
Can anyone explain the context?
Soluzione
According to my understanding when you break the permission inheritance on subsite and grant the permissions to users on subsite then it will not add those users on site collection level as the subsite permissions are no longer inherited from site collection permissions and they have their own set of permissions.
When you first break this chain of inheritance from parent to child, the child starts with a copy of the parent's permissions. Then, you edit these permissions to make them the way that you want.
You can add permissions, remove permissions, create special groups, and so on. None of the changes affect the original parent. And, if you decide that breaking inheritance was the wrong decision, you can resume inheriting permissions at any time.
Altri suggerimenti
The short answer is that you are correct about the "Limited Access" permissions being added automatically, but if you are using SharePoint 2016 or newer, or SharePoint 2013 with the April 2016 or newer update, those "Limited Access" permissions are hidden from the Permissions page, and only visible through specialty link on the notification bar, or by enumerating permissions via script.
Unlike other default permissions, SharePoint automatically assigns Limited Access when it’s needed. Let’s say an HR manager wants to give a user access to a document. The permissions that grant access to the user are added directly to the content, permission inheritance is consequently broken, and Limited Access then automatically gives permissions to the user at the site level.
The following is Microsoft’s most up-to-date description of Limited Access:
"… enables a user or group to browse to a site page or library to access a specific content item when they do not have permissions to open or edit any other items in the site or library. This level is automatically assigned by SharePoint when you provide access to one specific item. You cannot assign Limited Access permissions directly to a user or group yourself. Instead, when you assign, edit, or open permissions to the single item, SharePoint automatically assigns Limited Access to other required locations, such as the site or library in which the single item is located."
So, What’s Changed? Limited Access users are no longer visible through the permissions page, but with the release of SharePoint’s April 2016 content update, users now have the ability to list the User and/or Group with Limited Access Permissions, and can do so via a link in the Notifications bar.
