Learn more about SQL Server tools

mssqltips logo
 

Tutorials          DBA          Dev          BI          Career          Categories          Webcasts          Whitepapers          Today's Tip          Join

Tutorials      DBA      Dev      BI      Categories      Webcasts

DBA    Dev    BI    Categories

 

Delegating SharePoint Permission Management


By:   |   Read Comments   |   Related Tips: > Sharepoint

Quickly Resolve Performance Problems for IIS, .NET and SQL Server       >>>   Get Started


Problem

I created a document library but would like one or more business users to be able to maintain permissions, without giving them "full control" of the library or site.

Solution

One solution involves creating two groups.

Group A - The group of users that we delegate the ability to maintain the permissions of the document library.

Group B - The group of users that can access the document library.

The first group is created in order to become the 'owner' of the second group. The second group is assigned to the permissions of the target document library. Using this method, we can assign multiple individuals the authority to maintain the group that has access to the resource.

Document Library permission review

First we look at the permissions of a new document library. Click "Settings", then "Document Library Settings".

Then click "Permissions for this document library".

Next we'll clear out any existing permissions that might have been 'inherited' when creating the document library. (See tip on SharePoint Permission Inheritance.)

In the "Actions" menu, select "Edit Permissions".

Select all existing groups (except ones that you need in order to keep control if you are not a site collection administrator) and remove them (from the Actions menu).

Creating the group of Permission Managers

Now let's create the first group. This will be for the group of users we want to delegate permission management to. From the site home page, click "People and Groups".

From the "New" dropdown menu, select "New Group".

I gave the name of my group "Permission Managers". You can use that or something else appropriate. Leave all other fields as default, even the permission fields. In order to attain permission granularity, we do not want to set the default permissions of the group. We'll set them later on the resource.

Creating the group of document library users

Now, create the second group.

This one I will call "MyContributors". Select the "Group Owner" and delete it.

In its place, type in the name of the first group you created. In my case, the name was "Permission Managers". Then check the little name checker. If you didn't make any typos, the name will get underlined, confirming it is a valid name. If you need to look up the group, you can click on the address lookup icon (right) and do a search.

Populating the Permission Managers group

Now let's return to the "Permission Managers" group and add at least one more user.

It is a good idea to use the name checker to resolve the name. Make sure the name is underlined. Leave the name of the group (Permission Managers).

Click "OK"

You should now see more than one user in the "Permission Managers" group. Add as many users as needed to this group.

Assigning the document library specific permissions by group

Now return to the document library settings...

...and add a new user by selecting "Add Users" from the New dropdown menu.

Add the "MyContributors" group (or whatever you named the second group that was created). Note this is where you assign specific permissions to the resource. Assuming you want "Contribute" access, check that box and click OK.

Permissions to your library is now all set to be managed by the list of users in the "Permission Managers" group. You will also need to teach them how to find the group by clicking on "People and Groups" from the main page of the SharePoint site.

Next Steps
  • Check out MSSQLTips.com for great information about Microsoft SQL Server.


Last Update:


signup button

next tip button



About the author
MSSQLTips author Rob Fisch Rob Fisch has worked with SQL Server since version 6.5 as a dba, developer, report writer and data warehouse designer.

View all my tips





Post a comment or let the author know this tip helped.

All comments are reviewed, so stay on subject or we may delete your comment. Note: your email address is not published. Required fields are marked with an asterisk (*).

*Name    *Email    Notify for updates 


SQL tips:

*Enter Code refresh code     



Learn more about SQL Server tools