Delegating SharePoint Permission Management
By: Rob Fisch | Updated: 2010-03-18 | Comments | Related: > SharePoint
I created a document library but would like one or more business users to be able to maintain permissions, without giving them "full control" of the library or site.
One solution involves creating two groups.
Group A - The group of users that we delegate the ability to maintain the permissions of the document library.
Group B - The group of users that can access the document library.
The first group is created in order to become the 'owner' of the second group. The second group is assigned to the permissions of the target document library. Using this method, we can assign multiple individuals the authority to maintain the group that has access to the resource.
Document Library permission review
First we look at the permissions of a new document library. Click "Settings", then "Document Library Settings".
Then click "Permissions for this document library".
Next we'll clear out any existing permissions that might have been 'inherited' when creating the document library. (See tip on SharePoint Permission Inheritance.)
In the "Actions" menu, select "Edit Permissions".
Select all existing groups (except ones that you need in order to keep control if you are not a site collection administrator) and remove them (from the Actions menu).
Creating the group of Permission Managers
Now let's create the first group. This will be for the group of users we want to delegate permission management to. From the site home page, click "People and Groups".
From the "New" dropdown menu, select "New Group".
I gave the name of my group "Permission Managers". You can use that or something else appropriate. Leave all other fields as default, even the permission fields. In order to attain permission granularity, we do not want to set the default permissions of the group. We'll set them later on the resource.
Creating the group of document library users
Now, create the second group.
This one I will call "MyContributors". Select the "Group Owner" and delete it.
In its place, type in the name of the first group you created. In my case, the name was "Permission Managers". Then check the little name checker. If you didn't make any typos, the name will get underlined, confirming it is a valid name. If you need to look up the group, you can click on the address lookup icon (right) and do a search.
Populating the Permission Managers group
Now let's return to the "Permission Managers" group and add at least one more user.
It is a good idea to use the name checker to resolve the name. Make sure the name is underlined. Leave the name of the group (Permission Managers).
You should now see more than one user in the "Permission Managers" group. Add as many users as needed to this group.
Assigning the document library specific permissions by group
Now return to the document library settings...
...and add a new user by selecting "Add Users" from the New dropdown menu.
Add the "MyContributors" group (or whatever you named the second group that was created). Note this is where you assign specific permissions to the resource. Assuming you want "Contribute" access, check that box and click OK.
Permissions to your library is now all set to be managed by the list of users in the "Permission Managers" group. You will also need to teach them how to find the group by clicking on "People and Groups" from the main page of the SharePoint site.
- Check out MSSQLTips.com for great information about Microsoft SQL Server.
About the author
View all my tips
Article Last Updated: 2010-03-18