Sharepoint Permission and Group

Similar Messages

• Reg:: People and Groups Permission reports in sharepoint 2013

  Hi Techys,
  We have one SharePoinr 2013 team site, The total number of users for the site is 3200 members. Now my customer requirement is, they requested a report for people and groups and its permissions along with member names by group wise.
  Example: I'm having one SharePoint 2013 team site named as "My Auditions", it contains 28 groups with different permission levels. Each group having minimum 70 users. Now we need a report for each group permission along with group members.
  Kindly help me to getdown from the customer concern.
  Many Thanks,
  Madhu

  I would suggest a tool like Metalogix ControlPoint. It can quickly produce nice looking reports for this type of information.
  Trevor Seward
  Follow or contact me at...
  This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.
  Hi Trevor,
  I have decided to say very big thank for your great suggestion, I have installed the Control-point trial version in my personal Lab environment. It's working as i'm expected. But, I have to do the same task for my customer. How can i install the control-point
  in prod server without customer permission. even i'm having all uid and password as administrator.
  Could you please suggest me is there any scripting or ootb features.
  Many Thnaks,
  Madhu

• SharePoint tool to create External Users and Groups

  Our organization is currently looking for a product that will allow us to create user account and group for users outside the organization (e.g Clients, subcontractors, etc.) and that will only need to access to our external SharePoint Collaboration site.
  We have one product right now but it is very problematic. For example if one of our clients need to change their email address which is their username it won't allow it so the account has to be re-created with the new email address and the permissions re-configured
  all over again. The groups created using the tool called Roles most of the times don't work. We are testing our SharePoint 2013 environment so we thought it is a good time to find something new. If you know of some products that I can check please let
  me know. I will really appreciate it

  Hi,
  According to your post, my understanding is that you wanted to create user account and group for users outside the organization.
  External User Management seems to be a solution. It allows for easy management of external users and roles.
  More information:
  http://ventigrate.codeplex.com/wikipage?title=External%20User%20Management
  Best Regards,
  Linda Li
  Linda Li
  TechNet Community Support

• How to configure the permission between folders and groups programlly?

  Hi guys,
  I am developing extension for permission, here I have a question:
  I have a template which contains more sub folders, for each folder the corresponding group should be assigned by certain permission. for example: group g1 has "write" permission to folder f1; group g2 has "read" permission to folder f2 and so on. I assign these permissions by extension programlly. But now I have to provide the possibility (to user) to configure these permissions, that means if in future instead of group g1 has "write" permission to folder f1, group g1 has "read" permission to folder f1. This  kind of change should be allowed by extension. Should I set folders and groups as input parameter in an extension, and give the user possibility to input permission type? In another word, my program is supposed to get the permission from GUI and then create ACL. But where can I set the possibility for user to define the permission? And how can I read this permission?
  I hope I explained it clearly enough.
  Any help is greatly appreciated!
  Regards,
  Liying

  Hi jennifer,
  Find this usefull, follow steps at PAGE 3,
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/419b479b-0801-0010-f8a1-c26208b4b209
  Regards
  Juan

• User and Group information not updated in Sharepoint 2010

  Hi,
  Recently, our orgnisation has maked update of user and group in the Active Diractory. The information was not update in the site collection. I was try to :
  -recreate and synchronize a new service application ( no effect)
  - Delete old database synchronisation( stsadm -o sync -deleteolddatabases 5)
  - stsadm -o sync -synctiming m:5 and stsadm -o sync -sweeptiming m:5 (No effect)
  -I have no error or warning whn i make the synchronisation, all data bases is started.
  Anyone can help me please??
  Thks

  Is User Profile to SharePoint Full Synchronization job up and running? Do you see any errors when this job runs? Turn on verbose logging to see details when this job runs.
  This post is my own opinion and does not necessarily reflect the opinion or view of Slalom.

• Need user and Groups assigned to each folders(KM) under service permission

  Hello Experts,
  Need you help for one requirement , in which i need to provide a list of users and groups assigned under Service permission for each KM folders. There is huge amount of folders so it is quite time consuming to get each folders open & to check the service permission and user.
  Do you have any idea on this? Any sugesstion would be appreciated in points.
  -Regards
  AK
  Edited by: AlokSBP on Oct 7, 2011 8:46 AM

  Hi,
  You'll find a lot of help on this if you search for ACL and permission in this forum.
  Here is a code sample of what to use:
  IAclService aclService = (IAclService) repServiceFactory.getRepositoryService(resource, "ServiceAclRepositoryService");
                      IResourceAclManager servAclMgr = aclService.getAclManager();
                      if(servAclMgr != null) {
                           IResourceAcl servAcl = servAclMgr.getAcl(resource);
                           if (servAcl == null) {
                                logger.debugT("no ServiceAcl found ");
                                logger.debugT("getting ServiceInheritedAcl ");
                                servAcl = servAclMgr.getInheritedAcl(resource);
                           if(servAcl == null){
                                logger.debugT("no ServiceInheritedAcl found");
                           }else{
                                // Iterating through the ACL list
                                IResourceAclEntryListIterator servAclList = null;
                                IResourceAclEntry servAclEntry = null;
                                for(servAclList = servAcl.getEntries().iterator(); servAclList.hasNext();)
                                                  //here do what you need to do. For example
  if(servAclEntry.getPermission().getName().equals(IAclPermission.ACL_PERMISSION_FULL_CONTROL))
                                          logger.debugT("This is a Full Group ");
  Regards,
  Thomas
  Edited by: Thomas Pary on Oct 10, 2011 1:59 PM

• User and group field values not propagating in Sharepoint 2013 variation

  Hi,
  I have a issue, we have a User and group field in my Content type and this content type is attach to Pages library.
  I created one Page in source variation site and fill User and Group field with two user one is domain user and another is sharepoint\system account user.
  After variation work and page propagate to target variation , there is only sharepoint\system account and no domain user in user and group field.
  *****The main issue is domain user are not propagating in target variation site's fields.
  Thanks,
  dinesh

  can any one hep me on this

• Snow Leopard Finder's Get Info fails to show Owner and Group for some files or folders which reside on a Shared Volume, hosted by G5 Server w/ OS 10.4 - why?

  Frustrations with file permissions abound, as certain co workers are unable to manually determine their level of permission or who to ask to make changes to files and folders belonging to others. Users of Snow Leopard desktop OS get unhelpful feedback via Finder's Get Info, seeing only the permissions listed for "Everyone" and a statement that "You have custom access".  The custom message exists, presumably, because ACL's are employed on the shared volume in an attempt to give managerial control over these volumes to specific users, even if all users can create files and folders on those volumes.
  Shared volumes are partitions of an external RAID which are set up as sharepoints on a G5 tower running Server 10.4.  Other persons in the office, using machines that are running desktop OS 10.5, can correctly see the assigned Owner and Group permissions (although the "custom access" still shows).  This at least lets the 10.5 user know who created a given file or folder, so that they can resolve permissions-restricted issues if they come up (i.e. User A wants to delete file X, but as it was created by User B, A must contact B and have them delete it.  In 10.6 it appears that A cannot determine who B is).
  I know that ACL's are functioning (enabled on the drive) since we have been making use of ACL-granted write privileges for quite a while (and the custom access seems to be evidence too).
  An error I encountered, pertaining to this, is that I used a 10.6 machine to create a working folder, then generated and saved several files in this location.  Expected permissions thus would be Owner = me (i.e. the user I was logged in as), R/W, Group = staff, R only, Everyone = R only.  However, immediately the permissions shown in Finder / Get Info consisted only of Everyone = R only, with no entry for Owner or Group.  Moreover, clicking + to add either an Owner or a Group resulted in error message that I had entered an invalid user or group, even though I typed in correct info (such as trying to add "staff" as a group).

  Frustrations with file permissions abound, as certain co workers are unable to manually determine their level of permission or who to ask to make changes to files and folders belonging to others. Users of Snow Leopard desktop OS get unhelpful feedback via Finder's Get Info, seeing only the permissions listed for "Everyone" and a statement that "You have custom access".  The custom message exists, presumably, because ACL's are employed on the shared volume in an attempt to give managerial control over these volumes to specific users, even if all users can create files and folders on those volumes.
  Shared volumes are partitions of an external RAID which are set up as sharepoints on a G5 tower running Server 10.4.  Other persons in the office, using machines that are running desktop OS 10.5, can correctly see the assigned Owner and Group permissions (although the "custom access" still shows).  This at least lets the 10.5 user know who created a given file or folder, so that they can resolve permissions-restricted issues if they come up (i.e. User A wants to delete file X, but as it was created by User B, A must contact B and have them delete it.  In 10.6 it appears that A cannot determine who B is).
  I know that ACL's are functioning (enabled on the drive) since we have been making use of ACL-granted write privileges for quite a while (and the custom access seems to be evidence too).
  An error I encountered, pertaining to this, is that I used a 10.6 machine to create a working folder, then generated and saved several files in this location.  Expected permissions thus would be Owner = me (i.e. the user I was logged in as), R/W, Group = staff, R only, Everyone = R only.  However, immediately the permissions shown in Finder / Get Info consisted only of Everyone = R only, with no entry for Owner or Group.  Moreover, clicking + to add either an Owner or a Group resulted in error message that I had entered an invalid user or group, even though I typed in correct info (such as trying to add "staff" as a group).

• Sharepoint 2013 setup group permissions

  In my SharePoint 2013 test sharepoint site, I would like to know how the users should normally have access to the test sharepoint site. Would the user sign as themselves individually or would they sign on with a group id? Can you tell me and/or point me
  to a url that will show how to setup group permissions and how the users should login?

  There are two suggested ways to assign permissions on SharePoint sites:
      Using SharePoint Groups  
      Using Active Directory Groups
  Note: A site can be set up to either inherit permissions from the parent site, or to allow unique permissions to be set for the site. If the site is set up to inherit permissions from the parent site, you will have to Add Users or Active Directory Groups
  to pre-existing SharePoint groups in the parent site.
  Using SharePoint groups:
  Click on “People and Groups”
  Click on “New” from the drop-down menu
  Select “New Group” Under “Choose the permission level group members get on this site:… ”
  Select “Contribute” and click OK.
  Click on “People and Groups”
  Click “New”, from the drop-down menu
  select “Add Users” Type in the netID(s) you wish to add
  Click on “Check Names” (the netID(s) should now be underlined)
  Under “Give permission”, select the group you just created and click OK.
  Note: If site owners want their site to show up automatically in users' "My Links" in "My Site" then those users must be part of a SharePoint group and that group must be defined as the "Members of this Site" group.
  Using Active Directory Groups:
  Click on “Peoples and Groups”
  Click on “New” from the drop-down menu
  select “Add Users” Type in the name of the Active Directory group you wish to add
  Click on Check Names (the group name should now be underlined)
  Under Give Users permissions directly, select “Contribute” &click ok.
  Note: You can specify multiple netID(s) or AD groups by separating the names with a semi-colon(;).
  Below are list of permissions you can use for the site.. 
  Permission Level
  Description
  Full Control
  This permission level contains all permissions.      Assigned to the
  Site name Owners SharePoint group, by default. This      permission level cannot be customized or deleted.
  Design
  Can create lists and document libraries, edit      pages and apply themes, borders, and style sheets in the Web site. Not assigned      to any SharePoint group, by default.
  Contribute
  Can add, edit, and delete items in existing      lists and document libraries. Assigned to the
  Site name Members SharePoint      group, by default.
  Read
  Read-only access to the Web site. Users and      SharePoint groups with this permission level can view items and pages, open      items, and documents. Assigned to the
  Site name Visitors SharePoint      group, by default.
  Limited Access
  The Limited Access permission level is designed      to be combined with fine-grained permissions to give users access to a specific      list, document library, item, or document,
  without giving them access to      the entire site. However, to access a list or library, for example, a user      must have permission to open the parent Web site and read shared data such     
  as the theme and navigation bars of the Web site. The Limited Access permission      level cannot be customized or deleted.      
  NOTE You cannot assign this permission level to users or SharePoint      groups. Instead, Windows SharePoint Services 3.0 automatically assigns this      permission level to users and SharePoint
  groups when you grant them access      to an object on your site that requires that they have access to a higher      level object on which they do not have permissions. For example, if you grant     
  users access to an item in a list and they do not have access to the list      itself, Windows SharePoint Services 3.0 automatically grants them Limited      Access on the list, and also the site, if needed.

• SharePoint 2013 Default Groups removal

  Hi Everyone
  I would like to know if any harm in breaking inheritance and removing SharePoint 2013 default groups.
  Groups like
  1) Approvers
  2) Designers
  3) Translation Managers
  4) Restricted Readers
  Any help will be greatly appreciated.
  Regards
  Prashanth
  SharePoint Administrator

  Hi Prashanth,
  If the default groups have been deleted, then the groups cannot be recovered unless you restore the site from a backup.
  The default groups have specific permission levels, so if you do not need that specific permision, then you can delete them.
  More references:
  http://office.microsoft.com/en-001/sharepoint-server-help/understanding-sharepoint-groups-HA102772363.aspx
  http://office.microsoft.com/en-001/sharepoint-server-help/understanding-permission-levels-HA102772313.aspx?CTT=5&origin=HA102772363
  Best regards.
  Thanks
  Victoria Xia
  TechNet Community Support

• What is difference between distribution list and share point group? Can we add distribution list into person and group column of share point list?

  what is difference between distribution list and share point group? Can we add distribution list into person and group column of share point list?

  there is a workaround you can try, create audience and add DL to them and deal with the audience or convert DL to groups
  https://social.technet.microsoft.com/Forums/en-US/02f0d773-8188-4d94-a448-0c04d838b0cf/distribution-lists-in-sharepoint?forum=sharepointgenerallegacy
  Kind Regards,
  John Naguib
  Technical Consultant/Architect
  MCITP, MCPD, MCTS, MCT, TOGAF 9 Foundation
  Please remember to mark your question as answered if this solves your problem

• Sharepoint foundation and server 2013

  hi all
  i have scom 2012 sp1 on windows server 2008 r2. sql reporting services (mssql 2012 sp1) installed and configured on this server.
  OM, OMDW, scom`s reportserver db - on other server 2008 r2 (mssql 2012 sp1).
  i try to install management pack sharepoint foundation and server 2013 (use
  http://www.enduria.eu/the-sharepoint-2013-management-pack-and-my-experience-installing-it/).
  in scom console task status - success, but server (sharepoint 2013) in unidentified machines.
  in log on sp2013 server i get error:
  Cannot identify which SharePoint farm this server is associated with. Check the management pack guide for troubleshooting information.
  in log on scom management server i get same error every 10 minutes:
  Failed to deploy reporting component to the SQL Server Reporting Services server. The operation will be retried.
  Exception 'DeploymentException': Failed to deploy reports for management pack with version dependent id 'edf9e0b9-65aa-df29-6729-d16f0005e820'. Failed to deploy linked report 'Microsoft.SharePoint.Server_Performance_Report'. Failed to convert management pack
  element reference '$MPElement[Name="Microsoft.SharePoint.Foundation.2013.Responsetime"]$' to guid. Check if MP element referenced exists in the MP. An object of class ManagementPackElement with ID 75668869-f88c-31f3-d081-409da1f06f0f was not found.
  One or more workflows were affected by this. 
  Workflow name: Microsoft.SystemCenter.DataWarehouse.Deployment.Report
  Instance name: d2781f95-d488-4e35-8226-a9e1d7127149
  Instance ID: {96379E66-14B2-B413-F73F-1F39806AF714}
  Management group: scom-service_group
  what could be the problem?
  thanks

  Same issue...running SCOM 2012 RTM with UR3 on Windows 2008 R2 and SharePoint 2013.  I got the discovery to work after editing the .config file.  All appeared to be working with the exception of the Configuration Databases and Content Databases
  which are currently in a Not monitored state (this could be by design?). 
  I believe this is a bug with the SharePoint 2013 Management Pack.  I tried importing the SharePoint 2010 MP to validate my SCOM environment and Report Server and did not get any errors and the reports imported fine.  Has anyone openened
  a case with Microsoft or know if this is a known issue?  Thanks!
  Error:
  Data Warehouse failed to deploy reports for a management pack to SQL Reporting Services Server. Failed to deploy reporting component to the SQL Server Reporting Services server. The operation will be retried.
  Exception 'DeploymentException': Failed to deploy reports for management pack with version dependent id 'edf9e0b9-65aa-df29-6729-d16f0005e820'. Failed to deploy linked report 'Microsoft.SharePoint.Server_Performance_Report'. Failed to convert management
  pack element reference '$MPElement[Name="Microsoft.SharePoint.Foundation.2013.Responsetime"]$' to guid. Check if MP element referenced exists in the MP. An object of class ManagementPackElement with ID 75668869-f88c-31f3-d081-409da1f06f0f was not
  found.
  One or more workflows were affected by this.
  Workflow name: Microsoft.SystemCenter.DataWarehouse.Deployment.Report
  Instance name: 9afddb34-5f35-40fa-8564-1de5d33773d3
  Instance ID: {4BF8AF22-E5E4-1FC6-3951-F731DCA65317}
  Only two SharePoint 2013 reports are showing up in SCOM:
  SharePoint Foundation Performance
  SharePoint Server Performance
  Missing the following reports (according to the product guide):
  Server Alert
  This report renders all alerts raised by specified server(s).
  Service Alert
  This report renders all alerts raised by specified service(s).
  Server Event
  This report renders all events raised on specified server(s).
  Service Event
  This report renders all events raised on specified service(s).
  Top Server Events
  This report renders top 20 events raised on specified server(s).
  Top Service Events
  This report renders top 20 events raised on specified service(s).
  Top Alerts
  This Most Common Alert Report helps to identify high volume alerts, the volume a distinct alert contributes to the total number of
  alerts and the resolution times. This report helps in tuning the alerts.
  Server Performance
  This report renders performance data for specified server(s).
  Entity State
  This report renders entity state for specified SharePoint object(s) over time.

• How to update a People and group field using a sandbox solution

  Hi,
  I am creating a sandbox solution for office 365 and creating a custom form using visual web part, which will allow users to enter data in a custom list.
  And that list also have a user field. I am able to get SharePoint user field on the form (using javascript) which is searching for the user and get a value (working fine).
  Issue: But I am not able to save the user value. Because to save user value I require web, UserID and login name, to construct SPFieldUserValue object or string in "111;#TestUser" format. Moreover that user should be present in
  SiteUserInfoList. 
  I tried web.EnsureUser() but did not work under sanbox solution.
  Can you please provide any pointer or workaround to the problem? I may be missing something here.
  Thanks,
  Himanshu

  Hi,
  According to your description, my understanding is that you want to update the people and group field in Sandbox solution.
  In the sandbox solution, you can still use the web.EnsureUser() function to get the user information, see the thread below:
  EnsureUser in sandboxed solution
  In additional, there is a demo with your similiar requirement for your reference:
  Using the People Picker Control in Sandbox Solutions / Office 365
  Thanks
  Best Regards,
  Jerry Guo
  TechNet Community Support
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
  [email protected]

• Upgraded to 3.1 and lost all users and groups.  How do we get them back?

  We ran the update to Server 3.1 (from 3.0) on our Mavericks Mac-Mini Server.
  Everything had been fine before the update, but now all users and groups have completely disappeared.
  The only user we have is the main administrator log-in.
  Since we verified that all of our data, wikis, and other items are still in place, it might be easier to just re-create the groups and users (and permission therein).
  But, we cannot log into Workgroup Manager, nor can we add users/groups in the Server app (because it is "grayed-out").
  Can somebody please provide a suggestion??
  We are a small engineering firm with only 5 users, so it's not like this would take all day.
  Thanks, Mike

  Have you tried
  sudo sso_util configure -r REALM_NAME -a diradmin afp
  (cf. Lion Server: AFP users unable to authenticate with Kerberos after upgrading)in Apple Support ?
  p.

• SharePoint 2013 and SQL Server AlwaysOn - HA

  Hi guys,
  Please help!
  I need to setup SP13 server on SQL 2012 AlwaysOn (on sql01 and sql02). The HA AlwaysOn group already configured by DB team on these 2 replica with and called SP_AOAG  alias
  My question is can I use this alias to setup SharePoint  or I need to configure the HA AlwaysOn group for SgharePoint  as suggested in the article below:
  http://blogs.msdn.com/b/sambetts/archive/2013/04/24/sharepoint-2013-and-sql-server-alwayson-high-availability-sharepoint.aspx
  Any advice greatly appreciated . 
  BalaiP

  You do not want to use a SQL Alias with an AG Listener. Just point SharePoint straight at the AG Listener. You will need to manually add any accounts to non-primary instances. You do not need to add them to individual databases, of course. You will also
  need to manually set MAXDOP to 1 on non-primary instances.
  Trevor Seward
  Follow or contact me at...
  &nbsp&nbsp
  This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.