How to add every user, individually, to every site? RRS feed

  • Question

  • After a few years it was decided that all users in our Dev and Business Analysts units should have Contributor access to all the wss3 sites. I can create an AD group, populate it with the necessary users, and add that to the SharePoint members group but our SharePoint Admin wants to see "real" AD user names not a group name. I may  need to add every user, individually, to every site, update their email addresses, etc  (we don't keep that info in AD). That's at least 50 (sites) *  50 users = nightmare. 

    Any suggestions how to proceed on this?




    P.S. I'm sorry we don't have any SharePoint developers (or even SharePoint Designers) on staff so suggestions requiring such knowledge will go nowhere.

    • Edited by edm2 Sunday, May 1, 2011 5:21 AM edit
    • Edited by Mike Walsh FIN Sunday, May 1, 2011 7:48 AM Title changed to reflect question. Never ask SP 2010 questions in pre-SP 2010 forums. That question removed.
    Sunday, May 1, 2011 5:20 AM

All replies

  • Hi,

    The only way using OOTB feature is to add users manually, but there is another way using a small piece of code, please refer 



    Warm Regards, Pratik Vyas | SharePoint Consultant | http://sharepointpratik.blogspot.com/
    Monday, May 2, 2011 8:33 AM
  • Pratik,

    The code shown in the URL is, I gathter, something I'd run from a .NET program, not Powershell. Is that correct?

    If so, do you know of a more complete example showing the SharePoint .NET namespaces I need to add to my C# USING directive?



    Monday, May 2, 2011 3:01 PM
  • Provide a list of all the users who need access to the various sites to the SharePoint Administrator and have him/her add those users to the appropriate sites! You'll likely get to use the SharePoint Members Group shortly thereafter!

    Using individual accounts for site permissions at the number you are talking about is a management nightmare.  Any permission modification anywhere in the site for a user will likely change the individual from Contribute to Limited Access.  Then where is that change?  Good luck finding it.  The SharePoint Admin will have to keep a document of all permissions for all sites for all subsites for all document libraries and lists, and then maintain that list manually any time there is a change.  And if there are multiple people that can adjust permissions, communication will be mandatory.  Ugh, I'm getting nausiated just thinking about it. 

    As a SharePoint Admin myself for multiple MOSS 2007 and WSS 3 sites, I try to stay away from configuring permission in SharePoint for individuals.  Controlling access via AD Security Groups provides easy administration for our Network Admins and I don't have to modify site permissions for new users since their accounts are added to the security groups upon setup.  Makes life a lot easier!  My two cents.  Good luck.

    Monday, May 2, 2011 5:06 PM
  • Hi,


    According to your description, in my limited experience, I am sorry that tell that you can only manually one by one added to the different users in different sites.


    Best Regards

    David Hu


    Tuesday, May 3, 2011 3:37 AM
  • Hello ,

            Try the SPGroup and SPUser class.I am pretty sure you can loop through all groups and users with a 10 line code. That should do it for you , but please remember to give administrator rights.

     try the following ::


    SPRoleAssignment assignment = new SPRoleAssignment("dom\\user", "user@dom", "user", "some notes");

    SPRoleDefinition defination = web.RoleDefinitions.GetByType(SPRoleType.Contributor);

    assignment .RoleDefinitionBindings.Add(defination );

    if (!myList.HasUniqueRoleAssignments)


        myList.BreakRoleInheritance(true); // Ensure we don't inherit permissions from parent

    myList.RoleAssignments.Add(assignment );



    Let me know


    Deepankar Mohapatra

    Deepankar Mohapatra http://dmohapatra.in
    • Edited by Mike Walsh FIN Tuesday, May 3, 2011 11:30 AM Please don't have e-mail addresses in your sig. 1. It encourages off-forum conversations 2. You will get a lot of spam
    Tuesday, May 3, 2011 11:30 AM
  • I agree with "IT Happens" that individual users are an administrative mess but if I assign SharePoint permissions to a GROUP - not individual users -- how do we deal with setting up Alerts, List-Level Security, and Assignment of List Items to individual users?  



    Tuesday, May 3, 2011 4:54 PM
  • > if I assign SharePoint permissions to a GROUP - not individual users -- how do we deal with setting up Alerts, List-Level Security, and Assignment of List Items to individual users?  

    Not a problem.

    The members of the groups have access to the levels you give them access to.

    You still need to assign Alerts to individual users - those individual users still exist.

    You can still specify that only some individual users in that group are allowed to access particular items or lists (say if the sub-site has group access rights in that case)

    SP 2010 "FAQ" (mainly useful links): http://wssv4faq.mindsharp.com/default.aspx
    WSS3/MOSS FAQ (FAQ and Links) http://wssv3faq.mindsharp.com/default.aspx
    Both also have links to extensive book lists and to (free) on-line chapters
    Tuesday, May 3, 2011 5:00 PM
  • Mike wrote


    >>> You still need to assign Alerts to individual users


    Yes the individual users still exist but we need to add them individually as most of our users want alerts for some part of a site. If I have to add them for Alerts, I might as well just create them manually.  I see little difference in practice. SharePoint groups are good for giving access but they do not help out with the day-to-day capabilities (such as Alerts) that users require.






    • Edited by Mike Walsh FIN Wednesday, May 4, 2011 6:01 AM SP 2010 reference removed. Keep the pre-SP 2010 forums SP 2010 free.
    Wednesday, May 4, 2011 12:13 AM