locked
User to administer site access RRS feed

  • Question

  • I am relatively new to administering a SharePoint site collection and creating small team sites for our business department.  New SharePoint team sites are always created using unique permissions and the default 'members', 'owners' and 'visitors' groups.  I am always a member of the 'owners' group, the team leader is a member of the 'members' group and other users are either 'members' or 'visitors' as required.  The 'owners' group, to which I belong is the owner of the other two security groups and is enabled to edit membership in them. I would like to have the team leader administer new users to the 'members' and 'visitors' groups of their sites - yet do not want to put the team leader in the 'owners' group with me (and granting them too many permissions beyond what they need).  Could I get feedback regarding the following solution?  Thank you in advance,

    Proposed solution:

    1. In addition to the default 'members','owners', and 'visitor' groups, create a fourth user group with the same permissions as 'members' (let's call it 'TeamLead').  The owners group which I belong to will be the owner of the 'TeamLead' group.

    2. Make the new group 'TeamLead' the owner of the 'members' and 'visitor' groups

    3. Enable the group owner ('TeamLead') to be able to edit the membership of the 'members' and 'visitor' groups.

     

    Thanks for any feedback. I have tried searching unsuccessfully for a best practice solution.

     

    EDIT: Using SharePoint 2007

     


    • Moved by Mike Walsh FIN Friday, August 5, 2011 6:10 AM admin q - don't know why it was sent to customization (From:SharePoint - Design and Customization (pre-SharePoint 2010))
    Thursday, August 4, 2011 7:06 PM

Answers

  • Hi Larry,

     

    After you create a permission level, you need to assign it to groups or single user to use the permission level. You can make your groups can be edited by group owner in Group Settings, then setting the user/group(who has assigned with the new permission level)to group owner. Now the user should not be able to add user to owner group unless he is an owner.

     

    Thanks,

    Pengyu Zhao

    • Marked as answer by Wayne Fan Friday, August 12, 2011 1:58 AM
    Monday, August 8, 2011 3:00 AM

All replies

  • Hi,

     

    Beside the ways you mentioned, have you thought about creating a new permission level or editing some existing permission levels to meet your requirement?

     

    SharePoint provides us with a very flexible permission using environment. You can create or edit your own permission level by going to People and Groups> Site Permissions(quick launch)>Settings>Permission Levels.

     

    Hope this helps

     

    Thanks,

    Pengyu Zhao

    Friday, August 5, 2011 2:06 AM
  • Pengyu,

    How would that work?   I can add a new permission level with only 'manage permissions' assigned yet then wouldn't I need to apply it to a group anyway? Then the person with this permission could add users to the 'owners' group as well as 'members' and 'visitor' groups yet I don't want them to add to the 'owners' group.

    Thank you.  It might seem like a dumb or obvious question but I'm not that quick on this stuff yet.

    Larry

    Friday, August 5, 2011 1:24 PM
  • Hi Larry,

     

    After you create a permission level, you need to assign it to groups or single user to use the permission level. You can make your groups can be edited by group owner in Group Settings, then setting the user/group(who has assigned with the new permission level)to group owner. Now the user should not be able to add user to owner group unless he is an owner.

     

    Thanks,

    Pengyu Zhao

    • Marked as answer by Wayne Fan Friday, August 12, 2011 1:58 AM
    Monday, August 8, 2011 3:00 AM