The integrity and confidentiality of information in your organization depends on how secure you make your site. Largely, this means that you ensure security by the way that you grant access to your site.
The process of granting and restricting access to your sites and content is called managing permissions.
You manage permissions by using security groups, which control membership, or by using fine-grained permissions, which help you control content at the item or document level. This article discusses how to use security groups to control access to a site.
In this article
Review the existing permissions settings for your site.
There are a number of reasons to review site permissions. Frequently, for example, you would review site permissions in one of the following situations.
- You have added a new site to a site collection. If this is the case, your new site inherits the permissions settings from the site above it in the site collection hierarchy.
- You have taken over ownership for an existing site that someone else created. If this is the case, the site might not inherit permissions settings from the site above it. A previous owner might have broken that inheritance to set custom permission settings.
Either way, you can see who has access to your site on the site’s permission page. You can also check this page to see whether the site inherits permissions from the site above it.
To open a site’s permission page:
- On the Site Actions menu, click Site Settings.
- On the Site Settings page, in the Users and Permissions group, click Site Permissions
Here is an example of the permissions page for a new team site, Contoso11/Research. This site inherits permissions from a parent site called Contoso11.
The Name column lists security groups that have permissions to the site.
- The Permission Levels column lists the permission levels granted to each group. For example, the Contoso Owners group has Full Control and Limited access permission levels.
Next, see the members of any group by clicking the group name in the Name column:
Note You can check the permission levels for anyone in your organization. On the ribbon of the permissions page for the site, click Check Permissions and then type the name of the person that you want to check in the User\Group box.
Top of Page
Add groups that have the correct people in them.
You can work with groups to make sure that that the correct people have access to your site:
- Add groups to or remove them from your site.
- Add or remove members from the groups.
To add groups (or users) to your site:
- On the Site Actions menu, click Site Settings.
- On the Site Settings page, in the Users and Permissions group, click Site Permissions
- On the ribbon, click Grant Permissions.
In the Grant Permissions dialog box, type the names of the groups (or users) to whom you want to grant access to your site. If you type the names of users, it is a good idea to add them to an existing group in the second section of the dialog box, Grant Permissions. (You can grant permissions to individual users directly. However, the cost of maintaining a system such as that becomes expensive quickly.)
- Click OK.
To change the permissions assigned to a user or group:
- On the Site Actions menu, click Site Settings.
- On the Site Settings page, in the Users and Permissions group, click Site Permissions
Here are a couple examples using the hypothetical site Contoso, which includes a Visitors group and an Approvers group.
To add a new member to the Contoso Visitors group, in the following example, first you would open the site permissions page.
Next, click the Contoso Visitors link under Name to display the members of the group:
On the New menu, click Add Users, and then type the name of the person that you want to add (in this case, Sean Chai) and then click OK:
To remove the Approvers group for the Research site, you would click Approvers and then click Remove User Permissions:
You can use the commands on the ribbon to restore inheritance from the parent site, or to grant, modify, check, or manage permissions for the site.
Top of Page
Customize permissions settings to suit your needs.
You are not limited the default security groups or permission levels. However, we recommend that you use them when you can, because they work together to let you change permissions for all users or sites at the same time.
If your site inherits default settings from the parent site for your site that do not meet your needs, you work with one or more of the following options.
- Manage permission levels.
- Break inheritance from the parent site.
- Fine-tune permissions for content.
Top of Page
