It’s important to keep stylized definitions of terms, and even important concepts specifically associated with a type of computing, clear. The world of SharePoint Server 2010 is no exception. In a video tutorial titled Managing Permission Levels, Asif Rehmani, SharePoint MVP and MCT explains the concept of “permission levels” for an intended audience of SharePoint administrators and site collection administrators.
Permission levels, as Asif describes in this video tutorial, are security roles. They must be defined at the top level of a site collection, as he demonstrates. As long as permissions for any lower sites in the collection are set to be “inherited”, they it will not be possible to work with permissions at the level of a site lower in the collection. If the goal is to work with permissions on a site by site level, within a collection, then drop the “inherited” option.
Permissions can be substantially customized. The best method of customizing specific permission levels is to add the permission level to the set of permissions available across a site collection by making a copy of the base configuration for the permission level, renaming it, and then submitting it. Modifying a base configuration for a permission level to accommodate no more than the needs of one site, within the collection is not advised. Once the custom set of permissions, complete with a new name, has been submitted, it will then be added to the list of permission levels for a site collection.
As Asif Rehmani notes, permission levels can be assigned to groups as well as to specific individual users. So it is possible to work quickly with Active Directory Groups to empower them with sets of permissions.
We think it makes a lot of sense to train site collection administrators to better understand permission levels and how to implement them. This video tutorial is available to anyone with a valid subscription to our website.
© Rehmani Consulting, Inc. & Ira Michael Blonder, 2013 All Rights Reserved