From the KnowledgeBase

Title:
SharePoint: How to assign permissions to SharePoint sites
Synopsis:
How to assign SharePoint permissions


Solution:
There are three ways to assign permissions on SharePoint sites:

  • Explicitly to each user
  • Using SharePoint Groups
  • Using Active Directory Groups

Note: A site can be set up to either inherit permissions from the parent site, or to allow unique permissions to be set for the site. If the site is set up to inherit permissions from the parent site, you will have to Add Users or Active Directory Groups to pre-existing SharePoint groups in the parent site.

Explicitly to each user:
Click on “Peoples and Groups”
Click on “New” from the dropdown menu
select “Add Users” Type in the netID(s) you wish to add or
for Guest (GAP) Accounts, Type in the e-mail address you've GAP enabled
Click on “Check Names” (the netID(s)/name(s) should now be underlined)
Under Give Users permissions directly, select “Contribute” & click OK.

Using SharePoint groups:
Click on “People and Groups”
Click on “New” from the drop-down menu
Select “New Group” Under “Choose the permission level group members get on this site:… ”
Select “Contribute” and click OK.

Click on “People and Groups”
Click “New”, from the drop-down menu
select “Add Users” Type in the netID(s) you wish to add
Click on “Check Names” (the netID(s) should now be underlined)
Under “Give permission”, select the group you just created and click OK.

Note: If site owners want their site to show up automatically in users' "My Links" in "My Site" then those users must be part of a SharePoint group and that group must be defined as the "Members of this Site" group.

Using Active Directory Groups:
Click on “Peoples and Groups”
Click on “New” from the drop-down menu
select “Add Users” Type in the name of the Active Directory group you wish to add
Click on Check Names (the group name should now be underlined)
Under Give Users permissions directly, select “Contribute” & click ok.

Note: You can specify multiple netID(s) or AD groups by separating the names with a semi-colon(;).

While OIT recommends that you give users to your site Contributor rights, you can choose other permissions based on your preferences. The table below shows you a breakdown of the built in access levels.

Permission Level Description
Full Control This permission level contains all permissions. Assigned to the Site name Owners SharePoint group, by default. This permission level cannot be customized or deleted.
Design Can create lists and document libraries, edit pages and apply themes, borders, and style sheets in the Web site. Not assigned to any SharePoint group, by default.
Contribute Can add, edit, and delete items in existing lists and document libraries. Assigned to the Site name Members SharePoint group, by default.
Read Read-only access to the Web site. Users and SharePoint groups with this permission level can view items and pages, open items, and documents. Assigned to the Site name Visitors SharePoint group, by default.
Limited Access The Limited Access permission level is designed to be combined with fine-grained permissions to give users access to a specific list, document library, item, or document, without giving them access to the entire site. However, to access a list or library, for example, a user must have permission to open the parent Web site and read shared data such as the theme and navigation bars of the Web site. The Limited Access permission level cannot be customized or deleted.

NOTE You cannot assign this permission level to users or SharePoint groups. Instead, Windows SharePoint Services 3.0 automatically assigns this permission level to users and SharePoint groups when you grant them access to an object on your site that requires that they have access to a higher level object on which they do not have permissions. For example, if you grant users access to an item in a list and they do not have access to the list itself, Windows SharePoint Services 3.0 automatically grants them Limited Access on the list, and also the site, if needed.

Last Updated:
February 28, 2011

Solution ID:
9909