Latest Event Updates

SharePoint Security Roles and Site Settings Matrix – An easy way to explain and customise

Posted on Updated on

One of the things that I get asked often by customers during SharePoint engagements, is “What sort of rights should I give my users ?”

This is particularly important when trying to find the balance between self-service and fully managed site administration. To this purpose, I have put together a couple of tables that give a quick overview as to what you get with the famous 3 default security groups in SharePoint. From this point onwards, one or more workshops will help define what the actual “roles” should be. For example, you could still decide give your users “Full Control” but you might want to remove the ability for them to delete the site, create subsites or even create SharePoint groups (if you want to manage them in AD).

These tables were originally created for SharePoint 2010 and have now been updated for SharePoint 2013 within Office 365.


User Roles


Full   Control (Owner)

Contribute   (Member)

Read (Visitor)

List Permissions   
Manage Lists    –  Create and delete lists, add   or remove columns in a list, and add or remove public views of a list. X X
Override List Behaviors  –  Discard or check in a document which is   checked out to another user, and change or override settings which allow   users to read/edit only their own items. X
Add Items    –  Add items to lists and add   documents to document libraries. X X
Edit Items  –  Edit items in lists, edit documents in   document libraries, and customize Web Part Pages in document libraries. X X
Delete Items    –  Delete items from a list and   documents from a document library. X X
View Items  –  View items in lists and documents in   document libraries. X X X
Approve Items    –  Approve a minor version of a   list item or document. X
Open Items  –  View the source of documents with   server-side file handlers. X X X
View Versions    –  View past versions of a list   item or document. X X X
Delete Versions  –  Delete past versions of a list item or   document. X X
Create Alerts    –  Create alerts. X X X
View Application Pages  –  View forms, views, and application pages.   Enumerate lists. X X X
Site Permissions   
Manage Permissions  –    Create and change permission levels on the Web site and assign   permissions to users and groups. X
View Web Analytics Data  –  View reports on Web site usage. X
Create Subsites    –  Create subsites such as team   sites, Meeting Workspace sites, and Document Workspace sites. X X
Manage Web Site  –  Grants the ability to perform all   administration tasks for the Web site as well as manage content. X
Add and Customize Pages  –    Add, change, or delete HTML pages or Web Part Pages, and edit the Web   site using a Microsoft SharePoint Foundation-compatible editor. X
Apply Themes and Borders  –  Apply a theme or borders to the entire Web   site. X
 Apply   Style Sheets  –  Apply a style sheet (.CSS file) to the Web   site. X
Create Groups  –  Create a group of users that can be used   anywhere within the site collection. X
 Browse   Directories  –  Enumerate files and folders in a Web site   using SharePoint Designer and Web DAV interfaces. X X
 View Pages  –    View pages in a Web site. X X X
 Enumerate   Permissions  –  Enumerate permissions on the Web site,   list, folder, document, or list item. X
 Browse User Information  –    View information about users of the Web site. X X X
 Manage   Alerts  –  Manage alerts for all users of the Web   site. X
 Use Remote Interfaces  –    Use SOAP, Web DAV, the Client Object Model or SharePoint Designer   interfaces to access the Web site. X X X
 Use Client   Integration Features  –  Use features which launch client   applications. Without this permission, users will have to work on documents   locally and upload their changes. X X X
 Open  –    Allows users to open a Web site, list, or folder in order to access   items inside that container. X X X
 Edit   Personal User Information  –  Allows a user to change his or her own user   information, such as adding a picture. X X
Personal Permissions 
 Manage Personal Views  –    Create, change, and delete personal views of lists. X X
 Add/Remove   Personal Web Parts  –  Add or remove personal Web Parts on a Web   Part Page. X X
 Update Personal Web Parts  –    Update Web Parts to display personalized information. X X


Site Settings

Site Collection Administrator Owner Member Visitor
Site   Settings – Web Designer Galleries
Site columns X X
Site content types X X
Web parts X X
List templates X X
Master pages and   page layouts X X
Themes X X
Solutions X X
Composed Looks X X
Site   Settings –  Users & Permissions
People and groups X X
Site permissions X X
Access requests   and invitations X X
Site collection administrators X
Site app   permissions X X
Site Settings – Site Collection Administration
Recycle bin X
Search Result Sources X
Search Result Types X
Search Query Rules X
Search Schema X
Search Settings X
Search Configuration Import X
Search Configuration Export X
Site collection features X
Site hierarchy X
Site collection navigation X
Search engine optimization settings X
Site collection audit settings X
Audit log reports X
Portal site connection X
Content Type Policy Templates X
Storage Metrics X
Site collection app permissions X
Site Policies X
Content type publishing X
Site collection output cache X
Popularity and Search Reports X
Variations Settings X
Variation labels X
Variation logs X
Translatable columns X
Suggested Content Browser Locations X
Help settings X
HTML Field Security X
SharePoint Designer Settings X
Site collection health checks X
Site collection upgrade X
Site Settings | Site Administration
Regional settings X X
Language settings X X
Site libraries and lists X X X
User alerts X X
Sites and workspaces X X X
Workflow settings X X
Content Organizer Settings X X
Content Organizer Rules X X
Site Closure and Deletion X X
Site output cache X X
Term store management X X
Popularity Trends X X
Content and structure X X X
Manage catalog connections X X
Content and structure logs X
Site variation settings X X
Translation Status X X
Site Settings | Hold
Hold Reports X
Holds X
Discover and Hold content X
Site   Settings | Site Actions
Manage site   features X X
Save Site as template X X
Reset to site   definition X X
Delete this site X X
Enable search   configuration export X X
Site Settings | Look and Feel
Design Manager X X
Master page X X
Title, description, and logo X X
Page layouts and site templates X X
Welcome Page X X
Device Channels X X
Tree view X X
Change the look X X
Import Design Package X X X X
Navigation X X X
Image Renditions X X
Quick Launch X X X
Top Link Bar X X X
Site   Settings | Community Administration
Manage Discussions X X
Manage Categories X X
Manage Members X X
Community Settings X X
Reputation Settings X X
Site Settings | Search
Result Sources X X
Result Types X X
Query Rules X X
Schema X X
Search Settings X X
Search columns X X
Search and offline availability X X
Configuration Import X X
Configuration Export X X

SharePoint Conference 2012 – Are we ready for SharePoint 2013?

Posted on Updated on

What happens in Vegas stays in Vegas. Is that really true these days? With the advent of social tools, real time updates, gossip and rumours make it difficult for anyone to keep “secrets” (even for British royals!).

However, Microsoft’s choice to host the SharePoint Conference in Sin City was spot on once again. Las Vegas is still THE place where anything goes and where reality can be forgotten, even for just a few days. With any new products and launches, you are always going to get a lot of marketing hype and SharePoint 2013 is no different. With over 250 sessions and 10000 attendees to impress, Microsoft and its Partners did a great job entertaining us and taking us away from our day-to-day jobs and real world scenarios. The entertainment came not only in the form of Jon Bon Jovi and Gun’s n Roses concerts or Pamela Anderson’s surprise appearances but also materialised itself in the art of the possible of the new toys and displaying its flashy new features.
The big question however is whether some of these “dream scenarios” can actually become reality; for people like me, who spend the majority of time and a lot of effort trying to translate business requirements into deliverables, once again, this is the start of a new adventure 🙂

Apart from the disappointment of not receiving a complimentary Surface L, I will summarise my impressions into four separate strands:

CLOUD: SharePoint is now a 2 billion dollar a year business and there is no doubt that Microsoft is heavily committed to all aspects of collaboration and social but, by far, the biggest push seems to be towards “all-in” Cloud and SaaS. During the Keynote, Jeff Teper pointed out the big investments that have been made towards “global performance” and scalability backed by a live demo of some of the new SharePoint 2013 features on an Office 365 site hosted in Dublin! That should put to rest some of the concerns around lack of geo replication capabilities. Microsoft also announced that they are now committed to 90-day cycle releases, bringing fixes and new features to SharePoint without having to wait for a Service Pack or new Release. This alone could be massive.

The backbone of the new “cloud model” is clearly the Microsoft Office Store and the new App Model. The ability to create standalone packages without server side deployments represent a huge shift from the way we do things today and the new streamlined user interface lends itself to easier customisation for the ever growing development community. The store is still in its infancy but you already get a flavour of the potential benefits, especially when combined with other cloud service such as Azure.

SEARCH: I think it is fair to say that the coolest demos were all search related. Search is probably the biggest architectural change in SharePoint 2013 mostly because the FAST engine is now baked into the product; so no more expensive FAST deployments to give SharePoint true enterprise search capabilities! Out of the box, you will now be able to surface data across Site Collections (finally!) and have the ability to play with indexed content in a way that was never possible before (think of how Amazon uses targeted results to present dynamic content to you). It was very disappointing however to find out during the “ask the experts” session that one of the key new search web parts will not be available on Office 365 (at least not for a while).
UPDATE October 2013: The CSWP is now available for Office 365 E3 plans.

SOCIAL: SharePoint is now finally social, yeah! Probably 3 years too late but at last Microsoft has built some decent social features into 2013 (how they left out the microblog feature in 2010, I will never know!). I am still trying to figure out how they got away with “cloning” not only the same features but also the same terms from Newsgator Social Sites. As a consultant, I will now find it very hard to sell plug-ins such as Newsgator, even though they will always provide added functionality. What will be even harder is to try to figure out how to upgrade existing SharePoint 2010 with Newsgator to SharePoint 2013 (stay tuned on that – post coming soon!).
Of course, there was a lot of anticipation for what the recent acquisition of Yammer would mean for SharePoint 2013. Unfortunately, as you probably know, not much was revealed during the conference and ever since. What did seem clear however is that Microsoft have big plans for Yammer, so much so that at times it felt like this was a reverse acquisition! Both Adam Pisoni and Jared Spataro confirmed that Yammer, who has become hugely successfully also thanks to its data driven approach, is already influencing the way Microsoft approaches software development (see 90-day cycle reference above) but did not give much away as to how the 2 products will integrate (if ever). When I asked Adam Pisoni if Yammer would ever be made available for on-premise customer, his answer was very direct: “We will never put Yammer on a DVD”.

If I had to pick one word to describe the SharePoint conference this year, I would have to use “confused”.
Microsoft seems to have finally embraced change and I believe they are going down the right path but there are many conflicting messages that are being sent out. To give you a flavour of what I mean, when asked whether he would recommend Yammer or SharePoint 2013 to a customer that wanted to “become” social today, Jared Spataro replied “Definitely Yammer”. Does this mean the “death” of SharePoint on-premise? Have we just seen the last 3 year cycle? Hard to imagine right now. After all, as Jared Spataro himself stated 2/3 of SharePoint licensing revenue today comes from on-premise customers…

I am excited about SharePoint 2013 and I am currently setting out the strategy for a 2010 to 2013 upgrade for a major customer for both on-premise and online, but I do think we need to quickly exit the marketing hype and start to get some real enterprise experience before we can realise whether SharePoint is mature for the cloud in a way that would appeal to the majority of its users.

Happy SharePointing J

Starting over again…

Posted on Updated on

After years of “self-hosting”, I am finally taking the plunge and making the move to WordPress.

Stay tuned whilst I move some of my old posts and article over to this site over the next few days. Hopefully, I will be diligent enough to keep this blog up to date J