I was wondering if there was a simple way to allow users to request access to specific groups in sharepoint? i.e Users have a button on a page they can click to join or leave a specific group. Allowing them to self serve access?
Ive looked through the literature and cant see anthing obvious.
Kind Regards
Ive tried lookign through the site permissions options but these are centred around site owners adding users not users adding themselves. Ive also tried a number of button set ups but im wondering if i have to set up a power app to do this?
Per my knowledge, there is no OOTB or easy way to let users adding permission to themselves.
If you want to realize your needs, I suggest that you can customize your needs through Partner.
You can configure self service group membership when you create the SharePoint group like this:
Note how users can request to join or leave the group and requests are setup to auto accept? That should address your issue.
Related
I'm currently working on migrating a big company's data from DropBox to SharePoint and i can't quite decide on how to structure the whole SharePoint environment.
So as you may know DropBox has an admin section where you add your members, groups and content to share and it is pretty straightforward on how to implement simple things and by that, i mean that you get your members on some groups and then you share specific folders (from your content) to that group directly.
As of SharePoint now, i found out that it has more or less the same functionality but it really gets pretty inconvenient on how to implement this. I created a new site, then i created my groups and added some users to them, then i created as many document libraries as my shared folders were on DropBox, i stopped inheritance from the site and added groups directly to the document libraries. All that, took me quite a while, more than 8 hours, for 30 document libraries and 20 groups mostly due to the back and forth i had to go through settings, permissions, libraries etc.
Would it be, let's say, more practical or rather make more sense to create a new site for every shared folder i have on DropBox and add members directly from the site's homepage?
What would you do for such a case?
Thanks in advance
PS. The migration tool that SharePoint admin center provides it comes pretty handy and it works good, but transfers data quite slowly.
TLDR: Use sites, not libraries, for different user groups.
SharePoint makes the following things easy:
Sharing a whole site (by inviting people as members (edit) or visiors (read))
Sharing a single file (with a person that you don't want to have access to the other stuff on the site)
SharePoint makes the following very hard:
sharing specific libraries with distinct groups of people. This requires a lot of setup work and is a maintenance nightmare. You also need to be an administrator of the each site and know where in the depth of the SharePoint settings you can find the switch to break permissions and invite other people to a library.
It is not recommended practice to share libraries like that.
In your scenario, you would be served better with individual team sites using O365 groups. Then add members via the home page sharing button. The site should be the permission boundaries and these permissions should not be broken for any site content.
If the need arises to break permissions for certain content, it's time to move that content to a separate site with its own membership groups.
Using O365 groups, any site membership can then be viewed, managed and audited in the SharePoint admin portal and the M365 admin portal. No SharePoint knowledge or SharPoint site access is required for admins to manage membership. Membership assignment can also be automated with various tools like PowerShell or Power Automate.
Users can see only the sites they have access to, and will not suffer the bad user experience of clicking a library, only to get an error message for "You do not have access".
We are using Harmom.ie for Outlook to save e-mails and documents in SharePoint sites. Recently we started to use the Planner and Groups and we want to use Harmon.ie to save documents and emails into group sites. In Harmon.ie there is an option to enable groups sites. We have done that. When doing this an Office 365 Global admin must give consent. We also done that. However when a user try to access they are not allowed to access. According to the documentation something need to be set up on Azure giving the add proper Graph access.
The question is. How do we do this??? has anyone else got this to work? When we access the app on Azure there is not much we can do?
We are stock! any help will be much appreciated.
There are different ways to solve this. Harmon.ie also allows you to connect to teams & groups - and I suppose this is what you tried to do. We also did this. It was a little bit complex - but after some communication with the harmon.ie support, we got it working.
However, I am proposing a different way to solve your problem. Why? Currently, the problem with this teams and groups connection is, that you are not getting all the functionality of normal site connection (if you connect a SharePoint site to: https://www.harmon.ie). You are only going to see the documents library of your office group - and nothing else. But as an office group just uses a normal SharePoint Site, you could also have other libraries created.
What you can do is, get
1. get the site url (every office group has a SharePoint-Site behind)
2. and book it into harmon.ie manually
You will than have access to the document libraries.
for this solution, you do not need any additional configuration of teams and groups access.
I have a navigation menu that will be using audiences to control visibility of the links on the menu. For simplicity (and to allow help desk to manage the access), we will be using Active Directory security groups to control access to the links.
When trying to add Active Directory security groups to the link's audience, I am unable to find the new security groups. I can add other security groups that are in the same Active directory OU, just not the new ones.
If I create a new page or site, and go to site permissions, I can add the new groups there, just not under audience.
How do I force SharePoint to rebuild its list of AD Security groups that it displays for audiences?
To be clear we are not using custom defined audiences within SharePoint at all. Under central administration, there is only the All site users audience. The groups I see being populated in the audience field include those that came from AD orginally. I just do not know how to get the new groups to show up.
As a work-around, I could create new pages with redirects for each of the links, and set permissions on the pages themselves, but that seems like a overly complicated and annoying solution for something that should have an easy fix.
Thanks
Looks like an old post but I thought I'd still reply. It might help someone.
Just make sure that in AD the security group is marked as "Global" under Group scope. If the group is marked as "Domain local" or "Universal", it will not show in the audience rule.
Hope this helps.
:)
Have you preconfigured audiences in User Profile Service Application?
Try looking this: http://technet.microsoft.com/en-us/library/cc262169.aspx
Exactly the same challenge I'm facing. Have manually prompted a profile synchronization (incremental and full) in the hope that this would trigger an update, but it doesn't.
New AD groups aren't showing up, and some old ones (it appears, at this point in my studies) aren't being removed. There seems to be a fundamental audience field update failure, while the rest of SharePoint picks up the profile changes just fine.
Found this: http://blog.arjanfraaij.com/2011/05/adding-active-directory-ad-group-to.html
Hope it's useful.
Last edit: It worked. Still had to define audiences to get them applied (couldn't directly apply AD groups), but a simple Audience composed of a single AD group now properly controls audiences. Just make sure you then compile audiences too...
I am working on a website built with ModX. I have defined different user access permissions for different resources. On a page I am trying to list down all the resources with pagination using getPage plugin. But I am not getting the list paginated properly. It seems like getPage is also considering inaccessible resources while paginating. Can anyone help me on this? Please!
You don't write too much about what you did, but I suspect that you used resource groups and restricted the access to the groups in the web content for some users. If you restrict access to a group at one place, modx doesn't allow anyone without explicit rights to access resources from that group.
To allow anonymous users to view your resources, don't restrict access to that resource group in the web context for anyone.
If you need more information, you might read over the excellent tutorial on modX revolution permissions by Bob Ray or the pages on security in the modx manual.
Please provide further information on your problem, if this doesn't help (i.e. is it possible to access your desired resources without being logged in?).
Is it possible to create a site on demand? So in the response of an event, such as button click. I want users to be able to see one site (all users), but users with assigned to a certain group will see two sites.
Also, when would I want to create a seperate web application?
Thanks
Let's try to clear this up.
First, yes it's possible to create sites and webs programmatically, and in that sense you can do it in a click of a button event.
The second part of your question is not related to creating a sub site, it's related to permissions. Sub sites in SharePoint can have different permissions for different users.
So yes, users assigned to a certain group can see sub sites that others can't.
The third question can be answered by this Technet article.
Hope this helps.
Yes, you could use 2 seperate SharePoint web applications to provide access to a single site collection using different authentication providers. Enabling anonymous access for one web app and windows authentication for the other, you could use SharePoint authorisation to setup different permissions on site and pages for anonymous users as noted by Magnus.