Chat now with support
Chat with Support

Identity Manager Data Governance Edition 9.2 - User Guide

User Guide Introduction Data Governance node and views Administering Data Governance Edition Managing unstructured data access
Managing resource access Managing account access Working with security permissions Working with SharePoint security permissions Account access modeling Bringing data under governance
Classifying governed resources Managing governed resources using the web portal Data Governance Edition reports Troubleshooting EMC, NetApp Filer, and SharePoint configuration details PowerShell commands Governed data attestation policies Governed data company policies Governed data risk index functions

Working with SharePoint permission levels

SharePoint permissions are a collection of list, site, and personal permissions designed to provide the appropriate level of access for a given group of users. Permission levels are unique for each site collection. Although permission levels are created and managed at the site collection level, Data Governance Edition allows you to manage permissions regardless of your context, and resolves your permission level changes to the appropriate site collection. You can create a permission level at anytime, as long as you have the Manage Permissions permission on the site collection. You can also edit existing permission levels, and delete those you no longer need.

You may want to view the details of existing permission levels before creating new ones. The fewer well-designed permission levels you have, the easier your site permissions are to manage.

Note: If you see a message in the list of issues that the forest or domain could not be contacted, this could be because the trusted domain has not been synchronized with One Identity Manager.

To view the permissions contained in a permission level by viewing a resource

  1. In the Navigation view, select Data Governance | Managed hosts.

  2. Open the Resource browser using one of the following methods:

    • Double-click the required SharePoint farm in the Managed hosts view.
    • Select the required SharePoint farm in the Managed hosts view and select Resource browser from the Tasks view or right-click menu.
  3. In the Resource browser, double-click through the farm to locate the required resource.

    The security for the resource displays in the Permissions pane (lower pane).

    A message across the top of the pane indicates whether permissions are inherited or unique.

  4. In the Permissions pane, click in the corresponding Permission Levels column for one of the accounts listed.

    A pop-up appears displaying all the permission levels available. The permission levels assigned to the selected account are marked with a check mark. To see the permissions included in a permission level, hover your cursor over the permission level. You can also hover your cursor over an individual permission to see its description.

  5. Press Enter to save your selection and close the permission levels list.

To view the permissions contained in a permission level using the Permission Levels dialog

  1. In the Resource browser, double-click through to a resource within the site you want to examine.
  2. In the lower pane, click the Permission Levels toolbar button.
  3. In the left pane of the Permission Levels dialog, select a permission level.

    The permissions included in the level are shown on the right side of the dialog.

  4. Click OK to close the Permission Levels dialog.

Creating a SharePoint permission level

If you need a new combination of permissions to achieve your security goals, you can create it through the Resource browser. Regardless of the object you have selected, the permission level is associated with the site collection, and is available for use with any object in the site collection.

To create a SharePoint permission level

  1. In the Resource browser, double-click through the farm to locate the required resource.

    The security for the resource displays in the lower pane.

  2. In the lower pane, click the Permission Levels toolbar button.
  3. In the Permission Levels dialog, click New.
  4. Provide a unique name and a description for the permission level.
  5. Select the required permissions.

    Some permissions are actually collections of permissions. For example, when you select Manage Lists, additional permissions required to perform this task, such as View Pages and Open, are also selected.

  6. Click OK.

Deleting a SharePoint permission level

If you no longer need a permission level, you can delete it.

Note: When you delete a permission level, you may be leaving users or groups without their accustomed access to SharePoint. Ensure that you have assigned appropriate permission levels to all affected accounts before deleting a permission level.

To delete a SharePoint permission level

  1. In the Resource browser, double-click through the farm to locate the required resource.

    The security for the resource displays in the lower pane.

  2. In the lower pane, click the Permission Levels toolbar button.
  3. In the Permission Levels dialog, select the permission level to be removed.
  4. Click Delete.
  5. Click Yes on the confirmation dialog.
  6. Click OK to exit the Permission Levels dialog.

Modifying an existing SharePoint permission level

You can change the permissions in a permission level, and the name or description.

To modify an existing SharePoint permission level

  1. In the Resource browser, double-click through the farm to locate the required resource.

    The security for the resource displays in the lower pane.

  2. In the lower pane, click the Permission Levels toolbar button.
  3. In the Permission Levels dialog, in the Permission Levels pane (left pane) select the permission level to be modified and click Modify.
  4. Modify the name, description and included permissions as needed.
  5. Click OK to save your selections and close the Permissions dialog.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating