Thursday, March 28, 2013

SharePoint Permissions

SharePoint Permissions:

One of the most powerful aspects of SharePoint is the ability to manage permissions however, if this is done incorrectly and without structure it can soon become your company’s worst nightmare. I have seen a number of different company's SharePoint permissions and many of them have let the permissions get out of control.

Much of the out of control permissions can be attributed to provisioning user permissions on an individual basis, not creating customer permission levels, not utilizing Active Directory Groups (AD), and not creating meaningful SharePoint Groups.

Breaking inheritance on their libraries and lists is totally fine when done correctly, but permissions by individual is almost never the answer. This tactic is not only time consuming, but eventually will become unmanageable you and will constantly be amending & provisioning permissions.

Create custom permission levels!!!!!! If you have a need to deviate from the out of the box levels, you should create custom levels. For instance, if you want to hand off the ability for a user to provide permissions for their site, but not be able to manage site features, create sub sites, etc. a new permission level should be created.

Create SharePoint groups that you can manage and determine a naming convention which works for your organization. An example of this would to create a new SharePoint group for every library & list which has unique permissions i.e. Site Name-Library Contribute. This way you know when you are adding users that this group is the contribute group for that library with broken inheritance. You will run into scenarios where the same group of individuals needs access to multiple libraries. For this I create a permission group such as Site Name-Libraries -LegalReviewTeam Contribute and then in the description of the group I list out all of the libraries/list that this team has contribute access to.

Utilizing Active Directory groups

AD groups should be used within your SharePoint Groups in order to better manage SharePoint permission and to reduce the overall overhead of your site. In SharePoint you are able to use Security Level Active Directory groups for permissions, which can save a ton of time. At the bottom of this article I provided a graphic I created which helps to visualize the impact. You can check to see if an AD group is a security group by downloading a set of Administrative Tools → Active Directory Users & Computers → Search the distribution group and there should be a radio button that is marked for Security Group. By adding AD groups you can provision permissions for an entire group such as "Tibco Integration" which might be a distribution group in your organization which would give anyone that is part of that group permission to the site, This means that rather than adding let’s say 100 members of this group individually, you can add the AD group once. This also reduces maintenance since anyone that is removed from that distribution group will also lose their permissions on your site.

Monday, March 25, 2013

Why Use Content Types?

What is a content type?  A content type essentially at it's core is a grouping / set of meta data with a specific purpose.  For example, a Task within SharePoint is a grouping of the fields which would be needed to track a Task.  By creating a Content Type you can create custom "groupings" of meta data for your specific needs. As an example, you could create a content type for "Point of Sale Report" and attribute all of your meta data to that content type.

The real question is why use them?  By utilizing content types you can leverage your specific "groupings" and use them across lists and libraries across your sites.  The Content Type will allow you to have better control over your document management capabilities by attributing the corresponding IRDS (Information Retention & Disposal Schedule), creating views based upon the Content Types, and by creating workflows specific to that specific content type.

All of these benefits for content types or helpful, but by automating your IRDS you can make sure that you are always compliant with the Laws, reduce the amount of file space you are utilizing, and save countless dollars in discovery if there is ever a litigation issue.  The creation of content types help to reduce the amount of Null values in your list or library as well.  By better targeting the Content Types, your users are not having to leave blanks which do not apply to them with the notorious "catch all form."

I hope this was beneficial to you!


Thursday, March 21, 2013

Linking Directly To The New Form For Multiple Content Types


This is my first official blog and I wanted to give a quick tutorial on how to link directly to the New Item Form as well as how to link to the New Item Form for multiple Content Types within your SharePoint 2010 List or Library.

Linking Directly to a New Item Form
(this will link directly to the default content type new form)


Linking directly to a different content type new form:


To find your Content Type ID go to the

Site Actions→ Site Settings→ Galleries → Site Content Types → Copy the shortcut for the content type you need to link to → take everything after ctype= (until the apostrophe) → use that content type id in the above URL


Another way I found to directly link to the form is to open the desired form then copy the shortcut then use that, except after you submit the item it does not know where to post back to so you are left with a blank webpage and every time you refresh the page it creates a new item. I would suggest using the above method instead of using the copied shortcut, but if you do you will need to send the user back somewhere.

You can do this to fix the issue with that method or to send the user to the desired location