The many faces of permissions in Microsoft 365

Thanks for this great session. I still think there are scenarios where you need the advanced permissions but they are limited and agree should be avoided as much as possible!

kbworks_eu

This session went really deep on all the places we can configure permissions for SharePoint and Microsoft Teams and what all these settings mean. We had a lot of fun, and even educated each other while prepping for this session. Was great to see all the interaction live in the chat.

juliemturner

*Generated with Microsoft Copilot*

00:00-00:11 | Introduction and Advanced Permissions Warning: The session begins with a humorous warning to Derek about avoiding the Advanced permissions panel in modern permissions, emphasizing simplicity.
00:11-00:25 | Session Kickoff and Theme Introduction: The host announces the start of the session on October 30th, introducing the theme “The Many Faces of Permissions in Microsoft 365” and expressing optimism about the discussion.
00:25-00:54 | Recap of Previous Conversations: The host reflects on the previous Monday’s bifurcated conversation, highlighting the importance of bringing together different viewpoints to help both the audience and the presenters.
00:54-01:07 | Overview of Session Topics: The session will cover the organization’s permission philosophy, modern vs. classic permissions, public vs. private settings, and various policies, including SharePoint premium features.
01:07-01:46 | Detailed Agenda and Humor: The host outlines the detailed agenda, mentioning the focus on policies and adding a humorous note about “policy shaming” Derek, setting a lighthearted tone for the session.
01:46-02:19 | Philosophy of Keeping Permissions Simple: The host emphasizes the philosophy of keeping permissions simple by setting them at the site level and avoiding breaking inheritance, which historically caused issues.
02:19-02:45 | Site-Level Permissions and Historical Context: The discussion continues on the benefits of site-level permissions, contrasting it with historical practices of using a single site for multiple projects, which complicated permissions.
02:45-03:10 | Importance of Separate Sites for Projects: The host explains the importance of creating separate sites for different projects to simplify permissions, as the composition of work units changes over time.
03:10-03:29 | Simplifying Permissions with Separate Sites: By having separate sites for different units of work, permissions become much simpler. Exceptions to this rule should be carefully considered.
03:29-03:56 | Publishing Content in Appropriate Locations: If a project site requires regular sharing, it might be better to publish that content in another location accessible to the relevant group, impacting site topology.
03:56-04:04 | Concerns About Site Sprawl: The host addresses concerns about site sprawl, emphasizing the need for enough sites to represent different units of work effectively.
04:10-04:24 | Historical Context of Site Management: The discussion touches on the challenges of managing multiple site collections in the on-premises days, highlighting the reluctance to create new sites due to management difficulties.
04:24-04:31 | SharePoint Admins’ Perspective: SharePoint admins were hesitant to create new sites, preferring to stick with a single site collection to avoid complexity.
04:31-04:42 | Management Challenges and Subwebs: The conversation continues with the difficulties of managing numerous site collections and the ease of creating subwebs, which end users could easily make.
04:42-04:54 | Evolution of Site Management Practices: The speakers acknowledge that past practices have influenced current approaches, especially for those who migrated from on-premises to online environments.
04:54-05:02 | Shift to Online Architecture: The transition from on-premises to online often involved lifting and shifting the existing architecture, which impacted how sites were managed.
05:02-05:09 | Preference for More Sites: The current preference is for having more sites rather than fewer, as this simplifies permissions management.
05:09-05:16 | Information Architecture Considerations: While more sites are better for permissions, it introduces challenges in naming conventions and namespaces from an information architecture perspective.
05:16-05:24 | Balancing Permissions and Architecture: The need to balance permissions management with other aspects of information architecture is emphasized.
05:24-05:30 | Microsoft 365 Groups as Membership Objects: Microsoft 365 groups are described as membership objects, meant to include only relevant members, such as the IT team.
05:30-05:44 | Importance of Accurate Group Membership: The importance of keeping group memberships accurate is highlighted, as adding members temporarily can lead to issues.
05:44-05:54 | Misuse of Group Memberships: The speakers note that people often break the rule of keeping group memberships accurate by adding members for short-term access.
05:54-06:02 | Reliance on Accurate Memberships: Accurate group memberships are crucial for relying on these groups in various contexts within Microsoft 365.
06:02-06:07 | Ensuring Proper Access: Ensuring that group memberships accurately reflect the intended team is essential for proper access management.
06:14-06:27 | Careful Group Population: Emphasizes the importance of carefully populating Microsoft 365 groups, ensuring only those with ownership rights can change memberships, and reusing these groups effectively.
06:27-06:33 | Sharing Links and Permission Inheritance: Discusses how sharing links can break permission inheritance depending on settings and usage, highlighting the need for user education.
06:33-06:44 | Educating Users on Sharing Links: Stresses the importance of educating users about sharing links to avoid potential issues with permissions, search, and other functionalities.
06:44-06:55 | Advanced Permissions Warning: Reiterates the warning to avoid clicking on Advanced permissions in the modern permissions panel, suggesting adherence to simpler rules.
06:55-07:02 | Alternative to Advanced Permissions: Suggests adding site collection admins directly instead of navigating through Advanced permissions, using Derek’s experience as an example.
07:02-07:14 | Derek’s Use Case: Derek shares his use case for needing to fix permissions, with a humorous note about never living down the incident.
07:14-07:27 | Avoiding Advanced Permissions: Mark advises against clicking on Advanced permissions, emphasizing the importance of understanding why one might need to do so.
07:27-07:39 | Reflecting on Advanced Permissions Usage: Encourages self-reflection on the necessity of using Advanced permissions, even if it means poking fun at Derek’s expense.
07:39-07:45 | Questioning Advanced Permissions: Reinforces the idea of questioning the need to use Advanced permissions unless changing site collection administrators.
07:45-07:53 | Patterns and Habits: Acknowledges the difficulty of breaking old patterns and habits, with a lighthearted comment about age and experience.
07:53-07:57 | Lighthearted Banter: Ends with a humorous exchange about age and patterns, maintaining a friendly and engaging tone.
07:58-08:06 | Lighthearted Banter Continues: The humorous exchange about age continues, with a playful comment about the small age difference.
08:06-08:12 | Transition to Modern vs. Classic Permissions: The session transitions to discussing modern versus classic permissions in Microsoft 365 SharePoint and Teams.
08:12-08:23 | Stick to Modern Permissions: Emphasizes the importance of using modern permissions, which are simpler and more efficient, and only adding people to groups if they are actual members.
08:23-08:30 | Reiterating Group Membership Rules: Reiterates the rule of only adding actual members to groups, highlighting its importance.
08:30-08:35 | Use Classic Permissions for Cleanup: Advises using classic permissions only for cleaning up messes or specific exceptions like organizational asset libraries.
08:35-08:42 | Exception for Organizational Assets Library: Mentions an exception for using classic permissions when dealing with an organizational assets library.
08:42-08:48 | Caution with Advanced Permission Settings: Encourages careful consideration before clicking on advanced permission settings.
08:48-08:54 | Finding Broken Inheritance: One reason to use advanced permissions is to find where inheritance is broken, which can also be done using tools like ShareGate.
08:54-09:00 | Using ShareGate for Cleanup: Highlights the use of ShareGate to run reports and clean up permissions when inheritance is broken.
09:00-09:07 | Stick to Modern Permissions: Reiterates the importance of sticking to modern permissions as much as possible.
09:07-09:13 | Introduction to Public vs. Private Sites: Introduces the topic of public versus private SharePoint sites and Teams, noting the impact of grouping.
09:13-09:19 | Public vs. Private Grouping: Discusses how grouping has influenced the creation of public and private sites.
09:19-09:26 | Impact of Creating Public Teams or Groups: Explains that creating a public team or group adds everyone except external users to the site members, allowing them to make changes.
09:26-09:32 | Public Teams and Groups: Highlights the implications of creating public teams or groups in Microsoft 365.
09:32-09:38 | Microsoft 365 Group Membership: Clarifies that a public Microsoft 365 group includes everyone except external users.
09:38-09:44 | Everyone Can Make Changes: Notes that in a public site, all members can make changes, which is usually not ideal.
09:44-09:50 | Exceptions for Public Sites: Acknowledges that there are exceptions where public sites make sense, but they are rare.
09:50-09:56 | Preference for Private Sites: Most team sites are private to restrict access to a small group of people.
09:56-10:02 | Reasons for Private Sites: Private sites are preferred to shield content from everyone else or to avoid clutter.
10:02-10:08 | Choosing Public vs. Private Carefully: Emphasizes the importance of carefully choosing between public and private settings for sites.

MyCopilot-anthonyrhopkins