Understand user and group permissions in SharePoint and Office 365

default post thumbnails

We all agree, SharePoint & Office 365 are incredibly powerful tools that allow unprecedented levels of collaboration and productivity within an organization. However, bringing all of your employees within the same environment doesn’t come without its share of concerns regarding making sure everyone only has access to what they should.

Of course, it’s always possible to dive-in and individually check each SharePoint Users’ or Groups’ permissions, but it would take you forever. Not to mention the risk of human error. How awesome would it be to run a single report and get a full overview of your SharePoint Users’ and Groups’ permissions?

The Permissions Matrix Report gives you a complete overview of all the permissions given to Users and Groups in SharePoint & Office 365 in a clean and understandable matrix.

Run the Permissions Matrix Report against your environment: 

  1. In Sharegate’s Explorer, select one or multiple Objects (from your entire Farm to a List or Library)
  2. In the right sidebar, click ”Permissions Matrix Report” under the Security tab.
    Understand SharePoint Users and Groups permissions
  3. Sharegate displays the results in a clean matrix.
Understand SharePoint Users and Groups permissions

Take your understanding further: SharePoint security best practices

Why run the Permissions Matrix Report?

Essentially, it saves you valuable time that would otherwise be spent performing the repetitive tasks required to manage your SharePoint & Office 365 Users’ and Groups’ permissions. The Permissions Matrix Report allows you to quickly identify which users have access to what by viewing all their permissions and permission levels in the same report.

You can run it on multiple Site Collections at once, and it’ll work whether you’re using SharePoint, Office 365 or both in a hybrid scenario.

My colleague Benjamin recorded a great video explaining the Permissions Matrix Report. Check it out!


The Permissions Matrix Report results

In short, the Permissions Matrix Report lists:

  • All User and Group permissions, and their Permission Levels.
  • Objects that have custom permissions.
  • Office 365 External Users (including pending invitations and anonymous guest links)

Permissions and Permission Levels

The Permissions Matrix Report offers a complete overview of all permissions given to Users and Groups. You can expand groups to see their users. It lists the Permission Levels and Groups from where the permissions were given to the User.

Custom Permissions

The Permissions Matrix Report also allows you to know which Subsites, Lists, Libraries, Folders, Document Sets, List Items, or Documents have permissions that do not inherit from the parent, or custom permissions. You can expand the Object in order to see what specific permissions have been given to a User.

Show Specific SharePoint Users & Groups Permissions

Only Show Office 365 External Users

Finally, the report will allow you to differentiate Office 365 External Users from your Users. Objects shared with External Users will be indicated with a different icon in your matrix (authenticated or invited, and even with anonymous links).

You can use the Filter Options to show only External Users in order to validate their access.

Understand SharePoint Users and Groups permissions

If you want to learn the power of the Permissions Matrix Report, read our extensive documentation article.

Export Your Report Results to Excel

While the Permissions Matrix Report makes it easy to browse the permissions assigned throughout your site collection, you might need to extrapolate some information out of it. Nothing matches the power of Excel for this, which is why we added an export capability to the report.

Note that Sharegate will only export what’s currently displayed in the Permissions Matrix Report. This means that if a Group is expanded, its users will be visible in Excel, but if it’s collapsed, only the Group will be included. The same logic goes for filtering.

New to Permission Levels?

In Office 365 and SharePoint, there are a variety of Permission Levels. They tend to group actions and define what users can and can’t do in SharePoint.

You may want some users to be able to edit content in a certain Site, and in other cases you might just want to let them see the content without modifying it.

We wrote an entire article to help you understand permission levels in SharePoint & Office 365.

Permissions Matrix Report

The Permissions Matrix Report should be run regularly in order to effectively maintain control over the security of your environments. A tight control policy will help avoid potential security breaches (don’t be mistaken, it even happens to the best of us), and consolidate your internal permissions.

What did you think of this article?

Recommended by our team

Your biggest Microsoft 365 jobs, made easy

15-day full-featured trial—no strings, no credit card.

Spot Icon

Smooth Google migration  Migrate from Google Drive to M365 the right way