Seeking advice - Sharepoint Online user permission with hub site

MD 0 Reputation points
2024-07-02T21:18:10.76+00:00

We have tried a few different options and not finding a solution. We have a hub site with 14 separate sites. Essentially one per major department. Individuals need different access to different sites. There are staff that frequently change positions. In onprem we used groups (usually based on job role) and assigned a person to a group and the group to a site. This way we could have User 1 with member on some sites and read only on others. This allowed easy user management by adding or removing people from groups instead of managing at each site. In Online, we have tried creating groups at hub level as well as creating user permission levels and they are not available on the associated sites. Also tried creating the groups and user permission levels at a site associated with the hub. They only show up on that individual site. Another thing tried was seeing if on the hub or a site that I could see all the users permissions but am only seeing the permissions for user on the hub or on the individual site (so not getting a full view of the users permissions). Reading many folks say change from Modern to Classic but others say Classic not solution and will be faded out in future. Therefore, not confident in trying this solution as people have mixed feelings on if it will work or not. Is there a way to create groups/user permission levels at hub and use on the associated sites? [looked and did not find any setting related to this that might need reviewed.] If not, any recommendation for how to manage hub and associated sites in SharePoint modern with about 200 users that need different access to different sites. Managing each person at each site for member or visitor would be too much and very time consuming.

SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
10,827 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Yanli Jiang - MSFT 26,766 Reputation points Microsoft Vendor
    2024-07-04T09:29:17.9033333+00:00

    Hi @MD ,

    To manage user permissions for a SharePoint Online hub site and its associated sites, it is recommended to use SharePoint groups. You can create SharePoint groups at the hub site level and add them to the associated sites as needed. Additionally, you can create custom permission levels for the SharePoint groups to provide more granular access control. When users change positions, you can simply add or remove them from the appropriate SharePoint groups instead of managing their permissions at each site. It is not recommended to use nested security groups as they can cause performance issues.

    It is also important to note that managing permissions in SharePoint Online differs from managing permissions in on-premises SharePoint. In SharePoint Online, permissions are managed through Microsoft 365 groups, which are automatically created for each team site. Communication sites, on the other hand, use the standard SharePoint permissions groups (Owners, Members, Visitors).

    It is not necessary to switch from modern to classic experience to manage user permissions in SharePoint Online. Instead, it is recommended to use SharePoint groups and custom permission levels.

    For your references:

    https://learn.microsoft.com/en-us/sharepoint/planning-hub-sites

    https://learn.microsoft.com/en-us/microsoft-365/community/permission-model-differences#planning-permissions-with-group-based-sharepoint-sites-when-youre-used-to-regular-sharepoint-permissions

    https://learn.microsoft.com/en-us/sharepoint/modern-experience-sharing-permissions

    https://learn.microsoft.com/en-us/microsoft-365/community/sharepoint-security-a-team-effort#sharepoint-groups

    https://sharepointmaven.com/how-to-sync-hub-permissions-to-the-associated-sites/

    Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.