Welcome to the third post in the SharePoint Online Administrator series! In the previous post, we explored how to navigate the SharePoint Admin Center. Now, weβre diving into one of your most essential responsibilities as an admin: managing sites and permissions.
SharePoint Online empowers users to collaborate, but without proper site structures and permission strategies, you risk losing control over access, content, and security. Letβs fix that!
π Understanding Site Types in SharePoint Online
Before you manage anything, itβs important to understand the types of sites available:
1. Team Site (Microsoft 365 Group Connected)
- Ideal for collaboration within a team.
- Automatically connects with Teams, Outlook, Planner, etc.
- Comes with a shared document library.
2. Communication Site
- Best for broadcasting news, announcements, or resources to a wider audience.
- Not group-connected and usually read-only for most users.
3. Hub Site
- Connects multiple sites under a unified navigation and branding.
- Great for department-wide or business-unit-wide organization.
π‘ Pro Tip: Encourage the use of Team Sites for collaboration and Communication Sites for sharing info without needing user edits.
π Creating and Managing Sites (Admin-Level)
From the SharePoint Admin Center:
- Go to Active Sites.
- Click Create and choose the site type.
- Fill in:
- Site name
- Group owner
- Privacy settings
- Storage quota (optional)
- Click Finish β your site is ready!
You can manage any site later by clicking on it in the Active Sites list and adjusting:
- Owners
- Permissions
- Storage limits
- Sharing settings
π Permissions: Best Practices for Access Control
SharePoint permissions are based on SharePoint Groups and roles:
| Role | Description |
|---|---|
| Owners | Full control (admins of the site) |
| Members | Edit access (collaborators) |
| Visitors | Read-only access |
You Have Two Models to Manage Permissions:
β Inherited Permissions (Default)
- Subsites or libraries inherit permissions from the parent site.
β Unique Permissions (Broken Inheritance)
- Applied when you need to control access to a specific library, folder, or list.
π‘οΈ Security Tip: Avoid breaking inheritance unless absolutely needed β it complicates management long-term.
π Adding Users or Groups to a Site
To manage users:
- Go to the site (or Admin Center > Active Sites).
- Click Settings β Site Permissions.
- Add users to:
- Members (for edit access)
- Visitors (for read-only)
- Owners (full control)
Use security groups (from Azure AD or M365 Groups) instead of individual users for scalable and maintainable permission management.
βοΈ Managing Library or Folder-Level Permissions
Need to restrict a sensitive folder?
- Go to the Document Library.
- Select the folder or file β Click Manage Access.
- Click Advanced β Stop Inheriting Permissions.
- Remove or add users/groups as needed.
β οΈ Be cautious: too many unique permissions create complexity and increase the risk of mistakes.
β Pro Tips for Clean Permission Management
- Use Microsoft 365 Groups for team sites β it simplifies email, Teams, and Planner access.
- Audit permissions regularly using reports or PowerShell.
- Educate site owners to avoid over-sharing with “Everyone” or external users.
Next Up: Secure External Sharing in SharePoint Online
In our next post, weβll tackle one of the biggest security concerns in modern collaboration: External Sharing. Youβll learn how to enable secure guest access and avoid exposing sensitive data.
π¬ Got questions about permissions or site design? Let me know in the comments or message me β Iβd love to help!
Keep building smarter and safer collaboration β you’re doing great! ππ