Are they added in SharePoint groups?

 

When you first setup Office 365, certain web sites and management pages are created for you. For example, you’ll automatically see the Admin Overview page that appears on the Office 365 Portal – it’s one of many pages and sites automatically made during setup. Likewise, when SharePoint Online finishes setup, you’ll automatically see a Team Site created for your use.

 

Most Administrators will begin on the Admin Overview page of the Office 365 Portal by adding users to Office 365. However, many do not know that this does not add those users into SharePoint Online and its security model. If you have added users in Office 365, it is a first important step, but you’ll need to begin adding users to SharePoint groups for them to access your site collections.

 

 There are three decisions to make:

 

1.    Who do I want to administer to the entire site collection (that is, the site, and all of the subsites) as my site collection administrator?

2.    Does my site collection administrator need a back-up or ‘secondary’ site collection administrator?

3.    What SharePoint permissions should the majority of my users have to the site (should most be able to read the content of the site, or should most be able to contribute to the content)? 

 

In other words, once you’ve finished adding users into Office 365 itself, you should determine who the primary and secondary site collection administrators will be, and consider what kind of SharePoint access the bulk of your SharePoint users will need. This latter point – user security and SharePoint group membership – must be refined as you develop your site.

 

Site collection administrator is a powerful role inside of SharePoint Online. The person given this right has powers from the topmost site in the site collection, right down to every item in the furthest subsite of the site collection. Give this access to only a few of your users.

 

1.    Log in to the portal (https://portal.microsoftonline.com/) by using an account that has SharePoint Online Administrator, or Global Administrator (of Office 365) permissions for your organization.

2.    Click the Admin tab, and then click the Manage link under SharePoint Online. This opens the SharePoint Online Administration Center.

3.    Click Manage site collections. When you do this, you will see the full list of site collections.

4.    Click to select the check box next to the Team Site (or whatever site is causing you the ‘Access Denied’). For example, the Team Site, which has a URL like https://yourdomain.sharepoint.com/, where YourDomain represents the domain that you use for your tenant.

5.    Click Owners in the Ribbon at the top of the list of site collections, and then click Manage Administrators.

 

  

 

6.    In the dialog box that appears, add the account or accounts you chose for primary and secondary site collection administrator. When the accounts are successfully validated, click OK to save the changes.

 

 

 

Once the Global Administrator, or SharePoint Online Administrator, has completed those steps, they can either choose to:

 

1.    Set permissions for the remaining users on the Team Site themselves (they simply have to list themselves among the site collection administrators and gain access to the site in order to do this).

2.    Allow the site collection administrator to add the remaining users to SharePoint groups on the Team Site (this is part of the site collection administrator’s role, in fact).

 

Here are the steps you’ll need to give all the other users in your company access to the new site:

 

1.    Browse to your Team Site, which is located at https://yourdomain.sharepoint.com/.

2.    On the Team Site, click Site Actions, click Site Settings, and then click People and Groups.

3.    On the left hand side of the page, you’ll see a list of Groups. Find the link for the Team Site Members group or the Team Site Visitors group.  If you want your users to contribute to Content, click and add them to a group like Team Site Members. If you want them to read, click Team Site Visitors. Click New, and then click Add Users.

 

 

NOTE  Just so you know, the menu on the left of the screen marked ‘Groups’ is in an area that’s known as the ‘Quick Launch’. If you look at the bottom of the groups listed on the Quick Launch, you’ll see ‘More…’. Click on this item if you’d like to see all the groups available, along with descriptions that outline the difference between them. I’ll paste a sample graphic below.

In most cases, administrators will want to add batches of users to the SharePoint groups and rely on a plan that incorporates the list of SharePoint groups, what they do, and what they need specific users to access on the site. However, if you wanted to open the Team Site to collaboration by all your users, you could click to choose Team Site Members and do the following:

 

1.    Click New in the menu and then Add Users.

2.    Type All Users in the text box, and then click Check Names (that’s the small icon of the person and blue check mark you will see at the bottom right of the Users/Groups text box – it’s right next to the book icon for ‘Browse’). 

 

  

 

3.    Clicking on Check Names allows you to validate that the entry you made is a group name SharePoint Online recognizes. A valid group will show an underline. Click OK at the bottom of this dialog box.

 

  

To test permissions, ask anyone in your organization to log on to the site from the Microsoft Office 365 portal page to confirm that they have access. If you have added them as a Team Site Member, they should be able to upload a document into a library, add an item to a list, or update existing items. They can also delete, so remember to plan your user permissions accordingly.