What are the best practices for creating unique permissions? #M365AMA

In this episode, the #M365AMA panel discusses the following community question:

“We have a group “All employees” in SharePoint. The group exists in every SharePoint site. It previously had the permission “Contribute”. I should change this to “Read” which worked fine with Powershell. Background is that from now on only people should edit files in SharePoint sites who are owner or member. Now to the problem: I didn’t know before the difference to Member/Owner and Site-Member/Website-Owner. In our project sites only member and owner were maintained. Now when I set the “All employees” group to “Read”, no “Member” can edit files on the SharePoint site anymore. I think I need to change all people who are “Member” to “Site Member”. Or can I set the permission so that members can edit files? It all has to be done via Powershell – does anyone have any idea?”

Check out the discussion here:


Participating in this discussion were:

Some relevant notes/links shared by the team:

  • Unique permissions are not great for DIY projects. Our shared recommendation is to hire a professional.

Christian Buckley

Christian is a Microsoft Regional Director and M365 Apps & Services MVP, and an award-winning product marketer and technology evangelist, based in Silicon Slopes (Lehi), Utah. He is the Director of North American Partner Management for leading ISV Rencore (https://rencore.com/), leads content strategy for TekkiGurus, and is an advisor for both revealit.TV and WellnessWits. He hosts the monthly #CollabTalk TweetJam, the weekly #CollabTalk Podcast, and the Microsoft 365 Ask-Me-Anything (#M365AMA) series.

2 Responses

  1. November 5, 2023

    […] What are the best practices for creating unique permissions? #M365AMA […]

  2. December 9, 2023

    […] are the best practices for creating unique permissions? #M365AMA [blog | […]