Read time 6 minutes
Permissions give a specific right granted to the user related to performing actions. The SharePoint administrator assigns the permissions at the site or site content levels. When a user has a View Only permission, they can only view the file and not create or edit it. However, during migration, if these permissions are not migrated from the source or a user is not given necessary rights, the site content becomes inaccessible at the destination.
Remember that permissions are intricately associated with data. Therefore, you need to consider migrating it to the exact folder hierarchy to get your permissions mirrored at the destination site in SharePoint.
Before starting the migration, you should understand the basic concept of SharePoint Online permissions.
- Fine-grained permissions: When the administrator assigns permission at a granular level to a securable object that falls under the fine-grained permissions. For example, a permission assigned to a specific file in a large library, list, or site, allows the user with in-depth control over the SharePoint data for better customization.
- Permission level: Permission levels are the set of permissions assigned to users allowing them to perform different tasks. An excellent example of permission level is Read permission, which allows users with rights like opening a file, reading a file, viewing pages of the file, viewing versions of a file, etc. All these rights are required to access a file in SharePoint.
- SharePoint group: A SharePoint Group streamlines assigning permission to a whole group rather than individually to each user. Each SharePoint Group comes with default permissions for owners, visitors, members, etc
- User: A user is a single entity in SharePoint and it is better to assign permission to a user through groups since it will be difficult to monitor each user.
- Securable object: A securable object is a file, document, folder, list, library, site, etc., affected by permissions. The administrator can assign item-level, folder-level, and site-level permissions for a variety of controls.
Getting complete information about these SharePoint Online permissions and then planning your migration method is beneficial.
Read Also: Learn How to Customize Permissions in SharePoint?
What permissions do you need for SharePoint migration?
When you plan to migrate data, there are certain permissions that should be migrated along with it to allow users with access to it post transition. Here are some permissions that you need to migrate.
- Default permissions levels:
Default permissions levels include permissions which authorize a user to perform multiple actions on the objects. Here is a brief list of default permissions levels:
Permission Level
Permission Included
Description
View Only
View Items, View Versions, View Pages, Browse User Information
User can view application pages and related items.
Limited Access
View Application pages, Browse User information, User Remote Interface
User can access the shared resource
Read
View Items, Open Items, View Versions, View pages
User can view pages, list items, and download documents
Contribute
Add Items, Edit Items, Delete Items, Edit Personal User Information, Add Personal Web parts, Remove Personal Web parts, Update personal web parts
User can edit user information, delete version in lists and libraries.
Edit
Manage Lists, Contribute Permissions
User can manage lists.
Design
Add and Customize pages, Apply Style, Edit permissions
User can Add, View, Update, Delete, Approve, and Customize items or pages
Full Control
All Permissions
User has full control
Note: A user can customize the permission settings for the initial five levels. To change the permission levels for Limited Access and Full Control, you can make individual permissions unavailable for a complete web application.
- User permissions
User permissions in SharePoint are further categorized into 3 categories – list permissions, site permissions, and personal permissions.
- List permissions
- Site permissions
- Personal Permissions
Some of the prominent list permissions are:
Permission
Permissions Included
Description
Manage Lists
Edit, Design, Manage Hierarchy
User can create and delete lists, add or remove columns or views of a list
Override List Behaviors
Design, Full Control
User can check a document for another user and can read/edit their terms
Add Items
Edit, Design, Full Control
User can add items lists, and add documents to libraries
Delete Versions
Contribute Edit, Design, Full Control
User can delete previous versions of list items or documents
Create Alerts
Read, Edit, Design, Full Control
User can create alerts
View Application Pages
Full Control
User can view application pages and enumerate lists
Site Permissions are applied to site items. Some important permissions include the following:
Permission
Permissions Included
Description
Create Subsites
Full Control
User can create subsites, meeting workspace site, and document workspace site.
Manage Web Site
Full Control
User can perform complete administrative tasks for the site
Add and Customize Pages
Design, Full Control
User can add, modify, or delete HTML pages or the site
Manage Alerts
Full Control
User can manage alerts for all users of the website
Open
All
User can open a website, list, or folder to access site items
View Pages
Read, Contribute, Edit, Design, Full Control
User can view pages in a website
Personal permissions are attached to single objects and items in the SharePoint.
Permission
Permissions Included
Description
Manage Personal Views
Contribute, Edit, Full Control
User can create, change, and delete personal views of lists
Add/Remove Personal Web Parts
Contribute, Edit, Full Control
User can add/remove personal web parts on a web part page
Update Personal Web Parts
Contribute, Edit, Full Control
User can update Web Parts
How to migrate SharePoint permissions?
Once you’ve complete information on various SharePoint Online permissions, migrating permissions is an easy job. However, due to the lack of manual methods to migrate the permissions from one site or one SharePoint version to another, you need a professional tool. Using a tool for migrating permissions while with the site content reduces the complexities faced during and after SharePoint migration and directly migrating the permissions and respective data.
With a SharePoint migration tool like Kernel Migration for SharePoint, you can migrate complete sites, lists, and libraries from SharePoint 2010 to 2013, SharePoint 2010 to 2016, and SharePoint 2013 to 2016.
- When you’re migrating from or to a SharePoint site, check the Migrate Permissions option. This will migrate all the permissions in the same order as available at the source to avoid any loopholes.
- Click Add New Mapping button and add Source Username and Destination Username in the respective boxes. Then click OK.
- Finally, you can see that the source and the destination are selected to migrate the permissions directly.
Note: If you have checked the Migrate Permissions, then you can also check the second option of Remap Users/Groups. It will help you to map users SharePoint accounts.
Conclusion
Neglecting migration of SharePoint permissions while migrating other data can cause issues later while accessing the site. You’ll have to manage all permissions after the process is complete, and this process is very time-consuming. Use Kernel Migration for SharePoint to avoid getting into this situation and migrate all of the SharePoint data along with the permissions. It also supports migrating Windows file system to SharePoint, public folder to SharePoint, and file system to Google Drive/OneDrive for business.
The amount of detail provided for SharePoint Permissions is exceptional. I could find everything in this single piece of article which is a rarity these days. Kudos to the team!