SharePoint Tip #2. Do you know “why OOTB Roles must be customized”?

SharePoint has predefined set of OOTB permissions level, such as: Full Control, Contributor, Designer, and etc. But those permissions not always provide you desired functionality – its either too wide or very narrow.

Start out with a small set of users who have the fewest permissions possible, to avoid [Your_Headache = Number_of_Users X User_Permissions]  because out-of-the-box permissions levels either too liberal or they are too limiting

The most commons scenario of role customization you can meet is Design role in publishing sites. When you have an approval workflow and assigned specific user to “Design” role as approver you need to take into account that “Design” role has delete permissions. So, what actually happens, sooner or later, is that your approver accidently deletes what he needs to approve :,,) It’s not what you expect from him.

The solution for this is to edit OOTB permissions for Designer roles and to prohibit “delete items” action, or create new role. And pay attention to roles you are using in production system just to avoid such cases.



Have anything to add?! Send your tips to be published via this form


Leave a Comment