05
Oct
Teams and SharePoint Online permissions Explained
in Security, Technology
Comments
| 1 | If you are a member of a Microsoft Team you’re membership is determined by your account being a member of a ‘Microsoft 365 Group’ Every Microsoft Team has a corresponding Microsoft Group of the same name, a Microsoft Team cannot exist without the Microsoft Group. Within a Microsoft Group there a two types of membership, ‘Owners’ and ‘Members’, owners can administer membership. |
| 2 | Underneath every Microsoft Team is a SharePoint Site Collection (Specifically a ‘Team site’), its where all the ‘Files’ are stored for the channels within the Microsoft Team / SharePoint Document library. A Microsoft Team cannot exist without its corresponding SharePoint Site. |
| 3 | SharePoint Sites also has a concept of permissions known as ‘SharePoint Groups’ Three groups are created by default and others can be created, these groups can contain users and other AD groups to refine permissions, this has been the case as far back as the product goes In order to control access and permissions to the SharePoint Site, the Microsoft Group is used in conjunction with the SharePoint Groups to make this possible. |
| 4 | The Microsoft Group’s owners are included in the Site collection administrators specified for the site collection. The Microsoft Group’s members are included in the SharePoint site’s members SharePoint Group. |
| 5 | Individuals and AD Groups can be added to the SharePoint Groups for a given site without being added the Microsoft Team members or owners. This means its possible to allow people to access the SharePoint site directly without ever needing to be part of the corresponding team. This has many advantages, but it also does mean it may not be immediately apparent who has access to an MS Team’s files as the MS Team doesn’t display any SharePoint Permissions configuration. |
