Posted on

Ask any SharePoint admin and they’ll all tell you just how the most typical request from finish users is altering or setting permissions for any container or object (site collection, library, etc.). I wouldn’t be amazed to locate some SharePoint admins spending 50 plus percent of time at work just managing permissions based on access policies and content sprawl. This incurs significant chance cost towards the organization because the time might be allocated to keeping new projects on schedule and under budget, researching new functionalities and services, or building out new convenience of the farm instead of processing helpdesk tickets for permissions changes.

This isn’t to state that correctly managing and enforcing permissions is simply a nuisance – it’s absolutely important to maintain proper use of various kinds of data you house. But thinking about a lot of the procedure requires confirming with content proprietors or set policies, this means you will find set standards that should be adopted. So let’s now check out how you can automate SharePoint Permissions using technology that may streamline approaches for managing and altering permissions with compliance for your policies and standard practices.

AvePoint’s DocAve Governance Automation for SharePoint and Office 365 allow content proprietors to handle permissions for their content – all while keeping proper governance from the farm. Managers can setup services according to policies, where demands from finish users are routed to content proprietors around the front finish to make sure business needs are correct before changes they fit through with no admin’s further participation.

Services are maintained individually from approval processes and policies to permit admins to simply combine when needed, not just which makes it more flexible and simpler to scale but scale with consistency.

Let’s check out how to setup automated permissions management services.

Establishing Permissions Management Services: Approval Process

The very first factor an admin must do is produce the approval process. This can control who approves the request – content owner, site owner, compliance officials, IT, etc.

Approval Process Stages

Governance Automation enables for many different approval schemes – auto approval, single approver, multiple approvers in sequence, and multiple approvers in parallel.

How to Automate SharePoint Permissions
Creating Workflow/Approval Processes in DocAve Governance Automation

Bear in mind, once an agreement process is produced, you can use it for just about any service in Governance Automation.

A couple of items to note:

  • Groups are suitable for organization from the approval processes and doesn’t affect which processes are for sale to any particular job.
  • You could have as much as three approval stages, but each stage will go through multiple approvers.
  • Should you already use SharePoint Workflows or K2 Workflows, just do as instructed on screen to make use of individuals rather.
  • Auto approve means the requested service will discover no human interaction. This may be really handy if you wish to setup easily repeatable actions on your own or perhaps your team and be sure they’re transported out the proper way every time without by hand configuring settings every time.


Approvers could be any Active Directory (AD) user, or perhaps a ”role” rather of the username. Using roles and/or metadata enables an agreement tactic to be less specific, but more dynamic when it comes to checking up on business changes. Additionally, it enables exactly the same approval tactic to inform a variety of approvers according to your pre-designation within SharePoint. Roles are specified while using $ symbol, and you may also indicate if the approvers can delegate this responsibility.

How to Automate SharePoint Permissions
Indicating Approvers in DocAve Governance Automation


The following section is perfect for duration and escalation. Sometimes, approvers don’t approve the demands in due time. This could cause frustration for finish users. The escalation section enables the machine to transmit the request to a different person to become addressed. Within the screenshot below, you can observe the escalation continues to be set to ensure that after 72 hours, a notification will be delivered to the manager from the assigned approver.
Setting Duration and Escalation in DocAve Governance Automation

Establishing Permissions Management Services: Allowing the Service

All services are configured within the service management section. Most services have common areas for example name, description, and department. The onscreen instructions will show you through and so i will undoubtedly cover a couple of items to note for permission management services particularly.


One factor to think about is to wish to have this unique service be accessible. This is actually entire farm, multiple site collections or sites, or perhaps lower level containers like libraries and folders. You may also decide to permit the business user to set up the URL themselves.  Alternatively, you are able to embed our web-part into the site page.

How to Automate SharePoint Permissions
Selecting Scope in DocAve Governance Automation

Selecting Users

The “Select Users” section would be to determine any users whose permissions could be altered by using this service. “All Users” enables the plan to alter the permissions associated with a user within the farm. Another options allow changes to direct reports, peers, and indirect reports.

Permissions Thresholds

Based on exactly what the scope is, you might not wish to give users all of the control with regards to permissions. Talk to who owns the scope, and hang a restriction in regards to what permissions are okay to alter, and just what permission levels are not allowed.

How to Automate SharePoint Permissions
Setting Excluded Permissions with DocAve Governance Automation

Additional Personalization

We’ve built lots of versatility into Governance Automation to suit various scenarios for organizations of industries everywhere, but may you’ve just got that certain use situation where you’ll need a little different things. Custom Action enables Governance Automation to operate a script either after or before approval, or following the services are delivered. You may also setup an execution schedule that enables the requestor to pick a scheduling option you predefine. This can be to defer the execution from the service, this time around, supplying versatility towards the business user.

This is among the numerous tasks Governance Automation are capable of doing. Discover more about DocAve Governance Automation on its product page. Or browse the below posts to discover:

  • Automation according to classification
  • Automating SharePoint provisioning (not far off!)
  • Automating content lifecycle management (not far off!)
  • Automating records management (not far off!)