SharePoint
Feedback by UserVoice

SharePoint Administration

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

I suggest you ....

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Ship SharePoint Server 2016 with a SAML Claims-aware People Picker

    I gather from Bill's "What's New for IT Professionals in SharePoint Server 2016" Ignite session that SharePoint 2016 Web Applications will leverage SAML (Trusted Identity Provider) claims by default.

    When using SAML claims with SharePoint 2013, we need to deploy a Custom Claims Provider in order to resolve names (even against AD DS), which introduces a requirement for a Farm Solution. Kirk Evans discusses this here: http://blogs.msdn.com/b/kaevans/archive/2013/05/26/fixing-people-picker-for-saml-claims-users-using-ldap.aspx

    Will SharePoint Server 2016 ship with an updated People Picker and Claims Provider that is natively "compatible" with SAML claims, or will a bespoke solution still be needed?

    226 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      15 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
    • Deny Security

      You should be able to apply deny security to objects and sites in SharePoint. Everyone in the company (via domain users AD group membership or some other security group membership) should be able to see a site except employee a, b and c.

      As you hire new employees with deny security in place, you don't have to add them to the site.

      Imagine this... If you have 20 new hires a week and 200,000 sites that they need access to and each site has random individuals who aren't allowed to see random sites. The administrative burden is huge.

      Locking down…

      87 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
      • Allow list/library views to be permission based

        To be able to create custom public views on a list or library that can be distributed to only certain users. This can help to control who has access to what files within list or library quite simply

        73 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          10 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
        • IRM read permission does not allow to change a filter or a pivot, nor to run a macro

          The RMS permissions on a document for a user depend on the permission a user has for that library or document in sharepoint. The mapping from the sharepoint permissions to the RMS permissions are fixed and cannot be configured at this moment. This causes problems for users having sharepoint read access, when opening an excel workbook because they cannot change filters, make or change pivots, running macros. This makes the reading process of RMS protected workbooks unusable.

          53 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
          • Enable Guest Links

            Guest Links in SharePoint Server 2016 are technically possible to get working, and they do work, however it would be great if there was official support for them. These links would provide the same functionality as in SharePoint Online -- read-only and editing access for anyone who has the link. This is not a request to enable External User Sharing, as that requires further integration with Azure ACS.

            41 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              10 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
            • Support for SQL 2016 Always Encrypt

              SQL 2016’s Always Encrypted feature should be supported

              35 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                8 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
              • Permission on column level

                Fine grained permissions on column level (View, readonly, edit ...)

                31 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  4 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                • Need to simply open html files on SharePoint Online

                  In SharePoint server, we can set Browser File Handling to Permissive in order to have the user's browser simply open an html file that appears in a document library. We need to be able to accomplish this functionality in Office 365/SharePoint Online.

                  20 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                  • Data leackage prevention for OneDrive for Business Client sync

                    Currently you can sync multiple SharePoint libraries from different tenants in OneDrive for Business. To prevent data leakage it would be helpful for my organization to restrict the synchronization to just specific tenants (maybe based on the tenant GUID).

                    19 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                    • 入れ子になったセキュリティグループでの制御に関する不具合を改修してほしい

                      現状”非推奨”とされている、入れ子になったセキュリティグループでの制御を可能にしてください。

                      この制御とは、例えば以下を指しています。
                       ・入れ子になったセキュリティグループにサイト・リスト/ライブラリへの権限を付与した際の挙動(新規にメンバー追加したセキュリティグループメンバーに権限付与されない場合がある)
                       ・[ユーザーまたはグループ]タイプの列の[選択元]に、入れ子になったセキュリティグループをメンバーとしたSharePointグループを指定した際の挙動(SharePointグループメンバー直下に指定したグループしか対象にならない。(そのグループの下位階層グループは対象にならない))

                      弊社では「会社」/「部」/「グループ」のセキュリティグループを作成し、それぞれのメンバーに下位組織を表すグループをメンバーとさせることで、会社組織全体の構造を表現しています。
                      また、「部」/「グループ」の増減や、それらメンバーのユーザーの増減が発生した場合は、対象の「部」/「グループ」のメンテナンスを行っています。
                      その上で、「会社」を表すグループを各種権限設定やリスト・ライブラリ設定等で指定することで、組織変更や人事異動が発生しても都度メンテナンスしないで済むようにしておりました。

                      しかし、例えば前述しました制御に関して、御社のサポート窓口に問い合わせる都度、入れ子になったセキュリティグループの利用は「不可能」ではなく「推奨していない」とご案内されるのですが、その理由が以下のようなもののようですので、利用者側からするとそれらは”制限事項”ではなく”立派な不具合”であると思います。

                      ・下位階層のグループにメールが送信されないことがある
                      ・下位階層のグループに対しアクセス権限が適用されないことがある
                      等々

                      仮にそれが想定した通りの動作であったとしても、各種設定に、グループではなく対象エントリの”すべて”(ユーザー含む)を設定しなければいけない運用となり、とてもではないですが非現実的であるため、こちらが解消されるか否かは、今後もSharePointを利用するか否かにも匹敵する問題かと思います。
                      恐らく、弊社だけが問題視しているわけでなく、他の企業様でも同様に感じているのではないかと感じてることですので、当問題の解決を強く要望いたします。

                      19 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                      • Show the access request email address on the Access Denied screen and/or a custom message

                        When users request access they might not get a response back from the site's owner. This is typically the case in large companies where people come and go often. Also site owners aren't on the hook to respond because they know users aren't aware the email was sent to them. The end result is a flood of tickets to the SP admin to provide access.

                        Also what would be nice is a option next to the access request email address button where you can leave a custom message at the site level so it shows on the access denied screen.…

                        19 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                        • Change default Site Members Edit rights back to Contribute

                          There is a fundamental flaw in the permissions model in modern SharePoint team sites and Microsoft Teams. Site Members have been given Edit rights which allows them to delete or edit apps on the site. That is the role of the Site Owner. The Site Members must be given Contribute rights, (like it was in SharePoint 2010).

                          16 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                          • In SharePointOnline permission system can be set all files to Download control, It's not just Office files.

                            In SharePointOnline permission system can be set all files to Download control, It's not just Office files.

                            15 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                            • Enable IP Security At Site Collection

                              On SharePoint Online you can whitelist specific IP ranges at the tenant level but this isn't necessarily granular enough. There are many instances where I would prefer to be able to force an IP restriction on a specific site collections so I can ensure that I outsider can't access the content or so I can treat the content as public (no login required) for specific sites but not the entire internet.

                              15 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                              • Change the default link type per site collection

                                I'd like to be able to change the default link type per site collection or even better per site, not just at the tenant level. This ability would reduce incorrect sharing in tightly restricted site collections.

                                13 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                                • Add granular site permission "Manage Access Requests"

                                  Allow us to create a permission role that can be assigned to a SP team site group that allows users the ability to manage access requests with out having to grant "Manage Permissions" or "Manage Web Site" or simply granting full control.

                                  10 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Permission Reporting Structure

                                    I would like a back-end reporting structure for permissions. It would be really helpful to be able to call up a user and see all of their permissions. I would also like to be able to update/change their permissions from this report as well (e.g., checkboxes).

                                    10 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Multilogon accounts

                                      Provide support for multilogon accounts. Currently i:0#.w|domain\jdoe logging in with windows authentication is not the same as i:60.t|adfs|jdoe@domain.com. I need to be able to connect those accounts to ease out hybridisation.

                                      10 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        3 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Expansion of the number of restricting domains for external sharing

                                        According to the below knowledgebase, 120 domains in maximum can be set to allow or block sharing domain list at the tenant level, and 60 domains at the site-collection level.
                                        I hope it could be expanded or unlimited the number of domains.

                                        “Restricted domains sharing in SharePoint Online and OneDrive for Business”: https://support.office.com/en-us/article/Restricted-domains-sharing-in-SharePoint-Online-and-OneDrive-for-Business-5d7589cd-0997-4a00-a2ba-2320ec49c4e9?ui=en-US&rs=en-US&ad=US

                                        9 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                                        • When denying access, let the admin determine whether to send an email to the user

                                          Today when a user wants access to a resource, the admin receives an email with their request. If the admin then denies the user's request, the user is sent an email from SharePoint. As an admin, I like to send my own email stating **why**, and maybe where to go instead. Or I may structure permissions differently than what would happen if I just clicked "Accept". So I don't want SharePoint to automatically send this email. How about a checkmark I can uncheck when I deny the permissions? Admins need this level of control to prevent a confusing user experience!

                                          9 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            3 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 6
                                          • Don't see your idea?

                                          Feedback and Knowledge Base