14 votes1 comment · SharePoint Administration » Office 365 SharePoint Tenant Admin · Flag idea as inappropriate… · Admin →
4 votes2 comments · SharePoint Administration » Auditing & Compliance · Flag idea as inappropriate… · Admin →
I ran into an issue, which technically isn't possible, but because I didn't see it with my own eyes I am having to go off of the word of my end-users, but we had a user perform an edit to a document when the user only has READ access.
My first thought was to obviously double/triple check the user's permissions, but my second thought was to run an audit report (SharePoint Online -by the way), and check the following options:
*Opening or downloading documents, viewing items in lists, or viewing item properties
*Moving or copying items to another location in the site
*Deleting or restoring items
The report didn't even come back with data -which inevitably lead to a whole other related, albeit different issue.
I ended up contacting Microsoft on the issue, and the only thing I got out of the ticket was a link to this article: https://support.office.com/en-us/article/view-audit-log-reports-b37c5869-1b47-4a82-a30d-ea20070fe527
Drop down the section titled: "Events available for audit log reports" and you will notice that the check-box in the audit report for SharePoint Online called "Opening or downloading documents, viewing items in lists, or viewing item properties" doesn't even work by design.
It is baffling to me that the option exists, when it is guaranteed to not work.
The reason I come here is to shed light on the fact that the above stated selection (Opening or downloading documents, viewing items in lists, or viewing item properties) should be working for SharePoint Online.
You can use custom-built views for this - just a thought.
Using obscure view names and disseminating the hyperlinks to targeted users can kind of accomplish this, albeit you would want the default view to be set to show no content.
I personally find it tedious to manage permissions at the file/folder level, and even the library/list level. Ideally I want to manage permissions from the site level whenever possible, and so this would not be appeasing for me, because this is even more granular then file/folder level permissions.
152 votes3 comments · SharePoint Administration » on-premise Central Admin · Flag idea as inappropriate… · Admin →thinking about it · AdminSharePoint UserVoice Admin (SharePoint UserVoice Admin, Microsoft SharePoint) responded
Thank you for your input. We are investigating the options for enabling this. However, there is unfortunately nothing on the immediate road map.
Super awesome idea. Definitely would help me out with learning PowerShell being new to it.