The formula for successful sites and happy users is well planned and sustainable approach to site and user management. Here are some key tasks and concepts you can use to plan sites and manage users for your organization.
About site collections
No matter if you're new to SharePoint or have used many versions, the modern SharePoint experience provides greater flexibility, easier navigation, and all sites are mobile friendly. We recommend creating site collections for each workload in your organization. The modern SharePoint experience makes it easier to navigate and maintain because each site is now a site collection. Learn more about the modern experience in SharePoint and the benefits of using Hub sites. We recommend that you create site collections for each workload and then associate them all to a hub site. This gives greater flexibility and adopts easily to changing needs of your organization. For more information, see What is a SharePoint hub site?.
The SharePoint admin delegates the management of site collections to different people in your organization. The SharePoint permissions model helps by allowing you to assign permissions to different roles like site collection administrator, site owner, and other roles. See Manage site collection administrators to learn how to add and remove site collection admins.
The site collection admin has the Full Control permission level to the site collection. This means you can add or delete sites or change the settings for any site within a site collection. Additionally, you can view, add, delete, or change all content within those sites. The secondary site collection administrator can be designated by the site collection administrator. As a site collection administrator, you can add another site collection administrator, or change the site collection administrator, through the Settings page. For more information about this task, see Manage site collection administrators.
A traditional site collection is a group of SharePoint sites that have the same owner and share administration settings, such as permissions. The subsites inherit navigation, permissions, and site design from the site collection. so anytime your site members and projects change, your sites must also change,
Choosing sites for each workload
It’s important that you plan the type of SharePoint site collection you need for your workloads. Then you want to make it easy for your users to navigate and find what they need. This section gives details about some of the modern SharePoint sites that are available and also talks about navigation of these sites. A great article about planning navigation is Planning Navigation for the modern SharePoint experience.
Think of a SharePoint hub site as a frame or foundation that helps you organize different team and communication sites. When you create site collections for each workload in your organization, a hub site connects these site collections in logical ways that make it easier to find and manage. You can then move and manage site collections between hub sites anytime your workloads change. For more information, see Planning your SharePoint hub sites.
A SharePoint team site, and any pages that you create under it, are available only to users that you invite by giving them permission to the site. You can also connect the Team Site to a Microsoft 365 Group. With a Team Site, your organization, team, or group can connect with one another and collaborate on documents and other files, post announcements, schedule meetings, maintain tasks, track issues or action items, and store information in lists. For more information, see What is a SharePoint team site?
A SharePoint communication site allows you to share information like news, reports, and status with others. A communication site usually has a few contributors but many members.
Governance
Governance is the set of policies, roles, responsibilities, and processes that guide, direct, and control how an organization's business divisions and technical teams cooperate to achieve business goals. With regard to your SharePoint site collection, a governance plan can be a guide to help plan the roles, responsibilities, and policies necessary to support your site collection. This may include, but is not limited to, the following considerations:
-
Information architecture, including Web pages, documents, lists, and data
-
Maintenance activities, including managing user accounts
-
Branding and customization policies
-
Training
It is important to prepare a governance plan for your organization. By participating in the development of a governance plan, you can help identify ownership for both business and technical teams, defining who is responsible for what areas of the system. For more information about developing a governance plan, see Overview: best practices for managing how people use your team site.
Note: You may need to work with your SharePoint admin to manage users. For example, the SharePoint admin manages user profiles.
User accounts in Microsoft 365
The global admin adds new users to Microsoft 365 by using the Microsoft 365 admin center, which is the portal for managing users and configuring services. For more information, see Users and roles. When adding a new user, the global admin does the following:
-
Specifies whether that user can also access the administration center
-
Sets the geographic location for the user
-
Selects the type of user license
-
Creates a username and password for the user
Team site users
You can add users to your Team site and adjust the permissions for users. Permission levels and SharePoint group membership can be found under Settings. However, Microsoft 365 now creates a security group called Everyone except external users that contains everyone in the Microsoft 365 directory (except for people who are external to your organization and who are invited through the external sharing feature). This security group is automatically granted access as a Member in SharePoint. That means the users you add to the Microsoft 365 Directory can edit sites, lists, and libraries by default.
Permission levels and group membership
Permission levels are collections of SharePoint rights that allow users to perform a set of related tasks. For example, the Read permission level includes the View Items, Open Items, View Pages, and View Versions permissions (among others), all of which are needed to view pages, documents, and items in a SharePoint site. Permissions can be included in more than one permission level. For more information, see Plan your permissions strategy.
We don’t recommend that you assign permission levels directly to individual users because this can make it very difficult to track and manage who has access to sites. It is sometimes necessary, but should be kept to a minimum to avoid complexity. Instead, assign permissions to groups, and then assign individual users to the appropriate groups. A group is a set of users that are defined at site collection level for easy management of permissions. For more information, see Default SharePoint groups and Customize site permissions. Each group is assigned a default permission level. For example, some of core default SharePoint groups include the following permission levels:
Group |
Permission level |
---|---|
Owners |
Full control |
Visitors |
Read |
Members |
Contribute |
Anyone with Full Control permission can create custom groups.
When you assign permission levels to SharePoint groups at the site collection level, by default, all sites and site content inherit those permission levels. This default behavior is called permissions inheritance. You can specify whether to set unique permissions when creating a sub-site, or break permission inheritance on a site, list or library, or item. For more information, see What is permissions inheritance?
Because a user's permission level determines what he can see and access within a site, you must consider his group membership carefully. For example, a user who is responsible for creating and customizing sites must minimally be a member of the Designer group. On the other hand, a user who needs only to read and download content and may only need to be a member of the Visitors group. For more information, see Understanding permission levels in SharePoint.
As a site collection administrator for you may need toSharePoint, manage features at the site collection and site levels. These tasks may include activating or deactivating features according to your governance plan. For more information, see Enable or disable site collection features. See also Manage the Recycle Bin of a SharePoint site collection.