Group-Level VIEW ONLY Permissions
While I'd like to see some more granular permissions in general, I would like to see at a minimum a VIEW ONLY option assigned to users in a Group / Plan.
Right now everyone is a contributor and everyone can do everything, but there are lots of situations where we want to give situational awareness to certain users, but not let them edit group documents, or potentially delete things (not out of malice, but just unawareness).
You already get at least the basic Viewer/Contributor model on most other services, like SharePoint team sites, Yammer groups, almost all of the project management tools, etc.
you can do this in SharePoint today (i.e. put all members into Read Only permission bucket)
This topic has been dead for over a year. We really need the ability to at least designate some group members as being "read-only". Can anyone at Microsoft help us to do this more efficiently?
As proposed by Admin here in 28 April, 2017, if go with that solution, user will need to work in two different places (O365 Group and SharePoint Group) to grant permission. This give confusion and not user friendly approach. If O365 Group shall be the future membership service to manage permission across different resources in Office 365, the Read permission shall be made available at O365 Group level. The owner of the O365 Group shall only need to manage the permission at one place. If there are more granular permission required for specific document library or subsite in a Team Site, then user can continue use the SharePoint Group to do granular permission setup. The default resources like Team Site, Teams, PowerBI, Planner etc that belong to a O365 Group shall have Full Control, Edit and Read these three different permission as minimum. Really hope this can be considered by Microsoft.
Mary Ann Kowalczyk commented
Is the functionality to set files Read Only for Yammer set up yet? Will it ever be set up this way or will we always have to use SharePoint. Even in Teams we cannot do this unless we set up a subsite. My company is moving towards Teams and Yammer sites... but we have to use SharePoint to have read only files. Why can't this be available for Teams and Yammer too?
Jesús Achaerandio commented
For SharePoint Online, The permission level change for a group include only three (Edit, Read and Full Control) and is not covering all the possible levels.
Carlos Miyares IV commented
1) Log into your SharePoint site library
2) Click the gear in the top right corner
3) Click Site Permissions
4) Under Site members click the word "edit"
5) Enable Read This should allow the members of the Group Read only permission.
Ben Patrick commented
Ability to have a Read Only/Comment only function for Yammer and Planner. I'd like to use Yammer as an online noticeboard for the company and use Planner as a holiday and events calendar. Problem is everyone can edit planner and post in Yammer. Want the ability to lock the Planner and the uploading documents/creating posts to a select few people (admins), then everyone else can only comment on posts if its a public group, or only members can if it's a private group
Samuel Lockett commented
Below are the steps I used to set these permissions for read/write group and read only group.
-=:Setup Read Only Access for O365 Groups:=-
1. Setup a security group like TestGroupROG
2. Create regular O365 Group and add members that can read/write
3. Go into the group's Documents -> Click on the Gear -> Site Permissions -> Advanced Sharepoint Permissions
Note: You can go straight to the permissions through this link by changing the Group Name: https://domain.sharepoint.com/sites/TestGroup/_layouts/15/user.aspx
4. Click Grant Permissions -> (You will see Invite people) Type in name of person or group you want to have read only permissions -> Click "More Options"
Select the permission level [Read] and click Share
I am sure this would be a breeze with powershell if you need multiple groups.
New-MsolGroup -DisplayName “Test Security Group”
Rob U. commented
Hi, could someone confirm at MS confirm where you are with this please? There is a very real need for more granular permissions on Office 365 groups
Patrick Smalley commented
Where is this at? In 2016 you guys were working on it...
We could really use this management of groups.
Although I get the idea of collaboration, a Group owner should be able to at the very least, control what GUEST users can do simply and easily - in particular, to set them read-only. It's just common sense.
I get the idea is to allow quick collaboration but there are so many scenarios where read-only is going to be desired (presenting HR docs to staff as one example). I would ask is Microsoft trying to move away from traditional (classic) team sites? If so then having more granular ability to control permissions is going to be important to meet various use cases.
We really need to be able to prevent folks from updating the group calendar - only 2 people need write access, and everyone else should have read only. Why would I shift to Sharpoint for this? We should be heading towards using NEW technology and not old.
Any status update on this?
I'd like guests to be able to receive emails sent to the group, but not be able to reply. This would allow a basic mailing list (e.g. Mailman) replacement. DGs are not good for allowing people to unsubscribe themselves, which is an important consideration these days. O365 groups do allow people to unsubscribe, but in the meantime it doesn't mean they should be able to email everyone else in the list.
Jeremy Miller commented
Agree with others here. Simply changing permissions in SharePoint does not fulfill the original ask. In the SharePoint only scenario suggested, how does this affect the Exchange pieces of Groups? Seems the "read only" user would still be able to make edits to the conversations, calendars, etc.
Philip Worrell commented
I think you will find this item is about group specifically. Scenario where you have a private group, you have your owners and members, but you may want to give group access to other to see your information in conversations, planner, sharepoint etc, but not have them directly contribute.
It goes against general collaboration in some ways as why be able to only read something and not be able to respond, but I can see situations where this would be required. Where people need read access but should not be able to modify a conversation or, plan or file.
Ron van de Ven commented
I would like to see a wider implementation of what is already available in sharepoint across all services that draw on an office group. Meaning Planner, Teams & Outlook as well instead of only sharepoint. We can hardly work with public groups, but for each group there can be several stakeholders that we like to be informed but not mess things up sort of speak.
It would be really helpful to have the following user permission options:
1) Files area is read-only (user cannot upload or change documents) and user can download documents stored in the group.
2) Files area is read-only (user cannot upload or change documents) and user cannot download documents stored in the group.
Marlo Bell commented
Another side effect of this is that documents aren't searchable to the general population. There is a situation where users aren't deeply involved in a group, but the information is still beneficial. Our company has tried to adopted a Knowledge Management mantra of "no harm in knowing", in that documents should only be locked down when they NEED to be locked down.
Ditto on permissions within group file/document libraries
I want this too