Add an extra group for management to a team site

SharePoint permission configuration is one of the hardest things for end-users to understand. Sometimes it is easier to explain a specific scenario instead of how the entire permissions concept works.

This article will explain the following scenario:

  • The DW&C team has a new team site
  • Visitors should have read access to the site
  • People in the DW&C should have contribute permissions
  • There should be a group of site admins for taking care of the site
  • There needs to be a separate document library that only the management team has access to

This scenario would work in exactly the same way if this was a project site.

To start off, we’ll assume that the DW&C department has already created a standard team site.


Standard team site permissions

Our scenario team site has now been updated to have an extra Management Documents library and a calendar.


When creating this site, we created new permissions, which means that SharePoint automatically created the following groups with the following permissions:

Group Permission level Users Explanation
DW&C Site Visitors Read All users On an intranet, it’s best to give as much read access as possible to ensure transparency and findability.
DW&C  Site Members Contribute All DW&C users All users in the department should have the ability to influence the information on their department site.
DW&C Site Owners Full control Owners/admins Choose a few users to manage the site, i.e. super users.

Note: some people suggest adding the department’s manager to the Owners group – after all, they are responsible for the department. However, managers should generally be added to the Members group. Specific users should be chosen to manage the site and be added to the Owners group. The managers will get extra access to their specific documents later in this scenario.

In the starting scenario, the users in these groups have access to all of the content on this team site as nothing specific has been configured.

SharePoint objects, i.e. sites, lists, libraries, folders and items, inherit permission from their parent item.

This means that all users also have access to that Management Documents library, which should be kept separate just for DW&C’s management team.  To configure that, we will need to set up a new user group.

Creating a new user group and filling it

In SharePoint, it is possible to assign permissions in three ways:

  1. To a SharePoint group (add Active Directory users, groups or SharePoint groups)
  2. Directly to an Active Directory group
  3. To an Active Directory user

The first two options are fine, in most cases. However, option #3 should generally be avoided. It is much better to create a group and assign permissions to the group rather than assign permissions directly to a user. The contents of the group is far easier to maintain rather than going through and changing a specific user’s permissions.

It is possible to directly assign permissions to AD groups, which does have advantages in some environments. However, when working with an intranet team or project site, SharePoint groups are usually the easiest to work with.

To create a new group for a site, do the following:

  1. Go to the site you wish to add the group to
  2. Click the cog wheel and go to “Site Actions”
  3. Choose “Site permissions”
  4. Choose “Create group” from the ribbon




Note: the new user group will be available for the entire site collection, not just this one site. You should name it accordingly – in this scenario, I will name it “DW&C Site Management” to keep with the current naming convention.

When creating the group, the current user is set as owner. In most cases, this should be set to the site owners group, so that they can maintain the membership of this group.


I suggest giving this group “contribute” permissions.


Once the group has been created, you can add users to the group by clicking “New” and “Add users”. You should be able to select the applicable management users from the Active Directory by typing in their names, emails or user IDs.

For more information on adding users to a group, please see Manage SharePoint groups.

Changing the permissions for the Management group

Now we have the DW&C Site Management user group, but we need to change the permissions on the Management Documents library so that only the Management user group has access to it. To do that, we will need to break the permission inheritance on the Management Documents library.


To change the permissions on the Management Documents library, please do the following:

  1. Go to the library
  2. Go to the “Library” tab and choose “Library settings”
  3. Choose “Permissions for this document library”
  4. Observe that the library currently inherits permissions from its parent, the DW&C Site. Click “Stop inheriting permissions” to break the inheritance.
  5. Now the library has unique permissions; the options in the ribbon have changed.  If you want to revert back to inheriting permissions, you could click “Delete unique permissions”.
  6. Remove the visitor and member permissions by selecting the groups and choosing “Remove user permissions” in the menu. As of now, the users in these groups will not have any access to the Management Documents library.

As a final step, you should determine if the DW&C Site Owners group should retain their permissions. Note that one group will need to have “full control”, so either the Owners group will need to stay or the Management group will need to have their permissions upgraded.


Technet: User permissions and permission levels in SharePoint 2013
Technet: User permissions and permission levels in SharePoint 2010
Office support: Manage SharePoint groups
Technet: Best practices for using fine-grained permissions in SharePoint Server 2013

Calculated column for priority

I’m currently working on a project where we needed to assign a priority to issues based on impact and urgency. You could always let users figure this out for themselves, but it’s much better to automate it when there are clear definitions for each value and a table which translates the impact and urgency to priority.


My first thought was: “Sure! I’ll do that! It’ll be simple.” Then I found myself looking at the calculated column formula screen and realized that it had been a long time since I had needed this knowledge.

The first limitation is that SharePoint only allows for up to 7 nested IFs. I broke the solution up into four calculated columns:

  1. Priority – Very Urgent
  2. Priority – Urgent
  3. Priority – Not urgent
  4. Priority – calculated

The first three columns calculate the correct priority value based on each urgency line. If the urgency is very urgent, the formula checks to see what the impact is and then sets the field value to the priority listed in the table.  If the urgency in that issue does not match the formula (i.e. if the urgency is not very urgent), the field value is set to “N/A”, as that urgency is not applicable.

/* Very urgent */
=IF(AND(Urgency="Very Urgent",Impact="Critical"),"1",
IF(AND(Urgency="Very Urgent",Impact="High"),"1",
IF(AND(Urgency="Very Urgent",Impact="Medium"),"3",
IF(AND(Urgency="Very Urgent",Impact="Low"),"3",
IF(AND(Urgency="Very Urgent",Impact="Very Low"),"4","N/A" )))))

/* Urgent */
IF(AND(Urgency="Urgent",Impact="Very Low"),"4","N/A" )))))

/* Not urgent */
=IF(AND(Urgency="Not Urgent",Impact="Critical"),"2",
IF(AND(Urgency="Not Urgent",Impact="High"),"3",
IF(AND(Urgency="Not Urgent",Impact="Medium"),"3",
IF(AND(Urgency="Not Urgent",Impact="Low"),"4",
IF(AND(Urgency="Not Urgent",Impact="Very Low"),"4","N/A" )))))

To tie it all together, the Priority – calculated column looks at the values of all three columns and displays whichever one does not have the value “N/A”. If none of them have that, then the column displays the text “error”.

/* Final calculation */
=IF([Priority - very urgent]<>"N/A", [Priority - very urgent],
IF([Priority - urgent]<>"N/A", [Priority - urgent],
IF([Priority - not urgent]<>"N/A", [Priority - not urgent],
"Error calculating priority")))

To test, I showed all 6 applicable columns in a view:


You can see that because the urgency was very urgent and the impact was critical, a 1 was filled into the priority – very urgent column. When the Priority – calculated column did its work, it copied over the 1 from the priority – very urgent column.

Creative use of the Reusable Content option

I have rarely seen clients use the Reusable Content option. Occasionally it will be used to add a disclaimer to a page – but often that’s best placed in a page layout for a specific page type anyway. There just doesn’t seem to be much of a use for it, though I’ve always wondered if there could be a really useful application.

In a recent project, Daniel Gustafsson found two really cool uses for it: adding a floating image to page content and adding numbered bullet points which are highly styled. These are by far the most interesting uses I have ever seen for the Reusable Content, which is why I asked Daniel if I could share them with you here.

This example is done using SharePoint 2013, but should work for all versions. Be careful with the HTML5 on older versions of SharePoint, though. You will need to add your own CSS.

This article will discuss how to handle an image with float left:

And it will also handle numbered bullet items:


What is Reusable Content?

Reusable Content allows end users to save snippets of commonly used text or HTML which can then easily be put onto a page.

All Reusable Content is saved into one list per site collection, always saved at the root in the list Reusable Content.


Reusable content can be anything you might need to reuse:

  • Byline
  • Disclaimer text
  • Standard piece of HTML
  • “About me” text

Once a piece of content has been added to the Reusable Content list, it can be added to a page by clicking the Reusable Content button in the ribbon and then choosing the item from the list.


Reusable Content items come with an interesting feature called “Automatic Update”. If you turn this on for an item and update the content, it will update everywhere the Reusable Content has been placed. this can be extremely useful in many places. In the following two examples, it must be turned OFF for the functionality to work correctly.

Image float left

Image float left inserts an image with text possibilities into the page, floated left:


The default image is configured as a basic placeholder, giving the user something to click. Once the image is selected, you can choose a new image via the Replace Image option in the ribbon.


The texts can be replaced just by clicking on them and changing them to whatever the user needs. The texts also keep their formatting, as long as the user doesn’t delete too much of the reusable content item.

Configuration in Reusable Content List

Note: automatic update must be set to no.

Reusable HTML (remember to edit HTML source when editing):

<figure class="float-left box-story"><img alt="image" src="/Common-Image-Library/placeholder.jpg" _moz_resizing="true" style="width: 300px; height: 300px;"/><figcaption>
<header>Header for box story</header>
<p>“Box story body text”</p> </figcaption> </figure>

Bullet points with header

Sometimes the default unordered list in SharePoint is overly boring, even after styling it. The developers in this project came up with a much cooler way to display the content:


It’s a little fiddly in the implementation and later changes – adding something in between the current header 2 and header 3 is difficult, for example. However, when you are looking for a very stylized front-end website, it may very well be worth it.

This content actually consists of two pieces of Reusable Content: first, the Numbered List Item Wrapper is placed. Afterwards, the Numbered List Items can be placed into that wrapper.

Numbered list wrapper

Note: automatic update must be set to no.

Reusable Content HTML:

<div class="numbered-list">MARK TEXT and add reusable content numbered list ITEM</div>

When this is placed on the place, it simply shows the text shown in the div. To use it properly, select the text and then choose the numbered list item from the Reusable Content.

Selecting the text simply ensures that the actual list items are placed inside the list wrapper div.

Numbered list item

Note: automatic update must be set to no.

Reusable Content HTML:

<div class="numbered-list-item">
   <div class="numbered-list-item-content">
      <header>Numbered item with header</header>
      <p>Body text for numbered list item</p>

Add this Reusable Content item to the wrapper as described below, simply adding more bullets until there are as many as you would like that. Afterwards, edit the headers and texts to match what is required.

CSS for the numbered list reusable content

/* ------------------------------------------ */
/* ------------------------------------------ */
.numbered-list {
    counter-reset: numlist;
    border-top: 1px solid #CBC7C2;

.numbered-list-item {
    border-bottom: 1px solid #CBC7C2;
    padding: 15px 0 4px 1px;

.numbered-list-item:before {
    counter-increment: numlist;
    content: counter(numlist);
    -webkit-border-radius: 999px;
    -moz-border-radius: 999px;
    border-radius: 999px;
    width: 10px;
    height: 10px;
    padding: 8px 10px 12px 11px;
    background: #b4a76c;
    color: #fff;
    text-align: center;
    font: bold 14px/1 HelveticaNeueSerif, serif;
    font-size: 1.16667rem;
    float: left;
    margin-top: -5px;
.numbered-list-item-content {
    margin-left: 42px;
    padding: 0 0 0;
.numbered-list-item-content header {
    font: bold 15px/1.2 HelveticaNeueSerif, serif;
    color: #404040;
    font-size: 1.25rem;
    font-weight: bold;
    margin: 0 0 10px 0;
.numbered-list-item-content p {
    margin-top: 0;

ADFS authentication and LastPass

I had been frustrated with logging into an environment with ADFS authentication as Chrome does not support ADFS.

My colleague, Daniel Karlsson, gave me the tip that Firefox does work with ADFS. Much to my pleasure, it turned out that LastPass and Firefox are a wonderful combination for logging into these environments. Thanks again!

So, I have updated my post Tips for logging into multiple SharePoint Online environments, which covered LastPass, multiple sessions, multiple browsers, etc.