A complete guide to breaking inheritance in SharePoint Online

Written by Saajid Gangat in Microsoft,Microsoft Walkthroughs,SharePoint,SharePoint Guides,Step-by-step Guides Last Updated July 27, 2023

Simply explained, inheritance is the process through which a parent object transfers its attributes to its child. A child is a separate object that is included in the parent object. Consider the shapes of a rectangle and a square. A square has all of the characteristics of a rectangle, yet it is its own entity. What is the significance of this? Inheritance may be incredibly beneficial in a variety of situations. When you create a child object, it inherits all of its parent’s capabilities. This will help you save a lot of time. Here’s how SharePoint permissions work with inheritance. The parent-child connection in SharePoint is represented by the site hierarchy. A subsite’s parent is a site. A list or library’s parent is a subsite. The parent of its items is a list or library. Aspects of the parent are passed on to the child in certain situations. Children inherit permission levels in SharePoint by default. A user who has access to a subsite, for example, will have access to that subsite’s libraries. As a result, you may define permissions at the top level of a site, and they will apply to all children – i.e. the entire site.

In this blog, we will show you a complete guide on breaking inheritance in SharePoint, from the process to the different steps required to break the inheritance. Follow through for more information.

  1. How to break permission inheritance
  2. The better practices of breaking inheritance
  3. Permission customisation

We have included a list of different factors that link with breaking permission inheritance. These will really help you understand what permission inheritance is and how it can help you make managing site permission a lot easier than just the bare bones permission settings you get in the standard management access panel. Follow through and learn the various steps to improve your capabilities in SharePoint and run your online network like a pro.

How to break permission inheritance

  • First, sign in to Office 365.
  • Use the app launcher and navigate to “SharePoint”, and click on it.
  • In SharePoint go to the Site where your files are located.
  • In the menu bar, find and click on your document library.
  • Find the document you wish to add sharing restrictions and click on it.
  • Click on “Show actions”, illustrated by 3 dots.
  • Then click on “Manage access”.
  • Then click on “Advanced”.
  • Now click on “Stop Inheriting Permissions”.
  • Finally, a pop-up warning will show regardless of what browser you use, click on “OK” to confirm.

This website has now disobeyed its ancestor. If you don’t see this option, it’s possible that you don’t have the necessary permissions.

Permission Inheritance is a fantastic tool. It will assist you in setting up your site in a safer and more effective manner. You can also store sensitive information safely by breaking inheritance. Now that you’ve mastered the fundamentals of SharePoint groups and permissions, it’s time to create a permissions strategy. This strategy is critical for every firm that wants to set up groups and permissions.

The better practices of breaking inheritance

When a user violates inheritance at a low level, fine-grained permissions are created. Fine-grained permissions should be avoided in most circumstances. They can be used to grant access to certain objects on a website, but they can also pose a number of issues. They can bring performance and security concerns when abused or poorly used. Consider the following to prevent problems with fine-grain permissions.

Don’t breach permissions if you don’t have to. Although this tool has a lot of potentials, you should only use it when absolutely necessary. Furthermore, anytime you issue permissions, try to stay as high up the hierarchy as possible. The further you move from the main location, the more complicated it becomes.

You can, however, choose to disrupt the inheritance chain. You breach inheritance when you modify a child’s permission levels. This implies it no longer has access to its parent’s permission. For example, you could only want a subset of users to be able to view a certain subsite. You would break permissions inheritance in this situation and establish a higher required level. In this situation, the new inheritance will be passed along to all of the item’s offspring. When it comes to providing greater permissions for subsites, breaking inheritance may be incredibly handy. This is a practical technique to handle sensitive data.

If you perform the following, you can avoid fine-grained permissions:

  • Permission inheritance should be broken as little as feasible.
  • Assign rights to groups depending on folder membership.
  • We no longer suggest that you avoid using SharePoint groups to handle dynamic user and group memberships due to a change in SharePoint Server search continuous crawl capabilities that now include security information. Using dynamic memberships in SharePoint groups prior to SharePoint Server might result in search results not being displayed appropriately for all members unless a full crawl was performed following the membership change. A dynamic membership or other security modification will now be caught up sooner (default value is 15 minutes) and utilised by search query result reduction thanks to the continuous crawl capabilities that now includes security information.
  • Make sure there aren’t too many things at the same level of hierarchy in the document libraries, since this will lengthen the time it takes to process items in the views.

Permission customization

Remember these three SharePoint permissions rules:

  • Permissions are sent down in each Site Collection from the Top-Level Site.
  • Permissions build up over time.
  • Users can only access Sites, Lists, Libraries, and Documents for which they have rights using “Security Filtering” in SharePoint.

That implies that if you have “Edit” access on the Site Collection’s Top-Level site, you also have “Edit” permissions on every Subsite, List, and Library. You can violate permissions at any level in the Site Collection, but keeping track of all the locations where you’ve done so might be challenging.

Breaking permission inheritance only when absolutely essential and at the greatest level in the hierarchy that you can without providing too many rights is the Best Practice for SharePoint Permissions.

In-depth – Step by step process – How to break permission inheritance in SharePoint Online

Step by step breakdown:

  • First, sign in to Office 365.
  • Click the app launcher in the top left.
  • Then select “SharePoint” from the apps list.
  • In SharePoint go to the Site where your files are located.

We selected a site called “Demo.” However, your sites will appear differently.

  • Go to “Documents” on the left menu. (1)
  • Right-click the file you’re restricting access to or click the three dots next to it. (2)
  • Then select “Manage access” from the popup menu. (3)
  • Then click on “Advanced”.
  • Now click on “Stop Inheriting Permissions”.
  • Finally, a pop-up warning will show regardless of what browser you use, click on “OK” to confirm.

That’s it for this Blog thank you for taking time out to read our content, please feel free to email our team about how it went if you followed the steps or if you need more help with the questions we answered in this Blog.

Saajid Gangat

Saajid Gangat has been a researcher and content writer at Business Tech Planet since 2021. Saajid is a tech-savvy writer with expertise in web and graphic design and has extensive knowledge of Microsoft 365, Adobe, Shopify, WordPress, Wix, Squarespace, and more! You can connect with Saajid on Linkedin.

Recent Posts