One of the most important areas you will manage as a SharePoint site administrator is that of permissions. In many companies and businesses the use of file shares usually means that permissions to data and information are controlled centrally by the IT team. With SharePoint this central control is delegated to site collection administrators and site owners. Site collection administrators manage the security for the site collection as a whole, while site owners usually manage security for a team site or collection of subsites.
As you saw in Lesson 24, SharePoint security is built around security groups, both SharePoint and Active Directory groups. When you use a security group you assign a permission level to that group, such as contributor or owner. The group can then interact with SharePoint according to the permission level assigned to the group and the rights available within that level.
However, SharePoint is also flexible enough to enable you to edit the permission levels and in fact create your own. (Remember that permissions can be given only as part of a level; individual permissions contained within a permission level cannot be assigned individually to one user.) This ability to create your own permission levels and associated rights can be useful when you find certain permissions do not meet your requirements. The core permission levels provided out of the box for a team site include the following:
- Full Control: All available rights are ...