AvePoint Learn
Request article
Contact support
Request article
Contact support
English

    Home > SharePoint Security Management > Clone or Transfer User Permission Service

    Export to PDF

    Clone or Transfer User Permission Service

    Configure Clone or Transfer User Permission services to request having one person’s permissions be the same as another user. Role changes happen frequently in most organizations. This puts permission control in the hands of business users based on predefined settings set by IT administrators.

    To create or manage services, click Service in the Request Management group within Settings.

    On the interface for creating or editing a Clone or Transfer User Permissions service, configure the following settings.

    NOTE

    For information about common service settings that exist in all types of services, refer to Common Service Settings.

    1. Scope – Expand the tree to select the desired nodes by selecting the corresponding checkboxes.

      You can also enable the following options:

      • Hide the tree from the request page – Select this checkbox if you only allow the business users to manually enter site collection URLs to configure the scope for cloning or transferring permissions. The request scope tree will be hidden from the business users, and they can click Add Your Own URL to enter a site collection URL in the text box.

      • Use SharePoint Online context to automatically populate the service request scope – Select this checkbox if you want to retrieve and use the SharePoint Online context in the service request scope. In the request triggered from the Site Information Card app part page, the URL of the site collection where the Site Information Card resides will be retrieved. The site collection URL will be automatically used as the request scope. Choose one of the following options:

        • Allow Business User to Edit the URL – The site collection URL will be automatically filled into the text box, and the requester can edit it.

        • Show as Read-Only to Business User – The site collection URL will be displayed as read-only, and the requester cannot edit it.

        • Hide from Business User – The site collection URL will be hidden from the requester.

    2. Restrict Source User Selection – Configure the scope of source users/groups that the permissions can be cloned or transferred from, and choose from the following:

      • Allow any user/group – Select this option to allow the business user to select any user and group of the selected scope as the source user.

      • Allow peers and direct or indirect reports (only supports SharePoint Online standard instance user) – Select this option to allow the business user to select the users managed by the requester and the users of the same title as the requester to be the source user.

      • Allow direct or indirect reports (only supports SharePoint Online standard instance user) – Select this option to allow the business user to select the users managed by the requester to be the source user.

    3. Restrict Target User Selection – Configure the scope of target users/groups that the permissions can be cloned or transferred to, and choose from the following:

      • Allow any user/group – Select this option to allow the business user to select any user and group of the selected scope as the target user.

      • Allow peers and direct or indirect reports (only supports SharePoint Online standard instance user) – Select this option to allow the business user to select the users managed by the requester and the users of the same title as the requester to be the target user.

      • Allow direct or indirect reports (only supports SharePoint Online standard instance user) – Select this option to allow the business user to select the users managed by the requester to be the target user.

    4. Click the arrow on the right-hand side to proceed to the next step.

    5. Permission Option – Select a method from the drop-down list to determine how you will assign the source user’s/group’s permission to the target user/group.

      • Append – Adds the permission of the source user/group to the destination user/group.

      • Replace – Replaces the permission of the target user/group with the source user’s/group’s permission.

      Choose whether to assign the Permission Option by this service, or allow the business user to choose the Permission Option when submitting a service request for this service. Choose from the following:

      • Assign by IT Admin – The Permission Option configured here will be applied on the Clone User Permission service request. Select either Show as Read-Only to Business User or Hide from Business User.

      • Assign by Business User – Allows the business user to configure the Permission Option.

    6. Additional Option – Choose how to configure the permissions of the source user that resides in a SharePoint Online security group. Choose from the following:

      • Add target user to the same group in destination – Adds the target user into the SharePoint Online security group where the source user resides.

      • Clone source user’s permissions to the target user directly – Copies the permissions of the group where the source user resides to the target user.

      Choose whether to assign the Additional Option directly by this service, or allow the business user to choose the Additional Option when submitting a service request for this service. Choose from the following:

      • Assign by IT Admin – The Additional Option configured here will be associated with all of the site collections selected in the scope of the Clone User Permission service request. Select either Show as Read-Only to Business User or Hide from Business User.

      • Assign by Business User – Allows the business user to configure the Additional Option.

    7. Options for Transfer – Specify the options to manage the source user/group when transferring permissions. The selected options will be the default selections when submitting a service request. Choose from the following:

      • Remove source user’s explicit permission – Removes the source user’s or group’s permission after cloning the permission successfully.

      • Remove source user from SharePoint groups – Deletes the source user from SharePoint Online security groups that he resides after cloning the permission successfully.

      • Delete source user from site collection – Deletes the source user or group from the site collection after cloning the permission successfully.

      Choose whether to assign the Options for Transfer directly by this service, or allow the business user to choose the Options for Transfer when submitting a service request for this service. Choose from the following:

      • Assign by IT Admin – The Options for Transfer configured here will be associated with all of the site collections selected in the scope of the Clone User Permission service request. Select either Show as Read-Only to Business User or Hide from Business User.

      • Assign by Business User – Allows the business user to configure the Options for Transfer.

    8. When you have finished configuring settings for this service, choose one of the following options:

      • Click the arrow on the left-hand side to go to the previous steps to review and modify your configurations.

      • Click Save to save all of the configurations and return to the Service Management interface.

      • Click Save and Activate to save all of the configurations and activate this service, which allows users to submit requests for this service.

      • Click Cancel to return to the Service Management interface without saving any configurations.