AvePoint Learn
Request article
Contact support
Request article
Contact support
English

    Home > User Management > Group Permissions

    Export to PDF

    Group Permissions

    Below is an overview of the group permissions logic within tyGraph, highlighting how site ownership and user permissions are recognized and reported.

    • Site owner recognition in tyGraph

      • Only members of Microsoft 365 Groups designated as owners are recognized as site owners in tyGraph reports.

      • Members granted full control access through group membership (e.g., AD Group or Microsoft 365 Group members) are not automatically classified as site owners, despite having full control in SharePoint.

    • AD Group and nested memberships

      • Users who belong to an AD Group included in the site owners group in SharePoint are considered site owners.

      • However, nested group memberships (groups within groups) may not be accurately recognized due to limitations in tyGraph's data processing capabilities.

    • Harvesting limitations

      • The tyGraph harvester captures users within groups but does not capture groups that are members of other groups.

      • Consequently, deeply nested permissions may not be accurately reflected in the Site owner report unless they are explicitly surfaced.

    • Role binding integrity

      Alterations to role bindings in SharePoint (e.g., manually adding members to the site owners group) can disrupt expected logic and lead to inconsistencies in reporting.