Manage Records Center permissions
Applies To: Office SharePoint Server 2007
This Office product will reach end of support on October 10, 2017. To stay supported, you will need to upgrade. For more information, see , Resources to help you upgrade your Office 2007 servers and clients.
Topic Last Modified: 2015-03-09
Several elements make up security for your environment. One element is the permissions that control access to your sites and the content in your sites. The security model and security features in Microsoft Office SharePoint Server 2007 make it easy to control who has access to what content in your sites. For a Records Center site, you need to secure the Records Center, the records submitted to the Records Center, and the Records Center lists, such as Holds and Records Routing lists.
Note
Users who submit records to a Records Center site do not need to be part of any group in the site collection that contains the Records Center site.
If you plan to add custom permission levels, consider the permissions that are required to perform records management tasks. The tasks and required permissions are listed in the following table:
This task | Requires this permission | On this securable object |
---|---|---|
Submit to Records Center site |
Edit item None |
Source site Records Center site |
Create record series entries |
Edit item |
Records Center’s Record Series list |
Create Holds |
Edit item |
Holds lists |
Manage and release Holds |
Edit item View item |
File that is on hold Holds lists |
View records in search results |
View item |
Records Center site |
Create and manage libraries for storing records |
Manage List |
Records Center site |
Additionally, consider the following when you configure permissions in the Records Center site:
In general, only give records managers and legal team members Edit Items permissions to content on the Records Center site. For sensitive content, you can limit the set of users with Edit Items permissions by assigning them permissions at the document library, folder, or even list item level. For example, a particularly sensitive document could have a single records manager assigned to manage it.
You can configure permissions to prohibit the deletion of old versions of a record. By enabling versioning but not giving users the ability to delete old versions, you can be sure that even if users edit metadata about a record, no old version data will be lost.
Because the Holds list might contain sensitive information, limit the set of users of the Holds list to team members who can create holds and team members who can put items on hold.
Note
It is a best practice to configure all users to have Read permissions on the Records Center site for search and retrieval purposes and to configure a smaller group of records managers to have Edit permissions.
Task Requirements
To add a records manager to a Records Center site:
Add records managers to a Records Center site
On the home page of the Records Center site, on the Site Actions menu, click Site Settings.
On the Site Settings page, under Users and Permissions, click Advanced permissions.
On the Permissions page, on the Settings menu, click Permission Levels.
On the Permissions Levels page, click Add a Permission Level.
On the Add a Permission Level page, type a name and description for the permission level in the Name and Description boxes.
In the Permissions section, select the check box of the permissions for this permission level (see above table).
Click Create.
On the home page of the Records Center site, on the Site Actions menu, click Site Settings.
On the Site Settings page, under Users and Permissions, click Advanced permissions.
On the Permissions page, click to select the check box of the Users/Groups for which you want to assign a permission level.
On the Permissions page, on the Actions menu, click Edit User Permissions.
On the Edit Permissions page, in the Choose Permissions section, click the check box to select the permission that you want the group or user to have.
Click OK.
See Also
Concepts
Plan site and content security (Office SharePoint Server)
Create a Records Center site
Records management
Configure workflows for managing records
Create information management policies for records
Create content types for records
Create document libraries for retaining records
Configure the Records Routing list
Determine permission levels and groups to use (Office SharePoint Server)