By default, communities, subsites, and their lists and libraries, all inherit permissions from Home. Therefore, when you set up permissions, Home is the place to do it.
For most employees, the default permission level "contribute" has everything they need. It allows employees to view and contribute to discussions, documents and wiki pages, but prevents employees from making structural and design changes to the community itself.
Specifically, contributors may:
- Share ideas, ask questions, and generally contribute through Share Something
- Comment on what others have shared
- View and search directories and profile pages
- Upload documents
- Create wiki pages
- Add calendar events
But they may not:
- Create and delete sites
- Change the layout of a site
- Create new document libraries
For a full list of permissions included in the contribute permission level, reference this article from Microsoft: https://technet.microsoft.com/en-us/library/cc721640(v=office.15).aspx
Setting up a Contributors Permission Group
- From the Home community, click the settings cog, then Site Settings. Select People and Groups from the Users and Permissions section of the Sit Setting page.
- Click the Groups header in the left navigation to see a complete list of your current SharePoint groups.
- Is there a Contributor group there? If so, click on it and skip to step 7. If not, follow steps 4 — 6 to create it.
- Click the settings cog, then Site Settings, but this time select Site Permissions from the Users and Permissions section of the Sit Setting page.
- In the Permission Tools ribbon, click the Create Group button.
- Name your new group "Contributors." In the Give Group Permissions to this Site section, check the box next to Contribute. You can accept the defaults on other areas of this page and select Create.
- In the New drop-down menu, select Add Users.
- Begin typing the name of the Microsoft Active Directory security group you want to grant Contributor access to, then select the group from the auto-suggest list.
- Early Adopters is a custom security group that your IT team can create for you, they'll just need to know who to add to the group. This is the group you'll grant access to while your configuring and gathering feedback about your Intranet prior to going live.
- Domain Users is a standard security group that contains all active domain accounts, in other words, anyone with a firstname.lastname@example.org email. This is the group you'll grant access to when you are ready to go live.
- Click SHOW OPTIONS and then uncheck the Send an email invitation checkbox.
- Click Share.
Members of the security group you added in step 8 now have contribute access to all your sites.
Why grant permissions to a security group instead of to individual employees?
Your IT team already has an established process for setting up new employees' Microsoft Active Directory accounts and adding them to the appropriate security groups. IT generally has no such process for adding new employees to, and removing inactive employees from, a Microsoft SharePoint permission group.
Granting employees access to Knowledge Architecture Synthesis through anMicrosoft Active Directory security group gets the job done without creating a new process for someone to manage.