SharePoint: New Site Permissions Report

Key insights

• Site permissions for users report — A SharePoint Advanced Management tool in the Data access governance set that lists every site a selected user can access and whether access is full site or limited to specific items.
  It gives admins a clear snapshot of user access across SharePoint and OneDrive.
• How to run — Open the Data access governance area, choose the users to audit, set the scope (SharePoint or OneDrive), name the report, and generate it.
  The process produces a downloadable snapshot you can review and act on.
• What the report shows — For each user it lists accessible sites and indicates site-level access versus item-level access, and whether access was granted directly or indirectly via groups.
  It also highlights shared-link types and direct file/folder permissions.
• Key metrics — The report summarizes Total sites scanned, Sites without users, Sites with user permissions, and the Report date and surfaces the top 100 sites by user count for quick review.
• Main benefits — Helps identify high-risk sites, speed permission cleanups, and support audits. Use it before assigning a Copilot license, during offboarding, or for regulatory compliance audits to verify who has access.
• Recommended actions — Prioritize remediation on sites with broad access, remove unnecessary direct permissions, tidy group memberships, and review shared links such as Anyone links or “People in your org” links to reduce exposure.

Introduction

A recent YouTube video by Ami Diamond [MVP] demonstrates the new Site permissions for users report in the SharePoint Admin center. In the video, Ami walks viewers through the report’s key screens and explains how administrators can use it to audit access across SharePoint and OneDrive. This article summarizes his presentation and places it in a practical governance context for IT teams and security leads.

Report overview and purpose

First, Ami explains that the report is part of the broader Data access governance tools available via SharePoint Advanced Management. The report generates a snapshot that lists every site a selected user can access and indicates whether access is site-wide or limited to specific items, and whether access is granted directly or through group membership. Consequently, administrators gain a centralized view of user permissions instead of manually inspecting individual sites.

Moreover, the report surfaces summary metrics such as total sites scanned, sites with no users, and the top sites by user count, which helps prioritize follow-up work. Ami emphasizes that the snapshot is useful for targeted tasks like pre-assigning a Copilot license, cleaning up permissions during offboarding, or preparing for compliance reviews. Therefore, it aims to reduce guesswork and speed up remediation.

What the video demonstrates

In the demo, Ami steps through selecting users, choosing a scope, and naming the report before running it from the Data access governance landing page. The generated output places users on one side and their accessible sites on the other, while clearly marking site-level versus item-level access and showing when inheritance is broken. As a result, administrators can quickly see whether a user has broad access across a site or limited rights to a few files or folders.

He also points out that the report highlights shared link types and identifies external guests and large membership sites, which are frequent sources of risk. Additionally, the tool lists the top 100 sites by user permissions to focus attention on high-risk locations that often need immediate cleanup. Thus, the video combines practical steps with visual cues that make the tool approachable for busy teams.

Tradeoffs and governance challenges

However, Ami is candid about tradeoffs: a comprehensive scan takes time, and very large tenants may experience delays as the report inventories thousands of sites and nested groups. Administrators must balance the desire for a full, up-to-the-minute view with the operational cost of frequent, extensive scans that consume resources. Moreover, group nesting and complex permission inheritance can produce noisy results that require manual investigation to interpret correctly.

Another challenge involves balancing security and collaboration. Tightening permissions to reduce risk can hinder user productivity if teams lose access to frequently used resources, while a permissive stance speeds work but increases exposure. Therefore, the report is a diagnostic tool, not an automatic fix; remediation plans must weigh business needs against security goals and include staged changes, testing, and communication.

Recommended admin practices

Ami suggests practical steps for teams adopting the report: start with targeted scans for high-risk users or sites, use the top-100 list to triage, and schedule periodic reviews rather than running tenant-wide scans continuously. In practice, teams should combine report findings with existing governance processes such as access reviews, group cleanup, and lifecycle policies to create repeatable remediation workflows. This staged approach reduces disruption while improving security posture.

He also recommends documenting actions and using automation where possible to enforce consistent permission standards, including naming conventions and group ownership rules. Training site owners to understand the difference between site-level and item-level access reduces accidental exposure over time. Finally, teams should link this report to other signals—such as sharing analytics and external guest activity—to build a fuller picture of risk.

Conclusion

In summary, Ami Diamond [MVP] presents the Site permissions for users report as a useful addition to the SharePoint governance toolbox that helps administrators see who can access what across SharePoint and OneDrive. While the report makes it faster to identify high-risk sites and user permissions, teams must manage tradeoffs related to scan scope, performance, and the balance between collaboration and security. Therefore, using the tool alongside well-defined governance processes and measured remediation plans will deliver the best results.

For newsroom readers, the video offers a clear, practical walkthrough that IT teams can apply immediately, and it highlights the thoughtful workflow changes needed to turn report data into safer, more maintainable permissions. Overall, the resource is a worthwhile watch for anyone responsible for access governance in Microsoft 365 environments.

Keywords

SharePoint site permissions report, SharePoint admin permissions report, User permissions report SharePoint, Site permissions audit SharePoint, SharePoint permissions management, Export SharePoint permissions, SharePoint admin center permissions, Generate permissions report SharePoint