"The following factors also affect the level of access for" user with excess permissions

I have a user that had access to site settings, all content, etc.


I double checked her access and it was read only but the permissions check tool showed a panel beneath the site permissions that showed Allow for many categories. She had full control.





"The following factors also affect the level of access for"

She was added as a Site Collection Administrator. I don't know who would have added her there, but someone had.


If you find this type of issue, that should be the first thing you check. You can also check the Web Application User Policy in Central Admin. That's the other area I find people or groups with elevated permissions.

Comments

Anonymous said…
Schweet! Thanks.
September 7, 2017 at 8:03 AM
Azra said…
Thanks, you saved my day.
February 4, 2019 at 5:10 PM
Azra said…
Thanks for saving me a day.
February 4, 2019 at 5:11 PM
Anonymous said…
Mystery solved, thank you so much!
May 12, 2019 at 9:14 PM
Anonymous said…
what is the solution...?
October 25, 2019 at 2:17 AM
Greg Zook said…
Hi Anonymous,
I found the user in Site Collection Administrators. I removed her and it solved the problem.
October 25, 2019 at 9:31 AM
Unknown said…
Excellent, thank you! Indeed, is what I was looking for!
May 2, 2020 at 11:49 AM
ottobrerosso said…
Thank YOU very much.
June 5, 2021 at 12:10 PM
Anonymous said…
Thank you very much.
I found "Everyone" in "Specify web application user policy"
then I removed it an resolve the problem.
February 14, 2023 at 6:18 PM
Post a Comment

Popular posts from this blog

Exchange 2010 event errors 2601, 2604, 2501

In a recent migration from Exchange 2003/2007 to Exchange 2010, I ran into an issue where I had 2601, 2604, and 2501 errors. Log Name:      Application Source:        MSExchange ADAccess Date:          4/8/2013 12:02:20 PM Event ID:      2601 Task Category: General Level:         Warning Keywords:      Classic User:          N/A Computer:      Exchange10.domain.org Description: Process MSEXCHANGEADTOPOLOGY (PID=1268). When initializing a remote procedure call (RPC) to the Microsoft Exchange Active Directory Topology service, Exchange could not retrieve the SID for account - Error code=8007077f.   The Microsoft Exchange Active Directory Topology service will continue starting with limited permissions. and Log Name:      Application Source:        MSExchange ADAccess Date: ...
Read more

Robocopy Error 31 A device attached to the system is not functioning

I was migrating Windows file shares to NetApp CIFS shares using Robocopy. I was unable to copy owner information or NTFS Security (/COPY:DATSOU) without getting this Error: ERROR 31 (0x0000001F) Copying NTFS Security to Destination Directory F:\PATH A device attached to the system is not functioning. I thought it may be the zone information on may of these files. I used the Sysintenals Streams utility to remove that information. It did not help. In the end, I was forced to copy without NTFS information (/COPY:DATU) When I viewed the properties of any share, folder, or file, the length of time to enumerate and display the permissions was exceedingly slow. I tried disabling anti-virus, etc. In the end, I had to manually re-create the permissions after the initial data copy. File ownership information was lost. UPDATE: I ran a CHKDSK /F and following a reboot this robocopy functioned fine.
Read more