APAN uses the SharePoint out-of-the-box (OOTB) security model. SharePoint security groups are SharePoint objects that have “users” as members and come with their own settings. These settings can be things like who the owner of the group is and who can add or remove users from these groups. The table below represents an overview and description of the various out-of-the-box security groups and permission levels.
Can add/edit/delete content, delete sites, and set up permissions for a given site
Can add/edit/delete content on a site
Can only read and download content
Additional SharePoint security groups can be created at the discretion of a Site Owner or a Site Collection Administrator (SCA); however, this practice is discouraged and is not an APAN best practice.
APAN’s existing global security groups for APAN SharePoint Farm are:
All Users (windows)
All users that authenticate with windows authentication
NT Authority\Authenticated Users
All users regardless of authentication type used (same as All Users)
Style Resource Readers
Style Resource Readers should have read permission to "Master Page Gallery" and restricted read permission to the "Style Library" at the site collection level.
For more information, click the links below.