Jive space and project permissions

Access to Jive spaces and projects is governed by associating it with a Jive user group which define permissions for groups of users. There are three types of user groups in Jive.

A single Jive instance may contain all three kinds of user groups.

Permission groups are different than social groups, which are places in Jive. There are three types of permission groups in Jive. A single Jive instance may contain all three kinds of permission groups.
  • A custom user permissions group configured in Jive.
  • A custom user permissions group provisioned from LDAP or another directory server.
  • The built-in Jive groups Everyone and All Registered Users. Everyone includes all users in Jive. All Registered Users excludes external and anonymous users.

Spaces and projects exist in a hierarchy and are subject to permissions that are set in the Jive Admin Console: spaces and projects inherit their permissions from any space that contains them. For example, if people belonging to the All Registered Users permissions group in Jive have access to a space, they also have access to any subspaces and projects located in that space, unless a permissions override is created. If you create a Jive project or space linked to SharePoint, you may want to make sure it is a restricted space. A project that inherits permissions from an unrestricted space could grant access to every member of the community. For more information, see Managing permissions and Managing user accounts and user groups in the Jive 9.x Community Manager Help.

On the SharePoint side, each site created on the Jive side is provisioned with the following three SharePoint permission groups:
  • [site name] Jive Contributor Users
  • [site name] Jive Full Control Users
  • [site name] Jive Read Users

These are used in the following ways depending on the type of permission groups applied on the Jive side.

  • For places that grant access to custom permissions groups created in Jive, each member of the Jive permission group is assigned to Jive Contributor Users or Jive Read Users according to whether their rights to the space are read/write or read/only rights. The user who created the space is assigned to the Jive Full Control Users group for the linked SharePoint site.
  • For Jive places that grant access to LDAP-provisioned permission groups, it is assumed that SharePoint is integrated with LDAP and can directly access the same permissions for each user. These permissions are then used to assign rights to the linked SharePoint site.
  • For Jive places that grant access to the built-in Jive permissions groups Everyone or All Registered Users, Jive grants access to the Everyone principal in SharePoint. This is the default behavior in Jive when creating a space. This principal can be mapped using the SharePoint add-on settings during the Jive-side setup. If the principal is NOT specified in this setup, it will be identical to the default SharePoint Everyone principal. If you need the number of users with access to Jive content to be smaller than the total number of SharePoint users defined in the default Everyone principal, you should map the Everyone principal to a smaller group during add-on setup. For more information, see Installing SharePoint integration add-on.