- Free Edition
- Quick Links
- Reporting
- Auditing
- Management
- Backup
- Migration
- Monitoring
- Alerts
- Highlights
-
Related Products
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Hybrid AD, cloud, and file auditing and security
- ADSelfService Plus Identity security with MFA, SSO, and SSPR
- Exchange Reporter Plus Exchange Server Auditing & Reporting
- EventLog Analyzer Real-time Log Analysis & Reporting
- M365 Manager Plus Microsoft 365 Management & Reporting Tool
- DataSecurity Plus File server auditing & data discovery
- RecoveryManager Plus Enterprise backup and recovery tool
- AD360 Integrated Identity & Access Management
- Log360 (On-Premise | Cloud) Comprehensive SIEM and UEBA
- AD Free Tools Active Directory FREE Tools
ManageEngine SharePoint Manager Plus offers a wide range of reports as part of its SharePoint reporting capabilities. These reports help administrators monitor and manage SharePoint sites without the operational limitations posed by native tools like the SharePoint admin center. One such essential report is the Inheritance Broken Lists report.
This report makes it simple to find every list and library across your tenant where permission inheritance has been broken, so admins can act on permission sprawl before it becomes a security risk.
What is the Inheritance Broken Lists report in SharePoint Manager Plus?
The Inheritance Broken Lists report provides detailed information about SharePoint lists and document libraries that have stopped inheriting permissions from their parent site or site collection. This report primarily includes the list URL, list name, the base type of the list, when it was created, when an item was last modified, when an item was last deleted, and other key SharePoint list properties.
Why you need an Inheritance Broken Lists report
Permission inheritance is the security model that keeps SharePoint manageable. When a list or library breaks inheritance, it carries its own access control list and stops following the rules set at the parent site. A few of these issues are expected. Hundreds of them, scattered across thousands of sites, become a governance problem that the SharePoint admin center will not surface in a single view.
Without a clear report, IT teams either skip the audit or burn hours running PowerShell against every site collection—neither approach scales. A single missed list with an externally shared link or an over-permissive group can quietly expose sensitive data for months.
An Inheritance Broken Lists report gives you that visibility, helping you stay ahead of access risk instead of reacting to it after a breach:
- Pinpoint sites with concentrated permission sprawl: Sort by site URL to find which site collections contain the most lists with broken inheritance and prioritize them for review.
- Audit specific list types based on data sensitivity: Filter by base type to focus on document libraries that hold files and documents, where the data risk from broken inheritance is highest.
- Track when inheritance breaks happen: Use the created date to detect lists that broke inheritance soon after creation, often a sign that provisioning workflows are skipping permission templates.
- Identify abandoned lists with unique permissions: Combine the last item modified and last item deleted dates to spot stale lists that still hold unique permissions but have no business activity, making them candidates for cleanup.
- Verify cleanup of decommissioned content: Use the last item deleted date to confirm that lists tied to closed projects no longer hold residual content that may still be exposed through their unique permission set.
What does the Inheritance Broken Lists report show?
Using SharePoint Manager Plus, you can filter the Inheritance Broken Lists report with the following fields:
- Microsoft 365 Tenant: Select the specific tenant where you want to analyze lists with broken permission inheritance.
- Site: Filter the report by a specific SharePoint site or site collection to scope the analysis to that part of your tenant.
The Inheritance Broken Lists report displays the following details for every list with broken inheritance.
| Attribute | Description |
|---|---|
| Site URL | The web address (URL) used to access the SharePoint site that contains the list with broken permission inheritance. |
| List Name | The display name of the SharePoint list or document library that has unique permissions and no longer inherits from its parent site. |
| Base Type | The fundamental classification of the list, such as Generic List or Document Library, indicating the kind of content it stores. |
| Created | The exact date and timestamp when the list or library was created in SharePoint. |
| Last Item Modified Date | The most recent date and timestamp when an item within the list was modified, indicating the list's last activity. |
| Last Item Deleted Date | The most recent date and timestamp when an item from the list was deleted, useful for tracking content life cycle changes within the list. |
Native SharePoint admin portals and PowerShell vs. SharePoint Manager Plus
The native SharePoint admin center offers limited visibility into broken permission inheritance across lists and libraries, especially when you need to review findings across multiple sites at scale. Generating a comprehensive report often requires manually checking each site or running PowerShell scripts against lists and libraries.
PowerShell solves the scale problem, but it adds its own overhead. Each new audit means writing or maintaining scripts, handling throttling, and deciding how to share the results with non-technical stakeholders. None of that gets you closer to a recurring, audit-ready inheritance review.
Benefits of SharePoint Manager Plus' Inheritance Broken Lists report over SharePoint reports
With SharePoint Manager Plus, the Inheritance Broken Lists report delivers the depth of PowerShell with the simplicity of a centralized admin console, giving you the features SharePoint already offers but with fewer steps and far more capability.
| Capability | SharePoint admin center limitations | PowerShell limitations | SharePoint Manager Plus advantage |
|---|---|---|---|
| Report accessibility | ❌
Manual filtering is required every time. |
❌
Script execution is required for every run. |
✅
Get one-click access to categorized reports. |
| Custom reports | ❌ | ❌ | ✅
Custom reports can be created by saving granular attribute-based conditional filters. |
| Report exports | ✅
Can be exported only in CSV or JSON formats. |
✅
Requires additional scripting to format and export data. |
✅
Can be exported in CSV, HTML, PDF, and XLSX formats. |
| Email reports to admins | ❌ | ❌ | ✅
Send report emails to stakeholders and admins in favorable formats. |
| Automated report generation | ❌
Requires technical scripting or separate complex add-ons. |
❌
Requires Task Scheduler or Azure Automation. |
✅
Schedule multiple reports that generate, filter, mail, and export between defined periods automatically. |
For a more detailed comparison, check out this page on how to check SharePoint permissions.
Features that enhance the Inheritance Broken Lists Report
SharePoint Manager Plus provides several built-in tools to help you manage, automate, and secure the data found in the Inheritance Broken Lists report:
- Export reports: You can download the report in multiple formats, including CSV, PDF, HTML, or XLSX, for sharing data with department heads or maintaining offline records for compliance reviews.
- Automated report generation: Set the Inheritance Broken Lists report to be generated at specific intervals such as daily, weekly, or monthly, so permission audits run on a steady cadence without manual effort.
- SharePoint alerts for sudden permission changes: Configure real-time alerts to notify admins when numerous lists break inheritance in a short time window, which can indicate misuse, automation errors, or compromised admin activity.
- Permission management on the fly: Modify, copy, or remove permissions for affected lists from SharePoint Manager Plus' interface without switching between multiple native tools.
- Audit trail integration: Combine inheritance data with the SharePoint audit reports to see who broke inheritance, when, and from where, giving each finding the context it needs for a complete access review.
- Custom report views: Save filters to generate focused report views tailored to your review needs. Easily pull up the report later with all your filters applied.
Reports that complement the Inheritance Broken Lists report
If you are auditing SharePoint access controls, SharePoint Manager Plus provides several other reports that complement the data found in the Inheritance Broken Lists report:
External sharing report: Pinpoints which lists and document libraries have been shared outside your organization, including the sharing links used, useful for catching oversharing risks and flagging unauthorized access.
Storage usage report: Breaks down storage consumption at both the tenant and site level, adding broader context to the lists and libraries with broken inheritance so you can prioritize cleanup based on size and impact.
List reports: Provide a complete view of every list and document library across your environment, covering versioning settings, creation and modification dates, item counts, and unique permissions.
Activity reports: Monitor site activity and inactivity over a custom timeframe, making it easier to cross-reference lists with broken inheritance against overall engagement so you can decide whether to restore inheritance, tighten permissions, or retire the list altogether.
Other features of SharePoint Manager Plus
- SharePoint management: Grant, remove, or copy SharePoint permissions, and manage group members in bulk without relying on complex scripts, simplifying your SharePoint administration.
- SharePoint reporting: Access over 140 prebuilt and custom reports for SharePoint, including permissions, site usage, content inventory, and security insights, all from a centralized dashboard.
- SharePoint auditing: Maintain a comprehensive, searchable audit trail of all activities across your SharePoint environment, including user actions, permission changes, and content modifications.
- SharePoint alerting: Get real-time alerts on critical events such as permission changes, suspicious user activities, site access anomalies, and policy violations.
- Delegated administration: Empower help desk technicians with granular, role-based access to perform specific SharePoint administrative tasks, without elevating native privileges.
- SharePoint migration: Simplify SharePoint migration by enabling seamless content and permission migration across sites and tenants, with minimal downtime and full visibility into migration progress.
