- Free Edition
- Quick Links
- Reporting
- Auditing
- Management
- Backup
- Migration
- Monitoring
- Alerts
- Highlights
-
Related Products
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Hybrid AD, cloud, and file auditing and security
- ADSelfService Plus Identity security with MFA, SSO, and SSPR
- Exchange Reporter Plus Exchange Server Auditing & Reporting
- EventLog Analyzer Real-time Log Analysis & Reporting
- M365 Manager Plus Microsoft 365 Management & Reporting Tool
- DataSecurity Plus File server auditing & data discovery
- RecoveryManager Plus Enterprise backup and recovery tool
- AD360 Integrated Identity & Access Management
- Log360 (On-Premise | Cloud) Comprehensive SIEM and UEBA
- AD Free Tools Active Directory FREE Tools
SharePoint Manager Plus helps you review permissions from sites to list items from a centralized reporting console, without switching between individual item permission pages or relying on complex scripts. The List Item Permissions report gives administrators a focused view of item-level access across SharePoint.
Why you need a centralized permissions report for SharePoint list items
SharePoint’s permission model is hierarchical, so permissions flow from site to list to item unless inheritance is broken. While administrators can review item permissions natively and retrieve them with PowerShell, those methods are still manual or script-driven and do not provide one consolidated view of item-level permissions, inheritance state, and principal details across the environment. Auditing permissions across multiple lists or sites becomes slow, repetitive, and difficult to scale.
That challenge matters even more as item-level permissioning grows. Microsoft documents that lists and libraries support up to 50,000 unique permissions, while 5,000 is the recommended general limit for performance and manageability. In environments with heavy item-level permissioning, it becomes increasingly important to monitor where inheritance has been broken and where unique scopes are accumulating.
The risk is not just operational. Verizon’s 2025 Data Breach Investigations Report found that third-party involvement in breaches doubled to 30%, reinforcing the importance of reviewing granular access paths and permission exceptions.
A list item permissions report makes item-level access easier to review at scale.
- Identify inheritance breaks across lists and sites: Surface items where inheritance has been broken and review whether each unique scope is expected.
- Audit group-based access at item level: Review which SharePoint groups or users have access to specific items and confirm that access still aligns with business need.
- Track permission assignment timelines: Use creation and modification timestamps to investigate when item-level permissions were introduced or changed.
- Support least-privilege reviews at the item layer: Review whether sensitive items have narrower access than their parent list or whether access has widened over time.
- Monitor unique-scope growth before it becomes harder to manage: Track where item-level permissions are expanding so governance teams can review lists with growing complexity.
What is the List Item Permissions report in SharePoint Manager Plus?
The List Item Permissions report provides item-level permission details for SharePoint lists and libraries. It highlights key information such as the item’s location, the users or groups with access, the permission level assigned, whether permissions are inherited or unique, and when the permission was created or modified. This gives administrators a clear view of who can access specific SharePoint content
Compliance frameworks this report can support
Organizations across industries are subject to information security and privacy frameworks such as the GDPR, ISO/IEC 27001, HIPAA, NIST SP 800-53, and the PCI DSS, many of which require least-privilege enforcement, access-rights reviews, and evidence that sensitive content is only accessible to authorized users.
The List Item Permissions report supports these efforts by giving administrators a consolidated view of item-level permissions, inheritance state, principal type, and permission levels across SharePoint. This visibility can help teams support least-privilege reviews, investigate broken inheritance, gather evidence, and prepare for governance or audit discussions more efficiently.
What does the List Item Permissions report show?
Using SharePoint Manager Plus, you can filter the List Item Permissions report with the following fields:
- Farm: Select the SharePoint farm or Microsoft 365 tenant from which you want to pull item-level permission data.
- Site: Narrow the report to a specific site to focus the item-level permission audit on a particular team, department, or project environment.
- Fetch only unique permissions: Filter the report to show only items with unique permissions, so you can focus on objects where inheritance has been broken.
The List Item Permissions report displays the following details for items present in SharePoint lists:
| Attribute | Description |
|---|---|
| Site URL | The full web address of the SharePoint site that contains the list holding the item for which permissions are recorded. |
| Object Name | The name of the specific list item for which the permission record applies. |
| Object Type | Indicates whether the permissioned object is a list item, a document, or another content type within SharePoint. |
| Location | The name or path of the list or library within the site that contains the item. |
| User/Group Name | The display name of the user or SharePoint group that holds the permission on the item. |
| Principal Type | Indicates whether the access principal is an individual user, a SharePoint group, an Active Directory group, or another principal type. |
| Group Members | The members of the SharePoint group assigned to the item, where applicable. |
| Permissions | The specific permission level assigned to the user or group on the item, such as Read, Contribute, or Design. |
| User Group ID | The internal identifier of the SharePoint group or user object assigned to the item. |
| Inherited URL | The URL of the parent object from which the item's permissions would normally be inherited. |
| Is Inherited | Indicates whether the item's permissions are inherited from the parent list or library, or whether unique permissions have been applied directly to the item. |
| Modified On | The date and time when the item's permission assignment was last modified. |
| Created Date | The date and time when the item's permission assignment was first created. |
| Hierarchy Level | Indicates the level within the SharePoint object hierarchy at which the permission scope exists, such as site, list, or item. |
Native SharePoint administration and PowerShell vs. SharePoint Manager Plus
In SharePoint, administrators can review permissions on individual lists, libraries, documents, and list items through the object’s permissions page. PowerShell can also retrieve item-level permission data programmatically. Those native options are useful, but they are still manual or script-driven and do not provide one ready-made report that consolidates item-level permissions, inheritance state, and principal details across the environment.
PowerShell can help bridge those gaps. PnP PowerShell and related scripting can retrieve item-level permission details, but enumerating unique permission scopes across items at scale still requires iteration, formatting, validation, and ongoing maintenance.
SharePoint Manager Plus reduces that overhead by bringing this visibility into a single report that administrators can run, filter, export, and schedule without building the report from scratch:
| Capability | SharePoint admin center | PowerShell | The SharePoint Manager Plus advantage |
|---|---|---|---|
| Report accessibility | ❌ Manual filtering is required every time |
❌ Script execution is required for every run |
✅ Get one-click access to categorized reports |
| Custom reports | ❌ | ❌ | ✅ Create custom reports by saving granular, attribute-based conditional filters |
| Report exports | ✅ Reports can be exported only in CSV or JSON formats |
✅ Requires additional scripting to format and export data |
✅ Reports can be exported in CSV, HTML, PDF, and XLSX formats |
| Emailing reports to admins | ❌ | ❌ | ✅ Send report emails to stakeholders and admins in preferred formats |
| Automated report generation | ❌ This requires technical scripting or separate complex add-ons |
❌ This requires Task Scheduler or Azure Automation |
✅ Schedule multiple reports that can be generated, filtered, emailed, and exported between defined periods automatically |
For a more detailed comparison, check out our page on how to check permissions in SharePoint.
Features that enhance the List Item Permissions report
SharePoint Manager Plus provides several built-in tools to help you act on, schedule, and distribute the item-level permission data surfaced by the List Item Permissions report.
- Automated report generation: Schedule the report to run daily, weekly, or monthly so item-level permission changes are surfaced automatically without requiring manual review cycles.
- Export reports: Download the List Item Permissions report in CSV, PDF, HTML, or XLSX formats for compliance documentation and archival.
- Instant alerts for permission changes: Configure alerts to notify administrators when permission inheritance is broken, or when an item-level permission assignment is created or modified on a sensitive list.
- Modify SharePoint permissions: Act on the permission data surfaced by the report by modifying inheritance and permission levels directly from the SharePoint Manager Plus interface.
- Custom reports: Modify the fields and filters in the report, and save your customized settings as a custom report for quick access when needed.
Reports that complement the List Item Permissions report
If you are auditing item-level access, governing broken inheritance, or enforcing least privilege at the most granular level of the SharePoint hierarchy, SharePoint Manager Plus provides several reports that extend the visibility delivered by the List Item Permissions report.
- Item Wise Sharing Access report: Provides a tenant-wide breakdown of sharing activity at the item level, helping you connect permission changes with sharing activity where relevant.
- List Item Statistics report: Shows item-level structural and inventory details, helping you place item permissions in the context of the content stored within each list.
- List Item Modifications report: Tracks changes made to individual list items, helping you correlate permission changes with item activity during reviews or investigations.
- List Wise External Users report: Identifies external users with access to specific lists and libraries, helping you compare list-level external access with item-level unique permissions.
- SharePoint permissions reports: Detail permission assignments at the site, library, and list level, helping you understand whether item-level permissions are isolated exceptions or part of a broader access model.
Other features of SharePoint Manager Plus
- SharePoint management: Grant, remove, or copy SharePoint permissions, and manage group members in bulk without relying on complex scripts, simplifying your SharePoint administration.
- SharePoint reporting: Access over 140 prebuilt and custom reports for SharePoint—including permissions, site usage, content inventory, and security insights—all from a centralized dashboard.
- SharePoint auditing: Maintain a comprehensive, searchable audit trail of all activities across your SharePoint environment, including user actions, permission changes, and content modifications.
- SharePoint alerting: Get real-time alerts on critical events such as permission changes, suspicious user activities, site access anomalies, and policy violations.
- Delegated administration: Empower help desk technicians with granular, role-based access to perform specific SharePoint administrative tasks, without elevating native privileges.
- SharePoint migration: Simplify SharePoint migration by enabling seamless content and permission migration across sites and tenants, with minimal downtime and full visibility into migration progress.
