- Free Edition
- Quick Links
- Reporting
- Auditing
- Management
- Backup
- Migration
- Monitoring
- Alerts
- Highlights
-
Related Products
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Hybrid AD, cloud, and file auditing and security
- ADSelfService Plus Identity security with MFA, SSO, and SSPR
- Exchange Reporter Plus Exchange Server Auditing & Reporting
- EventLog Analyzer Real-time Log Analysis & Reporting
- M365 Manager Plus Microsoft 365 Management & Reporting Tool
- DataSecurity Plus File server auditing & data discovery
- RecoveryManager Plus Enterprise backup and recovery tool
- AD360 Integrated Identity & Access Management
- Log360 (On-Premise | Cloud) Comprehensive SIEM and UEBA
- AD Free Tools Active Directory FREE Tools
ManageEngine SharePoint Manager Plus helps administrators review who has access to SharePoint lists and libraries from a centralized reporting console. The List Permissions report provides details about the users and groups assigned to SharePoint lists and libraries, the permission levels they hold, and whether those permissions are inherited or unique.
What is the List Permissions report in SharePoint Manager Plus?
The List Permissions report gives details about who has access to each SharePoint list, library, folder, and item across your tenant as well as the exact permission level assigned to each user or group. The report primarily includes the object name and type, its location, the assigned user or group along with the permission level, whether the assignment is inherited or unique, and other key list properties.
Why you need a List Permissions report
SharePoint list permissions define access control across lists and libraries in your environment. As projects evolve and users change roles, permissions can become difficult to track. Unique permissions can override inherited permissions, item-level permissions can create unique security scopes, and sharing links can extend access beyond the intended audience.
Without a tenant-wide view, IT teams are often left checking List settings for each site, reviewing permissions one object at a time, or using PowerShell to assemble the data manually. The List Permissions report gives teams centralized visibility, helping them review access more consistently and reduce permission sprawl.
- Spot overshared lists and item-level exceptions: Identify lists where unique permissions override inherited permissions, where Edit or Full Control permission has been granted to wide groups, or where item-level permissions have carved out security scopes that need review.
- Verify permission boundaries during audits: Cross-reference the object type, location, and assigned user or group to confirm that contractors, vendors, and temporary staff only have access to the lists tied to their assignments.
- Track recent permission changes: Use the modified date to flag lists with permissions that have shifted recently, supporting access certification reviews and quarterly entitlement attestations.
- Investigate access disputes and security incidents: When a user reports unexpected access (or denied access), filter by the user or group to map every list they can reach, including access gained through group memberships.
- Clean up legacy and orphaned permissions: Find disabled accounts, deleted users, or stale security groups still tied to lists and remove them to shrink your attack surface.
Compliance standards that the List Permissions report supports
Organizations across industries are subject to information security standards such as ISO/IEC 27001, NIST SP 800-53, HIPAA, SOX, and the GDPR, many of which include access control requirements that call for organizations to document, review, and restrict who has access to sensitive data.
The List Permissions report supports these efforts by giving administrators a tenant-wide view of who has access to which lists and libraries in SharePoint. This visibility helps teams demonstrate that access rights are regularly reviewed, that the principle of least privilege is being applied, and that permissions on sensitive content are aligned with internal policies—all of which are core expectations across major access control frameworks.
What does the List Permissions report show?
Using SharePoint Manager Plus, you can filter the report with the following fields:
- Farm: Select the specific tenant or farm where you want to analyze list permissions across SharePoint sites.
- Site: Filter the report to a specific SharePoint site or site collection to narrow the scope of the audit.
- Fetch only unique permissions: Display only those lists and libraries that have unique permissions, helping you focus on the customized scopes that override inherited permissions.
The List Permissions report displays the following details for every list:
| Attribute | Description |
|---|---|
| Object Name | The name of the SharePoint list or library that the permission applies to |
| Object Type | The type of the SharePoint object (a list or document library) with the permission |
| Location | The site or library path where the object resides within the tenant |
| User/Group Name | The display name of the user or security group that holds the permission |
| Principal Type | Identifies whether the assignee is a user, security group, SharePoint group, or external user |
| Group Members | The list of users that belong to the assigned SharePoint or security group, where applicable |
| User Group Id | The unique identifier for the user or group within Microsoft Entra ID or SharePoint |
| Permissions | The permission level granted, such as Full Control, Edit, Contribute, Read, or Limited Access |
| Inherited Url | The URL of the parent object from which permissions are inherited, when inheritance is intact |
| Is Inherited | Indicates whether the object inherits permissions from its parent or has unique permissions assigned |
| Modified On | The date and time the list or its permissions were last modified |
| Created Date | The date and time the list was originally created in SharePoint |
Native SharePoint admin portals and PowerShell vs. SharePoint Manager Plus
Native SharePoint tools can show permissions at the site, list, or item level, but they don't offer a simple, tenant-wide report for reviewing list permissions across all sites. Admins often need to check lists individually or use PowerShell to collect permission details, which becomes time-consuming in large environments. List settings opens Advanced permissions settings for each list, but reviewing the inheritance, unique permissions, and item-level scopes still happens one click at a time.
PowerShell scripts using SharePoint Online Management Shell or PnP modules can pull this data programmatically and close the visibility gap of the admin center. The trade-offs are the engineering work (writing, testing, and maintaining scripts every time the tenant changes) plus the absence of built-in scheduling, dashboards, and audit-ready exports that admins still need to build separately.
Benefits of SharePoint Manager Plus' List Permissions report over SharePoint reports
With SharePoint Manager Plus, your List Permissions report gets the power and granularity of PowerShell with the convenience of an admin center.
| Capability | SharePoint admin center limitations | PowerShell limitations | SharePoint Manager Plus advantage |
|---|---|---|---|
| Report accessibility | ❌
Manual filtering is required every time |
❌
Script execution is required for every run |
✅
Get one-click access to categorized reports |
| Custom reports | ❌ | ❌ | ✅
Create custom reports by saving granular, attribute-based conditional filters |
| Report exports | ✅
Reports can be exported only in CSV or JSON format |
✅
It requires additional scripting to format and export data |
✅
Reports can be exported in CSV, HTML, PDF, and XLSX formats |
| Emailing reports to admins | ❌ | ❌ | ✅
Send report emails to stakeholders and admins in favorable formats |
| Automated report generation | ❌
It requires technical scripting or separate complex add-ons |
❌
It requires Task Scheduler or Azure Automation |
✅
Schedule multiple reports that can be generated, filtered, emailed, and exported between defined periods automatically |
For a more detailed comparison, check out this page on how to check SharePoint list permissions.
Features that enhance the List Permissions report
SharePoint Manager Plus provides several built-in tools to help you automate reviews, share findings, and act on permission risks surfaced by the List Permissions report:
- Automated report generation: Set the List Permissions report to be generated at specific intervals (daily, weekly, or monthly) to conduct list permission reviews regularly without fatigue.
- Exportable reports: Download the report in multiple formats, including CSV, PDF, HTML, or XLSX, for sharing data with department heads or maintaining offline records for compliance.
- SharePoint alerts for permission changes: Configure real-time alerts to notify admins when permissions are modified on a sensitive list, when inheritance is broken, or when external users are added to a list.
- Bulk permission management: Grant, revoke, or copy permissions across multiple lists and users in a single workflow, without writing scripts or opening each list individually.
- Delegated administration: Empower help desk technicians and site owners to review and modify list permissions through granular, role-based access without elevating their native SharePoint privileges.
Reports that complement the List Permissions report
If you are auditing SharePoint access controls, SharePoint Manager Plus provides several other reports that complement the data found in the List Permissions report:
- Permissions reports: Track access assignments from the site collection level down to individual folders, helping you understand who has access to what, where unique permissions originated, and whether those permissions still align with current policies.
- Permission change audit reports: Record every grant, revocation, and inheritance break across SharePoint, giving you a chronological audit trail that pairs with the snapshot view of the List Permissions report.
- List Item Permissions report: Drill into individual items within lists where item-level permissions have created unique security scopes, isolating granular access exceptions that a list-level view alone cannot show.
- External and Sharing reports: List every external user or guest with access to SharePoint lists along with the sharing links their access was granted through ; this is critical for monitoring external collaboration risks.
- Document Library report: View every document library across your sites along with key attributes like the size, item count, and last activity; easily spot newly created libraries that are growing fast, sitting idle, or duplicating existing content.
Other features of SharePoint Manager Plus
- SharePoint management: Grant, remove, or copy SharePoint permissions and manage group members in bulk without relying on complex scripts, simplifying your SharePoint administration.
- SharePoint reporting: Access over 140 prebuilt and custom reports for SharePoint, including on permissions, site usage, the content inventory, and security insights, all from a centralized dashboard.
- SharePoint auditing: Maintain a comprehensive, searchable audit trail of all activities across your SharePoint environment, including user actions, permission changes, and content modifications.
- SharePoint alerting: Get real-time alerts on critical events such as permission changes, suspicious user activities, site access anomalies, and policy violations.
- Delegated administration: Empower help desk technicians with granular, role-based access to perform specific SharePoint administrative tasks, without elevating native privileges.
- SharePoint migration: Simplify SharePoint migration by enabling seamless content and permission migration across sites and tenants, with minimal downtime and full visibility into the migration progress.
