I have 2 parts to my question. If I have a Document library with 10K documents, and all documents set to inherit permissions from the library which itself has explicit ACL comprising 500 users (i.e. the library does not inherit security from the site), then:
If the answer to 1) is NO, then the answers to 2) would perhaps be NO itself, still wanted to be sure and thus listed them out separately.
The reason this is important for us is:
This means that it no longer inherits permissions from its parent. For example, you may only want a specific subset of users to access a certain subsite. In this case, you would break permissions inheritance and set a higher necessary level. In this case, all the children of this item will follow this new inheritance.
Open the list or library that contains the folder, document, or list item on which you want to re-inherit permissions. Rest the pointer on the folder, document, or list item on which you want to re-inherit permissions, click the arrow that appears, and then click Manage Permissions.
As per my own research, the ACL is not replicated for objects inheriting security in SharePoint.
ACL afaik is stored in Perms + RoleAssignment tables in SharePoint's content database. Perms contains an entry only for objects not inheriting security from parent (identified by ScopeId column) and RoleAssignment contains roles for ScopeIds in Perms table.
So effectively if an object is inheriting security, it won't have ACL entries defined in the database. I wrote a blog post with further insights into my research in the same context here: https://imbibe.in/blog/2018/01/08/permission-storage-sharepoints-database/
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With