使用 SharePoint 遷移工具時的檔案和資料夾許可權File and folder permissions when using the SharePoint Migration Tool

當檔案受到轉移時,該檔案權限會發生什麼變化?What happens to the permissions on a file when it is migrated?

您的內部部署資料的位置,以及您是否已將 Active Directory 帳戶同步處理至 Azure Active Directory (Azure AD),可以在檔案遷移至 Microsoft 365 中的 SharePoint 後,影響檔案的許可權設定。The location of your on-premises data, and whether you have synchronized your Active Directory accounts to Azure Active Directory (Azure AD), can affect the permission settings on your files after they have been migrated to SharePoint in Microsoft 365.

同步處理您的環境: 為了維持現有內部部署檔案的權限,SPO 中必須有一位相對應的使用者。Syncing your environment: In order to maintain existing on-premises file permissions, there must be a corresponding user in SPO. 若要完成此項作業,最簡單的方法是將您的 Active Directory 帳戶同步處理至 Azure Active Directory (Azure AD)。The easiest way to accomplish this is to synchronize your Active Directory accounts to Azure Active Directory (Azure AD).

如何How 檔案共用File share SharePoint 內部部署檔案SharePoint on-prem files
在內部部署和 SharePoint 之間對應的使用者(已執行 Dirsync 或提供使用者對應檔)User mapped between on-premises and SharePoint (either Dirsync has been run or a user mapping file provided)
將會遷移三種許可權類型:讀取寫入完全控制There are three types of permissions that will be migrated: Read, Write, and Full control.

If a file has Write permission for user1, then the file will be set to Contribute for user1 in SPO.If a file has Write permission for user1, then the file will be set to Contribute for user1 in SPO. If a file has Read permission for user1, then the file will be set to Read for user1 in SPO.If a file has Read permission for user1, then the file will be set to Read for user1 in SPO. 若為「完全控制」許可權,將會在 SPO 中以「完全控制」方式遷移檔案。For Full control permission, the file will be migrated as Full control in SPO.

附注: 此時,將不會儲存特殊許可權,例如DenyNote: At this time, the special permissions, such as Deny, will not be saved.
檔案上所有專屬權限都會被移轉到 SPO。繼承權限則不會被移轉。All the unique permissions on a file will be migrated to SPO. Inherited permissions will not be migrated.
沒有使用者對應 (未同步、沒有使用者對應檔案)No user mapping (not synced, no user mapping file)
檔案會收到移轉至 SPO 中位置的預設權限。Files will be assigned the default permission of the location to which it has been migrated in SPO.
檔案會收到移轉至 SPO 中位置的預設權限。Files will be assigned the default permission of the location to which it has been migrated in SPO.

許可權條件和結果Permissions conditions and results

SharePoint 遷移工具許可權控制會受到多種狀況的影響。The SharePoint Migration Tool permission control is affected by various conditions. 下表列出所有條件和對應的結果。The following table lists all the conditions and the corresponding results.

SourceSource [保留使用者許可權] 設定設為 [開啟]Preserve user permissions setting set to On 遷移至Migrating to 遷移之前的目的文件庫許可權Target library permission before migration 遷移後的目的文件庫許可權Target library permission after migration 附註Note
檔案共用File share No 根資料夾Root folder InheritedInherited InheritedInherited 將不會變更目的文件庫與現有檔案的角色指派;已遷移的檔案具有繼承的許可權(從目標程式庫繼承的角色指派)Role assignments of the target library and existing files won't be changed; migrated files have Inherited permission (Inherited role assignments from target library)
檔案共用File share No 根資料夾Root folder UniqueUnique UniqueUnique 將不會變更目的文件庫與現有檔案的角色指派;已遷移的檔案具有繼承的許可權(從目標程式庫繼承的角色指派)Role assignments of the target library and existing files won't be changed; migrated files have Inherited permission (Inherited role assignments from target library)
檔案共用File share No 子資料夾Sub folder InheritedInherited InheritedInherited 將不會變更目的文件庫與現有檔案的角色指派;已遷移的檔案具有繼承的許可權(從目標程式庫繼承的角色指派)Role assignments of the target library and existing files won't be changed; migrated files have Inherited permission (Inherited role assignments from target library)
檔案共用File share No 子資料夾Sub folder UniqueUnique UniqueUnique 將不會變更目的文件庫與現有檔案的角色指派;已遷移的檔案具有繼承的許可權(從目標程式庫繼承的角色指派)Role assignments of the target library and existing files won't be changed; migrated files have Inherited permission (Inherited role assignments from target library)
檔案共用File share Yes 根資料夾Root folder InheritedInherited UniqueUnique 在 [來源根資料夾] 中,會取代目的文件庫的角色指派。Role assignments of the target library will be replaced by that in source root folder. 具有繼承許可權的現有檔案仍會繼承許可權,但具有來自目標程式庫的新角色指派。Existing files with inherited permissions will still be inherited permission but with a new role assignment from target library. 不會變更具有唯一許可權的現有檔案。Existing files with Unique permissions won't be changed. 在來源中沒有任何許可權的已遷移檔案,會從目標程式庫繼承許可權及繼承的角色指派。Migrated files without any permission in the source will have inherited permissions and inherited role assignments from the target library. 已遷移的檔案與來源中的任何許可權都會以唯一的許可權傳送這些許可權。Migrated files with any permissions in the source will carry over these permissions as unique.
檔案共用File share Yes 根資料夾Root folder UniqueUnique UniqueUnique 來源資料夾的許可權會新增為目標程式庫的新角色指派。Permissions from the source folder will be added as new role assignments to the target library. 具有繼承許可權的現有檔案仍然是繼承的許可權,但具有來自目標程式庫的新角色指派。Existing files with inherited permissions will still be inherited permissions but with a new role assignment from the target library. 不會變更具有唯一許可權的現有檔案。Existing files with unique permissions won't be changed. 在來源中沒有任何許可權的已遷移檔案,會從目標程式庫繼承許可權及繼承的角色指派。Migrated files without any permissions in the source will have inherited permissions and inherited role assignments from the target library. 已遷移的檔案與來源中的任何許可權都會以唯一的許可權傳送這些許可權。Migrated files with any permissions in the source will carry over these permissions as Unique.
檔案共用File share Yes 子資料夾Sub folder InheritedInherited InheritedInherited 將不會變更目的文件庫與現有檔案的角色指派。Role assignments of the target library and existing files won't be changed. 來源資料夾及檔案的許可權會傳送到目標子資料夾和對應的檔案,而這些檔案會具有具有新角色指派的特定權限。Permissions from source folder and files will be carried over to the target subfolder and corresponding files, which will have Unique permissions as new role assignments.
檔案共用File share Yes 子資料夾Sub folder UniqueUnique UniqueUnique 將不會變更目的文件庫與現有檔案的角色指派。Role assignments of the target library and existing files won't be changed. 來源資料夾及檔案的許可權會傳送到目標子資料夾和對應的檔案,而這些檔案會具有新角色指派的唯一許可權。Permissions from source folder and files will be carried over to the target subfolder and corresponding files which will have Unique permission as new role assignments.
清單/文件庫List/Document library No 根資料夾Root folder InheritedInherited InheritedInherited 與具有相同條件的檔案共用遷移相同Same as File share migration with same condition
清單/文件庫List/Document library No 根資料夾Root folder UniqueUnique UniqueUnique 與具有相同條件的檔案共用遷移相同Same as File share migration with same condition
文件庫Document library No 子資料夾Sub folder InheritedInherited InheritedInherited 與具有相同條件的檔案共用遷移相同Same as File share migration with same condition
文件庫Document library No 子資料夾Sub folder UniqueUnique UniqueUnique 與具有相同條件的檔案共用遷移相同Same as File share migration with same condition
清單/文件庫List/Document library Yes 根資料夾Root folder InheritedInherited UniqueUnique 與具有相同條件的檔案共用遷移相同Same as File share migration with same condition
清單/文件庫list/Document library Yes 根資料夾Root folder UniqueUnique UniqueUnique 與具有相同條件的檔案共用遷移相同Same as File share migration with same condition
文件庫Document library Yes 子資料夾Sub folder InheritedInherited InheritedInherited 與具有相同條件的檔案共用遷移相同Same as File share migration with same condition
文件庫Document library Yes 子資料夾Sub folder UniqueUnique UniqueUnique 與具有相同條件的檔案共用遷移相同Same as File share migration with same condition
網站/WebSite/Web No NANA InheritedInherited InheritedInherited 目標網站/網站的角色指派將保持不變Role assignment of target site/web will be unchanged
網站/WebSite/Web No NANA UniqueUnique UniqueUnique 目標網站/網站的角色指派將保持不變Role assignment of target site/web will be unchanged
網站/WebSite/Web Yes NANA InheritedInherited  UniqueUnique 目標網站/網站的角色指派會取代來源網站/web 中的角色指派Role assignment of target site/web will be replaced by those in the source site/web
Site/Web (A)與子網站 B (均以 SPMT 進行遷移)Site/Web(A) with Subsite B (both migrated with SPMT) Yes NANA 從主網站繼承的子網站 B 或子網站從新的 SharePoint 主網站繼承子網站 B/web 特有的網站 A 會如一般網站遷移所述的方式遷移。Subsite B or sub web inherited from main Site A Subsite B/web unique from the new SharePoint main site A Site A is migrated as described for normal site migration. 子網站 B 會變成唯一的,而且角色指派也會由來源子網站 B 中的指派取代Subsite B becomes unique and role assignment will be replaced by those in the source Subsite B
網站/WebSite/Web Yes NANA UniqueUnique UniqueUnique 來源網站/網站的角色指派會新增為目標網站/web 的新角色指派Role assignment of source site/web will be added as new role assignments to the target site/web