We would like to set up a Document Library in a SharePoint Online site with different members, visitors and owners than the Site the Document Library will be created in. It works very well (we have different population for visitors [read] and “members” [edit]) but we can’t prevent parent Site Owner’s from having ~Full Control access to the Library even if they do not have explicit Full Control permission on (they are not owner of) the Library. Please note: These owners are NOT Sites Collection Administrators (which, we know, cannot be denied access to a library). Thanks, Pierre
Apologies. Yes what I was talking about is Site collection Admins & not the owners.
Yes whenever you create a modern site or a O365 group or team, there is a email id generated for the same. This email id is something similar to a security group & this id gets added as the site collection administrator. What you have done is the right approach as of now. But its strange why the person who creates the group is not made the administrator.Â
