RE: SharePoint Services V3, permissions for People and Group lists
- From: Active IT Design <ActiveITDesign@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 27 Jun 2006 23:18:01 -0700
I tried the group security and it worked really well when you click on a
group that your secured and that you aren't a member of, you can't see the
members of that group.
The only problem is that all you have to do is click All People and sure
enough, there's a list of everyone with any access to the site, it doesn't
matter what group they're in. This seems like a major oversight, I really
hope it's just a beta thing. What good is it to be able to hide group
members but still see everyone by just clicking "all people".
- Jon
Jonathan OBrien
MCSE, Microsoft Small Business Specialist
Active IT Design, LLC
www.activeITdesign.com
"Active IT Design" wrote:
Thanks for the tip Matt. I'm just doing some testing so I wasn't using.
groups yet, just applying permissions to two test users. Of course that's
not that way I would do it in production. I'll give the group thing a try.
This product is probably 5 - 6 months from completion anyway so maybe things
will change by then. I'd just like to see the option to secure it as you can
with any other list.
- Jon
"Matt" wrote:
Humm...yes, I see what you mean...Although, in v3 you can make it so that
only members of a group can see who the other members of their group
are...another workaround would be to use generic or coded group neames for
each client...it's not a very elegant solution, but other than customizing
the ASP code of Sharepoint itself I am not sure what else can be done....the
problem is the very fact that "Share"point is a collaboration platform so it
is assumed that the users of it are working together and there is no need to
hide such information. However, your point is a very valid one, as it seems
that if you can restrict who can view the members of a group, then why not
restrict who can view groups and permissions in general.
"Active IT Design" wrote:
Hey Matt, yes I have thought of a workaround like that but it's not a total
solution. If someone knew anything about SharePoint, they could just
manually go to the site and add /_layouts/people.aspx in the URL of the site
and still get to the list. That’s what I used to do back with SPS V1, just
hide links but it’s not really that secure. I was just hoping Microsoft
would see the value in securing the People and Groups list, just like you can
with other lists.
If using WSS in a type of extranet scenario like this, securing the
identities of the users would be a concern. It's still a beta product so
maybe they can work on this. I'll submit this request to
mswish@xxxxxxxxxxxxx and hopefully someone will agree that this would be a
nice feature. All in all, I'm super impressed with the changes in V3 so far!
"Matt" wrote:
Have you considered using Sharepoint Designer to remove the "People's and
Groups" link on the main page and then adding it back as a link on an "Admin"
sub-site that only you have access to?
-Matt
"Active IT Design" wrote:
From what I can see there are no permissions setup for the People and Groups
list, the security is blank for this list and everyone with read access to a
site seems to be able to view this list. Is there a way to restrict this?
Here’s some background on what I’m trying to do. I have a customer that
works with multiple clients, and they need a way to share files with clients
from outside the company. Document libraries are perfect for this with both
upload and download features that are easy to use. The new security trimmed
toolbars are awesome and will hide the functions that these clients don’t
have clearance to perform. I can also secure all the documents libraries
I’ve created and only the client’s own doc library will show up when they
login, again this is really neat. My customer will of course be able to see
all doc libraries so they can update files for all clients.
Here’ the issue. When any client logs in (they all have Read access to the
main site), they can still get into the People and Groups list and see a list
of all other clients (users on that site), which I DO NOT want to happen. I
know I could setup a totally different SharePoint site for each client but
that would break some other functionality I need like having a master
calendar and events list that all clients can see. I don’t want to create a
new site for each client because then my customer will have to update 10 or
so calendars / events lists. So…is there any way to restrict access to the
People and Groups list in SharePoint services V3?
Back in SharePoint version 1, when there was no security trim interface, I
would just rename the .asp pages I wanted hidden to something else that only
the admins knew about. Not the best solution but it did work at the time.
I’m hoping with all the advances Microsoft has done with SharePoint, there
will be an easier way for me to restrict this People list data.
- References:
- RE: SharePoint Services V3, permissions for People and Group lists
- From: Matt
- RE: SharePoint Services V3, permissions for People and Group lists
- From: Active IT Design
- RE: SharePoint Services V3, permissions for People and Group lists
- Prev by Date: Re: Help with Contacts
- Next by Date: MOSS 2007: Can't display sample report Report.xslb
- Previous by thread: RE: SharePoint Services V3, permissions for People and Group lists
- Next by thread: how do we create a user who can contribute but cannot read others submission in sharepoint site?
- Index(es):
Relevant Pages
|
