RE: How to add a user with very limited rights
- From: v-yanniw@xxxxxxxxxxxxxxxxxxxx ("Jenny wu [MSFT]")
- Date: Wed, 12 Oct 2005 09:22:39 GMT
Hi Steve,
Thanks for posting here!
For our description, I understand that you want to know how to limit domain
user permissions. If I am off base, please don't hesitate to let me know.
There are some methods can meet your needs, the principle is the similar,
and you can refer the following steps to do:
1. Open Server Management console, expend Users node and click Add a User
link to launch add user wizard.
2. Follow the guide, input User name and others information in User Account
Information page. Note: delete Email Alias information and then click Next.
You will get prompt message this time to ask if you don't want to create
mailbox for the user, click Yes to continue process.
3. You can choose item of "Do not use a template to define user settings"
in Template Selection page to avoid the user inherits any permissions you
don't want to. And then click Next, add the user to Security group: Users
and any appropriate distribution group you created in Group Selection page.
4. Give the user appropriate Sharepoint Access permission in Sharepoint
Access page and then click Next.
5. Follow the guide, change the Disk Quota to 1 (minimum number) and then
follow wizard to create the new user account.
6. Double click the user account to open it properties page, click Member
of tab to ensure the Remote Web Workspace Users group is not listed here.
Or delete it directly. Note: if you want the user has some group
permission, you can add it here. And opposite you can delete it.
You can create group policy to control respectively users Document
redirections policy.
To create a Group Policy Object, please follow these steps:
1. Click Start, point to Administrative Tools, and then click Active
Directory Users and Computers.
2. Right-click the domain and then click Properties.
3. Click the Group Policy tab, and then click New.
4. Type the name that you want to use for this policy (for example,
ShopUsers policy), and then press ENTER.
5. Click Properties, and then click the Security tab.
6. Click to clear the Allow check box next to Apply Group Policy for the
security groups that you want to prevent from having this policy applied.
7. Click to select the Allow check box next to Apply Group Policy for the
groups to which you want to apply this policy, and then click OK.
8. Click OK, click OK again, and then quit Active Directory Users and
Computers.
One thing you need to clarify, if these persons need to access Companyweb
site from internet, you need to publish WSS to internet.
You need run CEICW wizard and ensure check the box of Windows Sharepoint
Services intranet site in Web Services Configuration page to allow access
Sharepoint service from internet. If you installed IAS 2000, you need to
refer to the following KB article to publish the Companyweb site:
313072 HOW TO:Configure the Web Publishing Service to Work with Internet
http://support.microsoft.com/?id=313072
Please ensure you open the inbound and outbound 444 port and 443 port
redirection on the hardware router or firewall. Check the manufacturer's
documentation for details on how to open ports of the device.
===================
For your reference:
825763 How to configure Internet access in Windows Small Business Server
2003
http://support.microsoft.com/?id=825763
In addition, I would like to mention that the following ports should be
opened on the hardware router/firewall if you want to use follow
applications:
TCP 25 This port is used for incoming SMTP traffic. If you are using POP3
connector, there is no need to open this port.
TCP 110 This port is used for POP3 mail clients.
TCP 443 SSL
TCP 444 Companyweb SSL
TCP 4125 Remote Web Workplace
TCP 3389 Terminal services
===================
Hope above information helps! If you have any further concern or question
on the issue please feel free to let me know. I am always happy to be
assistance of you and look forward to your reply!
Have a nice day!
Best Regards,
Jenny Wu
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
>From: "Steve" <nospam@xxxxxxxxxx>
>Subject: How to add a user with very limited rights
>Date: Tue, 11 Oct 2005 14:02:08 -0700
>Lines: 14
>X-Priority: 3
>X-MSMail-Priority: Normal
>X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
>X-RFC2646: Format=Flowed; Original
>Message-ID: <udu4LcqzFHA.908@xxxxxxxxxxxxxxxxxxxx>
>Newsgroups: microsoft.public.windows.server.sbs
>NNTP-Posting-Host: mail.bayareafirststep.org 68.185.19.58
>Path:
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp1
3.phx.gbl
>Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.windows.server.sbs:212066
>X-Tomcat-NG: microsoft.public.windows.server.sbs
>
>I have Windows SBS 2003. I have setup a special windows sharepoint
subsite
>under companyweb. I want to let a few certain people outside of my
company
>to have access to it.
>
>I have plenty of CAL's and I would like to setup some users that basically
>only have access to the site. Can someone tell me the steps to create a
>user or template that doesn't have an exchange account, disk space
quota's,
>document redirection, access through RWW. I just want to be able to add
>these users to the SharePoint site.
>
>Thanks in advance.
>Steve
>
>
>
.
- Follow-Ups:
- Re: How to add a user with very limited rights
- From: Steve
- Re: How to add a user with very limited rights
- Prev by Date: RE: Citrix/ISA
- Next by Date: Re: Remove ISA 2000
- Previous by thread: RE: SBS 2003, ISA 2004
- Next by thread: Re: How to add a user with very limited rights
- Index(es):
Relevant Pages
|
