Team Site Security for Site Owners - BPC11 - March 2011

BEST PRACTICES CONFERENCE SHAREPOINT

Clarity. Direction. Confidence.

@veroniquepalmer #BPC11

TEAM SITE SECURITY FOR END USERS

Veronique PalmerSharePoint MVP

March 2011







PLAN!PLAN!PLAN!

3 Words



Confusing Terms



Hierarchy

SCA’s

Site Owners

Site Members

Site Visitors



Site Level

List / Library Level

Item Level

Options



Site Owner Tools



Version Comparison

BUILT IN REPORTING!



SharePoint 2007 Management






2007 Essentials

DOCUMENT!









2010 Essentials



2010 Limits

50 000 ceiling on limited access per list / library

10 000 user groups per site collection

5 000 users per Active Directory group

5 000 groups each user can belong to



ARCHITECTINGYOUR SITE



Everyone Just YouYour Team

Who Needs to See the Info?

Team Site My SiteIntranet

Who Are WeWhat We DoContact Us

EditRead

No Access

Shared DocsPersonal Docs

Not Ops

Inherited You DecideUnique



Inherited vs Unique SitesHR Top level site

Unique Permissions

HR Members,

Owners, Visitors

Policies Top Level Site

Unique Permissions

Policies Members,

Owners, Visitors

Operational Subsite

Inherited Permissions

Policies Members,

Owners, Visitors

Training Subsite


HR Members,

Owners Visitors

Vendors Top Level Site

Unique Permissions

Vendors Members,

Owners, Visitors

Courses Top Level Site

Unique Permissions

Courses Members,

Owners, Visitors

Discipl Top Level Site

Unique Permissions

Discipl Members,

Owners, Visitors

Dismissed Top Level Site

Unique Permissions

Dismissed Members,

Owners, Visitors

Court Cases Subsite


Dismissed Members,

Owners, Visitors

Recruitment Subsite


HR Members,

Owners, Visitors

Int Placements Subsite


HR Members,

Owners, Visitors

Ext Placements Subsite


HR Members,

Owners, VisitorsInheritance is broken, what you do here will not affect the site above it.

What you do on the site below affects the site above and vice versa!



AD vs SharePoint Groups



Active Directory Groups

Company Structure Accurate

Security Groups

Channels to Edit

Intranet Sites

Pros



Cons

Active Directory Groups

Rules Confusion

Site Not on My Sites

Can’t See Users

Team Sites



NEW GROUPMANAGEMENT



New Group Management Both






New Group Management 2007















DELETERIGHTS



Delete Rights on Members



Delete Rights on Members

Governance



Delete Rights in Foundation



View All Users in Foundation



LIMITED ACCESSCHAOS



Limited Access 2007 Chaos












Limited Access 2007 Less Chaos

LIBRARYLEVEL

x ??









Limited Access 2010 Better!



UNIQUEPERMISSION SITES



Unique Permission Sites Both



GOTCHASSUMMARY



Management in 2007

Foundation 2010

Limited access chaos

AD group challenges

Inherited site implications

New group governance

Delete rights governance

Teaching beginnersETC!!



Worst Practices

• Permissions on doc level

• Adding users outside groups

• Inheriting on team sites

Best Practices

• Use default groups

• Add URL to new group

descriptions

• Get proper training at the

right time

33



THING

Document!

Plan and

etc

There is no undo button!





Site Hierarchy Poster

http://www.letscollaborate.co.za/Resource-Centre/LCs%20Documents/Poster%20-%20SharePoint%202007%20-%20Site%20Permissions%20for%20End%20Users%20v1.1.pdf

Site Collection Administrator and Farm Administrator Duties

http://office.microsoft.com/en-us/sharepoint-server-help/permissions-for-site-collection-administrators-HA101943260.aspx?CTT=1

More Info for Site Collection Administrators

http://office.microsoft.com/en-us/sharepoint-server-help/control-user-access-with-permissions-HA101794487.aspx?CTT=5&origin=HA101794118

SharePoint 2010 Groups and Permissions Reference Chart

http://office.microsoft.com/en-us/templates/results.aspx?qu=SharePoint&origin=HA101943260&CTT=5#ai:TC101977256|

Control Access to a Specific Piece of Content

http://office.microsoft.com/en-us/sharepoint-server-help/control-access-for-a-specific-piece-of-content-HA101805400.aspx?CTT=5&origin=HA101794118

Resources 1








http://office.microsoft.com/en-us/templates/results.aspx?qu=SharePoint&origin=HA101943260&CTT=5#ai:TC101977256%7C

http://office.microsoft.com/en-us/templates/results.aspx?qu=SharePoint&origin=HA101943260&CTT=5#ai:TC101977256%7C






All SharePoint Permissions articles from Microsoft

http://office.microsoft.com/en-us/sharepoint-server-help/results.aspx?qu=sharepoint%20permissions&origin=HA010379092&queryid=6da473d6a2754ac1ad638d36e08e6640

Configure Permissions for a Blog in SharePoint 2007

http://office.microsoft.com/en-us/sharepoint-server-help/configure-permissions-for-a-blog-HA010021567.aspx?CTT=1

Online Course to Learn Excel Services Permissions in SharePoint 2007

http://office.microsoft.com/en-us/sharepoint-server-help/excel-services-ii-requirements-recommendations-and-permissions-RZ010285649.aspx?CTT=1

Resolving Conflicts in SharePoint Workspaces 2010

http://office.microsoft.com/en-us/sharepoint-workspace-help/resolving-conflicts-and-errors-in-sharepoint-workspace-HA010382158.aspx?CTT=1

Working with Permission Levels

http://office.microsoft.com/en-us/sharepoint-server-help/edit-create-and-delete-permission-levels-HA101805381.aspx?CTT=5&origin=HA101794118

Choosing a Security Group

http://technet.microsoft.com/en-us/library/cc261972.aspx

Resources 2


















Resources 3Manage Memberships of SharePoint 2010 Groups

http://office.microsoft.com/en-us/sharepoint-server-help/manage-membership-of-security-groups-HA101794106.aspx?CTT=5&origin=HA101794118

Setting Permissions on Views

http://www.sharepoint911.com/blogs/laura/Lists/Posts/Post.aspx?ID=76

Allowing Anonymous Users to Comment on Blogs

http://www.sharepointedutech.com/2011/01/20/how-to-allow-anonymous-users-to-comment-on-a-sharepoint-2010-blog/

TechNet Article on How Permissions Work (Level 300)


Restricting Access for Search Purposes

http://office.microsoft.com/en-us/sharepoint-server-help/enable-content-to-be-searchable-HA010379092.aspx

SharePoint Security Issues

http://community.bamboosolutions.com/blogs/sharepoint-2010/archive/2010/06/09/teched-2010-sharepoint-security-permissions-identities-amp-objects-including-a-gotcha-that-breaks-security-trimming.aspx






http://www.sharepointedutech.com/2011/01/20/how-to-allow-anonymous-users-to-comment-on-a-sharepoint-2010-blog/










E E TM M E

Business Owner

User Adoption Specialist

End User Trainer

Team Lead

http://www.letscollaborate.co.za/SitePages/Home.aspx

http://www.linkedin.com/profile/view?id=17015577&trk=tab_pro

http://www.focus.com/profiles/veronique-palmer/public/

http://www.twitter.com/veroniquepalmer

http://www.facebook.com/veronique.palmer

https://mvp.support.microsoft.com/profile/Veronique

http://www.slideshare.net/veroniquepalmer

http://veroniquepalmer.wordpress.com/

http://www.letscollaborate.co.za/SBW/SitePages/Home.aspx

http://www.informationworker.co.za/Pages/default.aspx

http://www.linkedin.com/groups?mostPopular=&gid=42512

http://www.sharepointsaturday.org/johannesburg/default.aspx


Clarity. Direction. Confidence.


Please be sure to fill out your session evaluation!

[email protected]

www.letscollaborate.co.za

THANK YOUFOR YOUR TIME

SAN DIEGO

Technology

Team Site Security for Site Owners - BPC11 - March 2011