Tuesday, December 28, 2010

SharePoint User Permissions

When SharePoint is installed, by default it will create a set of Permissions, which can be viewed by “Central Administration” => “Application Management” => “Manage WebApplications” => Highlight the WebApplication => Click on “User Permission”.

image

To secure the contents at various levels within SharePoint sites, it is these permissions that has to be enabled by the administrators. Each permission has a level of it’s own which can be; List, Site or Personal.

These Permissions are grouped/combined to create the Permission Levels. 

List level Permissions…

Permission Description Type Permission Level

Manage Lists

Create and delete lists, add
or remove columns in a list,
and add or remove public
views of a list.

List

Full Control, Design, Manage
Hierarchy

Override
Check Out

Discard or check in a document
that is checked out to
another user.

List

Full Control, Design, Approve,
Manage Hierarchy

Add Items

Add items to lists, and add
documents to document
libraries.

List

Full Control, Design, Contribute,
Approve, Manage Hierarchy

Edit Items

Edit items in lists, edit documents
in document libraries,
and customize Web Part
pages in document libraries.

List

Full Control, Design, Contribute,
Approve, Manage Hierarchy

Delete Items

Delete items from a list, and
documents from a document
library.

List

Full Control, Design, Contribute,
Approve, Manage Hierarchy

View Items

View items in lists, and documents
in document libraries.

List

Full Control, Design, Contribute,
Read, Approve, Manage
Hierarchy, Restricted Read

Approve Items

Approve a minor version of a
list item or document.

List Full Control, Design, Approve
Open Items

View the source of documents
with server-side file
handlers.

List

Full Control, Design, Contribute,
Read, Approve, Manage
Hierarchy, Restricted Read

View Versions

View past versions of a list
item or document

List

Full Control, Design, Contribute,
Read, Approve, Manage
Hierarchy

Delete
Versions

Delete past versions of a list
item or document.

List

Full Control, Design, Contribute,
Approve, Manage Hierarchy

Create Alerts Create alerts List

Full Control, Design, Contribute,
Read, Approve, Manage
Hierarchy

View
Application
Pages

View forms, views, and application
pages; enumerate lists.

List

Full Control, Design, Contribute,
Read, Approve, Manage
Hierarchy

Site level Permissions…

Permission Description Type Permission Level

Manage
Permissions

Create and change permission
levels on the website
and assign permissions to
users and groups.

Site Full Control, Manage Hierarchy

View Web
Analytics Data

View reports on website
usage.

Site Full Control, Manage Hierarchy

Create
Subsites

Create subsites such
as Team sites, Meeting
Workspace sites, and
Document Workspace sites.

Site Full Control, Manage Hierarchy

Manage
Web Site

Grant the ability to perform
all administrative tasks for
the website, as well as manage
content.

Site Full Control, Manage Hierarchy

Add and
Customize
Pages

Add, change, or delete
HTML pages or Web Part
pages, and edit the website
using a Microsoft SharePoint
Foundation compatible editor.

Site

Full Control, Design, Manage
Hierarchy

Apply Themes
and Borders

Apply a theme or borders to
the entire website

Site Full Control, Design

Apply Style
Sheets

Apply a style sheet (.CSS file)
to the website.

Site Full Control, Design
Create Groups

Create a group of users that
can be used anywhere within
the site collection.

Site Full Control

Browse
Directories

Enumerate files and folders
in a website using SharePoint
Designer and WebDAV
interfaces.

Site

Full Control, Design, Contribute,
Approve, Manage Hierarchy

Use Self-
Service Site
Creation

Create a website using Self-
Service Site Creation

Site

Read, Contribute, Design,
Full Control

View Pages View pages in a website. Site

Full Control, Design, Contribute,
Read, Approve, Manage
Hierarchy, Restricted Read

Enumerate
Permissions

Enumerate permissions on
the website, list, folder, document,
or list item.

Site Full Control, Manage Hierarchy

Browse User
Information

View information about users
of the website.

Site

Full Control, Design, Contribute,
Read, Limited Access, Approve,
Manage Hierarchy

Manage Alerts

Manage alerts for all users of
the website.

Site Full Control, Manage Hierarchy

Use Remote
Interfaces

Use SOAP, Web DAV, the
Client Object Model, or
SharePoint Designer interfaces
to access the website.

Site

Full Control, Design, Contribute,
Read, Approve, Manage
Hierarch

Use Client
Integration
Features

Use features that launch client
applications. Without this
permission, users must work
on documents locally and
upload their changes.

Site

Full Control, Design, Contribute,
Read, Limited Access, Approve,
Manage Hierarchy

Open

Allow users to open a website,
list, or folder in order
to access items inside that
container.

Site

Full Control, Design, Contribute,
Read, Limited Access, Approve,
Manage Hierarchy, Restricted
Read

Edit Personal
User
Information

Allow a user to change his
own user information, such
as adding a picture.

Site

Full Control, Design, Contribute,
Approve, Manage Hierarchy

Personal level Permissions…

Permission Description Type Permission Level

Manage
Personal
Views

Manage
Personal
Views

Personal

Full Control, Design, Contribute,
Approve, Manage Hierarchy

Add/Remove
Personal
Views

Add or remove personal Web
Parts on a Web Part page.

Personal

Full Control, Design, Contribute,
Approve, Manage Hierarchy

Update
Personal Web
Parts

Update Web Parts to display
personalized information

Personal

Full Control, Design, Contribute,
Approve, Manage Hierarchy

A blog post on Permission levels soon to be released. Winking smile

Manage SharePoint Farm Administrators

To Manage SharePoint 2010 Farm Administrators, follow the steps given below.

Go to “Central Administration”, select “Security” and go to “Manage the Farm Administrators Group”. Within this screen we can manage the Farm Administrators.

image

To remove a user, select the user by clicking on the checkbox on the leftmost column, go to “Actions” and click on “Remove Users from Group”.

(The reason why I wrote this simple blog post is, in one of the popular SharePoint 2010 Administration books I read recently, they have guided the reader in a wrong path)

Monday, December 13, 2010

Corporate portal with classic authentication or with claims-based authentication

These design samples illustrate a typical corporate deployment, with the most common types of SharePoint sites represented. The two samples differ only in the mode of authentication that is implemented -- one uses classic authentication and one uses claims-based authentication.

SharePoint 2010 Corporate Portal_ClassicAuth

SharePoint 2010 Corporate Portal_ClaimsAuth

You can download it in PDF, Visio or in XPS formats from here.

Thursday, December 9, 2010

Fortune 500 Companies Using SharePoint

Below text is extracted from an article written by Julian Corlaci about Fortune 500 companies using Microsoft SharePoint.

image

“Microsoft is still claiming SharePoint Server as the fastest growing product in company history, which is very impressive coming from such a diversified software maker powerhouse.”

“According to Association for Information and Image Management (AIIM) one in two corporations are now using SharePoint Server and in 22% of the companies, every employee uses this popular Microsoft collaboration tool. SharePoint usage is widely spread due to its complex collaboration structure and its flexibility. From enterprise search, enterprise content management (ECM), Business Process Management, business intelligence, records management, archiving, Intranet/Extranet, file sharing to public-facing websites, which will be covered in this article.”

Read More

image

Tuesday, December 7, 2010

Thursday, December 2, 2010

Free Sessions - Claims Based Authentication and Visio Services in SharePoint 2010

Sri Lanka .NET Forum
.NET User Group Meeting – December 2010

Session1: Claims based authentication
SharePoint Server 2010 utilizes a new authentication model called claims-based authentication(CBA). CBA is based on the concept of identity and utilizes open source standards and protocols so that it works with any corporate identity system, not just Active Directory and not just Windows-based systems. Lean how SharePoint 2010 has expanded its authentication mechanism beyond Windows Authentication and Forms Authentication.

Session 2: Visio Services in SharePoint 2010
A picture is worth a thousand words, and Visio provides the canvas and the tools to create drawings that represent ideas and concepts ranging from network topologies to landscape design, and process diagrams to UML. Using Visio you can connect the information stored across disparate repositories to shapes, and now the drawing is dynamic instead of static.
 
Speaker: Prabath Fonseka
Software Architect - IronOne Technologies
MSc. in Advanced Software Engineering
MCPD, MCTS, MCP

Date: 3rd December 2010 (Thursday)
Time: 6.00 PM Onwards
Venue: Training Room (Sithuvili) , 11th, DHPL Building, Colombo 02
Entrance: Free