Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Security Overview Functional security – users, groups, and permissions for sites, lists,

Similar presentations


Presentation on theme: "Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Security Overview Functional security – users, groups, and permissions for sites, lists,"— Presentation transcript:

1 Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Security Overview Functional security – users, groups, and permissions for sites, lists, folders and list items within SharePoint. Application security – authentication, server access, database access, firewall, network on server computers.

2 Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Authentication – the process of verifying user identity. Authorization – determining the permissions level that an authenticated user has to specific resources such as sites, lists, folders, and list items. example: Entering credentials during a log-on process into a computer or a website. Security: Authentication vs. Authorization example: Can Dave Green create lists in Chemistry 101 site? Does Lucy Smith have “professor assistant” permission level in Humanities 156?

3 Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Security Definition: Permission Permission is a right to perform a specific action on a resource in SharePoint. example: List permissions: Add Items, Delete Items, … Site permissions: View Usage Data, Create Subsites,.. Personal permissions: Manager Personal Views, …

4 Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Security Definition: Permissions Level Permission level – is a collection of permissions or in other words a role

5 Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Security Definition: Permissions Level Details

6 Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Security Definition: Active Directory Active Directory (AD) – user and group directory for Microsoft platform. Typically, only a small group of people with proper permissions can create or modify users or groups in AD. SharePoint users with “Manage Permissions” permission can assign a permission level to any user or group from AD within a specific site.

7 Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Security Definition: SharePoint Group SharePoint group is collection of AD users and/or groups, but cannot contain other SharePoint groups. –SharePoint users with “Manage Permissions” permission can assign a permission level for SharePoint groups –“Create Groups” permission enables users to create, modify, and delete SharePoint groups.

8 Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Functional – Site Permissions Site Settings > Advance Permissions

9 Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Security: Permissions Inheritance Site can inherit permission from the parent site or have unique permissions. Site can not inherit permissions from a site in a different site collection.

10 Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Functional – Authenticated Users Access Controlling Access for All Authenticated Users –If you want all authenticated users to be able to access your site, rather than adding each user individually or in groups, you can assign a permission level to assign to all authenticated users (NT Authority\Authenticated Users).

11 Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Security Definition: Security Principal Security Principal – user or group used to control security The key to scaling security is keeping the number of principals reasonable at any one resource (site, list, list item) example: When adding an AD user to the site, the user is the principal. When adding AD group to the site, the group is the principal.

12 Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Application – User Information List User information list contains all the users and groups in the site collection Typically, other lists lookup values from user information list. example: “Assigned To” column in “Tasks” list or “Modified By” in “Document Library”. Changing display names of users in the user information list will change them for everything in the site collection.

13 Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Demo: Site Level Security 1. Examine default permission levels and permissions that make them up at the root site and sub sites 1.Give AD users and groups access to different sites and assign permissions levels 2.Examine default SharePoint groups. 3.Create a new SharePoint group, assign permission level to it and examine where that group is available 4.Examine User Information List 5.Examine the setup of Visitors, Members, and Owners groups for a new site that does not inherit permissions

14 Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Functional – List Permissions Authorization in the list, folder, or list item works in the same way as in the site.

15 Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Functional – List Only Permissions Users with permissions to access specific lists only will have “Limited Access” permission level on the website. The same is true for list items and folders.

16 Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Demo: List, Folder, List Item Security 1.Examine list, folder, list item permissions settings 2.Examine permission inheritance

17 Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Lab: Exercises 1-4 Perform exercises 1-4 from Security Lab

18 Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Free Style Exercise 1.Under “Courses”, create a site called “Chemistry 152”. 2.In “Chemistry152” create a sub site called “Polymerization”. 3.Give “Dave Green” access to “Polymerization” but not to “Chemistry152”. 4.Give “Dave Green” rights to view “Contacts” list in “Chemistry152”.

19 Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Demo: Help Pages


Download ppt "Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Security Overview Functional security – users, groups, and permissions for sites, lists,"

Similar presentations


Ads by Google