Sharepoint 2010 team site permissions

views:

answers:

Sharepoint 2010 team site permissions

Hi,

I'm probably doing something stupid but I just can't seem to get the permissions working correctly on my collection.

I have a site collection with a mixture of team sites and blogs. From the parent if I am a visitor/reader I can see everything apart from the sub team sites. The only way I can get the user to view the team sites is to grant them owner rights. If I grant any other permission they can't see the sites at all. Is there something I'm doing wrong here!?

Second issue is I am importing a legacy intranet into Sharepoint, I need to be able to say everyone has read rights to all sites/content except a few AD groups don't have permissions to a particular site. Is it possible to create a group with no rights so for example "everyone" would be a reader/viewer but GroupA would not have access because they are part of the "access denied" group (even though they are in the reader group I presume the least permission should apply).

Hope that makes sense, seems like it should be possible but maybe I'm going about it the wrong way.

Thanks

Dan

Make sure you inherit permissions from the top site, there is an option which is selected by default when creating sub sites. I don't know exactly, but I guess you can set permission inheritance in the sub site's options afterwards.

In Sharepoint 2010 you can also deny permissions to certain groups.

elsni 2010-09-27 11:06:29

I've tried the inherit and non inherit from parent but still doesn't work. I haven't seen the deny permission option but that's exactly what I need, I'll search for that. Thanks

ifunky 2010-09-27 11:53:57

Strange, never had such problems.

elsni 2010-09-27 12:57:45

Is it possible to deny permissions at the site level? That's the key thing I'm trying to do with our security import.

ifunky 2010-09-27 14:02:48

+1 A:

Your first question: You should double check that the sub sites are published (the pages). Our tester reported this bug recently and discovered that the reason the Visitor couldn't see the sites bellow was because they had never had a publish/approved version. if that doesn't work, then make sure you check what elsni is suggesting.

Your second question: I think by adding 'everyone' as a reader to the root site, you are allowing everyone to read. I don't think there is a way to say, 'but don't allow users from x group'. You could however break the permissions inheritance and remove 'everyone' from the visitors group in the sites bellow the root. Of course then you have to manage permissions for all of these sites separately but that is the only way I know of achieve what you're trying to do.

Zeb 2010-09-27 12:54:56

Great that was the problem, I had published pages on the subsites but default page at the top site was not published causing nothing to be displayed.

ifunky 2010-09-27 14:00:52

Regarding the permission denied issue it doesn't look like it is possible. Thanks for your help!

ifunky 2010-09-27 14:01:34

No worries :) glad I could help

Zeb 2010-09-27 15:25:12

ansaurus

tags:

views:

answers:

Sharepoint 2010 team site permissions

related questions