tags:

views:

239

answers:

2
+1  Q: 

Weird Permissions Issue in SharePoint

My SharePoint site uses Active Directory authentication. The Site Visitors SharePoint group contains the AD group of all users.

I have a subsite which Site Visitors have Read access to. Inside this subsite, I have a document library which I don't want visitors to have read access to and so I have made the permissions unique for this document library only and only allowed 2 explicit users to have access to it.

Despite this, I can still come onto the site as a Site Visitor AD user and navigate to this document library and read the files inside.

Any idea what's going on here? I should be able to lock down lists and doc libs like this shouldn't I?

Hope someone has seen an issue like this before. Are there any pages I can view which show me what users/groups have permission to this document library other than the standard Permissions one?

Thanks

Graeme

+1  A: 

You might need to try out the Permissions Reporting Tool just today new version has been released.

Kusek  2009-08-27 17:58:23
Thanks for pointing this out - I'll try using this on the site to see what the issues are. I'll accept this answer since it's drawn my attention to it
Graeme  2009-08-28 15:16:25
A: 

Hey there, I'm Kevin and I work on SharePoint permissions

If the users are site collection administrators, they will have access to the list regardless of the permissions set.

Kevin Davis  2009-09-18 07:47:37

related questions

Querying Active Directory with "SQL"?
Can I get more than 1000 records from a DirectorySearcher in Asp.Net?
How to get AD User Groups for user in Asp.Net?
Attempting to update a user's "connect to:" home directory path in AD using C#
Monitoring group membership in Active Directory more efficiently (C# .NET)
How do I speed up data retrieval from .NET AD within ColdFusion
How do you authenticate against an Active Directory server using Spring Security?
Managing large user databases for single-signon.
Move Active Directory Group to Another OU using Powershell
How to move SharePoint sites from one active directory domain to another?
When did I last talk to my Domain Server?
Using ActiveDirectoryMembershipProvider with two domain controllers
I am having trouble getting phpBB to authenticate with our Active Directory
How do I use ADAM to run unit tests?
COMException "Library not registered." while using System.DirectoryServices
Caching Active Directory Data
Windows / Active Directory - User / Groups
Get a list of available domains (NT4 and Active Directory)
How do I use NTLM authentication with Active Directory
I/O permission settings using .net installer
quoting System.DirectoryServices.ResultPropertyCollection
How do you impersonate an Active Directory user in Powershell?
Setting Group Type for new Active Directory Entry in VB.NET
Is there a way for MS Access to grab the current Active Directory user?
Checklist for IIS 6/ASP.NET Windows Authentication?