Sams Teach Yourself Microsoft SharePoint 2003 in 10 Minutes
Authors: Spence C. Noel M
 Published year: 2004
 Pages: 122-124/181
Buy this book on amazon.com >>

Creating a Custom Site Group

There may be certain occasions when the default site groups of Reader, Administrator, Web Designer, and Contributor do not provide the level of granularity you require for your site. Fortunately, SharePoint gives you the ability to create your own site group that you can add users to. The site group you create can include any of the following Rights:

  • List rights

    • Manage List Permissions

    • Manage Lists

    • Cancel Check-Out

    • Add Items

    • Edit Items

    • Delete Items

    • View Items

  • Site rights

    • Manage Site Groups

    • View Usage Data

    • Create Subsites

    • Manage Web Site

    • Add and Customize Pages

    • Apply Themes and Borders

    • Apply Style Sheets

    • Browse Directories

    • View Pages

  • Personal rights

    • Manage Personal Views

    • Add/Remove Private Web Parts

    • Update Personal Web Parts

    • Create Cross-Site Groups

To create a custom site group, follow these steps:

1.

From the site home page, click Site Settings .

2.

Under the Administration section, click Go to Site Administration.

3.

Click Manage Site Groups.

4.

Click the Add a Site Group link.

5.

Type a name for the site group and a description.

6.

Enter the rights that members of the site group will have by checking the boxes, as shown in Figure 16.2.

Figure 16.2. Creating a custom site group.


7.

Click the Create Site Group button at the bottom of the page.

Creating your own site groups gives you a much greater degree of flexibility when managing access to your site.


Setting Site Permission Inheritance

If a large number of sites in your SharePoint deployment have the same users, you may benefit from setting up site permission inheritance . This allows users from a site "above" the site in question to have access to the subsite . In essence, the permissions and site group memberships "flow down" to the subsites, when sites are configured this way. Site permission inheritance can be configured when a site is first created, or it can be modified at a later time. As a Site Administrator, you can use the following procedure to change permissions to flow down from an above site:

1.

From the site home page, click Site Settings .

2.

Under Administration, click Go to Site Administration .

3.

Click Manage Permission Inheritance . (If you do not see this link, your site is a top-level site, and the option is not valid. This procedure can only be performed on a subsite.)

4.

Select Use the same permissions as the parent site , as shown in Figure 16.3, and then click OK.

Figure 16.3. Changing site permission inheritance.


5.

Click OK at the warning notice to acknowledge that any customized users or site groups may be lost if you proceed.

Following this procedure and reversing the selection is how you can "detach" a site from a permissions inheritance tree that may be set up. This can be useful if a particular site needs to have a unique set of users.


Configuring List and Library Level Security

After you have added users into the specific site group they need access to, such as Reader or Contributor, those users then inherit those rights across the entire site. If, however, you need to change the ability of certain site groups to access a particular portion of the site, you can modify the security of a particular list or library within your site. This can be useful if you need to give a large group of people Read access to a site, but you also want to restrict them from being able to see information in a specific document library.

To configure specific list or document library security, perform the following steps:

1.

Select the particular list or document library by clicking it from the home page of the site or from the Documents and Lists link on the navigation bar.

2.

On the left side of the page, click Modify settings and columns .

3.

Click Change permissions for this document library (or list ).

4.

From the next screen, shown in Figure 16.4, you can select to add new users, groups, cross-site groups, or domain groups, or modify existing groups. In this example, we are removing the Reader Site group from having access to the document library, so we check it and click the Remove Selected Users link.

Figure 16.4. Modifying document library or list level security.


5.

Click OK to verify these changes.

Using this procedure, you can get even more granular control over the types of permissions your users require in a site.

NOTE

One of the questions often asked at this point is whether SharePoint can get even more granular than this with permissions. For example, many Administrators want to be able to delegate permissions at the folder or document level. Unfortunately, this type of functionality is not currently supported in SharePoint, and the only effective way of accomplishing this type of security granularity is to create multiple document libraries or lists and apply security in the manner just discussed.


Sams Teach Yourself Microsoft SharePoint 2003 in 10 Minutes
Authors: Spence C. Noel M
 Published year: 2004
 Pages: 122-124/181
Buy this book on amazon.com >>

Similar books