Flylib.com

Books Software

 
 
 

Category list


Similar pages

Section 2.9. Adding Members Quickly


Buy on amazon.com >>
Webb J.
    << Previous page
    Table of contents
    Next page >>

    2.9. Adding Members Quickly

    By default, SharePoint uses network domain accounts to authenticate users. Once authenticated, SharePoint checks the user's identity against the list of members for the site. If the user is a member, he or she is granted permissions based on the group that he or she belongs to (Guest, Reader, Contributor, Web Designer, or Administrator).

    You can add individual members to your SharePoint site by following the procedure in "Adding Members" earlier in this chapter, but that can be a lot of work if you have a large organization with a lot of users. To add everyone that has a network account quick access:

    1. From your SharePoint site, choose Site Settings Go to Site Administration Manage anonymous access. SharePoint displays Figure 2-28.



    2.10. Allowing Anonymous Access

    If your SharePoint site is used over the Internet, you may want to allow users who don't have network accounts access to parts of your site. This allows the general public to view pages, participate in discussions, and complete surveys. SharePoint disables anonymous access when it is installed, so you must re-enable it in IIS and then authorize anonymous access within the SharePoint site.

    To allow anonymous access to a SharePoint site:

    1. From your SharePoint server, start IIS and select the SharePoint site.

    2. Choose Action Properties Directory Security, then click Edit. IIS displays the page shown in Figure 2-29.

    3. From your SharePoint site, choose Site Settings Go to Site Administration Manage anonymous access. SharePoint displays Figure 2-28.


    4. Enabling anonymous access for the entire web site allows unauthenticated users to view all of the folders in your site. Allowing access to lists and libraries restricts anonymous users to folders that have anonymous access specifically enabled. This is the most practical setting for most SharePoint sites since your site usually contains a mix of public and not-so-public information.

      To enable anonymous access to a specific list or workspace:

      1. Follow the previous procedure and select Lists and libraries (Figure 2-28).

      2. Navigate to the workspace or list on the SharePoint site and select Modify settings and columns Change permissions for this document library Change Anonymous access. The Anonymous Access page displays.


    2.11. Maintaining Server Security

    Access to SharePoint sites is controlled through the authentication settings in IIS. The default setting is to use Windows integrated authentication, but sites can also use digest or basic authentication.

    Digest authentication is used when SharePoint is installed in Active Directory mode (as when configured for use by an ISP). Basic authentication sends user name and password information as text, which provides less protection for that information but allows it to pass though a network firewall.

    In addition, the security settings in the site's web.config file can control which users are allowed or denied permission to access the site. For example, the following settings only allow access to users with Administrative privileges on the server: 

    <authentication mode="Windows" />
   <authorization>
         <allow roles="Administrators" />
         <deny users="*" />
   </authorization>
   <identity impersonate="true" />

    The roles attribute above refers to the Windows account group, not the SharePoint group . You can use allow and deny element to add or remove specific roles or users. For example the following element blocks the BeigeBond from access the site: 

    <deny users="WOMBAT1\BeigeBond" />

    The impersonate attribute determines the identity used to run applications within the SharePoint site. In this case, SharePoint . aspx pages and web parts execute using the permissions granted to the user's account.

    Once a user is authenticated, SharePoint uses the members list stored in the site's content database to determine what the user can see and do. This two- tier system allows a lot of flexibility. For example, it is very easy to grant all network users access to the SharePoint site (see "Adding Members Quickly" earlier in the chapter), and then add a few specific members to a particular workspace.

    SharePoint automatically blocks executable file types from being uploaded and includes a virus scanner for uploaded files. To configure these settings from SharePoint Central Administration, choose Manage blocked file types or Configure antivirus settings.

    The default settings do not enable virus-checking, so it's a good idea to change that setting if your site allows access through the Internet.


    Buy on amazon.com >>
    Webb J.
      << Previous page
      Table of contents
      Next page >>

      Similar products

      Similar products

       
      flylib.com © Copyright 2008-2013. All Rights Reserved.
      if you may any questions please contact us: flylib@qtcs.net
      Privacy policy