SharePoint Portal Server relies heavily on the existing native Windows NT Access Control List (ACL) and NT user -IDs. Additional functional administrative control can be used to ease security administration. The security is compatible with Microsoft Windows NT version 4 as well as Windows 2000 file-based security. NOTE Even though Windows NT version 4 and Windows 2000 directory security can be leveraged, remember that SharePoint Portal Server can only be installed on a Windows 2000 server. This security control is essential to ensure that workspace readers can only see and access documents in which they have the appropriate security context. The integrated functionality within SharePoint Portal Server also ensures that Coordinators do not have to administer security utilizing multiple security tools across multiple locations. SharePoint Portal Server utilizes a concept of security roles based on how authors and editors will work within a workspace. The three security roles that are used are Reader, Author, and Coordinator. Granular access is controlled through assigning users one of these three roles. If users are not assigned one of the three roles, they will not have access to view data within the workspace. Administrators can add NT users and groups to the role to provide the required level of access. In addition to roles, granular access can be further controlled by specifying security at the workspace level, folder level within the workspace, or on a per-document level within the folder. To simplify administration, inheritance rules enable workspaces and folders to inherit security access control by default. These changes can be easily modified according to your organization's context-level security business requirements. To learn more about the security within SharePoint, see "SharePoint Security Concepts," p. 280. |