Welcome: Guest!

MOSS Forum

 
Home » Forum » MOSS       Ask a questionRSS Feeds

Accumulation of site Level "Limited Access" permissions

  Asked By: Darren Andrews         Date: Jan 08, 2007      Category: MOSS      Views: 1047
 

When you break inheritance and grant permissions to a user at the
subsite or document library level, MOSS automatically grants the user
the 'Limited Access' permission level to the root of the site. This is
so the user can access stuff at the root that is needed to render the
subsite or library.

With permissions for the user in place at the subsite or library level,
the system will allow you to remove the site level ('Limited Access')
permission for the user, and will remove with it any subsite level or
document level permissions. This is probably a good thing, as it will
prevent 'orphaned' permissions from being left throughout the site
hierarchy. However, when you remove permissions for a user at the
subsite or library level, the 'Limited Access' permission for the user
remains at the site level. This is true even if the user has no other
subsite level or library level permissions in the entire site.

I would rather that MOSS cleaned these un-needed permissions out, but we
can live with that and clean them out ourselves. There's this problem,
though: if we inspect site-level permissions and see 'Limited Access'
permissions in place for a user, how can we know if there are subsite
level or library level permissions in place for the user? How can we
know whether it should be cleaned out or not?

Tagged:              

 

2 Answers Found

 
Answer #1       Answered By: Christen Roberson          Answered On: Jan 08, 2007       

The answer is to buy DeliverPoint 2007. See here:
www.barracudatools.com/Products/DeliverPoint" target="_blank" rel="nofollow">www.barracudatools.com/Products/DeliverPoint+2007/
<www.barracudatools.com/Products/DeliverPoint" target="_blank" rel="nofollow">www.barracudatools.com/Products/DeliverPoint+2007/> For those
of you not familiar with Barracuda Tools, you should know that they are
a sister company to the sponsors of this list Mindsharp. Seriously,
DeliverPoint 2007 will be released next week and one of its features is
to display all the permissions  for a particular user  at every level  of
the whole farm. You could easily see whether there is a Limited Access
permission hanging around that isn't still being used for a specifc
permission in a lower level site  or library.

 
Answer #2       Answered By: Faith Delgado          Answered On: Jan 08, 2007       

Another product I saw at a Quest booth at a conference was their Site
Administrator for Sharepoint.
www.quest.com/site-administrator-for-sharepoint/

It has a user permissions  management feature. I'm not sure if these are
competing or complementary products, I haven't looked closely at either yet.
But I'm building my bookmark list of administrative tools and thought I'd
share. I've definitely bookmarked the DeliverPoint too.

 
Didn't find what you were looking for? Find more on Accumulation of site Level "Limited Access" permissions Or get search suggestion and latest updates.


Your Answer
  • Answer should be atleast 30 Characters.
  • Please put code inside [Code] your code [/Code].

 
Hall of Fame  |  Facebook  |  Twitter  |  LinkedIn  |  Terms of Use  |  Privacy Policy  |  Contact us
RSS Feeds: Articles |  Forum |  New Users |  Activities |  Interview FAQ |  Poll |  Hotlinks


Go4Sharepoint, is a Microsoft Featured Community. Microsoft, Windows, Sharepoint, Sharepoint logo, Windows logo, etc are trademarks of the Microsoft Corporation. All product names, logos, copyrights, and trademarks mentioned are acknowledged as the registered intellectual property of their respective owners. This site is not in any way affiliated with, nor has it been authorized, sponsored, or otherwise approved by, Microsoft Corporation.

Copyright © 2008-2011