MOSS Forum

Ask Question   UnAnswered
Home » Forum » MOSS       RSS Feeds

Problems with List Permissons

  Asked By: Camille    Date: Jul 20    Category: MOSS    Views: 608

I have a List in my MOSS 2007 Extranet, I have set permissons on List
Items that certain accounts can only see certain list items and not see
others within one list, this works in sharepoint, but once the end user
does an export to excel using the all items view, all list items are
exported to Excel, even though they do not have permissons to view the
list items,

Is there away I can apply Export to excel permissons or remove export
to excel feature all together.



13 Answers Found

Answer #1    Answered By: Aditiya Kapale     Answered On: Jul 20

This is a significant oversight by the Office team. Two
1. Does this also happen in lists attached to MS Access?
2. Have you reported the problem to PSS?

Answer #2    Answered By: Faith Delgado     Answered On: Jul 20

1)Yes, the same thing happens in Access, it ignores SharePoint List
Item Level permissons,

2)Have not yet reported to Microsoft Support as reasonably new to
Development and not sure of the process... Do I need to open a Tech
Support Incident or do I Submit a bug via MSDN somewhere?

Answer #3    Answered By: Selena Glenn     Answered On: Jul 20

Yes, call PSS and open a support incident. It is much easier for people
that have support agreements because there isn't the barrier of a pay
per incident question. If it turns out to be a bug, I don't believe that
they charge you for reporting it.

Answer #4    Answered By: Jonathon Palmer     Answered On: Jul 20

I can't reproduce this behavior.

Can you provide the exact steps your using for your security settings?


1) Add item to list

2) Set security on that "user1" has <some permission level>

3) Etc.


Answer #5    Answered By: Aastha Patel     Answered On: Jul 20

At site level, our Extranet Partners are split into two groups,



Each Group has its respective users as members; these groups
have "Read" access at Top Site Level.

We then have a custom SharePoint list, which is made up of about 100
Columns, Our staff then enters list  Items, on entering List items, we
allocate the list item to either PartnerCompanyA, or PartnerCompanyB
depending on certain criteria. If we allocate to PartnerCompanyA,
then we do not wish PartnerCompanyB to see the list item, and vice-

PartnerCompanyA and PartnerCompanyB have "Read" access to this list,
the list is not inheriting and has its own set of permissions, and on
each List item we have removed the entry for the Partner Company that
does not need to see the list item, We remove the group from the list
item completely as there is no "No Access" or "Disallow" option

In SharePoint this works, on the default "All Items" view, and other
reviews with filters, the problem occurs when we Export to Excel or
Access, it ignores the Item level permission and Exports everything
from the view.

Answer #6    Answered By: Akshay Gupta     Answered On: Jul 20

I still cannot reproduce, I tried with Domain Groups and SharePoint
groups matching your users as noted below, and the same permission
settings as you describe.

Are you using Excel 2007 or 2003?

Anyone else able to reproduce this? If so, we should bug it for sure.

I can contact the appropriate people to get this in front of their faces
pretty quick, if this is truly a security hole.

Answer #7    Answered By: Trinity Scott     Answered On: Jul 20

We are using Office 2007, I have emailed one of our regional offices
that have not yet been upgraded, asking them to check the Export
using Office 2003, will post once I get their response.

Have uploaded screen shots of Security Settings to confirm.

The example list  item has the Security Group Re-Think, but not
Coastline, as a coastline I can not see this in sharepoint, but can
in the export to excel.


Answer #8    Answered By: Constance Guerrero     Answered On: Jul 20

I haven't recreated your configuration, but I've tested your scenario
using our security configuration and it excludes the items for which
users do not have read permission (Office 2003).

Answer #9    Answered By: Caleb Gordon     Answered On: Jul 20

I missed your post explaining that your situation is an Extranet. I
assume you're using Forms Based Authentication and SharePoint Groups
only for security? We're using Integrated Windows authentication and
strictly Active Directory security groups for security - no SharePoint
groups at all.

Answer #10    Answered By: Irving Hurley     Answered On: Jul 20

Have just deployed SP2 for Windows 2003 Server as instructed by
Microsoft Tech Support,

Seems to have corrected the problem, have not changed anything other
than deploy the SP2.

We are using SharePoint Groups, with Forms Authentication via ISA

Answer #11    Answered By: Tiana Whitaker     Answered On: Jul 20

Did the tech person "Tell" you the problem was resolved by SP2?, or just
say "Please install SP2 and see if that solves the problem".

I don't have SP2 on my servers, and I wasn't able to reproduce. I
didn't do FBA though, so it could be a problem with that.

Answer #12    Answered By: Alice Chandler     Answered On: Jul 20

I didn't get as far as the SharePoint Support Team, was advised to
install SP2 as a pre-requisite for opening my Support Incident. I
gave my Support ID, was asked questions about the problem I was
having, gave a brief explanation, was asked if I had tried SP2 on the
server, and told to call back if that made no difference.

Answer #13    Answered By: Lynette Sawyer     Answered On: Jul 20

Well...A couple of things to take away from this

1) I only have SP1 on my test boxes, and I could not reproduce the
problem, so if I didn't have a problem with SP1, then I doubt SP2 is
what fixed the problem.

a. Yet, I still need to test this with FBA.

2) Many moons ago (ok, up till about 3 months ago), I worked for
Microsoft doing SharePoint support/tool authoring, etc., and I'm "Not"
saying that the support person you spoke to did a bad job, but what
probably happened is you stated "Security problem", and based on their
common response it was "Security problem = Ensure customer has latest OS
service pack"....which isn't a bad thing at all, but I'm afraid you may
have been charged money for trying to report a real bug, only for the
problem to go away temporarily because of a reboot (And had nothing to
do with the Service Pack install )

Regardless, once I get my FBA site set back up on my dev images...I'll
test this again and try to let you know my findings.

If you see it again:

1) Let me know

2) Call Support back and reference the old SRX (IF they gave you
one) and ensure that you let them know you've got SP2 on and it appears
to be specifically a "SharePoint" problem.

Didn't find what you were looking for? Find more on Problems with List Permissons Or get search suggestion and latest updates.