Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

User with Reader role able to see documents that are not yet publish

  Asked By: Nishita    Date: Apr 27    Category: Sharepoint    Views: 1432

I'm experimenting with Sharepoint in an effort to determine if we
want to use this tool as a private intranet, and I'm running into a
number of problems that according to the documentation shouldn't be

One is the access allowed to various user roles. When I log in as a
user who is assigned the Reader role and open Sharepoint in the
browser I find a number of inconsistencies:

1. On all pages except the Management page, I see all the links that
should only be seen by users with the Coordinator role (Content,
Layout, Settings). When I click on these links and try to do the
things that are listed on that page I can't do much - I either get an
error message or nothing happens - but it seems that I shouldn't even
be seeing the links at all. (I've tried flushing the management cache
and refreshing the page and deleting all my temporary internet files,
but the links remain)

2.I can see (and open) ALL documents in an enhanced folder, even the
ones which have not been published. I thought Readers could only see
documents that had been published.



3 Answers Found

Answer #1    Answered By: Jerad Mercado     Answered On: Apr 27

Is the user  ID associated with a Local Admin group?

Answer #2    Answered By: Riley Scott     Answered On: Apr 27

I'm not sure I fully understand domain vs local users  and groups, but
here's what I've found so far:

-On the pc where I'm testing (which has windows NT) when I go into
User Manager and check to see what groups the user  is in (which I
THINK are local groups), the user is NOT in the Administrators group,
only in the Users group.

-On the Sharepoint server pc itself (which has windows 2000), when I
go into Computer Management (which, I'm assuming, is similar to User
Manager in NT - I can't find  a User Manager in the program list)and
open "Local Users and Groups" and open  "Groups" I find an
Administrators group. When I open that group and look at the Members
list I find 2 entries:
2.[Our test domain name]\Domain Admins
I don't know where to go to even find the "Domain Admins" group to
see if the user in question is in there, and I don't know if this
even matters...

Don't know if this info gives you the answer you need or not.

Answer #3    Answered By: Adya Khavatekar     Answered On: Apr 27

Try this:

Have your NT admin create an account called SPSTestReader for the general
domain of your company.

Go to the SPS box and launch the SPS administrator MMC

Access the properties of the default workspace

Click on the security tab

Click Add then browse to the domain of the SPSTestReader. Highlight the
users name and click  add. Click OK and then ensure that this user  is set to

Reboot the SPS box. Since this is a development box it is fine, if it was
production box or later in the deployment cycle I would have you restart the
IIS Admin service but let's try to eliminate all possible causes.

Now go to the remote box and log  on as SPSTestReader for the correct domain.

Try to access  the site.

Tell us what happens --

** On a side note, I often log on as SPSTestReader so I can see exactly what
my users/readers are seeing.