Logo
Windows XP
Windows Vista
Windows 7
Windows Azure
Windows Server
Windows Phone
EPL Standings
 
 
Windows Server

SharePoint 2010 : Farm Governance - Creating a new policy for a web application

- 2015 Chevrolet Camaro Z28 - The Legend Returns
- Wagon Audi Allroad Vs. Subaru Outback
- 996 Carrera 4S is Driving Perfection
5/1/2013 6:39:53 PM

There are times when it is critical for the Farm Administrator to designate security policies for a web application. An administrator can do this from Central Administration and it overrides security implemented at the site collection and at sub-site level.

The following are some useful scenarios where this may be implemented:

  • Enterprise organizations need to designate at least one person as the Site Administrator. Once assigned, they are now the administrator of the web application. This is not to be confused with the Farm Administrator or a Site Collection Administration.

  • When bringing sites online, it is advantageous to set up security to deny access to all users. Allow access to only those users who are your beta users. After the site is live, you can remove these restrictions.

In this recipe, we will show how to create a new policy and then add users to it.

Getting ready

You must have farm-level administrative permissions to the Central Administration site. There must be a web application set up.

How to do it...

  1. Open up the SharePoint 2010 Central Administration website.

  2. Click Application Management.

  3. Under the first section named Web Applications, click Manage web applications.

  4. Click the web application and see the ribbon light up. The rightmost button is Permission Policy; click on it. Refer to the next screenshot:

  5. A pop-up form appears, click Add Permission Policy Level.

  6. The following screen appears:

    The list is comprised of five components:

    • Name: Create a name for the permission level with a description.

    • Site Collection Permissions: Selecting the Administrator option automatically grants read and write access to everything. Selecting Auditor for the site collection gives read access to everything.

    • List Permissions: Granular control to deny or grant rights over objects at a list level.

    • Site Permissions: Granular control to deny or grant rights over objects at a site level.

    • Personal Permissions: Gives the users in this policy control over personal views and web parts.

    For the purposes of this recipe, do not select site collection administration or auditor. Check Grant All. Click Save.

    BetaFinanceTesters now appears in the listing of permissions policy. Click OK.

  7. On the web application page, click User Policy on the ribbon.

  8. A screen is displayed, showing users who have a policy for the web application. Click the Add Users link.

  9. A wizard pop-up is presented. Choose the All zones option from the drop down list. Click Next.

  10. On the ensuing form:

    • Select a user (or group).

    • Under Choose Permissions, check BetaFinanceTesters.

    • Choose System Settings. Do not check the box Account operates as System box.

  11. Click Finish.&;&;

How it works...

This recipe is broken into two parts:

  • Setting the permissions policy: In steps 4 to 8, we defined a custom policy that was consequently saved in SharePoint. This policy defines the rights of the users that will belong to it. It is associated with the web application chosen.

    In our recipe, we showed how to add a policy. By clicking on an existing policy, it can be edited. There is also an option to delete the policy.

  • Designating users to that policy: In steps 9 to 11, we are selecting users or group accounts and then assigning the custom permission level to them.

    Users can also be deleted or their permissions edited via step 9.

Top Search -----------------
- Windows Server 2008 R2 : Work with RAID Volumes - Understand RAID Levels & Implement RAID
- Windows Server 2008 R2 Administration : Managing Printers with the Print Management Console
- Configuring Email Settings in Windows Small Business Server 2011
- Windows Server 2008 R2 : Configuring Folder Security, Access, and Replication - Implement Permissions
- Monitoring Exchange Server 2010 : Monitoring Mail Flow
- Windows Server 2008 R2 :Task Scheduler
- Windows Server 2008 R2 : File Server Resource Manager
- Windows Server 2008 R2 : Installing DFS
- Exchange Server 2010 : Managing Anti-Spam and Antivirus Countermeasures
- Windows Server 2008 R2 : Configuring Folder Security, Access, and Replication - Share Folders
Other -----------------
- Workflow in Dynamics AX 2009 : Windows Workflow Foundation, Automating Business Processes
- Workflow in Dynamics AX : Dynamics AX 2009 Workflow Infrastructure
- Microsoft Dynamics CRM 2011 : Using Advanced Find (part 5) - Using Edit Multiple Records and Assign Multiple Records from Advanced Find
- Microsoft Dynamics CRM 2011 : Using Advanced Find (part 4) - Using Advanced Filter Criteria
- Microsoft Dynamics CRM 2011 : Using Advanced Find (part 3) - Creating and Sharing a Saved View
- Microsoft Dynamics CRM 2011 : Using Advanced Find (part 2) - Organizing and Formatting Advanced Find Results
- Microsoft Dynamics CRM 2011 : Using Advanced Find (part 1) - Performing Advanced Find Queries
- System Center Configuration Manager 2007 : Available Reports and Use Cases (part 4) - Asset Intelligence, Reporting on Application Compatibility
- System Center Configuration Manager 2007 : Available Reports and Use Cases (part 3) - Client Status Reporting
- System Center Configuration Manager 2007 : Available Reports and Use Cases (part 2) - Reporting on Sites, Reporting on Configuration Manager Operations
 
 
Most view of day
- Visual Basic 2010 : Advanced Compilations with MSBuild - Introducing MSBuild (part 1) - Introducing Projects
- SOA with .NET and Windows Azure : Process Abstraction and Orchestrated Task Services (part 1) - Workflows Published as ASMX Services
- Crashes and Error Messages (part 6) - Green Ribbon of Death & Blue Screen of Death
- Capturing Screens and Windows with the Snipping Tool (part 1) - Creating Snips
- Creating Transitions and Interactivity (part 1) - Toolkit Page Transitions
- Microsoft Word 2010 : Expanding Word Functionality - Setting Developer Options & Understanding How Macros Automate Your Work
- Leveraging Social Networking Tools in SharePoint 2010 : Reviewing the User Profile Service Application Settings
Top 10
- Microsoft Exchange Server 2010 : Defining Email Addresses (part 3) - Email Address Policies - Creating a New Email Address Policy
- Microsoft Exchange Server 2010 : Defining Email Addresses (part 2) - Email Address Policies - Changing an Existing Policy
- Microsoft Exchange Server 2010 : Defining Email Addresses (part 1) - Accepted Domains
- Microsoft Exchange Server 2010 : Basics of Recipient Management - Exchange Recipients
- Windows Server 2012 : File Services and Storage - Configuring iSCSI storage (part 7) - Using iSCSI Initiator - Creating volumes
- Windows Server 2012 : File Services and Storage - Configuring iSCSI storage (part 6) - Using iSCSI Initiator - Establishing a connection
- Windows Server 2012 : File Services and Storage - Configuring iSCSI storage (part 5) - Using iSCSI Initiator - Discovering targets
- Windows Server 2012 : File Services and Storage - Configuring iSCSI storage (part 4) - Using iSCSI Initiator - Configuring iSCSI Initiator
- Windows Server 2012 : File Services and Storage - Configuring iSCSI storage (part 3) - Configuring iSCSI Target Server - Creating iSCSI virtual disks
- Windows Server 2012 : File Services and Storage - Configuring iSCSI storage (part 2) - Configuring iSCSI Target Server - Installing the iSCSI Target Server role
Windows XP
Windows Vista
Windows 7
Windows Azure
Windows Server
Windows Phone
2015 Camaro