Comments on: Microsoft Office SharePoint Server 2007 Security Model

By: harshkumar

harshkumar — Thu, 31 Dec 2009 21:50:17 +0000

First of all. Thanks very much for your useful post.

I just came across your blog and wanted to drop you a note telling you how impressed I was with the

information you have posted here.

Please let me introduce you some info related to this post and I hope that it is useful for community.

There is a good SharePoint resource site, Have alook

http://www.how2sharepoint.com/

http://www.sharepoint2003.com/

http://sharepointbank.com/

Thanks again
Rahul

By: devil's advocate

devil's advocate — Wed, 01 Oct 2008 16:43:35 +0000

MOSS in my opinion does NOT have a sufficient security model, for instance, what do you do if you want creators of a document by default to have control over their own document in a document library as well as anyone they assign to have edit rights.

What do you do to restrict specific contributors from having the ability to create folders for instance, and how do you remove the option to create folders from the 'new" menu for those users? Custom development of "best fit" type modifications to SharePoint's default workings are required. These customizations are often times dificult to build and maintain.

To say the SharePoint can meet complex security requirements is simply not true. SharePoint security is not granular enough, and it is dificult to extend to incorporate anything outside the default functionality.

I read this article and I laughed... clear and blatant propaganda. It detracts from the real challenges that people in the real world have configuring SharePoint security in an enterprise environment. It is not a accurate or realistic representation of the facts.

By: Steven Priefer

Steven Priefer — Fri, 19 Sep 2008 00:35:40 +0000

“Likewise, if a user only has read access to a particular document and the user opens a link to that document from a search results page, that user will be unable to edit that document.”
Though this statement is corret but to fully clarify no mater what rights you have to a file you are unable to edit a document after you search for it.

By: Panganamala Srinivas

Panganamala Srinivas — Mon, 18 Aug 2008 16:51:02 +0000

Useful, informative. Need more details about how other applications integrate their Enterprise Wide security model via with MOSS and whether macros/scripting can perioduically automate ADS User and/or User Group migrations. Can MOSS make these changes at near real time or dies it take an overnigth batch job or program? What are the typical problems you face if you use ibm Websphere instead of IIS? Is seamless integration preserved? If not allude to the solution/scope of the workaround. Thanks. You could include a Map/Logical Matrix with some notes of Specific BI Tools against compatability with MOSS ADS.

By: Panganamala Srinivas

Panganamala Srinivas — Mon, 18 Aug 2008 10:51:02 +0000

By: Brian Long

Brian Long — Wed, 23 Jul 2008 19:04:04 +0000

Thanks Mauro, good stuff. I shared this with our consulting team.
Brian

By: George Leithead

George Leithead — Wed, 23 Jul 2008 12:02:36 +0000

A really good article Mauro. Highlights the shear amount of user control that can be achieved, and conversely the complexity of supporting such security! *gulp*

By: Chandana N. Athauda

Chandana N. Athauda — Wed, 23 Jul 2008 12:01:44 +0000

Good Article…! Coz, it’s giving clear overview about SharePoint Security Model…!

By: Paul Culmsee

Paul Culmsee — Wed, 23 Jul 2008 10:39:04 +0000

Mauro good article and for what its worth I really liked that book you co-authored. On the topic of SharePoint security, readers may be interested in a little experiment I performed the other day and posted about here:

http://www.cleverworkarounds.com/2008/07/22/usi...

regards

Paul

By: Arno Nel (SharePoint Magazine)

Arno Nel (SharePoint Magazine) — Wed, 23 Jul 2008 06:56:22 +0000

Good article Mauro and Nicholas !
Provides a solid base from which to work…