SharePoint Security and Permission System Overview. From time to time, our customers ask us about how SharePoint security and permission features work, and how should they be utilized.
In this post we try to walk through the basic permission and security features of SharePoint. This post is not intended to be a complete description of every security and permission related feature in SharePoint, but we try to gather all the essential pieces here. We took many screenshots to illustrate what each setting or feature means in practice, enjoy the ride, Additional Resources: Basics: What are permissions? Farm Administrators Farm Administrators group is a group that is managed centrally via SharePoint Central Administration web-site: Farm Administrators include by default SharePoint Farm -account, SharePoint installation account and BUILTIN\Administrators group.
You can give Farm Administration rights to AD groups and AD users: Choose administrators and owners for the administration hierarchy (SharePoint Server 2010) Authentication Providers. How to create a SharePoint 2010 admin account and stop using sp_farm. I’ve been getting a lot of questions on Twitter and during my netcast about permissions.
People seem to really be taking security seriously these days. It seems gone are the days of installing SharePoint as a domain administrator, running everything as domain administrator and logging in as domain administrator to administrate SharePoint. I think this is a great move, and I’ll admit to slacking a little when I install and demo SharePoint 2010. I normally do everything as sp_install or sp_farm (service account explanation) because that’s easiest. Of course that’s horrible idea, and I do feel suitably ashamed of myself.
Create the account The first step is to create the account in active directory. My normal account is contoso\todd, and I created contoso\todd_admin for this exercise. One of the companies I used to work at used this convention and I liked it so much I stole it for my very own. Giving it permissions Now that the account is created, let’s start giving it some permissions. Tk. Rational Guide to implementing SharePoint Server 2010 User Profile Synchronization. Print | posted on Friday, April 23, 2010 7:47 PM Introduction There's a ton of stuff out there on User Profile Sync in SharePoint Server 2010.
Some of it’s good, some of it’s frankly terrible. TechNet has some of the best material, but unfortunately TechNet’s format restrictions are counter-intuitive. Therefore this article presents an end to end, “rational guide” to setting this up. [UPDATE: 01/10/2010] TechNet has recently updated its Configure profile synchronization (SharePoint Server 2010) topic, which is greatly improved and now a first class resource. There are a couple of contentious setup requirements in here. You should really read the Architecture Overview below to become acquainted with the moving parts involved, but if you are impatient, you can skip to the procedure itself. If you are having problems, firstly ensure you are following the steps below exactly. Architecture Overview [UPDATE 11/09/2010] a new, corrected version of the diagram.
Click above to view at full size.