Need help with an approach to this scenario in SharePoint permission
https://sharepoint.stackexchange.com/questions/262787
-
07-02-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianDomanda
I have been asked by my client regarding these scenario in the organization:
a) We have some XX users (with ID issued by XX, eg XXxxxxx) and currently is not in our AD. b) We wish allow these group of users to be able to access to certain folders in our site A via their XX account c) However, we would not wish to allow them to have access to site B. They should only be able to access to a few selected folders in Site A, but not site B or other folders.
One approach i have thought of was to add these XX users to the AD and inside a security group. remove the Everyone from the sharepoint permissions of Site B. then add these specific AD group users to site A with the necessary permission.
is my approach correct or are there any repercussions with removing the Everyone . permission? and is it also the same as NT AUTHORITY\Authenticated Users?
Soluzione
I can think of below approach which is similar to yours but with couple of changes.
Create XX users in AD.
Create a AD group with XX users, (which only has users from XX ) Say e.g XXADGroup
On Site A - wherever you wanted them to access folders, break the inheritance and give permission by adding XXADGroup to this folders. This will make sure XX users are able to login to site and have access to this folder nothing else.
On Site B - Do nothing...
Hope this helps...Happy coding!!!
