DISQUS

DISQUS Hello! SharePoint Magazine is using DISQUS, a powerful comment system, to manage its comments. Learn more.

Community Page

SharePoint Magazine

SharePoint Magazine is an online magazine dedicated to the world of SharePoint and related Information Worker technologies.
Jump to original thread »
Author

Microsoft Office SharePoint Server 2007 Security Model

Started by Arno Nel (SharePoint Magazine) · 11 months ago

The purpose of this document is to explore the security model of MOSS and to explain how it is equipped to meet corporate security requirements. This document is not intended to recommend how to configure MOSS, nor does it try to answer why an organization should use MOSS. ... Continue reading »

8 comments

  • Good article Mauro and Nicholas !
    Provides a solid base from which to work...
  • Mauro good article and for what its worth I really liked that book you co-authored. On the topic of SharePoint security, readers may be interested in a little experiment I performed the other day and posted about here:

    http://www.cleverworkarounds.com/2008/07/22/usi...

    regards

    Paul
  • Good Article…! Coz, it’s giving clear overview about SharePoint Security Model…!
  • A really good article Mauro. Highlights the shear amount of user control that can be achieved, and conversely the complexity of supporting such security! *gulp*
  • Thanks Mauro, good stuff. I shared this with our consulting team.
    Brian
  • Useful, informative. Need more details about how other applications integrate their Enterprise Wide security model via with MOSS and whether macros/scripting can perioduically automate ADS User and/or User Group migrations. Can MOSS make these changes at near real time or dies it take an overnigth batch job or program? What are the typical problems you face if you use ibm Websphere instead of IIS? Is seamless integration preserved? If not allude to the solution/scope of the workaround. Thanks. You could include a Map/Logical Matrix with some notes of Specific BI Tools against compatability with MOSS ADS.
  • "Likewise, if a user only has read access to a particular document and the user opens a link to that document from a search results page, that user will be unable to edit that document."
    Though this statement is corret but to fully clarify no mater what rights you have to a file you are unable to edit a document after you search for it.
  • MOSS in my opinion does NOT have a sufficient security model, for instance, what do you do if you want creators of a document by default to have control over their own document in a document library as well as anyone they assign to have edit rights.

    What do you do to restrict specific contributors from having the ability to create folders for instance, and how do you remove the option to create folders from the 'new" menu for those users? Custom development of "best fit" type modifications to SharePoint's default workings are required. These customizations are often times dificult to build and maintain.

    To say the SharePoint can meet complex security requirements is simply not true. SharePoint security is not granular enough, and it is dificult to extend to incorporate anything outside the default functionality.

    I read this article and I laughed... clear and blatant propaganda. It detracts from the real challenges that people in the real world have configuring SharePoint security in an enterprise environment. It is not a accurate or realistic representation of the facts.

Add New Comment

Returning? Login