MOSS Permissions Ignored?

by Andy on August 20th, 2008

While trawling the SUGUK site (http://suguk.org/) I came across a post (http://suguk.org/forums/ShowThread.aspx?PostID=13192#13192) that triggered my memory about an issue someone once had a while ago, with MOSS permissions being ignored (this isn’t the case for the aforementioned SUGUK post). Basically what had happened is the Admin had allowed all domain users (e.g. Domain\Domain Users) ‘Full Control’ in the ‘Policy for Web Application’ (Central Administration > Application Management > Policy for Web Application).

This now allowed all users of the domain to access everything in the new Corporate Portal, overriding the security settings within the Portal. Perhaps this is worth checking before you go LIVE? Also check that you’ve not assigned ‘Full Read’ either for the above example.

If nothing else it’s a good check to make sure you’ve not left anything behind from testing (but you’d know this already because you audit all of your changes, don’t you?!!!)

Tweet This Post