In 'n teken dat sosiale rekenaar is besig om af te neem met SharePoint, I see an increased number of My Site type questions. One common question goes something like this:
"I am an administrator and I need to be able to access every My Site. How do I do that?"
The trick here is that each My Site is its own site collection. SharePoint security is normally administered at the site collection level and this trips up many a SharePoint administrator. Gewoonlik, she already has access to configure security in the "main" webwerf versamelings en mag nie besef dat dit nie outomaties werk vir My Sites.
Webwerf versamelings gesamentlik leef in 'n groter houer, which is the web application. Farm admins can can configure security at the web app level and this is how admins can grant themselves access to any site collection in the web application. This blog entry describes one of my personal experiences with web application policies. I defined a web application policy by accident: http://paulgalvin.spaces.live.com/Blog/cns!1CC1EDB3DAA9B8AA!255.entry.
Web application policies can be dangerous and I suggest that they be used sparingly. If I were an admin (en dankie tog ek is nie), I would create a separate AD account named something like "SharePoint Web App Administrator" and give that one account the web application security role it needs. I would not configure this kind of thing for the regular farm admin or individual site collection admins. It will tend to hide potential problems because the web app role overrides any lower level security settings.
</einde>
Volg my op Twitter http://www.twitter.com/pagalvin