Mtandao Maombi Sera, Usalama Sites na Usalama trimming — Kujua Configuration yako

4 majibu

(UPPDATERADE 11/29 kueleza jinsi ya kupata mtandao mipangilio ya sera ya maombi kupitia UI)

I had one of those "why is MOSS doing this to me????" moments today. Katika mwisho, ni kosa wangu wote.

We have an enterprise MOSS project going on and we want to secure "place holder" sites so that no user may access it or see it. That’s easy:

  1. Kwenda kwenye tovuti.
  2. Kuvunja urithi usalama.
  3. Kuondoa kila mtumiaji / kikundi kutoka ruhusa tovuti.

juu tuache tu mkusanyiko tovuti msimamizi na ruhusa ya kuona tovuti.

Kama mtu mwingine yeyote katika kumbukumbu, wanapaswa tena kuona tovuti na ni lazima kuwa na usalama-trimmed kutoka maeneo yote ya kawaida.

Lakini … haikuwa. Wakati huo huo, I suddenly realize that my "Joe User" standard user test account with no priv’s other than restricted read access has a "Site Actions" choice everywhere he goes. I double check one thing and double check something else. I pick up the phone to call a colleague, but put it down and check something else. I go for a walk and try everything all over again. I call a colleague and leave a message. And then, hatimaye, Mimi sioni kwamba katika Ethan ya blog, his opening graph makes it quite simple:

Moss 2007 ina kipengele mpya iitwayo Mtandao Maombi Sera. Hizi ni usalama ruhusa kwamba amefungwa kwa Maombi Mtandao. Mazingira ya usalama haya override mazingira yoyote usalama kwamba ni kuweka katika Ukusanyaji Site au Site (Mtandao) ngazi kwa mtumiaji.

A quick visit to web application policies shows that "NT Authority\authenticated users" had been granted Full Read. I removed them from the list and everything finally started working as expected. I believe they were added in the first place by someone with the mistaken impression that that is best method to grant read access to everyone in the enterprise. It does, lakini, na mnachuja quote, "It does not mean what you think it means."

Access web application policies this way:

  1. Kwenda Kati Tawala
  2. Kuchagua Maombi Management
  3. Select "Policy for Web Application"
  4. Juu ya screen kwamba, make sure you pick the correct web application. Kwa ajili yangu, ni defaults na maombi ya mtandao wa admin ya kati ambayo inaweza kuwa moja unataka.

Wakati nilikuwa na tatizo hili, I searched kwa maneno yafuatayo na got kushangaza kidogo katika suala la msaada wa moja kwa moja juu ya suala hili:

Tovuti vitendo inayoonekana kwa watumiaji wote

Tovuti vitendo inayoonekana kwa watumiaji wote

vitendo tovuti si usalama trimmed

kupata tovuti MOSS

utangulizi wa moss usalama

Tags technorati:

4 mawazo juu ya "Mtandao Maombi Sera, Usalama Sites na Usalama trimming — Kujua Configuration yako

  1. Perry

    Mimi naona "NT
    MAMLAKA LOCAL SERVICE    " nafasi Kamili Soma juu ya Maombi kadhaa zilizopo Web kwenye seva kadhaa MOSS, ingawa huduma zote na Mabwawa Maombi walikuwa kimeundwa wakati wa ufungaji wa kukimbia kama akaunti maalum uwanja. Kwamba inaonekana kama inaweza kuwa mahali fulani mdudu?

    Kujibu
  2. Miguel
    Kwamba fasta tatizo langu… Shukrani!
    But probably it’s better to change the rights user to "Deny to all – Hakuna upatikanaji" badala ya kufuta kutoka orodha. Kwamba inazalisha athari sawa lakini ni rahisi kutoa nyuma haki za watumiaji wa haki katika kesi ya matatizo
    Kujibu
  3. Nathalie Gosdinski
    Shukrani kwa ajili ya posting hii! As you said, kuna si mengi ya habari juu ya suala hili. Kwamba fasta tatizo langu… Shukrani!
    Kujibu
  4. RichRockwell aliandika:
    Mimi nilikuwa na tatizo moja, and this fixed it. I had seen NT Authority\authenticated users in my web app policy, but thought it was supposed to be there because I didn’t put it there. Removing it fixed the problem.
    Shukrani
    Kujibu

Kuondoka Jibu kwa RichRockwell aliandika: kufuta reply

Anwani yako si kuchapishwa. Mashamba required ni alama *