Search This Blog

Tuesday, February 17, 2015

How to create custom security levels on a SharePoint 2010 Site and apply it to users.

In this blog we will break the inheritance at the Site Level. At the moment we break inheritance, a copy of the permission levels set on the groups is made and at that exact instant nothing would be different, however everything we do from that moment on to the permissions on this site will flow down to any sites, lists, libraries below it.
Copy Existing Permissions 1
Copy-Existing-Permission custom security level on a SharePoint Site
From the top level site in our site collection I click Site Actions>Site Permissions.
Copy Existing Permission 2
Copy-Existing-Permission custom security level on a SharePoint Site -2.png
I click the Permission Levels icon in the Ribbon.
Copy Existing Permission 3
Copy-Existing-Permission custom security level on a SharePoint Site 3
Out of the box the members group has the contribute permission level applied to it. In this case, that is the closest permission level so I click on Contribute to get to its detail screen.
Copy Existing Permission 4
Copy-Existing-Permission custom security level on a SharePoint Site 4
I scroll to the bottom and click on Copy Permission Level. There are 33 possible checkboxes to set in an out of the Box SharePoint 2010 implementation.
Customize Settings
Customize Settings custom security level on a SharePoint Site
I give the new permission level the name 'contributeWithoutDelete' and uncheck the Delete Items check box. Some of the permissions have dependencies so when you uncheck one, others might automatically uncheck themselves. In this case that didn't happen but if it does that is expected behavior.
Save the new Level 1
Save the new level 1 custom security level on a SharePoint Site
I scroll down and click the create button.
Save the new Level 2
Save the new level 1 custom security level on a SharePoint Site
I am taken to the Permission Levels Page where I can verify that the new permission level 'contributeWithoutDelete' has been created and is ready for use. I now need to get to the target site.
Getting to the Target Site
Getting-To-The-Target-Sitec ustom security level on a SharePoint Site
From the top level site of our site collection I click the link to the Secured Site (I created the site earlier).
Break Inheritance 1
Break Inheritance 1 custom security level on a SharePoint Site
From the target site I click Site Actions> Site Permissions
Break Inheritance 2
Break Inheritance 1 custom security level on a SharePoint Site
I click Stop Inheriting Permissions. Notice the Ribbon saying that currently This Web site inherits permissions from its parent and presents a link to the permissions settings screen for the parent site.
Create a new SharePoint Group and apply the new Permission Level 1
Create-a-new-sharepoint-group-and-apply-the-new-permission level
I click the Create Group Icon in the Ribbon in order to create a new SharePoint Group.
Create a new SharePoint Group and apply the New Permission Level 2
Create-a-new-sharepoint-group-and-apply-the-new-permission level 2
I give the group a name and assign the newly created permission level 'contributeWithoutDelete' to it, then I click the Create button (not shown)
Add users to the Group 1
Add Users To The Group SharePoint 2010
I am taken to the secureMembers group membership page. In order to add members to the group I click on the New link and choose Add Users.
Add users to the Group 2
Add-Users To The Group 2 SharePoint 2010
In the Grant Permissions modal window I add an authenticated user to the group. I could have added an Active Directory Security Group and / or an Exchange Distribution list that is Security Enabled as well but in this case one user will do. I leave the checkbox to send a welcome message to the user and then click OK.
Add users to the Group 3
Add-Users To The Group 3 SharePoint 2010
I verify that the user has been added to the group.
Validate the change 1
Validate The Change custom security level on a SharePoint Site
Using the menu in the upper right of the window I choose Sign in As Different User.
Validate the change 2
Validate The Change 2 custom security level on a SharePoint Site
While signed in as the user who is in the new group with the new permission levels I click on the Document Library by clicking on the link in the Quick Launch Bar.
Validate the change 3
Validate The Change 3 custom security level on a SharePoint Site
I select one of the documents and notice that the Delete Document icon is greyed out in the Ribbon which verifies that I cannot delete a document so I know my changes have had the desired effect.

No comments:

Post a Comment