I've got a SharePoint application and I'm sad to say that in my SharePoint-induced excitement, I ignored a lot of the security concerns I should have been paying more attention to. Though we didn't before, now we actually need granular security, so I need to get educated. I'm mostly interested in how to best create groups and add users to those groups. We have a single main site collection and a couple dozen subsites under that collection. How can I best create a granular security world where I can independently assign rights to each of these subsites?

Question author Chris-farmer | Source



To have permissions vary at the "sub site" level which is the SPWeb object in object model terms you need to enable unique permission for the site.

A good article outlining the permission hierarchy in SharePoint 2007 can be found on the office web site About controlling access to sites and site content

In my experience if you are able to use permission inheritance over granular security it's much less hassle to manage.

Breaking site permission inheritance

  • Click "People and groups"
  • Click "Site permissions"
  • From the actions menu in the list click "Edit Permissions"

http://blog.richfinn.net/content/binary/WindowsLiveWriter/InstallandConfiguretheCommunityKitforSha_E660/image_3.png http://blog.richfinn.net/content/binary/WindowsLiveWriter/InstallandConfiguretheCommunityKitforSha_E660/image_3.png

Other references

Answer author Edward-wilde

Ask about this question here!