Okay let me explain what I mean here.
You have a site collection. You have 3 groups there -
- IT - the control all, overloaded people. Bottleneck as usual.
- Power users for Department X = GROUP A
- Users of Department X = GROUP B
Now, IT wants to reduce it's workload, and wants to:
a) Allow Group A to manage users of Group B
b) Not allow Group A to manage security anywhere else.
c) Allow IT itself to manage security wherever the hell they please.
How would you do it? Well, here is how.
- Create a custom security permission level, remove the "Manage Users" and "Create Groups" permissions. (How to create custom security permissions?)
- Create a SharePoint group called Group A, give it the security permission level you setup in #1.
- Create a second SharePoint Group called Group B - and specify it's owner as Group A. This works since both SPGroup and SPUser inherit from SPPrincipal, which inherits from SPMember. And SPGroup.Owner is of type SPMember.
Thats it !! ;-). now Group A can manage Group B, but nothing else.
w00t!
On
10/19/2007 2:18:15 PM
Becky Isserman
said ..
We're actually going to have a meeting here about security permissions. I guess some random people decided they wanted to call me and ask for special permissions to lock out deleting items in a calendar. There really is no policy in place and we need to figure out who can decide security permissions.
Can I ask you more information about the data plan for the iphone? Maybe drop me an e-mail sometime?
|
