By Infusion Development Corporation
Book Price: $14.95 USD
£9.95 GBP
PDF Price: $11.99

Cover | Table of Contents | Colophon

Table of Contents

Chapter 1: Working with Sites and Workspaces

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

To understand the power of Windows SharePoint Services, you must first understand how SharePoint sites organize and access content. A SharePoint site is a web site that creates the base structure for everything you do with Windows SharePoint Services. SharePoint sites provide you with the ability to collaborate on documents, facilitate a meeting, and organize your team's content and ideas.

In this chapter, you will learn about:

• The types of sites SharePoint supports
• How to access, browse, and search a SharePoint site
• How to create and edit a SharePoint site
• How to personalize a SharePoint site

After reading this chapter, you should have a strong understanding of managing and working with SharePoint sites.

Windows SharePoint Services gives you the ability to create sites for both internal and external use. Within the context of Windows SharePoint Services, a site can be either a team site or a workspace. Team sites provide users with a place where they can collaborate on projects. Workspaces are designed to facilitate more specific tasks, such as reviewing documents or planning a meeting.

A basic SharePoint site is known as a team site. When you install SharePoint, a default top-level team site is automatically created. This first team site provides you with a starting point for creating additional team sites or workspaces.

A basic team site incorporates many individual collaboration tools, or Web Parts, including:

Lists

Lists form the heart of a SharePoint site and can be used for many things, from storing documents to creating alerts to creating discussions and surveys.

Document libraries

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Types of SharePoint Sites

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

Windows SharePoint Services gives you the ability to create sites for both internal and external use. Within the context of Windows SharePoint Services, a site can be either a team site or a workspace. Team sites provide users with a place where they can collaborate on projects. Workspaces are designed to facilitate more specific tasks, such as reviewing documents or planning a meeting.

A basic SharePoint site is known as a team site. When you install SharePoint, a default top-level team site is automatically created. This first team site provides you with a starting point for creating additional team sites or workspaces.

A basic team site incorporates many individual collaboration tools, or Web Parts, including:

Lists

Lists form the heart of a SharePoint site and can be used for many things, from storing documents to creating alerts to creating discussions and surveys.

Document libraries

Document libraries let you store documents in a SharePoint site. You can apply access rights to grant or deny users access to specific document libraries. Also, you can use version control to document each change a user makes to a document.

Picture libraries

Picture libraries allow you to store, manipulate, and control image files in many formats, including .bmp, .gif, and .jpg.

Discussions

A SharePoint discussion is a built-in message board that allows the team to discuss issues in an interactive way.

Surveys

A survey is an interactive form that allows team members to provide feedback in an organized fashion.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Working with SharePoint Sites

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

SharePoint Services helps you locate a site by providing navigation links, a search framework, and standardized site layouts. These features help increase the productivity of your team and other users by reducing the time spent trying to locate a site or master the details of a new site layout.

In order to work with a SharePoint site, you must first know how to get to it from a web browser. Without knowing its direct link, finding the site can be challenging. SharePoint solves this problem by providing a page that lists all available sites.

Once your system administrator installs SharePoint, he will provide you a URL that points to the SharePoint home page. If you do not know this URL, ask your SharePoint administrator to provide you with the appropriate link.

From the Manage Sites and Workspaces page, you can access:

• Team sites
• Document workspaces
• Meeting workspaces

To access this page:

1. Go to the SharePoint home page and click Documents on the Quick Launch menu or Documents and Lists on the top menu bar.
2. Click the Sites link on the lefthand menu under the See Also section.
   If you want to locate a document workspace or meeting workspace, you can click on the associated links in the same section.
3. The current view displays the team sites you can access. If you want to view the document workspaces and meeting workspaces as well, click All under the section Select a View on the lefthand side. To filter just document workspaces or meeting workspaces, you can select the associated links on the lefthand side.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Creating Your Own Sites

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

Once a team site has been created for your company or group, you can create additional sites and workspaces. SharePoint places no restrictions on the number of sites you create; however, you may be limited by the quality of the hardware on which the site resides. Larger, more powerful computers with more memory can host more sites than smaller, less powerful machines.

When you create your own site, you will usually choose a site template that automatically generates a predefined layout. Once the site is in place, you can modify it by adding additional Web Parts, rearranging its layout, or performing other customizations.

A site template provides a default structure and starting point for creating a team site. Some companies use a site template to ensure that a consistent style is maintained throughout all of its SharePoint sites. Even after a template is implemented, you can still make modifications to the site by adding additional Web Parts or by changing the site layout.

A SharePoint team site comes equipped with eight predefined templates. You can use any of these templates for your own site, or you can create a new site template for your own use. Windows SharePoint Services includes the following default site templates:

Team site

Includes both document libraries and lists teams can use to manage information.

Blank site

Using a web page editor, you can add SharePoint Services features to your site. This option leaves you with a blank site with no features on its home page.

Document workspace

Provides everything necessary for managing documents, including a document library, a task list, and a links Web Part.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Modifying a Site

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

Once you have created your own SharePoint site, you can modify it through its Site Settings page. The modifications you can make will depend on your permissions on the site. For example, if you are assigned to the web developer group, you will be able to make many different modifications. However, if you are assigned to the reader group, you won't be able to make any changes. For more information on permissions, see Chapter 4.

To modify a site, select the Site Settings link on the top menu bar of the site page, as shown in Figure 1-9.

Figure 1-9: A Site Settings page

The following options are available under the Customization section:

Change site title and description

To change the title and description of a site:

1. Select "Change site title and description."
2. Enter the title of the site in the Title text box and the description of the site in the Description text box.
3. Click OK.

Apply theme to site

Themes are special color packages that can drastically change the look and feel of a site. Themes are discussed in more detail in the Section 1.6. To apply a theme to a site:

1. Select "Apply theme to site."
2. Select a theme from the theme list box.
3. Click the Apply button.

Modify site content

To modify the content of a site:

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Creating Extra Pages

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

In addition to letting you modify a site you create, SharePoint also allows you to add pages to your team site. By creating additional pages, you can customize the design of pages in your team site. A basic page looks and acts like an HTML page; however, you can design it entirely within the SharePoint environment. Chapter 1 and Chapter 3 discuss how to create more complex pages that require the use of Web Parts.

To create an extra page:

1. Click on the Create link on the top menu bar.
2. Click on Basic Page under the Web Pages section.
3. Enter a name and select a save location for the new web page and click Create.
4. The Rich Text Editor dialog box appears. Use this form to design the page, adding tables, text, links, and other items.
5. Click the Save button.

You might, for instance, create a custom page containing a simple HTML table, such as the Web Part page shown in Figure 1-10.

Figure 1-10: A sample extra page

Note that the table shown in Figure 1-10 is coded in pure HTML. You can easily create such content using the Web Parts described in Chapter 2 and Chapter 3 of this book.

To view the page you created, navigate to the section you specified as its save location. For instance, if you saved the additional pages in the Linked Libraries section, you could access the page by:

1. Click on Documents and Lists from the top menu bar.
2. Select Linked Libraries under the Document Libraries section.
3. Click on the page you created.

Figure 1-11 shows an additional page in the Linked Libraries section of the team site.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Personalizing a Site

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

For a user, the layout and design of a site is just as important as the content. A user will want the ability to make the site his own by choosing a layout and styles that suit his personality. SharePoint supports personalization that allows users to:

• Modify a site
• Move Web Part locations
• Apply themes
• Add alerts

Some or all of these personalization features may be limited by the user's specific permission level within a specific site. For more information on permissions, see Chapter 4.

Through your personal view you can change the layout of Web Parts on a team site page. Whenever you view the page, you will see it displayed the way you have specified. Other users who view the page will either see their own personal view, or the default view.

SharePoint allows you to:

• Delete Web Parts
• Add new Web Parts
• Change the location of Web Parts on the screen

To modify the layout of a page:

1. Click on the link Modify My Page.
   If you belong to the web designer or administrator site group for the site, the link may say Modify Shared Page. Click on the link and select Personal View before selecting Modify My Page.
2. Select the option "Design this page" in the menu that appears. SharePoint changes the page to design mode.
3. Drag and drop Web Parts from one location to another to create your personal view. Remove Web Parts from the screen by clicking the X button.

Figure 1-12 shows a team site home page displayed in design mode. Notice that while in design mode, the main content is surrounded by two frames: Left and Right. You can move any Web Part from the Right side to the Left side by simply dragging and dropping.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Chapter 2: Basic Web Parts

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

Web Parts are the building blocks of a SharePoint Services site. Every Windows SharePoint Services site consists of one or more Web Parts. Individual Web Parts provide functionality ranging from document storage to complex data entry forms to discussion forums.

All the built-in Web Parts actually derive from the concept of a list. In the most basic sense, a list is a Web Part that displays a sequence of information. In the SharePoint world, the list concept covers everything from a list of hyperlinks to a discussion board. In every case, the end user views the list, adds information to the list, modifies information on the list, or removes items from the list. Because all the built-in Web Parts derive from this basic concept, the procedure for adding an issue to an issue Web Part are very similar to the procedure for adding a new document to a document library.

In this chapter, you will:

• Learn about the common features of all the built-in Web Parts
• Work with advanced, list-based Web Parts including issues lists, discussion boards, surveys, and custom lists
• Learn how to use library-based lists to control documents and pictures
• Explore advanced features of the built-in Web Parts, including access controls, custom views, and list templates

A Web Part is a modular and reusable component that can be placed into any SharePoint Services web page. A Web Part is generally composed of a Web Part description file (.dwp) and some external code that provides the functionality (a .NET assembly or .dll file). For most purposes, however, all you need to know is that a Web Part is a building block for a team site.

The Web Part description file is an XML file containing all the property names and settings for the Web Part. The description file also contains a reference to the Web Part assembly. In general, you will never have to look at or understand a DWP file unless you are developing your own custom Web Parts.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

What Is a Web Part?

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

A Web Part is a modular and reusable component that can be placed into any SharePoint Services web page. A Web Part is generally composed of a Web Part description file (.dwp) and some external code that provides the functionality (a .NET assembly or .dll file). For most purposes, however, all you need to know is that a Web Part is a building block for a team site.

The Web Part description file is an XML file containing all the property names and settings for the Web Part. The description file also contains a reference to the Web Part assembly. In general, you will never have to look at or understand a DWP file unless you are developing your own custom Web Parts.

Each Web Part is a special type of ASP.NET application. The Web Part code is compiled into a .NET assembly and stored in the Global Assembly Cache or the bin directory. Once again, unless you are developing your own custom Web Parts, you will never need to look at the code files for a Web Part.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Basic List Functions

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

A SharePoint Services list is a collection of information that can be shared by team members. All SharePoint sites include a set of built-in lists that can be filled with any required team information. You can also create custom lists based on existing list formats or those that follow your own formats.

In this section, you will:

• Learn about the types of SharePoint lists available to users
• Learn how to work with the features common to all SharePoint lists

SharePoint Services offers six simple list-based Web Parts, plus custom lists, discussion boards, and surveys. All of these Web Parts share similar functionality for adding, sorting, and removing items.

Section 2.2.1.1: Basic lists

The basic list Web Parts provide standard list functions. The primary differences between these Web Parts are the different columns that are displayed in the list, and how you add data to the list. The six basic list Web Parts are:

Links

A links list is a list of hyperlinks to web pages that are useful to site users. A site administrator might create a links list for standard resources needed by the team.

Announcements

An announcements list is designed as a place to post any team-related information (for example, notifying users of a new group member). Figure 2-1 shows an announcements list. All the basic lists share similar structure and layout.

Contacts

A contacts list contains the name, address, phone number, and email address of any people whom a user may need to contact during a project. One interesting feature of the contacts list is that it can be integrated with Microsoft Outlook. In other words, you can populate a contacts list by synchronizing it with your Outlook mailbox.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Advanced Web Parts

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

Once you understand the basic functions of a list-based Web Part, you can start to work with any of the built-in Web Parts. However, some of the more advanced Web Parts expose additional functions that are above and beyond the basic behavior of a list. In this section, you will learn about:

• Issues list
• Discussion boards
• Surveys
• Custom lists

Each of these Web Parts builds on the basic list parts by offering advanced features designed for the specific functions of the Web Part. For example, issues lists provide a special set of columns for tracking project-related issues. Similarly, surveys are designed to collect specific information from each user and present the results.

Finally, if none of the basic lists meets your needs, you can create your own lists by defining the columns, data types, and look and feel of the list.

Issues lists are designed to help you manage any outstanding problems on a project. You can assign issues to specific team members, prioritize issues, and track the progress of any issue on the project.

Each issues list displays a table with default columns specific to tracking issues in a project. Table 2-1 details the default columns of an issues list.

Table 2-1: Issues list columns

Column name	Functionality
Add related issue	Displays the Issue ID for any issues related to the specific issue.
Assigned To

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Library Web Parts

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

Quite often you will want to add a Web Part to share documents between the members of the site. The library Web Parts are enhanced lists specifically designed for storing, controlling, and maintaining various types of documents. A SharePoint Services library displays all the files stored in the library. The library also lists the properties for each file and provides a hyperlink to open the file. Using the library Web Parts, a site administrator can also implement version control on the items in the library. That is, an end user will have to specifically "check out" a document before editing it. When the editing is complete, the user can "check in" the document, incrementing the version number. Any user can see all the versions of the document and compare changes between versions.

In this section, you will learn about:

• The views associated with library Web Parts
• The specific features of a document library
• The specific features of a picture library
• Version control

Every library Web Part presents a home page view that includes the links necessary to work with the library and one of several views of the content in the library. From the library home page, you can:

• Add files and folders to the library
• Sort and filter files contained in the library
• Switch the library view
• Change the design of the library
• Create alerts so users are notified of any changes in the library or specific files within a library

When you add or remove files from the library, the associated hyperlinks are automatically updated.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Advanced Web Part Features

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

With all of the Web Parts described in this chapter, a site administrator can configure advanced features, including creating list templates, creating list views, and adjusting the security for accessing a Web Part.

When you create a list, you must select a list template that renders the content in a predetermined format. SharePoint Services includes several list templates. Any template can be customized and saved as a new template. Administrators can import new templates to the site and make the new templates available to all users.

By definition, a list template contains all the design information for a list. A template does not contain any security information or general list information. A list template also contains server information (URLs and user account names), so it is crucial that only trusted users are given access to the site list template gallery.

Section 2.5.1.1: Creating a list template

To create a list template, you must have "manage list" permissions. To save a list as a template:

1. Navigate to the list you want to save as a template.
2. Click "Modify settings and columns" on the Actions page.
3. Click "Save list as template" under the General Settings section of the Customize:<List_Name> page.
4. Type the filename in the File Name text field.
5. Type the title of the template in the Template Title text box.
6. Type a description for the template in the Template Description text field.
7. Select the "Include content" checkbox if you want to include the existing content.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Chapter 3: Extending Site Pages

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

SharePoint Services includes features that allow you to extend the functionality of a basic team site. SharePoint Services implements Web Parts to link to external web sites, system folders, or files, as well as allow users to configure how the content is displayed.

A rich text editor provided by SharePoint Services allows you to create HTML pages without having to write any HTML code. Users with no coding experience can easily add formatted web pages to the team site.

Web Parts in SharePoint Services can also communicate with each other. This powerful feature allows you to create a Web Part that provides the data for another Web Part on your team site without having to write intricate code.

You can also build complex Web Part pages that can display several unrelated pieces of information on one page. By displaying several Web Parts on one page, users no longer have to navigate to multiple pages or web sites to retrieve information.

In this chapter you will learn:

• How to link external content to your team site, including HTML pages, system folders, and files
• How to create static HTML pages without writing cumbersome HTML code
• The benefit of connecting Web Parts to allow your Web Parts to produce or consume information from other Web Parts
• The benefits of creating custom Web Parts that extend the functionality of the standard Web Parts offered by SharePoint Services

By the end of this chapter, you should understand the benefits and methods of linking external content to your SharePoint team sites.

Windows SharePoint Services includes Web Parts that allow you to link to external content such as documents, shared folders, and web sites that aren't part of the actual team site. By adding a Page Viewer Web Part to your team site, you can display external files, folders, or web sites to users in a transparent fashion. In other words, you can extend the reach of your team site in order to present content that is not under your direct control.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Linking to External Content

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

Windows SharePoint Services includes Web Parts that allow you to link to external content such as documents, shared folders, and web sites that aren't part of the actual team site. By adding a Page Viewer Web Part to your team site, you can display external files, folders, or web sites to users in a transparent fashion. In other words, you can extend the reach of your team site in order to present content that is not under your direct control.

A Page Viewer Web Part provides a window for displaying external content on a shared page. For example, you could link to a stock ticker, or an important spreadsheet that contains all product codes that users need to create invoices. In either case, the content is not under your direct control, so you can't simply add it to a standard Web Part. Figure 3-1 shows how you browse the Web Part list to add Web Parts to your team site.

Figure 3-1: Browsing the Web Part list

To add a Page Viewer Web Part:

1. Click on the "Modify Shared page" link in the top-right corner of the page.
2. Select Add Web Parts → Browse.
3. Select the Page Viewer Web Part from the list.
4. Select Left or Right from the Add to drop-down list to add your part to the lefthand or righthand side of the page.
5. Click OK.

SharePoint Services Web Parts support personalization. That is, each user can configure his view of a site. As the site designer, you can configure a Page Viewer Web Part in the Page Viewer Web Part configuration menu to allow a user to specify how the Web Part appears on the page. Many of the properties are style choices, but some options are worth noting.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Creating HTML Pages

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

From time to time, you may need to create a static web page on your team site. Although you could create the page externally and link to it with a Page Viewer Web Part, you can also take advantage of the built-in HTML features of SharePoint Services. You can create a page by adding text, pictures, and tables through your web browser without writing any HTML code. By default, all of the web pages you create are stored in the shared documents library.

To create an HTML page in SharePoint Services:

1. Click Create in the top menu bar located at the top of the page.
2. Click Basic Web Page to open up the New Basic Page form.

Figure 3-4 shows the New Basic Page, which is used to create new HTML pages for your team site:

1. Type a name for your web page in the Name text field. Note that your page is always given the extension .aspx even though the page only contains basic HTML.
2. If you want to overwrite an existing file with the same name, select the "Overwrite if file already exists?" checkbox.
3. Select where you want to save the web page from the Document Library drop-down list.
4. Click Create.

Figure 3-4: Create basic web page form

Figure 3-5 shows the Rich Text Editor - Web Page Dialog box that is launched after you click the Create button. You can use the Web Page Dialog box to create simple .aspx pages without writing tedious HTML code. You can add and format text, insert images, and create tables and lists just as you would in Microsoft Word.

Figure 3-5: Web Page Dialog box

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Sharing Information Between Web Parts

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

SharePoint Services Web Parts can communicate with other Web Parts. Web Parts can be connected and synchronized to each other and to external data sources. The SharePoint architecture supports connection interfaces that allow you to configure one Web Part to provide information and another to consume it.

For example, at your company's human resources team site, each employee's file might contain the scheduled dates for performance reviews. The Employee File document library would pass the scheduled dates to the announcement Web Part. The announcement list would automatically retrieve new review dates from the Employee File document library and update itself accordingly.

To provide information to a Web Part:

1. In the design mode of your team site, click on the down arrow of the Web Part that will provide the information (for example, the Employee File Web Part).
2. In the pop-up menu, select Connections → Provide Row To and select the Web Part that will consume the information.

Figure 3-6 shows how you can configure a Web Part to provide information to another Web Part without writing any configuration code.

Figure 3-6: Configuring the Employee File Web Part to provide information to the Announcements Web Part

The actual code that sends and receives events is beyond the scope of this book. However, you can work with your developers to create custom Web Parts that provide additional communication options within your Windows SharePoint Services sites.

The Employee File Web Part will now broadcast information to the announcements Web Part.

Not only do you have to establish the link from the provider Web Part (the Employee File) to the consuming Web Part (the announcements list), you also have to tell the consumer Web Part how to use the information. In this example, you want the announcements list to display a new row based on the data sent by the Employee File Web Part.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Custom Web Part Pages

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

Although you can combine individual Web Parts into a site, you may want to group individual Web Parts into a complex Web Part page. By implementing a Web Part page, you can display lists, charts, text, and images as a single Web Part component. Organizing related data and web pages eliminates the time and steps required for users to constantly access multiple web pages and data sources. For example, you can build a custom Web Part page that displays a customer's contact information, orders, and invoices. All three pieces of information will be grouped as a single Web Part control.

Web Part pages can be used to:

• Combine data from multiple data sources
• Report data (e.g., aggregate data or prioritized data)
• Access any external sites that users require in daily tasks
• Display updated schedules and meeting information

Any Web Parts that are available for you to add to your SharePoint Services team site are stored in Web Part galleries. Depending on how your site is configured, Web Parts can be stored in any of four galleries:

Site Web Part gallery

Any site-level Web Part made available by the server administrator is stored in the Site Web Part gallery.

Web Part Page gallery

Any Web Part that is available to a page, but not visible on a Web Part page is stored in the Web Part Page gallery. When a Web Part is closed (not deleted), they are still available to a user.

Online Web Part gallery

Microsoft created several Web Parts (for example, MSNBC stock tickers, weather, and news Web Parts) that are stored in the online Web Part gallery. Eventually, the Online Web Part gallery will include Web Parts created by other software vendors.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Chapter 4: Securing SharePoint Sites

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

Every SharePoint site needs security to ensure users are limited to performing just the tasks they ought to be performing. You would not want an unauthorized employee viewing the Human Resources files, nor would you want a nonemployee accessing certain corporate documents. Security policies dictate user access, user rights, and user permissions. Windows SharePoint Services incorporates a flexible and dynamic security model that allows administrators and users to control access to their pages with ease.

In this chapter, you will learn how Windows SharePoint Services authenticates users and grants permissions. This chapter provides detailed steps and overviews on:

• User and site group management
• Security architecture
• Assigning roles to objects and sites

Once you have completed this chapter, you should understand how to secure a SharePoint team site.

Users access SharePoint sites to add, view, edit, and delete content. To ensure users retrieve the appropriate content, Windows SharePoint Services provides you with a flexible security model. Whenever you work with security, you have to consider two separate but equally important processes:

Authentication

The process of authentication determines whether a user is who he says he is. Authentication generally involves comparing a username and password to a set of stored credentials. The credentials prove that the user accessing your site is a legitimate user.

Authorization

Once you have authenticated a user, the next step is to decide which resources the user can access. This process is known as authorization. In most cases, configuring authorization requires that a site administrator map a user to a permission set.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Users and Site Groups

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

Users access SharePoint sites to add, view, edit, and delete content. To ensure users retrieve the appropriate content, Windows SharePoint Services provides you with a flexible security model. Whenever you work with security, you have to consider two separate but equally important processes:

Authentication

The process of authentication determines whether a user is who he says he is. Authentication generally involves comparing a username and password to a set of stored credentials. The credentials prove that the user accessing your site is a legitimate user.

Authorization

Once you have authenticated a user, the next step is to decide which resources the user can access. This process is known as authorization. In most cases, configuring authorization requires that a site administrator map a user to a permission set.

Windows SharePoint Services supports authentication through easily configurable integration with Windows Server 2003, Active Directory, and Microsoft Internet Information Services (IIS). Authorization, on the other hand, requires that you create site groups (permission sets) linked to one or more users. A site group is assigned to a user when the user initially accesses the site. You can also change the site group a user belongs to through SharePoint's site settings. This process is outlined in Section 4.3 later in this chapter.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

User Management

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

Windows SharePoint Services simplifies user management by relying on IIS and Microsoft Windows Server 2003 to manage user accounts and authentication. Either Windows Server 2003 or Active Directory can be used to manage the user accounts; however, IIS is always used to manage user authentication.

Windows SharePoint Services provides two user administration modes:

• Domain account mode
• Active Directory account creation mode

When you or your administrator installs and configures Windows SharePoint Services on a department or company server, you choose the account mode to use in SharePoint. This is an important decision—once you select one mode, you cannot change back to the other mode without uninstalling and reinstalling Windows SharePoint Services. Further, SharePoint will not run in a mixed mode.

A default Windows SharePoint Services installation uses domain account mode. Domain account mode allows users with Windows Domain accounts access to your site. This account mode is best suited when you plan to use SharePoint internally on a Windows-based network where your systems administrator controls user creation.

If you plan to use SharePoint externally, choose Active Directory account creation mode. In Active Directory account creation mode, you can create users in the SharePoint central administration web site. SharePoint then adds the user to Active Directory after creation.

SharePoint limits which users can access a team site through authentication. Granting a user access to a site means the user passed authentication. Denying a user access to a site means the user failed authentication. Windows SharePoint Services uses IIS to control how a user is authenticated. IIS provides four authentication methods (in order of increasing security):

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Site Group Management

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

Site groups allow you to grant roles to users and groups. You can think of a site group as a set of permissions that restrict what tasks a user can and cannot perform within your SharePoint site. As a site administrator, you can create specific site groups for specific users and functions. Once you have your site group created, you can link it to either a specific user or a specific group.

SharePoint installs five default site groups that you can apply in most situations. Each of the default groups allows different permissions that are useful for different types of users. However, if the default groups do not suit your needs, you can also create custom groups.

Section 4.3.1.1: Guest

The guest site group provides the lowest possible permission level to users without denying site access. This group restricts users and user groups to read-only access. You should use this site group for default users and groups that are not assigned to a site group with greater access rights.

Section 4.3.1.2: Reader

The reader site group has more access than the guest site group. A reader has permission to:

• Read all content in the site.
• Create a new site using the "Self-Service Site Creation" option. Self-service site creation allows a user to create a new top-level site. When a user creates a new site, he becomes the administrator of that site but still maintains his existing site groups for other areas in SharePoint.

A user assigned to the reader site group cannot make modifications to content on the site. You assign this site group to users and groups who need access to content on the site but do not need to modify the content.

Section 4.3.1.3: Contributor

The contributor site group inherits the reader site group permissions, plus the ability to:

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Security Architecture

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter

In order to understand how site groups and user assignments work together to provide full security, you must understand the overall security architecture built into Web Parts and Windows SharePoint Services.

Windows SharePoint Services handles security in order of priority:

• Use object-level permissions, if they exist.
• Use site-level permissions if no object-level permissions exist.
• Use global-level permissions if no other permissions exist.

SharePoint assigns global permissions when a user enters SharePoint for the first time. Users receive site-level permissions when they access a site. Generally, a user who doesn't belong to the administrative group receives reader permissions when he accesses a SharePoint site.

The amount of site access a user requires depends on the tasks the user needs to perform. For example, if a user needs to add content to the team site, she requires the appropriate access rights to do so. To grant these permissions, you need to assign users to a site group to control site access.

Section 4.4.1.1: Controlling site access

Each site in SharePoint maintains its own permissions for users. You can manage user permissions through the Site Administration page on the team site. From this page, you can:

Manage users

Add and delete users and control a user's access to the site.

Manage site groups

Add, delete, and modify the permissions available to a site group.

Manage anonymous access

Enable or disable anonymous access and decide the default site group to which users should be assigned.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Chapter 5: Integrating with Office 2003

Content preview·Buy PDF of this chapter|Buy reprint rights for this chapter