5.3. Managing Access to the Portal Site
You use almost, but not exactly, the same procedures to manage users in the portal site as in the WSS site. You can allow access to users and security groups in the Active Directory domain or the SharePoint server's local account database. Each user must be granted a permission level (directly or as a member of a SharePoint Group) in order to get access to any part of the portal site. Remember that the home site is the top-level site in the site collection that constitutes the portal site. Any permission settings for that top site will, by default, be inherited by all subsites, such as News, Reports, and Sites, and possibly by their subsites, if any.
5.3.1. Managing Users and Groups
When you create a new top site (and thus a new site collection), you must also define its primary site collection administrator. At that point this person (and you, as a SharePoint server administrator) is the only one with access to this site collection. To add users to the site, you follow the same steps as when adding users to a WSS site, as described in Chapter 3; be sure to read that chapter too, so you are sure how the permission system works for WSS 3.0 sites in SharePoint 2007. To add a user or an Active Directory group, you perform the steps in the following Try It Out. This can be done from any computer, as long as you have administrative rights on the top site.
Try It Out: Add Users to the Top Site