Say that i have an active directory group called "Group1". I add this Group1 to a SharePoint site ( People and Group >> New User).
All the users that are part of Group1 can now access sharepoint site.
Now,for a specific custom webpart, i need to target to only users who belong to Group1. But when a user who belongs to Group1 logs into the sharepoint site, i am not finding a way to determine from within SharePoint context if this user belongs to Group1. Any thoughts?
Thanks,
Faiz
Use the following code to check if the current user is in the given security group:
WindowsIdentity wi = WindowsIdentity.GetCurrent();
WindowsPrincipal wp = new WindowsPrincipal(wi);
wp.IsInRole("Group1");
Related
I have created two groups in SharePoint Online
The following groups are:
Finance Group
HR Group
Added two users under Finance Group, they are like following:
a. John
b. Joe
Also added two users under HR Group, they are like following:
a. Margaret
b. Janet
Admin has created created a folder called Photos, I want the folder to be disabled for a Group/user(i.e the photos folder should not shown for a Group I chose (e.g Finance Group) or for a User (e.g John))
Is there a way in SharePoint Online to restrict read access for a User/Group?
Your best way to do this would be to use target audiences for your subfolder.
Within your library settings, go to audience targeting settings and enable audience targeting.
Navigate to your subfolder, open the subfolder, and edit the page, it will then appear similarly to a webpart.
Within the edit webpart dialog on the right, navigate to advanced and the last field is audience targeting.
You may need to make a new permissions group if using a group of people or simply select an individual person.
That's it.
I have a SharePoint group called SiteCollection Visitors. In the Active Directory i have 3 nested AD Groups:
The AD group ADGroup_L1 has the member ADGroup_L1_L2 has the member ADGroup_L1_L2_L3.
In the AD group ADGroup_L1_L2_L3 i have a user called Adam. Also this AD group is added to the SharePoint group SiteCollection Visitors.
Now i want to check programmatically from my SharePoint solution, if the user Adam, which is currently logged on to the SharePoint system, is member of the SP Group SiteCollection Visitors. He is not directly added to the group only through the nested ADGroup called ADGroup_L1_L2_L3. Is this possible in the SP Object Model?
You can check to find the AD Group through SharePoint Object model.
And then loop over the AD group to find if user belong to the AD group.
I am not an expert with SharePoint and couldn't figure out if this questions has been answered already in SO. So, please redirect as necessary. Thanks!
Customer has a sharepoint farm (syncs with AD) which is a purely OOB implementation and no custom code. That said, the question is - if a user was updated in AD (a property of the user), can the user's permissions on the existing site collection, be modified/reset automatically without manual intervention?
Let's say if
1) User belongs to BusinessGroup "Group1" (AD) and the user has "Full
Control" to SharePoint site collection "Group1-SiteColl".
2) User's BusinessGroup is now changed to "Group2" in AD.
In this scenario, the user permissions on "Group1-SiteColl" should be reset to "ViewOnly" (or something of that sort) and the user should be given "FullControl" permission to the new SiteCollection "Group2-SiteColl"
How can this be achieved (automated, no manual intervention) without deploying any custom code. With PS or OOB workflows?
Any help is appreciated.
You can set permissions only for users or groups (both SharePoint and AD). Based on AD properties you can define audiences to hide or display some parts (typically webparts) in SharePoint UI. But this is not equal to permissions!
I created a group of users in the SharePoint subsite, i.e. pressed Create Group button on a ribbon of this particular subsite Permissions page. Nevertheless I see this group in the list of groups in my parent site.
Does this mean that all SharePoint groups are stored on the site collection level? Meaning that all groups are relevant to any site in the collection?
If this is so, what were the reasons for this design?
Yes, you can access all groups from the main site and any website in the collection. And I guess the reason is to give you the ability to use any group in any website under your collection.
I have a SharePoint site which contains a root site and site collection in it. Now there are some sites that inherits permissions from their parent site and some site has their own permission module. Now a user from owner group of root site browses site collection but there are few site which doesn't allow user to view the content of it.
Now what I want is general recommendation on when creating a new site in SharePoint what is best possible approach to set site permission.
In what case we can inherits permissions from parent site..?
In what case we can we us unique permission for a site..?
If a site has unique permission set then is it possible to creat a group at root level which has access to all site collection irrespective of site permission model?
I want a general recommendation based on above scenario.
Any help will be appriciable.
Thanks
Sachin
In many cases we can't inherit permission in all subsites/ lists. And if we are not inheriting it we can't create a new group which have same permission in all sites/lists. But we can overcome it with the following way.
Create some common permission group with deferent permission level. And create site with inheriting permission and remove user groups from new sites except the common group.
If a new user wants access in all sites/ list you can add this user in appropriate common group.