We have a need to retreive all users if we know the group name in a SharePoint. We are planning to use the following MOSS out of the web service to retrieve the users from a group. If the group has nested sub groups, do you know how this web service behaves?
Also, does the user accessing the web service has to be a super user having permission to all SharePoint sites? Is this web service based on a site or a document library?
/_vti_bin/usergroup.asmx?op=GetUserCollectionFromGroup
Thanks.
In MOSS you cannot have SharePoint group inside another SharePoint group. You can only have AD groups or users inside a SharePoint group.
You only need to have Full Read permissions to the web application to retrieve this information. You can set this permission by using the stsadm utility.
stsadm.exe -o addpermissionpolicy -url http://myFQUrl -userlogin "domain\user" -permissionlevel "Full Read"
These tutorials may help:
http://blogs.sharepointace.com/post/Another-way-to-retrieve-SharePoint-List-Data-Use-built-in-functionality!.aspx
http://vspug.com/tonstegeman/2007/10/03/export-user-information-to-excel-using-quot-export-to-spreadsheet-quot-in-sharepoint-2007/
Related
I am trying to create a role in SharePoint 2013 but I am unable to find any kind of option to create a new role. I don't want to create group. I know there is difference between role and group. I have created roles and groups using SharePoint 2013 client library code, but now I want to create role manually in SharePoint 2013.
I am not sure if I understand this correctly but I am suggesting you a few things:
Supposing that you have access to the site permissions, you could navigate to Site Settings -> Site permissions (under Users and Permissions). In the ribbon you find the Permission Levels button and once you click it you will go to a page where you can add new permission levels or maybe edit/delete the existing ones.
When you create/edit a permission level, you can choose what kind of permission that permission level will have, for instance, "Add/Delete Items Items" for list permissions or "Create sub-sites/groups"
I would refer you to this link Use SharePoint permission management to create various roles in an app for SharePoint
I am not an expert with SharePoint and couldn't figure out if this questions has been answered already in SO. So, please redirect as necessary. Thanks!
Customer has a sharepoint farm (syncs with AD) which is a purely OOB implementation and no custom code. That said, the question is - if a user was updated in AD (a property of the user), can the user's permissions on the existing site collection, be modified/reset automatically without manual intervention?
Let's say if
1) User belongs to BusinessGroup "Group1" (AD) and the user has "Full
Control" to SharePoint site collection "Group1-SiteColl".
2) User's BusinessGroup is now changed to "Group2" in AD.
In this scenario, the user permissions on "Group1-SiteColl" should be reset to "ViewOnly" (or something of that sort) and the user should be given "FullControl" permission to the new SiteCollection "Group2-SiteColl"
How can this be achieved (automated, no manual intervention) without deploying any custom code. With PS or OOB workflows?
Any help is appreciated.
You can set permissions only for users or groups (both SharePoint and AD). Based on AD properties you can define audiences to hide or display some parts (typically webparts) in SharePoint UI. But this is not equal to permissions!
I am able to get the Permissions associated with a List or a Site using Permissions.GetPermissionCollection (ObjectName, ObjectType). The ObjectType parameter will accept either a Site or a List. Is there any way with the out-of-the-box webservices to get the Permissions associated with a ListItem?
I mean if I have NOT inherited the List permissions and have specified a set of specific permissions to a List Item or a document in a document Library then how can I get the permissions specified?
The answer is the same as for documents. See the question Permission for a SharePoint document using MOSS web services.
You cannot with the out-of-the-box web services but there is a custom web service available for free download and source code.
Can anybody help me...
Is it possible to target audiences in SharePoint using FBA roles instead of using SharePoint groups?
Or is there an alternative solution available?
What you could do is create a SharePoint group per Role and add the Role to the group. that way the maintenance is minimum and you are still doing it the clean way by using sharepoint groups....
I've been tasked with creating a SharePoint web part for our new web site. One of the things it needs to know is which AD groups the current user belongs to (each site user will belong to one or more special security groups within the domain.) Is there a part of the SharePoint API that exposes this information, or do I need to query AD directly?
I would just do an LDAP query directly. This is much simpler and the LDAP interface to Active Directory is well documented.
Check out these .NET namespaces.
System.DirectoryServices
System.DirectoryServices.AccountManagement
System.DirectoryServices.ActiveDirectory