Can anybody help me...
Is it possible to target audiences in SharePoint using FBA roles instead of using SharePoint groups?
Or is there an alternative solution available?
What you could do is create a SharePoint group per Role and add the Role to the group. that way the maintenance is minimum and you are still doing it the clean way by using sharepoint groups....
Related
I was wondering if is it possible to retrieve Office 365 directory information (i.e. security group membership) from SharePoint online programmatically (for example through a workflow custom action)?
By the way, I am not looking for retrieving Sharepoint group membership information.
I know the custom development is pretty limited with SharePoint online since the code has to run as a sandbox solution. Is there any web service or any another solution available?
I have been looking for information about this matter but I could not find anything so I guess there is no way to do this.
In our case there is an active directory synchronized with office 365. So we will use a powershell script to read data from AD and update a sharepoint list every day.
Then we will be able to use this data from custom code (like a workflow custom action).
We have a need to retreive all users if we know the group name in a SharePoint. We are planning to use the following MOSS out of the web service to retrieve the users from a group. If the group has nested sub groups, do you know how this web service behaves?
Also, does the user accessing the web service has to be a super user having permission to all SharePoint sites? Is this web service based on a site or a document library?
/_vti_bin/usergroup.asmx?op=GetUserCollectionFromGroup
Thanks.
In MOSS you cannot have SharePoint group inside another SharePoint group. You can only have AD groups or users inside a SharePoint group.
You only need to have Full Read permissions to the web application to retrieve this information. You can set this permission by using the stsadm utility.
stsadm.exe -o addpermissionpolicy -url http://myFQUrl -userlogin "domain\user" -permissionlevel "Full Read"
These tutorials may help:
http://blogs.sharepointace.com/post/Another-way-to-retrieve-SharePoint-List-Data-Use-built-in-functionality!.aspx
http://vspug.com/tonstegeman/2007/10/03/export-user-information-to-excel-using-quot-export-to-spreadsheet-quot-in-sharepoint-2007/
I am looking to have a SharePoint Extranet Portal setup for my "partner" clients. I want to make a site admin for each extranet site for each client. This admin would be able to add new users to the portal AND have that user be created in AD (Active Directory).
Has anyone done this or know of a good tool that would provide me that ability to do this?
I would suggest using ADAM (Acitve Directory Application Mode). This way you separate your own company users. Seeing as it's AD, you can keep your existing authentication provider.
See this tool (costs money though) for creating AD users.
Bamboo Solutions User Account Setup Web Part.
DO a Google search for SharePoint and ADAM for more information.
I found these articles on creating users into AD. You could use SmartPart and build your own web part and manage the security implications of this.
Here they are:
http://www.dotnetspider.com/resources/1242-Creating-New-User-Account-Active-Directory-usi.aspx
http://www.codeproject.com/KB/system/everythingInAD.aspx
Thanks!
I've been tasked with creating a SharePoint web part for our new web site. One of the things it needs to know is which AD groups the current user belongs to (each site user will belong to one or more special security groups within the domain.) Is there a part of the SharePoint API that exposes this information, or do I need to query AD directly?
I would just do an LDAP query directly. This is much simpler and the LDAP interface to Active Directory is well documented.
Check out these .NET namespaces.
System.DirectoryServices
System.DirectoryServices.AccountManagement
System.DirectoryServices.ActiveDirectory
Just need to use find a simple way to have AD authenticate as the login for a Sharepoint site. This fairly quick and simple to get going ?
Thanks!
For SharePoint 2007, see this article. You probably want to set it up to do Windows integrated authentication with NTLM. Getting authentication working is probably not too hard, getting your site setup the way you want with permissions/authorization working probably isn't. Depends on how complex your site is. I wasn't directly involved but I know that it took a few months to get our intranet up and bug free.
One recommendation that I would have is to use AD groups or SharePoint groups that contain AD groups rather than individuals to control access. It's much easier to clean up AD group membership when an individual leaves than to track down all the places where you've given them individual access (including membership in SharePoint groups).
You need your server to be part of the domain before installing SharePoint.
If you do that, the default configuration will be AD authentication.
Here is a decent discussion of SharePoint security links
http://blogs.msdn.com/joelo/archive/2007/06/29/sharepoint-groups-permissions-site-security-and-depreciated-site-groups.aspx
Essentially, you will either need to add users to the appropriate SharePoint group. The defaults for a site are generally xxx_Visitor, xxx_Members and xxx_Owners, with each group having increasing security rights.
You can either add an AD domain to these groups or else add individual AD users