Politika Web Applikazzjoni, Siti ta 'sigurtà u s-Sigurtà Tirqim — Know konfigurazzjoni tiegħek

4 tweġibiet

(UPDATED 11/29 biex jispjegaw kif jaċċessaw settings web politika applikazzjoni permezz tal-UI)

I had one of those "why is MOSS doing this to me????" moments today. Fl-aħħar, dan kollu tort tiegħi.

We have an enterprise MOSS project going on and we want to secure "place holder" sites so that no user may access it or see it. That’s easy:

  1. Mur għall-sit.
  2. Kisser il-wirt sigurtà.
  3. Neħħi kull utent / grupp minn permessi sit.

Ta 'hawn fuq għandhom iħallu biss l-amministratur ġbir sit bil-permess biex tara d-sit.

Jekk xi ħadd ieħor zkuk fil, dawn ma kellhomx jibqgħu ara s-sit u għandu jkun sigurtà mirqum mill-postijiet kollha tas-soltu.

Iżda … ma kienx. Fl-istess ħin, I suddenly realize that my "Joe User" standard user test account with no priv’s other than restricted read access has a "Site Actions" choice everywhere he goes. I double check one thing and double check something else. I pick up the phone to call a colleague, but put it down and check something else. I go for a walk and try everything all over again. I call a colleague and leave a message. And then, finalment, I isibu li fi Blog Ethan tal, his opening graph makes it quite simple:

MOSS 2007 għandha karatteristika ġdida msejħa Politiki applikazzjoni tal-web. Dawn huma permessi sigurtà li hija marbuta ma 'Web Applikazzjoni. Dawn is-settings tas-sigurtà jwarrab kwalunkwe ambjent ta 'sigurtà li huwa stabbilit fil-Ġbir sit jew f'sit (Web) livell għal dak l-utent.

A quick visit to web application policies shows that "NT Authority\authenticated users" had been granted Full Read. I removed them from the list and everything finally started working as expected. I believe they were added in the first place by someone with the mistaken impression that that is best method to grant read access to everyone in the enterprise. It does, iżda, li strain kwotazzjoni, "It does not mean what you think it means."

Access web application policies this way:

  1. Mur Amministrazzjoni Ċentrali
  2. Agħżel Applikazzjoni ta 'Ġestjoni
  3. Select "Policy for Web Application"
  4. Fuq dik screen, make sure you pick the correct web application. Għalija, huwa defaults għall-applikazzjoni tal-web ta 'admin ċentrali li ma jistax ikun l-waħda tixtieq.

Meta kelli din il-problema, I mfittxija għall-frażijiet li ġejjin u ltqajna ftit sorprendenti f'termini ta 'għajnuna diretta fuq din il-kwistjoni:

Azzjonijiet sit viżibbli għall-utenti kollha

Azzjonijiet sit viżibbli għall-utenti kollha

azzjonijiet sit mhumiex sigurtà mirquma

jiżgura sit MOSS

introduzzjoni għas-sigurtà ħażiż

4 ħsibijiet dwar "Politika Web Applikazzjoni, Siti ta 'sigurtà u s-Sigurtà Tirqim — Know konfigurazzjoni tiegħek

  1. Perry

    Nara "NT
    AWTORITÀ SERVICE LOKALI    " mogħtija Aqra Full fuq diversi Applikazzjonijiet Web eżistenti fuq diversi servers MOSS, anki jekk servizzi kollha u Pools Applikazzjoni kienu konfigurati waqt l-istallazzjoni jiddekorri bħala kontijiet speċifikati ta 'dominju. Li tinstema jista 'jkun bug x'imkien?

    Irrispondi
  2. Miguel
    Dik iffissata problema tiegħi… Grazzi!
    But probably it’s better to change the rights user to "Deny to all – Ebda aċċess" minflok tħassar mil-lista. Li tipproduċi l-istess effett, iżda huwa aktar faċli li jagħtu lura d-drittijiet lill-utenti biss fil-każ ta 'problemi
    Irrispondi
  3. Nathalie Gosdinski
    Grazzi għall-istazzjonar dan! As you said, hemm mhux ħafna ta 'informazzjoni dwar din il-kwistjoni. Dik iffissata problema tiegħi… Grazzi!
    Irrispondi
  4. RichRockwell kiteb:
    I kellhom l-istess problema, and this fixed it. I had seen NT Authority\authenticated users in my web app policy, but thought it was supposed to be there because I didn’t put it there. Removing it fixed the problem.
    Grazzi
    Irrispondi

Ħalli Irrispondi

Your email address mhux se jkun ippubblikat. Meħtieġa oqsma huma mmarkati *