What is sharepoint web application user policy and permission policy level ? This is what exactly i will try to share in this post step by step. We can manage permissions like allow or deny/restrict for specific user or group directly from the sharepoint web application. User or group permission in sharepoint site collections or sites created under same web application can be restricted irrespective of the permission assigned to them at site level by creating permission policy for that web application.
There are 4 user permission policy level available as default which are “Full Control”, “Full Read”, “Deny Write”,”Deny All”.
we can manage permission policy levels like “Add Permission Policy Level”, “Edit Permission Policy Level”, “Delete Permission Policy Level”,”Add Users to Permission Policy Level”, “Delete Users from Permission Policy Level”, “Delete Users from Permission Policy Level”.
Add Permission Policy Level
Let’s discuss about, how to create custom permission policy level related to sharepoint web application user policy apart from the default user permission policy levels. user policy and permission policy level creation step by step procedure described below.
- Open SharePoint Central Administration. Click on Application management and select Manage Web Applications.
- Select one web application for which user permission policy level will be created and click on “Permission Policy”.
- Dialog box “Manage permission Policy level” will open. You will find different options like “Add Permission Policy Level”,”Delete Selected Permission Policy Level”,”4 default Permission Policy Level”.
- Click on “Add Permission Policy Level”, will open a dialog box with fields and check boxes. Enter “Name” and “Description” of permission policy level. Select “Site Collection Permissions” check boxes and proceed towards selection of each permission required for that permission policy level.
- Select the check box “Deny” to prevent that permission and “Grant” to allow permission in the categories like “List Permissions”, “Site Permissions”, “Personal Permissions”. Once selection complete, click on “Save”.
Below are the options under “List Permissions”, you can choose to “Grant” or “Deny” in permission policy level.
| Manage Lists | Create and delete lists, add or remove columns in a list, and add or remove public views of a list. |
| Override List Behaviors | Discard or check in a document which is checked out to another user, and change or override settings which allow users to read/edit only their own items |
| Add Items | Add items to lists and add documents to document libraries. |
| Edit Items | Edit items in lists, edit documents in document libraries, and customize Web Part Pages in document libraries. |
| Delete Items | Delete items from a list and documents from a document library |
| View Items | View items in lists and documents in document libraries. |
| Approve Items | Approve a minor version of a list item or document |
| Open Items | View the source of documents with server-side file handlers |
| View Versions | View past versions of a list item or document. |
| Delete Versions | Delete past versions of a list item or document. |
| Create Alerts | Create alerts |
| View Application Pages | View forms, views, and application pages. Enumerate lists |
- Below are the options under “Site Permissions”, you can choose to “Grant” or “Deny” in permission policy level.
| Manage Permissions | Create and change permission levels on the Web site and assign permissions to users and groups. |
| View Web Analytics Data | View reports on Web site usage. |
| Create Subsites | Create subsites such as team sites, Meeting Workspace sites, and Document Workspace sites. |
| Manage Web Site | Grants the ability to perform all administration tasks for the Web site as well as manage content. |
| Add and Customize Pages | Add, change, or delete HTML pages or Web Part Pages, and edit the Web site using a Microsoft SharePoint Foundation-compatible editor. |
| Apply Themes and Borders | Apply a theme or borders to the entire Web site. |
| Apply Style Sheets | Apply a style sheet (.CSS file) to the Web site. |
| Create Groups | Create a group of users that can be used anywhere within the site collection. |
| Browse Directories | Enumerate files and folders in a Web site using SharePoint Designer and Web DAV interfaces |
| Use Self-Service Site Creation | Create a Web site using Self-Service Site Creation |
| View Pages | View pages in a Web site. |
| Enumerate Permissions | Enumerate permissions on the Web site, list, folder, document, or list item. |
| Browse User Information | View information about users of the Web site. |
| Manage Alerts | Manage alerts for all users of the Web site. |
| Use Remote Interfaces | Use SOAP, Web DAV, the Client Object Model or SharePoint Designer interfaces to access the Web site. |
| Use Client Integration Features | Use features which launch client applications. Without this permission, users will have to work on documents locally and upload their changes. |
| Open | Allows users to open a Web site, list, or folder in order to access items inside that container |
| Edit Personal User Information | Allows a user to change his or her own user information, such as adding a picture |
- Below are the options under “Personal Permissions”, you can choose to “Grant” or “Deny” in permission policy level.
| Manage Personal Views | Create, change, and delete personal views of lists. |
| Add/Remove Personal Web Parts | Add or remove personal Web Parts on a Web Part Page. |
| Update Personal Web Parts | Update Web Parts to display personalized information. |
Delete Permission Policy level
User policy and permission policy level deletion step by step procedure described below.
- Open SharePoint Central Administration. Click on Application management and select Manage Web Applications.
- Select one web application and click on “Permission Policy”.
- Dialog box “Manage permission Policy level” will open, select the permission policy level you want to delete and click on “Delete Selected Permission Policy Level”.
- Confirmation dialog will open for confirmation in deleting that selected permission policy level, click “OK” and that will be removed.
Edit Permission Policy Level
User policy and permission policy level edit step by step procedure described below.
- Open SharePoint Central Administration. Click on Application management and select Manage Web Applications.
- Select the web application and click on “Permission Policy”.
- Dialog box “Manage permission Policy level” will open, click on the permission policy level that you want to edit (Ex. Deny All/Deny Write).
- Dialog box “Edit Permission Policy Level” will open where you can make changes by selecting or removing each permissions granted or denied for that Permission Policy Level.
Add user to user policy
Below step by steps preocedure describes, how to add users to permission policy level.
- Open SharePoint Central Administration. Click on Application management and select Manage Web Applications.
- Select the web application and click on “User Policy”.
- “Policy for Web Application” dialog box will open when you can find different options like “Add Users”.”Delete Selected Users”,”Edit Permissions of Selected Users”.
- Click on “Add Users”, you will get a dialog box where you need choose the zone for which that will be applicable. You can select “All Zones” or can apply for “Default” zone only and click “Next”.
- Enter “User Name or Group Name”, “Permission Policy Level” and click “Finish”.
Delete user from user policy
Below step by steps preocedure describes, how to delete user from permission policy level.
- Open SharePoint Central Administration. Click on Application management and select Manage Web Applications.
- Select the web application and click on “User Policy”.
- “Policy for Web Application” dialog box will open, Select the user you want to delete and click “Delete Selected Users”. Confirmation dialog box will open, click “OK” from that.
Edit User Policy
Below step by steps preocedure describes, how to edit user permission policy.
- Open SharePoint Central Administration. Click on Application management and select Manage Web Applications.
- Select the web application and click on “User Policy”.
- “Policy for Web Application” dialog box will open, Select the user you want to edit and click “Edit Permissions of Selected Users”.
- From next dialog box change the Permission Policy Level and click “Save”.
Categories: sharepoint policy, sharepoint server, web application
Leave a Reply