Microsoft Office Tutorials and References
In Depth Information
Web Part Security This button opens a Web Part Security settings box that contains the
same settings (Figure 11.11) as the Web Part Security page in the Security category, under the
General Security subcategory. Applied per web application, web part security can restrict
whether anyone can connect web parts (that includes administrators), use the online
gallery (which isn’t available for this version of SharePoint anyway), or add Content Editor or
XML Viewer web parts to their pages (because those web parts can hold and execute scripts).
In addition to the OK and Cancel buttons, there is also a Restore Defaults button. For more
details concerning web part security, check out the information under the web part security
setting in the General Security subcategory.
F IG U R E 11.11
The Security For
Web Part Pages
User Policy The User Policy button opens a Policy For Web Application box that lists the
user policies that are already set for the web application. Usually the farm account and, if you
have it configured, Search’s content access (index) account have policies here. The box lists
the zone the user policy is applied to, the display name and username of the user the policy
applies to, and the permission level for the user.
A user policy gives a user, users, or security group permissions to the web application as a
whole (or just by zone). This means that those users to whom the policy applies will have
those permissions to access (or be denied access to) any sites in the web application. It makes
sense, for example, for search to have full read rights to all content in a web application in
order to be able to index all the content in it, which is why it has a user policy with Full Read
permissions by default.
To add new users or security groups (and therefore create a new user policy), you can click
the Add Users link. To delete a user policy, just select it in the Policy For Web Application
box, and click Delete Selected Users. You can also edit the permissions of a user if you want
to give them more or fewer permissions. To use other permission levels than what are
available by default, you need to create new “permission policies.” Basically, anything applied