Dave's Technophorical Times

A blog about Microsoft's Technologies!
SharePoint :: MVC :: ASP.NET :: IIS :: SQL Server :: Visual Studio :: MS Access

Setting up Anonymous Access in WSS is a TWO step process! If you want to undo the 2 step process then you MUST follow the 2 steps in reverse order, otherwise you will find yourself with a site that allows any Domain User read access, which will result in frustration. I recently fell into this trap so I wanted to share this with fellow bloggers and those who seek the answers when they're in a jam, like I was. This is the reason why I have started to blog again, since I could not find the answer to this issue on the web.

STEP ONE: Switch ON Anonymous Access via Central Admin so that you can actually see the Anonymous Access Menu option in Site Settings -> Site Permissions in the site itself. To do this you need to navigate to Central Administration -> Application Management -> Authentication Providers (Default) -> Edit Authentication and swith ON Anonymous Access by checking the box.

STEP TWO: Then go into to the Anonymous Access Menu option in Site Settings -> Site Permissions Menu option and set it to "Entire Site". By Default this will be set to "Nothing".

Close the Browser and launch the site again. You will now be able to see the site and it's content with a "Log In" to the top right, which is for Admins or Contributers. Now, let's say that you want to stop sharing your site and force users to login, hence not allowing unauthenticated users seeing the site content. This is where it caught me out! Initially, I did not set-up the Anonymous Access and never knew about the TWO step process, so I simply went into Central Admin and switched Anonymous Access OFF. This caused so much pain as doing this hides the Anonymous Access Menu option as mentioned above. I could not understand why anyone and everyone in Active Directory could log into the site and view the content. This was the case even if you have WSS on a Domain Controller or not, which is something I tested once I discovered the issue.

I only discovered the issue when I added a 2nd Sub-Site only to see that ANY user could see that site too, even if I stopped inheriting permissions from the parent site!!

So, to make sure your site is fully secure again you must do the following.

STEP ONE: Go into to the Anonymous Access Menu option in Site Settings -> Site Permissions Menu option and set it to "Nothing".

STEP TWO: Switch OFF Anonymous Access via Central Admin so that the Anonymous Access Menu option in Site Settings -> Site Permissions is hidden. To do this you need to navigate to Central Administration -> Application Management -> Authentication Providers (Default) -> Edit Authentication and swith OFF Anonymous Access by un-checking the box.

Problem Solved! I put this down to inexperience with WSS/SharePoint Security (ME that is!) at the same time as taking over the site from someone else who had switched on Anonymous Access using the TWO step process. I thought that switching OFF Anonymous Access in Central Admin was enough, however I didn't know it was a 2 step process that can only be reversed by performing 2 steps in the opposite way as described above.

I read about the solution in this book: http://www.amazon.com/Real-World-SharePoint-2007-Indispensable/dp/0470168358/ref=sr_1_1?ie=UTF8&qid=1289880110&sr=8-1> 

I hope that someone else out there finds this to be useful information.

All the Best
Dave Stuart



I made up the word, Technophoric, because it sounded cool and I think anyone reading it will understand that its the opposite to Technophobia (someone who fears Technology).

This is my Second attempt at a Blog using BlogEngine! This time I'm hosting my own site (from the basement! erm home office!) using SQL Server 2008 for the datastore rather than XML files. I've come a long way in the last 12 months with regards to configuring my own data centre and Domain for my home office.

I hope to post some useful Comments on this blog over the course of it's life, which I hope is a long time. I will have some content starting this week sometime.

Happy Blogging
Dave Stuart



The Blogger

Dave Stuart I'm a Developer with a passion for coding. I enjoy the challengers that come with the job! SharePoint is one of my expert areas along with .NET Web Development with MVC and good old MS Access VBA coding. I Blog so that I can remember how I did that way back when; PLUS all this stuff is searchable! I constantly study and run my own business, Dafran Inc. I have passed 22 Microsoft Exams since 1998 when I first jumped on the treadmill of knowledge. I hope that you enjoy this Blog as much as I enjoy updating it. All the very best from Calgary, Alberta, Canada. contact me at linkedin @ dafran.ca

Calendar

<<  November 2017  >>
MoTuWeThFrSaSu
303112345
6789101112
13141516171819
20212223242526
27282930123
45678910

View posts in large calendar

Sign in