I’m probably doing something stupid but I just can’t seem to get the permissions working correctly on my collection.
I have a site collection with a mixture of team sites and blogs. From the parent if I am a visitor/reader I can see everything apart from the sub team sites. The only way I can get the user to view the team sites is to grant them owner rights. If I grant any other permission they can’t see the sites at all. Is there something I’m doing wrong here!?
Second issue is I am importing a legacy intranet into Sharepoint, I need to be able to say everyone has read rights to all sites/content except a few AD groups don’t have permissions to a particular site.
Is it possible to create a group with no rights so for example “everyone” would be a reader/viewer but GroupA would not have access because they are part of the “access denied” group (even though they are in the reader group I presume the least permission should apply).
Hope that makes sense, seems like it should be possible but maybe I’m going about it the wrong way.
Thanks
Dan
Your first question:
You should double check that the sub sites are published (the pages). Our tester reported this bug recently and discovered that the reason the Visitor couldn’t see the sites bellow was because they had never had a publish/approved version.
if that doesn’t work, then make sure you check what elsni is suggesting.
Your second question:
I think by adding ‘everyone’ as a reader to the root site, you are allowing everyone to read. I don’t think there is a way to say, ‘but don’t allow users from x group’. You could however break the permissions inheritance and remove ‘everyone’ from the visitors group in the sites bellow the root. Of course then you have to manage permissions for all of these sites separately but that is the only way I know of achieve what you’re trying to do.