Scenario:
There are two Site Collections: US and UK. Active Directory is setup to store United States users in the US Organizational Unit and United Kingdom users in the UK Organizational Unit. The requirement is to prevent US users from adding site/library/item permissions for UK users, and vice versa.
Solution:
Currently, a US user (Kevin Carter) can add a UK user (Kyle Wilson) access to the site.
The same goes for Kyle (UK) being able to add Kevin (US):
Launch the SharePoint 2010 Management Shell (PowerShell) and run the following commands. Make sure you edit the Identity and UserAccountDirectoryPath parameters to reflect your environment and OU/Domain structure.
Now, if Kevin (US) tries to add Kyle (UK) to the site again, then this is what he’ll see:
The same goes for if Kyle were to try and add Kevin:
You could also use the above command to limit the People Picker to a specific domain.
There are two Site Collections: US and UK. Active Directory is setup to store United States users in the US Organizational Unit and United Kingdom users in the UK Organizational Unit. The requirement is to prevent US users from adding site/library/item permissions for UK users, and vice versa.
Solution:
Currently, a US user (Kevin Carter) can add a UK user (Kyle Wilson) access to the site.
The same goes for Kyle (UK) being able to add Kevin (US):
Launch the SharePoint 2010 Management Shell (PowerShell) and run the following commands. Make sure you edit the Identity and UserAccountDirectoryPath parameters to reflect your environment and OU/Domain structure.
Set-SPSite -Identity http://portal.contoso.com/sites/US -UserAccountDirectoryPath"OU=US,OU=SharePoint,DC=Contoso,DC=com"Set-SPSite -Identity http://portal.contoso.com/sites/UK -UserAccountDirectoryPath "OU=UK,OU=SharePoint,DC=Contoso,DC=com" |
Now, if Kevin (US) tries to add Kyle (UK) to the site again, then this is what he’ll see:
The same goes for if Kyle were to try and add Kevin:
You could also use the above command to limit the People Picker to a specific domain.
No comments:
Post a Comment