microsoft.com Home | |||
http://www.microsoft.com/office/ork |
In addition to the direct methods of securing your OSE-extended web, you can:
To contribute to Web Discussions, users need read permission to the documents being discussed and collaboration access to the OSE-extended web that maintains the collaboration database. If you want to prevent some users from gaining access to confidential Web Discussions, you need to do the following:
You can control access to Web Discussions when you first set up Office Server Extensions with the OSE Configuration Wizard, or you can use the following procedure to manage access manually after OSE has been installed.
To remove anonymous access from the MSOffice virtual directory
To remove the Everyone group from the access control list of the OSE root, and Help folders (NTFS file system only)
where N is the index of the OSE-extended web and localeID is the ID of the OSE locale (for example, the locale ID for English is 1033).
To give collaboration access to users (NTFS file system only)
Note When you extend your Web site with OSE, you can choose to have the OSE Configuration Wizard create local Microsoft Windows NT groups. If you do not choose to have the wizard create the groups, and then you decide you want to give users collaboration access, you can add users to the access control lists (ACLs) of the OSE root and Help folders.
When you want to give specific users read permission, but restrict them from accessing Web Discussions; or when you want to give specific users access to different Web Discussions on the same documents, you need to:
You can also use the Browsers group to give users the ability to view information on the server, but to block their access to Web Discussions.
Users with access to Web Discussions on an OSE-extended web can post discussion items about documents on your Web site, or anywhere on the Web. For policy reasons, you might want to restrict discussions to documents only on your Web site.
To prevent Web Discussions on documents located on other Web sites
– or –
Type the following URL in the Address box of your browser:
http://website/msoffice/msoadmin/
where website is the name of the OSE-extended web.
To maintain security on your Web site, you can control OSE directory browsing. When you enable OSE directory browsing, users with the List permission on the ACL of the OSE-extended web root folder can click Browse Web Folders in the OSE Start Page to see the files and folders that the root folder contains. This ability is a security consideration because users can see the server folder structure, and the names and types of documents that you might not want them to see.
You can disable OSE directory browsing for the entire Web site, or for particular subfolders of the Web site. When you clear the Directory browsing allowed check box in the content root, you disable OSE directory browsing for the entire Web site; and when you clear the Directory browsing allowed check box in particular subfolders, you disable OSE directory browsing in those subfolders.
To disable OSE directory browsing for the entire Web site
To allow specific users to browse specific files and folders (NTFS file system only)
– or –
To allow a user to view a file, add the user to the list in the File Permissions dialog box, and then give the user the Read permission.
The Web Subscriptions feature allows users to subscribe to a single document or to all the documents in a folder. Subscribers receive e-mail notifications when documents or discussions change. The updates include document names and the types of changes to the documents.
When users subscribe to a folder, they receive updates about all the documents in the folder — including documents that they do not have permission to view or alter. However, you can prevent users from creating subscriptions to folders, and you can limit subscriptions to documents only.
To set Web Subscriptions to documents only
– or –
Type the following URL in the Address box of your browser:
http://website/msoffice/msoadmin/
where website is the name of the OSE-extended web.
By using the Web Subscriptions feature, users can designate any Internet e-mail address to receive document updates. In addition, users who are no longer members of a specific workgroup might still have subscriptions to documents that are supposed to be accessible to only the current members of the workgroup. These scenarios represent possible security risks. To maintain a secure server environment, monitor and delete Web Subscriptions configurations on a regular basis.
To monitor and delete Web Subscriptions
– or –
Type the following URL in the Address box of your browser:
http://website/msoffice/msoadmin/
where website is the name of the OSE-extended web.
– or –
To delete all subscriptions, click Delete All.
Topic Contents | Next | Top Friday, March 5, 1999 © 1999 Microsoft Corporation. All rights reserved. Terms of use. | ||
License
|