On Tue, Aug 26, 2008 at 3:02 PM, Wampers, Wilson [Talent International] <[EMAIL PROTECTED]> wrote: > Hi All, > I've tried to lock down security on a specific folder on a site > collection\sub site\shared documents\sub folder\sub sub folder > >SNIP>> > I was expecting not to be able to even see the subsubfolder in the > navigation nor to be able to see its content and read/check in check etc..., > but I can do all that. > > Nobody else can except the SPSGSubFolderSubSubFolder members (to be complete > I should mention that my AD account isn't a member of this SPS Group) > > > > My AD account is a farm administrator and a site collection administrator.
Site Collection Administration group ignores all permissions. Period. Best practice is to not give SCA permissions to ANY normal AD users. Instead have alternate accounts you can log into for when doing super-admin work, and then log out of. This is actually best practice for pretty much all MS technologies (exchange/sharepoint/etc). Treat your AD account as a normal user, and set up a seperate "admin" account (one per admin, a "sister" account, NOT NOT NOT a shared admin account!). ------------------------------------------------------------------- OzMOSS.com - to unsubscribe from this list, send a message back to the list with 'unsubscribe' as the subject. Powered by mailenable.com
