0

We have a publicly addressable MOSS 2007 site which is only accessable to users with windows accounts. Off the root Site collection, we have a series of sub sites:

How do I allow a set of AD users access to the moss/depts/safety site, but not the moss root site or any other sub sites? I've tried to give them Open Only rights at the root, then break security inheritance for the safety sub site, but that doesn't seem to do the trick. They can go directly to depts/safety, but cannot go to http://moss

chris.w.mclean
  • 155
  • 4
  • 13

1 Answers1

2

If you want a completely different set of permissions for http://moss/depts/safety than you do for http://moss (and for that matter, http://moss/depts/finance), set them up as site collections, with /depts as a wildcard inclusion managed path. That will allow you to keep navigation intact, but have completely different permissions (and site collection administrators) for each department site.

Sean Earp
  • 7,207
  • 3
  • 34
  • 38
  • I'm trying to find a good blog post that demonstrates what I'm talking about... the best I've found so far is http://mindsharpblogs.com/Ben/archive/2008/01/25/4222.aspx, but I'll keep looking (or write one myself) – Sean Earp Dec 14 '09 at 20:40
  • Seems like an over kill solution, but it might be the only way. – chris.w.mclean Dec 15 '09 at 15:28
  • The alternative would be breaking inheritence as you mention, and creating groups with permissions on the subsite that are not present on the root. That sounds like what you have done, but maybe I misunderstood the original question... You say that you want them to be able to go to the subsite, but not the root; but then say that the problem is that they can't go to http://moss. Isn't that what you were trying to accomplish? – Sean Earp Dec 15 '09 at 17:55