Setting up Permissions MOSS 2007 & Installing Custom Master Page

Following up from my last blog post: Fresh Install of MOSS 2007 using SQL 2008 I still need to upload my tutorials for reference but I just want to finalise them before I upload them.

Setting up Permissions

So I spent a few days working out the best way for me to setup the permissions on our SharePoint Setup and I decided to do it the following way,

I created security groups in Active Directory,

- Staff
- Staff Editors (Staff who will be updating their subject areas)
- Students
- Parents
- Governors
- Administrators

So I started of with the above to get me going as they were the basic permissions I needed, in the future when we need certain students/class groups to contribute to certain areas of the platform I will create a security group and set it up like I have done for the above.

Once I created the security groups in Active Directory I went to the Top Level SharePoint Site went to > Site Actions > Site Settings > Users and Permissions  and added all of the above Security groups to the "Intranet - Visitors" SharePoint Group so that has given everyone (excluding myself and system account) READ ONLY access to our Intranet Site.

Carrying on from that, I created Staff and Student Sub Sites when you create the new sub-sites you get the option to either use permissions from the Top Level Site or use Unique Permissions, I chose to use unique permissions and set them up as follows:

Staff Visitors = DomainStaff
Staff Contributors = DomainStaff Editors
Staff Owners = DomainAdministrators

And for students

Student Visitors = DomainStudents
Student Contributors = DomainAdministrators
Student Owners = DomainAdministrators

*Please note security groups and names are only examples but give you the same idea*

So for every Sub-Site I create now I will do the same as above setting the permissions just using the security groups I have setup in AD

Everyone who has looked into the permissions on SharePoint probably know it can get messy which is why I decided to do it the way I have done, it is not the only way to do it but in the environment we have and because of the complexity (having to probably add more groups regularly) I thought this was would be the fastest/reliable way to set the permissions up.

I have tested this using various test users I created and it works fine, obviously if the user is not in any of those security groups they will not be able to login to share point.

Personalised Master Page Export/Import

If you read my first blog entry you will know this is a new installation of sharepoint but not the only one I have, I only started learning how to configure/admin/design Sharepoint last year so when I did I first installation it was never done properly permissions were never setup, pages were never done correctly and the right templates were never used. Which is why I decided to start again now I have a strong knowledge of sharepoint and sharepoint designer.

I still had our old sharepoint installation running but we could not access this any longer as I used the application names ( https://portal https://intranet ) in our new installation so my DNS Records were not pointing to that server anymore.

Unfortunately I made a bit of a boo boo and I forgot to Export my customized master page and CSS so to get those back I had the get this version functioning again so I could access it via SPD

I logged on to the server and went to IIS > Right Click on Site > Properties > Host Header > And I changed that from Intranet to a random name (Cartman In fact) and then created a A Record in my DNS pointing to Cartman, gave that a few minutes to sort it self out and navigated to https://cartman using Sharepoint Designer.

I found my Master Page and CSS and Exported them, Select File > File > Export > File > Browse to Destination > Save

*You cannot just drag files out of sharepoint designer, you have to export them using the above steps if you choose to do it via SPD*

Once I had exported all the files I needed, I imported those into my new version of sharepoint again using SharePoint Designer but this time I could just drag those in to the correct place.

Once I did that, I right click on my Personalised Master Page and Clicked on Publish > Publish Major Version > When prompted to approve the published file click yet > login to sharepoint when prompted (NO SSO) and click on master page > click Approve

Job Done

Next Steps

So now I have a Portal site which has the default sharepoint master page with a some CSS Changes so it is no longer a light blue and a link to the college learning platform, when I navigate to this application I then have my personalised master page.

I still have some changes to make to my master page, but I should have this completed tomorrow if not this evening so I will post up some images of how it looks.

So tomorrow I will be creating sites for our Email and Helpdesk and adding content to all the Sub-Sites and Creating Sites for Parents and Governors

Thanks for Reading,

James.