« Best of Breed or One Size Fits All for Enterprise Content Management? | Main | Is Oracle Leading the Pack with Content as a Service? »



Feed You can follow this conversation by subscribing to the comment feed for this post.


Can you please be a bit more specific. What do you mean by "User Policy", a user group? Where should we originate this policy from, the site collection or central administration?


Nosika! I have updated the post with a few screenshots.
Please let me know if you have more questions.


Karthik Elangovan

Hi Chaitu,
I've spoken to you before, I'm Sagar's friend. I noticed that no matter what permissions we give inside the site, it gets overidden by what we set at the "user policy". Is there a way do you know to give, for example, contribute permissions for one user within the site, without giving the user "contribute" permission in the web application level? did you overcome this scenario?


The permissions at web application level take the highest preference. So for your scenario, try to give read access at web app level and contribute access from your site / site collection..

David Hamilton

Would this fix the following problem?

When opening a site without appending default.aspx or home.aspx, I get access denied.

When opening a site with default.aspx or home.aspx, I get in fine. But then, when accessing some of the internal links, I get access denied (not all links). And when adding or editing something, it always returns to a URL that produces Access Denied and an option to log in as another user. But I am logged in appropriately and I am the farm admin.

We are using claims-based authentication with a custom provider.


@David - I guess it should resolve all the access denied issues as you are giving access at the top most level.


Be VERY CAREFUL when using the User Policy, as it overrides permissions on all sites and site content. For example, if you have a document that has read permission for only a certain person or group, ANYONE defined in the Group Policy will have read access to that document.


You are great!!!!!
Thanks for your post!!!

Muhammad Talal Shoaib

Thank you so much for such a nice article. It really helped me alot. Cheers :)

The comments to this entry are closed.

Contact ICF Ironworks

  • ICF Ironworks combines strategy, technology and design services to assist clients in the development of large-scale, complex technology projects. Ironworks offers three core services: Business & IT Alignment, Portal and Content Management, and Interactive.

    Contact us for help with your next project.

ICF Ironworks is Hiring!

  • If you're the best... we want you to work here!

    If you're the best... we want you to work here!ICF Ironworks is always on the lookout for experienced professionals who believe in hard work, having fun, and great client service.

    View our open positions, or, if you don't see an exact match, send us your resume.

Workswire e-Newsletter

  • Workswire e-newsletterSign up to receive Ironworks' quarterly e-newsletter for the latest news, events, client successes, industry insights and more!

About This Blog

Welcome to the Ironworks Technology Blog, Under the Hood. Ironworks has nominated solicited employee volunteers to write about various technology-related topics, from high-level application architecture all the way down to those pesky 1s and 0s that keep the world moving these days.

Continue reading »

Ironworks Twitter Updates

    follow me on Twitter

    Other Blogs We Love

    • TED | Talks | List
    • Information Architects
      We architect information.
    • John Resig - Blog
      John Resig is the Dean of Open Source and head of JavaScript development at Khan Academy and the author of the book Pro JavaScript Techniques. He’s also the creator and lead developer of the jQuery JavaScript library.
    • Iconify.it
      Welcome to Iconify.it – a blog about icons.
    • Garrett's Tech Musings
      Thoughts on technology, programming, and the industry
    • Fit and Finish
      Insight from the Ironworks User Experience Group
    • Fritillaria
      Information Architecture Across Dimensions
    • Amusingly MOSS
      ...It's funny how difficult some stuff is when it really shouldn't be
    • CAE Weblog
      Ramblings about the world of associations and their intersection with the Web.

    Become a Fan