locked
Override Limited Access Permissions RRS feed

  • Question

  • I have a site with custom permission levels that remove the user's access to View Application Pages. This site has broken permissions so therefore SharePoint automatically assigns my custom groups the Limited Access permission.  This seems to be overriding my custom permission and reinstates the user's ability to View Application Pages.

    I looked into implementing a Permission Policy at the Web Application level however I have hundreds of AD Groups that I would need to assign. I also have a handful of users (in a SharePoint Group) that need this access so assigning the policy to "Everyone" is also not an option.

    I cannot remove the Limited Access permission at the site level nor can I modify it to remove the View Application Pages permission. Any suggestions?

    Friday, June 10, 2016 1:55 PM

Answers

  • If they have at least Open access on a list or library, they'll be able to see it on the All Site Content page.

    If you need to hide specific views from them, do not add create those forbidden views on the list itself, but instead add list view web parts to pages, configure those web parts to display the columns as desired, then remove the users' permissions from those pages.

    • Marked as answer by Patrick_Liang Monday, June 20, 2016 8:27 AM
    Thursday, June 16, 2016 8:37 PM

All replies

  • You can almost always disregard the Limited Access permission level. (Just don't remove it from a group, or their permissions at the lower level will be removed as well.)

    What specific application pages are you trying to hide from the groups? Have you logged in with a test account that's a member of one of the groups to see what it is able to access?


    • Edited by thriggle Tuesday, June 14, 2016 5:55 PM
    Tuesday, June 14, 2016 5:54 PM
  • I am trying to hide all application pages but I guess specifically the Site Contents page. Our users use Custom Pages to access data and 90% do not need access to the actual lists/views. 

    We have setup custom permission levels to allow them to add/edit items, but not allow them to create views. We also only allow them access to certain fields but having access to the table means they can navigate their way into viewing fields they should not see.

    I have taken away "View Application Pages" from the users using the custom permissions but when I login with a TEST account that belongs only to the group with the custom permission they can still freely navigate around the site (including site contents, site workflows, ect...).

    Tuesday, June 14, 2016 6:24 PM
  • If they have at least Open access on a list or library, they'll be able to see it on the All Site Content page.

    If you need to hide specific views from them, do not add create those forbidden views on the list itself, but instead add list view web parts to pages, configure those web parts to display the columns as desired, then remove the users' permissions from those pages.

    • Marked as answer by Patrick_Liang Monday, June 20, 2016 8:27 AM
    Thursday, June 16, 2016 8:37 PM