ATTENTION: Scheduled from March 2020 - May 2020 Due to high call volume, APAN recommends using our Contact Form at https://community.apan.org/support/p/contact

Setting Up Guest Registration

Table of Contents

How do I Setup Guest Registration List Permissions?

Guest registration list refers to a custom list created to register users for a specific event/exercise/training etc. Within APAN, these lists refers to custom lists setup by Site Owners to pre-register guests before a particular exercise or event. Since the users are not approved to be a member of the respective site, therefore a new security mechanism is needed for the guest registration lists to ensure that security and content of the site is secured while authenticated users are allowed to access a specific list within the site. The following criteria needs to be met as part of the solution provided in these guidelines:

  1. Authenticated Users can complete registration.
  2. The registering user can view their own registration submissions (and only their own)
  3. Site owners can view all registrations in lists that they own
  4. No non-members can upload content to a site.
  5. The information contained in this list should not be searchable.

In order to implement security to address these requirements, this would be a two-step process.

  1. First step is to ensure the site security is established
  2. Next, the list permissions need to be implemented for authenticated users.

By default all sites lists and libraries inherit permissions settings from the site that is in the hierarchy. In order to allow unique per permissions for the list, you have to break permissions inheritance first. Upon creating a new guest or registration list, go to the list’s permission settings and perform the following.

  1. Go to the library or list and open it.
  2. Click Library or List tab to open the ribbon, and then click Library Settings or List Settings on the ribbon.
  3. On the Settings page, under Permissions and Management, click Permissions for this list or Permissions for this document library.

Break inheritance from the parent

  1. Open the list or Library that you want to restrict access to.
  2. On the List Tools or Library Tools tab, click List or Library to open the gallery of commands.
  3. On the ribbon, click the List Permissions or Library Permission button.

The permissions page for the list or library opens, with a yellow status bar that explains that the list inherits permission from its parent site.

Note: If you don't see list or library permissions, make sure your windows is full screen, as several buttons reduce to just icons without captions.

  1. Click Stop Inheriting Permissions.

Now the list is disconnected from the parent site.

Here are two important things to note:

  • The list still has the same permission settings that it did before. But now, instead of inheriting permissions from the parent, it has its own copy of the parent permissions.
  • Changes that you make to the permissions settings for the parent site will not be inherited by this list.

Grant access to Authenticated Users group

  1. On the permissions page for the list, on the Edit tab, click Grant Permissions
  2. Type All Users (windows) or NT Authority\Authenticated Users in the Users/Groups box and select the “Add Only” and “View Only” permission level.
  3. If you have already granted “View Only” permission to “All Users (windows) (c:01!.s|windows) at the site level, then after breaking the security inheritance, grant “Add Only” permission to All Users (windows) group and you are done.
  4. Click OK.

What should the advanced settings for a registration list be?

The above settings will setup who can access the registration list, but it also allows the authenticated user to access all content within the registration list. To secure the registration list further, the following actions should be performed.

  1. Goto List Settings page, and then click on Advanced Settings link.
  2. On this page, configure all settings according to the below.
    1. Content Type = No
    2. Item-Level Permissions –
      1. Read Access = Read Items that were created by the user
      2. Create and Edit Access = Create items and edit items that were created by the user
    3. Attachments to list items are = Enabled
    4. Folders – Make New Folder Command Available = No
    5. Search – Allow items from this list to be searchable = No
    6. Office Client Availability – Allow items from this list to be downloaded to offline clients = No
    7. Datasheet – Allow items from this list to be edited from the datasheet = No