You are currently reviewing an older revision of this page.

SP13 Guest Registration List Permissions

[toc]

Guest registration list refers to a custom list created to register users for a specific event/exercise/training etc. Within APAN, these lists refers to custom lists setup by Site Owners to pre-register guests before a particular exercise or event. Since the users are not approved to be a member of the respective site, therefore a new security mechanism is needed for the guest registration lists to ensure that security and content of the site is secured while authenticated users are allowed to access a specific list within the site. The following criteria needs to be met as part of the solution provided in these guidelines:

  1. Authenticated Users can complete registration.
  2. The registering user can view their own registration submissions (and only their own)
  3. Site owners can view all registrations in lists that they own
  4. No non-members can upload content to a site.
  5. The information contained in this list should not be searchable.

In order to implement security to address these requirements, this would be a two-step process.

  1. First step is to ensure the site security is established
  2. Next, the list permissions need to be implemented for authenticated users.

By default all sites lists and libraries inherit permissions settings from the site that is in the hierarchy. In order to allow unique per permissions for the list, you have to break permissions inheritance first. Upon creating a new guest or registration list, go to the list’s permission settings and perform the following.

  1. Go to the library or list and open it.
  2. Click Library or List tab to open the ribbon
  3. Click Library Settings or List Settings on the ribbon.
  4. On the Settings page, under Permissions and Management, Click Permissions for this list or Permissions for this document library.

Break inheritance from the parent site

  1. Open the list or Library that you want to restrict access to.
  2. Click List or Library tab to open the ribbon of commands.
  3. On the ribbon, click the List Permissions or Library Permission

The permissions page for the list or library opens, with a yellow status bar that explains that the list inherits permission from its parent site.

NOTE: If you don't see list or library permissions, make sure your windows is full screen, as several buttons reduce to just icons without captions.

  1. Click Stop Inheriting Permissions.

Now the list is disconnected from the parent site.

Here are two important things to note:

  • The list still has the same permission settings that it did before. Instead of inheriting permissions from the parent, it has its own copy of the parent permissions.
  • Changes that you make to the permissions settings for the parent site will not be inherited by this list.

Grant access to Authenticated Users group

  1. On the permissions page for the list, on the Permission tab, Click Grant Permissions
  2. Type All Users (windows) or NT Authority\Authenticated Users in the Users/Groups box.
  3. Select Add Only and View Only permission level.
  4. If you have already granted View Only permission to All Users (windows) (c:01!.s|windows) at the site level.
  5. After breaking the security inheritance, grant Add Only permission to All Users (windows) group and you are done.
  6. Click Share.

What should the advanced settings for a registration list be?

The above settings will setup who can access the registration list, but it also allows the authenticated user to access all content within the registration list. To secure the registration list further, the following actions should be performed.

  1. Go to List Settings
  2. Click Advanced Settings
  3. On the Advanced Settings page, configure all settings as follows:
    1. Content Type = No
    2. Item-Level Permissions:
      1. Read Access = Read Items that were created by the user
      2. Create and Edit Access = Create items and edit items that were created by the user
    3. Attachments to list items are = Enabled
    4. Folders – Make “New Folder” Command Available = No
    5. Search – Allow items from this list to appear in search result = No
    6. Office Client Availability – Allow items from this list to be downloaded to offline clients = No
Language Selector
Click to hide this icon and message
Select Your Language