I have an AD user group that has been added to the Central Administration “Policy for Web Application” list with full
control. The user group is also in my portal with “Read Only” priviliges.
The users have full control of the site due to the listing in Central Admin and when the group is removed from Central Admin, no group
member can access the portal. Central Admin policy permissions is over-riding the portal permissions.
I created a VM environment and did not add the group to CA Policy, just to the portal as Read Only, and everything works fine there.
Not sure how the group was added to CA policy. Can't remove it. Changing the "Policy" level to read only also renders the group
with "no access". Do you know of any way to correct this.?
View Complete Post