.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

CA Policy vs. Portal Permissions

Posted By:      Posted Date: September 17, 2010    Points: 0   Category :SharePoint
I have an AD user group that has been added to the Central Administration “Policy for Web Application” list with full control.  The user group is also in my portal with “Read Only” priviliges. The users have full control of the site due to the listing in Central Admin and when the group is removed from Central Admin, no group member can access the portal.  Central Admin policy permissions is over-riding the portal permissions. I created a VM environment and did not add the group to CA Policy, just to the portal as Read Only, and everything works fine there.    Not sure how the group was added to CA policy.  Can't remove it.  Changing the "Policy" level to read only also renders the group with "no access".  Do you know of any way to correct this.?

View Complete Post

More Related Resource Links

Central Administration Policy is Overriding Portal Permissions


An Active directory user group has been added to Central Administration Policy with "full control" permissions to a Web Application.  This group should have Read Only" access.  When the group is removed or  "Policy" level changed in Central Administration, no member can access the Web App/portal.  

Is there any way to correct this.?

Security in .NET: The Security Infrastructure of the CLR Provides Evidence, Policy, Permissions, and


The common language runtime of the .NET Framework has its own secure execution model that isn't bound by the limitations of the operating system it's running on. In addition, unlike the old principal-based security, the CLR enforces security policy based on where code is coming from rather than who the user is. This model, called code access security, makes sense in today's environment because so much code is installed over the Internet and even a trusted user doesn't know when that code is safe.In this article, Don Box explains how code access security works in the CLR. He discusses the kinds of evidence required by policy, how permissions are granted, and how policy is enforced by the runtime.

Don Box

MSDN Magazine September 2002

error in installing portal starter kit



I tried to install portal starter kit (http://www.asp.net/downloads/archived-v11) , but I found error code (2869) in installing. Windows of my computer is VISTA.

Error is like below:

Id_token is not a valid Windows NT name. Give the complete name: <domain\username>.

User or role "id_token" does not exit in this database.

Error code 2869.

Thanks in advanced.

Required permissions cannot be acquired when host asp.net 3.5 application in godaddy


I got the following error when click print report button.

Application : asp.net 3.5

Crystal report : 10.5

Host: godaddy

Please help me.


Required permissions cannot be acquired.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. 

Exception Details: System.Security.Policy.PolicyException: Required permissions cannot be acquired.

Source Error: 

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Access Control: Understanding Windows File And Registry Permissions


Understanding the ACLs that govern permissions and rights before an operation is allowed to proceed is critical to enhancing security.

John R. Michener

MSDN Magazine November 2008

PIAB And WCF: Integrating the Policy Injection Application Block with WCF Services


Using the PIAB you can enhance WCF services with policies such as validation, performance monitoring, authorization and caching without having to change a line of code.

Hugh Ang and David San Filippo

MSDN Magazine February 2008

WSE Security: Protect Your Web Services Through The Extensible Policy Framework In WSE 3.0


This article describes the WSE policy framework, which allows you to describe constraints and requirements a Web service must enforce. Discussions include security scenarios in WSE 3.0 and extending the framework with custom constraints and requirements.

Tomasz Janczuk

MSDN Magazine February 2006

ASP.NET 2.0: Personalize Your Portal with User Controls and Custom Web Parts


ASP.NET 2.0 introduces a Web Part control that is designed to deal with the serialization, storage, and retrieval of customization and personalization data behind the scenes. In this article, the authors explain how you can put the WebPart control to work in your ASP.NET 2.0 applications.

Ted Pattison and Fritz Onion

MSDN Magazine September 2005

SharePoint Portal Server 2001: Search and Access Disparate Data Repositories in Your Enterprise


The knowledge worker is greatly empowered if she is able to access information across the enterprise from a central access point. With the SharePoint Portal Server 2001 Search Service you can catalogue information stored in Exchange public folders, on the Web, in the file system, and even in Lotus Notes databases. This article discusses the use of ActiveX Data Objects and the Web-based Distributed Authoring and Versioning protocol for creating search solutions based on SharePoint Portal Server 2001.

Kayode Dada

MSDN Magazine April 2002

SharePoint: SharePoint Portal Server Makes Your Intranet More Manageable and Easier to Navigate


Most large organizations have mounds of disjointed information in a variety of formats spread out across an enterprise. To make the most efficient use of that information, it must be readily accessible, easy to identify, and simple to navigate. SharePoint Portal Server 2001 unifies information by allowing members of any organization to create, share, and publish documents from a single access point. This article covers the services in SPS that can help an organization improve workflow and information management.

Darrin Bishop

MSDN Magazine September 2001

Usage of Client Access Policy and crossdomain xml for sharepoint 2010>?


Hi Folks,

1.What is Clientaccesspolicy.xml in sharepoint ?

2.What is Crossdomain.xml ?

What is usage of wcf service deploy in sharepoint 2010?

Kindly give me some valuable comments ?


Thank you


Immanuel c


Setting permissions of a specific SharePoint workflow


We have a very simple workflow whereby an document placed in a public library (INBOX) is moved it to a private library (VERIFY) and then deleted. The workflow works correctly when someone who has access to the VERIFY library drops a record into the INBOX library.  However it does not work when the user does not have access to the VERIFY library.

I was told that I need to "set the AD group associated with a specific SharePoint workflow" but cannot find any reference to this in SPD.



MOSS 07 Installation Quirks - SSRS Connectivity & SSP Permissions

I'm new to MOSS 07 and am currently learning it.  I've done clean installs and post-install configuration a few times now and I've noticed 2 quirks associated with a fresh install.  I'm not sure what is going on or the best way to "fix" them.

1 - I install SQL 05 with SSRS prior to installing MOSS and I always check to make sure that SSRS is configured and I can connect to it in the SQL Management Studio.  Once the Default port 80 Web App is provisioned, however, I can no longer connect to SSRS via the SQL MS.  I understand that this is related to the fact that the default Web App that hosts the SSRS sites is the Default 80 Web Site and that this port is taken over by the SharePoint 80 portal.  My question is, how to handle this.  I understand that I can configure SSRS to run via SP Integration.  However, when I install SSRS 05 initially and prior to installing/configuring MOSS, should SSRS be installed under a separate Web App and Port than the Default?  Does SP Integration restore the ability to connect to SSRS via the SQL Mang. Studio?

2 - In an attempt to get used to a "production" way of doing things, I create Domain Service accounts for both installing MOSS and running the services.  My problem is with the results of using an installation account.  I call it "spinsta

How to write an event to manage permissions on a document while uploading, depending on custom field



I am trying to find a solution to manage permissions on a document, while uploading it into a document library. This event has to be fired if a custom field is populated (it's a check box field).

How to write an event for this, i tried writing ItemAdded event, but this is getting fired as soon as a document is uploaded, before coming to the page, where we populate all the fields and hit check in.

can i capture Check-in event.

Please advise.


MOSS 2007 - "next 100" link missing from permissions pages


We're running two MOSS 2007 environments that are (should be!) identical for Development and Validation.  We don't have Production set up yet to compare...

In DEV, when you go to the Site Settings > View All Site Settings > People and Groups > Groups, you see a "1 - 100 >" link at the top right to page to the next 100 groups.  In VAL, we do not see that link even though we have more than 100 Groups (the list ends on the first page with the letter "l").

Everything we have looked at between the two systems looks identical, has anyone seen something similar and has a fix?  At this point we're waiting until we get the PRD environment set up to compare because we're stumped.  Any help would be appreciated, thanks!


ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend