We are in the process to implement NextLabs entitlement to block the SharePoint 2013 site collections. We found although sites have been blocked, users could directly browse to site system pages like _layouts/settings and the actions are available for those who has “full control” permissions. This is critical security hole and here is the configuration steps to disable this.
- Login to site as site collection administrator
- Click Site Settings-> Site Collection Administration -> NextLabs Entitlement Manager settings -> Select “Enable access control enforcement for Page resources”
This configuration will
enable SharePoint Page Level Access Control allow users to control, via policy,
who can access various SharePoint settings pages.
This will block the users to
access the system pages. We are looking for some way we could apply this setting
to selected site collection and automatically apply to new site collection created.
No comments:
Post a Comment