=================Question / Case=================================
The scenario is this, we want to host a couple of sharepointsites for our customers our WSS farm. But how can we restrict access for one customer to another customers information in the AD (Active Directory).
That is when person A at Company A wants to add a member to his site i dont want him to see the account for person B of company B in the AD.
One solution would be to host several Active Directory but that is not preferable from a management point of view.
So is there any way to restrict specific users to see information from a parallel OU´s(Organization Unit) in the AD (Active Directory)?
==================ANSWER ON ABOVE PROBLEM==================
You have to create separate site collection for each Customer and create subsites pertaining to the customer. After you create site collection then you have two ways you can restrict people from people picker
1. Search only within a site collection
Run the following stsadm command for the site collection stsadm -o setproperty –url http://server/sites/CustomerA –pn peoplepicker-onlysearchwithinsitecollection –pv yes
2. Search only within an AD OU Search only within a site collection
Where, CustomerA is the site collection name Search only within an AD OU Run the following stsadm command for the site collection Stsadm –o setsiteuseraccountdirectorypath -path “OU=CustomerA,DC=Company,DC=com” –url http://server/sites/CustomerA
This operation is new in SP1. Only one OU path can be specified per site collection.
Recent Comments