Microsoft Knowledge Base Email Alertz
All KB/RSS Links  |  Hot Kb!  |  New Kb!  |  Scott Cate  |  FAQ / KB  |  Web Hosting  |  Unsubscribe  

KBAlertz.com: How to set restrictions on a site collection to allow only users in a particular organizational unit on a computer that is running SharePoint Server 2007 Service Pack 1

Receive Microsoft Knowledge Base articles by E-Mail?

Every night we scan the Microsoft Knowledge Base. If technologies you're interested in are updated, we'll send you an e-mail. You only get one e-mail a day, and only when new articles are added.
Click here to create a
FREE account
Already have an account?
[Click here to Login]

Search KbAlertz

Advanced Search

Webmasters
Put kbAlertz on your website.
[ Click Here for more! ]





ASP.NET 3.5 Web Hosting with Windows 2008 and SQL 2008: Click Here!
Discount ASP.NET Hosting
ASP.NET 2.0 and 3.5
Windows2008 and SQL2008
US and UK Hosting
The ad says 3 - but KBAlertz referrals get
** SIX MONTHS FREE **

Bug Tracking Software
For bug tracking software or defect tracking software or issue tracking software, visit Axosoft.

Community Site


We Send hundreds of thousands of emails using ASP.NET Email


Expert Web Design & Graphic Design
Design44.com

ASP.NET 3.5 Web Hosting with Windows 2008 and SQL 2008: Click Here!
Discount ASP.NET Hosting
ASP.NET 2.0 and 3.5
Windows2008 and SQL2008
US and UK Hosting
The ad says 3 - but KBAlertz referrals get
** SIX MONTHS FREE **



Mentioned In







Microsoft Knowledge Base Article

This article contents is Microsoft Copyrighted material.
©2005-©2007 Microsoft Corporation. All rights reserved. Terms of Use | Trademarks



Article ID: 943100 - Last Review: November 14, 2007 - Revision: 1.3

How to set restrictions on a site collection to allow only users in a particular organizational unit on a computer that is running the 2007 Office servers Service Pack 1

View products that this article applies to.

INTRODUCTION

This article describes how to set restrictions on a site collection on a computer that is running the 2007 Microsoft Office servers Service Pack 1 (SP1). The article discusses how to allow access only for users in a particular organizational unit (OU).

MORE INFORMATION

Administrators can use the stsadm.exe command to set restrictions on a site collection to allow access only for users in a particular OU. To do this, follow these steps:
  1. Click Start, click Run, type cmd, and then click OK.
  2. At the command prompt, type the following command, and then press ENTER:
    cd /d %programfiles% \Common Files\Microsoft Shared\Web Server Extensions\12\BIN
  3. At the command prompt, type the following command, and then press ENTER:
    stsadm.exe –o setsiteuseraccountdirectorypath –url site collection url -path OU path
    For example, type the following at the command prompt:
    setsiteuseraccountdirectorypath –url http://server/sites/s1 -path "OU=MSCRM,DC=redmond,DC=corp,DC=microsoft,DC=com"
    Note The path will be the full distinguished name of the OU. The command will set the restrictions to allow only users under "OU=MSCRM,DC=redmond,DC=corp,DC=microsoft,DC=com" to be added to the site collection http://server/sites/s1.
To obtain the OU path, type the following at the command prompt, and then press ENTER:
stsadm.exe –o getsiteuseraccountdirectorypath –url site collection url
When the administrator uses the Stsadm.exe tool or another management tool to manage the site collection, the administrator will be added as a user to the site collection. The command in step 3 will block the administrator from managing the site collection if the administrator does not belong to the OU.

To enable the administrator to manage the site collection, type the following at the command prompt, and then press ENTER:
stsadm.exe -o setproperty -url webappurl -pn "peoplepicker-serviceaccountdirectorypaths" -pv paths
Note In this command, paths is a placeholder for a semicolon-separated list of distinguished names.

To see the list of allowed administrator directory paths, type the following at the command prompt, and then press ENTER:
stsadm.exe -o getproperty -url webappurl -pn "peoplepicker-serviceaccountdirectorypaths"
APPLIES TO
  • Microsoft Office Forms Server 2007
  • Microsoft Office Groove Server 2007
  • Microsoft Office Project Server 2007
  • Microsoft Office SharePoint Server 2007
  • 2007 Microsoft Office Servers Service Pack 1
Back to the top
Keywords: 
kbhowto kbexpertiseadvanced KB943100
        

Community Feedback System

Very often, it takes hours to solve a problem. Very often, you've looked high and low, and have tried a lot of solutions. When you finally found it, chances are, it was because someone else helped you. Here's your chance to give back. Use our community feedback tool to let others know what worked for you and what didn't.

Please also understand that the community feedback system is not warranted to be correct, it's simply a system that we've built to let people try and help each other. If something in a feedback response doesn't make sense to you, or you're not comfortable making changes that the feedback talks about (like registry edits), please consult a professional.

Thank you for using kbAlertz.com Feedback System.

-- Scott Cate

Be the first to leave feedback, to help others about this knowledge base article.

(Optional) Name
(Optional) Public URL Or Email
Comments
No HTML -- Text Only Please

 



Copyright © 2002-2007 KBALERTZ.COM.  All Rights Reserved. Terms / PrivacyDiscount ASP.NET Hosting