Applying Permissions to Lists in Areas

A nice feature of SharePoint Portal Server are areas. Think of an area as a mini-WSS site of it's own. You can create document libraries, custom lists, discussion threads, etc. all within an area. Items in the portal, including entire areas, have the added advantage over WSS sites of being able to use audience filtering and thereby only show content to those that it's aimed for (remember audience filtering is just what's presented, you still need to apply appropriate security to deny access to something to someone).

Security for areas is the same as you would apply security anywhere else in SharePoint. You can add new users, change permissions, etc. (although when you select the advanced permissions for an area you get more options like being able to apply stylesheets, browsing directories, etc.) One of the issues security in an area is that if you have say several document libraries in that area, the security is the same for all libraries.

When you select a list or document library (through the Manage Content option) in SPS, you'll see the typical interface like Change general settings, Delete this list, etc. What you won't see is the option that you see when you go into the settings in a list or library in a WSS site. Namely the Change permissions for this list option. When you apply permissions to an area (using the Manage Security option), you'll see the typical SharePoint interface to add users, etc. but no option to set permissions for a list or library. You can however still use a feature of SharePoint to apply individual permissions to a document library or list in the area, it just takes a little typing to get there.

If you hover over the Change permissions for this list option in a WSS site, you'll see a url similar to the following:


This is the page where you can set permissions for a list or document library (for document libraries, the end of the url will say ",doclib" instead of ",list"). The page exists in a virtual directory that's available to any WSS site and... portal area! This same url format can be used for an individual document library or list at the portal. You just need to know the GUID (the 1234567A number above). To find this out:

  1. Select Manage Content from there area where your document library or list lives in the portal
  2. Select the document library or list from the ones available
  3. Select Modify settings and columns for that list
  4. Take a look at the url you've gone to. You'll see listedit.aspx?List={... The numbers between the {} characters is the GUID for that list. The easiest way to get from this page to the ShrOpt page is to change the URL from this:
    to this:
  5. Now you'll be at the Change Permissions: Document Library (or list) page
  6. Modify the permissions as you normally would, adding or removing users and setting up permissions.

These permissions will only be applied to the document library and not to the entire area so you can now create read-only areas with editable lists. Enjoy!


  • I have tried this, but when I try to make changes I get the challenge/response login box, which is strange because I am logged in as server admin... any thoughts?

  • Same problem here--I get a challenge when logged in as the domain admin. I don't think this should matter, but my virtual server is configured to listen on a host header value. The challenge references the machine name, not the DNS name.

  • Bil,

    I followed the instruction from your link, I'm now on the step in adding a

    user (I click "Add Users") under Change Permission. Once I click the Add

    User, the SPS prompt me with User and Password. I'm an administrator of SPS

    but it prompt me with "Access Denied".

    Do you have any idea why SPS prompt me with User and Password? or what user

    rights should I be to Add a user for the document library.

    Thanks alot!

Comments have been disabled for this content.