locked
Restrict access to SharePoint 2007 test farm RRS feed

  • Question

  • Hello all,

    I feel like this should be simple and hopefully I'm over looking something.  We have our production SharePoint 2007 environment.  We also have a test farm.  There have been several occasions where I've needed to copy a production content database over to the test farm.  Is there an easy way to deny access to the test farm?  I don't want users accidentally logging into the test farm and updating content not realizing it's test.  We've had this happen on occasion and depending upon how much content they update, it can make moving that content to prod difficult.  Unfortunately, it's not possible to simply restrict by IP.  I basically want to deny all users except for domain admins and possibly our designers.

    Thanks


    Tuesday, April 12, 2011 4:29 PM

All replies

  • Hi Timmy,

    The first thing came to my mind is to create a policy to deny eveyone access to the test web application.

    (Central Admin > Application Management > Policy for Web Application)

    From your description it seems like you attach database for this migration. Otherwise I would have suggested not to include -includeusersecurity parameter when doing export.

    Hope this helps!


    BlueSky2010
    Tuesday, April 12, 2011 5:05 PM
  • Thanks for the reply BlueSky,

    You are correct that I didn't not use the export/import commands but attached a copy of the prod database.  If I deny everyone, will the exception of allowing domain admins full control take precedent over the denial?  I'll certainly test this as it's pretty simple to do but I'm just wondering how it's gone in your experience.

     

    Thanks again

    Tuesday, April 12, 2011 5:08 PM
  • Well in my case I had separate groups to play with I guess.

    Let us know how that goes Timmy.


    BlueSky2010
    Wednesday, April 13, 2011 12:53 PM
  • Well in my case I had separate groups to play with I guess.

    Let us know how that goes Timmy.


    BlueSky2010
    Adding everyone and assigning deny permissions denies everyone from logging in.  The deny takes precedent over other perms :(
    Thursday, April 14, 2011 9:46 PM