Part 2 of 3 in the SharePoint Server 2013 Core Solutions (70-331) series covers a range of topics including the installation and management of SharePoint 2013, PowerShell, data management, and more. In this course, your instructor Christopher Harrison covers a range of topics including the installation and management of SharePoint 2013, PowerShell, data management, and more. This course is designed for those who already have a basic understanding of SharePoint, Windows administration, and Active Directory concepts.
Windows Authentication in SharePoint One of the biggest concerns with really any technology is, of course, security. What we want to be able to do is we want to be able to limit access to resources to only the people who need access to said resources. And what we're going to see is that there's a couple of different steps that we need to walk through to be able to limit and restrict access to those resources. And what we're going to start off with in this lesson here, Windows Authentication in SharePoint, is how we can authenticate or prove that our users are who they say they are by utilizing Windows authentication. We'll talk about a couple of the other providers that are available as well, but we're going to delve into those a little bit deeper in later lessons. We'll also go in and see the impact that IIS is going to have as well on our Windows authentication and how exactly the username and password is going to be sent from the client up to the server.
SharePoint Authorization and Permissions In basically every application, security is a two step process. Step one, authenticate the user, prove that they are who they say they are, and then step two, authorize the user, determine what it is that we want the user to be able to do. Now what we're going to see in SharePoint is that there's a couple of different ways that we can do this. And we're going to start off in this lesson by taking a look at how we can apply permissions at the site level and potentially even down to a list, to a folder, or even to an item level. Now before we get in and start doing some demonstrations and kind of showing everything off, we do need to define a couple of different terms, talk a bit about the different moving parts that are going to come into play when we're talking about security. So let's define some terminology here. SharePoint security really has three main moving parts. We've got principals, and these are the people or groups to whom we want to grant the permissions. We have securables, and these are the objects that are going to be secured, our sites, our lists, and our items. And then finally, we've got the permissions, and these are the different things that we want our users to be able to do.
Additional SharePoint Security Options Being able to manage permissions at a site collection level, a site level, a list level, a folder level, an item level, is certainly very powerful. But there are going to be times when maybe we want to globally apply permissions to an entire web application, maybe globally remove permissions, or also just simply want a little bit more control over how it is that our users are going to be able to apply permissions, and this is what we're going to take a look at in this lesson.
Securing SharePoint Farms In prior lessons, we've seen how to handle authentication, the process of users proving that they are who they say they are, and authorization, the process of users proving that they have permissions to perform whatever operation it is that they are looking to perform. But security doesn't just simply stop there, that there are a few things that we need to take care of behind the scenes to ensure that our environment is, in fact, safe from attack. And that's exactly what we want to take a look at in this lesson. We'll want to talk a little bit about our service accounts, which will actually be a bit of review, but since we're talking about behind the scenes security, it's a good opportunity to go back and take another look at all of it. We'll also talk about how to set up certificates and SSL to ensure that our traffic is going to be encrypted, and then we're going to finish it off talking about how we can utilize firewalls and other server components to control network traffic.