-
Navigate
to the item that you want to protect or make available.
-
On the
item's
Authorization tab, select a user or
group. Or, if you want to assign a permission to someone who is not
listed, click
Add. Each restricted identity
that you add gets an explicit
![clear check box](images/cb-white.gif)
grant of the ReadMetadata permission.
-
In the
Effective Permissions list box, select check boxes to
adjust the settings for the currently selected identity. Each click
adds an explicit setting to the item's protections (except that clicking
an explicit
![clear check box](images/cb-white.gif)
setting removes that setting and reveals an underlying
grant or denial).
Note: If the identity
that is selected in the
Users and Groups list
box has the unrestricted role, all permissions are granted and you
can't change the settings.
-
Repeat
steps 2 and 3 for any other identities whose access to this item you
want to adjust.
-
Review
the settings for each identity in the
Users and Groups list box. This is important because settings that you add for a
group can affect access for all members of that group. For example,
a denial that you add for the PUBLIC group blocks access for all restricted
users, unless there are other explicit
![clear check box](images/cb-white.gif)
or ACT
![green check box](images/cb-green.gif)
(green) grants. You must offset a broad explicit
denial with explicit or ACT grants for any restricted identities whose
access you want to preserve.
-
In the
Properties dialog box, click
OK to save your changes.
Tip
It is easy to
set explicit grants and denials on each item that you want to protect
or make available. However, managing a large number of individual
permission settings can be cumbersome.
See Tips for Efficiently Using Permissions.