Do Not Use a Designated Account to Access Data

Do Not Use a Designated Account to Access Data

Knowledge Base Administrators can choose not to use a designated account to access data, but they must make the following configurations:

  • KB Client site: Grant Read-Only access to the KB Client site for SharePoint users/groups
  • KB Admin site: Grant the following permissions to the same SharePoint users/groups:
    • Read-Only access to the following:
      • Bamboo KB Articles List
      • Bamboo KB Categories List
      • KB Picture Library
    • Limited access to the KB Admin site

Knowledge Base Administrators can also break item permissions for the KB Articles and KB Categories lists and allow certain groups to see those items. For example, an Administrator wants to allow the SharePoint group “Sales” to have read access to the Sales KB category and to all KB articles in the Sales category. The Administrator filters the list view of the KB Articles List to locate these items. Then the Administrator breaks item permissions for each item and removes access for all SharePoint groups except the Sales group. The Administrator then applies the same permissions in the KB Categories List.

Security Configuration for Other Lists in the KB Admin Site

The Administrator does not need to grant permission to any user/group from the KB Client site to the following lists:

  • Bamboo KB Configuration List
  • Bamboo Article Questions and Answers

SharePoint Knowledge Base Solution Accelerator reverts to the application pool account to read and write information to these lists. Administrators can stop inheriting site permissions for these lists and can remove KB Client users/groups’ access to these lists as desired.

Security Configuration for Group Redirect Web Part and Bamboo Navigator TabStrip in KB Admin Site

Knowledge Base Administrators can use the Group Redirect Web Part to redirect end users back to the KB Client site if they try to access the KB Admin site. See Configuring the KB Admin Site for more information.

Configuring Site Permission for the KB Admin Site

Knowledge Base Administrators should grant Read-Only access to SharePoint groups with Limited Access so that this group can view the home KB Admin site home in order to redirect end users to the KB Client site using the Group Redirect Web Part. This redirection is only performed at the KB Admin site home. Users in the SharePoint group can still access other pages in the KB Admin site if they know the URLs for those pages. The Administrator can choose to remove this group from other lists and libraries.

Bamboo Navigator List and Item Permissions in the KB Admin Site

By default, SharePoint groups with Limited Access will have Read-Only permissions to the Bamboo Navigators List. Knowledge Base Administrators are not required to perform additional steps for this list.

Bamboo Navigator List and Item Permissions in the KB Client Site

sa05-2010-client_tab_only.jpgSharePoint groups with Limited Access should already have access to the KB Client site’s Bamboo Navigators List. Administrators can remove this group’s permission to the KB Admin site by performing the steps below:

  1. From the KB Client site, select All Site Content > Lists > Bamboo Navigators.
  2. Click the KB Admin item. From the item context menu, select Manage Permissions.
  3. Select the desired users/groups and select Remove User Permissions from the ribbon to break permissions. Members of this group will only see the KB Client site tab when they log in.