Addpermissionpolicy: Stsadm operation (Office SharePoint Server)
Applies To: Office SharePoint Server 2007
This Office product will reach end of support on October 10, 2017. To stay supported, you will need to upgrade. For more information, see , Resources to help you upgrade your Office 2007 servers and clients.
Topic Last Modified: 2015-03-09
Operation name: Addpermissionpolicy
Description
Adds a user to a policy role for the Web application based on the specified permission level name and corresponding zone. This operation is the command-line equivalent of the process used on the Policy for Web Application page in the SharePoint Central Administration Web site.
Syntax
stsadm -o addpermissionpolicy
** -url <URL name>**
** -userlogin <login name>**
-permissionlevel <permission policy level>
**\[-zone\] \<URL zone\>**
**\[-username\] \<display name\>**
Parameters
Parameter |
Value |
Required? |
Description |
url |
A valid URL, such as http://server_name |
Yes |
The URL of the Web application to which the policy level is being added |
userlogin |
A valid user name in the form: Domain\user_name. For non-Windows accounts, a valid user name in the form: providerName:user_name |
Yes |
The user login name |
permissionlevel |
A valid permission policy level to add to the permission policy. For example, Full Control, Full Read, Deny Write, or Deny All. |
Yes |
Specifies the appropriate permission policy level to grant or deny to this user. When you grant a permission, it gives the user the granted permission. However, when you deny a permission, it prevents a user from ever having this permission. Note Denying a right always supersedes granting a right. |
zone |
A valid zone, such as "Default" |
No |
When the zone parameter is not present, the policy applies to all zones. Only Windows NT accounts can be applied to all zones. Accounts in the format of providerName:user_name cannot be used for the all-zone policy. |
username |
A valid user name in the form of: Firstname Lastname |
No |
The user or display name for the policy. If the user name is specified, it will be used; otherwise Active Directory is queried to resolve a user name. |