Share via


Changepermissionpolicy: Stsadm operation (Windows SharePoint Services)

Applies To: Windows SharePoint Services 3.0

 

Topic Last Modified: 2007-06-08

Operation name: Changepermissionpolicy

Description

Updates the Web application policy level for a user to change which permission levels the user is assigned. This operation is the command-line equivalent of the process used on the Policy for Web Application page in the SharePoint Central Administration Web site.

Syntax

stsadm -o changepermissionpolicy

**   -url <URL name>**

**   -userlogin**

**\[-zone\] \<URL zone\>**

**\[-username\] \<display name\>**

**\[{ -add | -delete }\]**

**\[-permissionlevel\]**

Parameters

Parameter

Value

Required?

Description

url

A valid URL, such as http://server_name

Yes

The URL of the Web application to which the content database is being changed

userlogin

A valid user name in the form:

Domain\user_name

For non-Windows accounts, a valid user name in the form:

providerName:user_name

Yes

The user login name

zone

A valid zone, such as "Default"

No

The zone from which the permission policy is being changed

username

A valid user name in the form of:

Firstname Lastname

No

The user or display name for the policy. If user name is specified, it will be used; otherwise, Active Directory is queried to resolve a user name.

permissionlevel

A valid list of permissions to change the permission policy. For example, Full Control, Full Read, Deny Write, or Deny All.

Yes

Specifies the appropriate permissions to grant or deny to this permission policy level. When you grant a permission, it gives the user the granted permission. However, when you deny a permission, it prevents a user from ever having this permission.

Note

Denying a right always supersedes granting a right.