Okay this may be sounding a little weird to you guys, but bare with me here.
We have a requirement to manage a SharePoint 2010 farm containing confidential data where our team, the farm admins, cannot in any way access the actual data, not even the names of lists and libraries. Confidential data can only be access by a separate compliance team that can manage the servers , but have no notion of SharePoint. To achieve this we had set out the following terms for managing the farm:
- the farm administrators are not allowed to access the servers trough RDP or access the administrative shares of the SharePoint Servers. The compliance team does have these permissions.
- the farm administrators will access the Central Administration site for administrating the farm from a client computer.
- the Central Administration site needs to be locked down to prevent access to content.
- if access to the servers is required, the farm administrators will contact the compliance team to have scripts executed on the local servers and feedback provided to the farm administrators.
These rules are all very clear and feasable. The only tricky thing in the rules is the lock down of the central admin site.
Just to be complete, the Farm Administrators will be using a separate user account to access the Central Admin website which has been added to the Farm Administrators group. This user account is not added to the SQL database permissions, nor is it the setup or farm service account.
So far to lock down the central admin and prevent possible access to the content we need to prevent access to the farm administrators to define a user policy for the web application or define themselves as site collection administrator to specific site collections.
To achieve this I was thinking about removing or modifying the permissions to the aspx pages of the Central administration website located in the 14\TEMPLATE\ADMIN folder. A test on a spearate farm has shown that if you remove selected aspx pages, the goal is achieved.
pages that are removed are:
policy.aspx (prevent defining user policy for web application),
owners.aspx (prevent setting site collection admins),
SiteAndListExport.aspx (prevent export of list data)
... maybe some others need to be removed as well.
My question is do you think this is a viable solution? Is it allowed to remove or modify the permissions for these aspx pages?
Thanks for your advice.
Dirk Van den Berghe
Dirk Van den Berghe
_Leona_Amarga.jpg)
.jpeg)
