Permission tool for sharepoint - third party tool

I need to make a list for HR department for salary information which is very critical for us.
Functionality: Top boss can view everyone salary .
Manager can see the salary of employees who are under him but he can not see his own salary.
Is there any third party tool to make this kind of view for users?
dkumeriAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

quihongCommented:
No, but you can built your own using the SharePoint Object Model and Powershell leveraging SharePoint's ability to manage access at the item level.

Your script would iterate through the list and assign the appropriate permission to the particular item based on the list data. The list data will obviously need to contain the manager (userId) for a given employee and salary. So for each item, assign read access to the manager and "top boss" and probably your HR department.

Note that your Site Collection Administrators will see all the salary data.



0
dkumeriAuthor Commented:
Can you please describe how can I do it through SharePoint Object model. What will be the starting point. All the employees information will be coming from AD.
0
quihongCommented:
"All the employee information will be coming from AD"

Does that mean you don't already have your list setup with all the columns and data?

Here is an example of using the SP Object model and Powershell - http://www.u2u.info/Blogs/karine/Lists/Posts/Post.aspx?ID=10

You case will be a more complex since you have to setup item level security.
0
Protecting & Securing Your Critical Data

Considering 93 percent of companies file for bankruptcy within 12 months of a disaster that blocked access to their data for 10 days or more, planning for the worst is just smart business. Learn how Acronis Backup integrates security at every stage

quihongCommented:
Forgot to mention...

A SharePoint "view" can not be used as a security or access restriction method. You would need to use item level permissions. SharePoint uses security trimming, which means that if a user doesn't have access to an item it will not be displayed. Just wanted to clarify that since you original question asked if there are any tools to make the view.
0
dkumeriAuthor Commented:
No, at the moment nothing is coming from AD. But we are trying to figure out what will be the best way to do it. How we can bring Employee salary information into the list with tight security.
Do you think we can integrate list with SQL data(Salary information in Database)? If yes, then How I can I do that.
Following things we are trying to figure out:
1. How to bring data (salary information) into the list or any other option.
2. Then how we can make a view (Functionality: Top boss can view everyone salary .
Manager can see the salary of employees who are under him but he can not see his own salary.)
0
quihongCommented:
Integrating(displaying) the SQL data in SharePoint is fairly trivial. Your tight security requirement of the data is the complex part.

The Powershell recommendation is going to be your best bet.

How many employees(or how big is the list)? Do you need to handle the situation of Top Boss->Director->Manager->Employee, with the Director able to see salary info for all managers under him along with their employees? That would make it even more complex.

You are going to have to test this throughly also, since this data is highly confidential, so you don't want to have some accidental bug or condition that you didn't account for and expose this data inappropriately.
0
dkumeriAuthor Commented:
Around 3000 employees. I did not create anything till yet, not a list even. Obviously because I do not know, how I can do this.

Can you please advise me the following first:
How I can make this  list and populate the data?
Manually It will be not possible to populate.

If first I will be able to make a list, then I can move on to security part.
0
quihongCommented:
I would suggest you create the List first with all the columns using the GUI.

Then follow the example here (http://www.u2u.info/Blogs/karine/Lists/Posts/Post.aspx?ID=10) to populate the list. Or more simply, you can populate the list using cut/paste from Excel if you already have the data.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
dkumeriAuthor Commented:
a
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft SharePoint

From novice to tech pro — start learning today.