User has access but is not a member of any group
Posted on 2010-11-20
Help! I have a user that access to all of the content in my site even though he has been restricted for certain lists and for certain items within the list.
To troubleshoot the issue, I have removed him from all security groups in the site. He should have no access to anything in the site or any lists. He can still see the items. And when I click on a list item and check his permissions, here's what I see. What do I need to do now? Where is he getting all these extra permissions?
Permission levels given to Matthew (domain\matt)
The following factors also affect the level of access for Matthew (domain\matt)
Create and change permission levels on the Web site and assign permissions to users and groups.
View Web Analytics Data
View reports on Web site usage.
Create subsites such as team sites, Meeting Workspace sites, and Document Workspace sites.
Manage Web Site
Grants the ability to perform all administration tasks for the Web site as well as manage content.
Add and Customize Pages
Add, change, or delete HTML pages or Web Part Pages, and edit the Web site using a Microsoft SharePoint Foundation-compatible editor.
Create and delete lists, add or remove columns in a list, and add or remove public views of a list.
Apply Themes and Borders
Apply a theme or borders to the entire Web site.
Apply Style Sheets
Apply a style sheet (.CSS file) to the Web site.
Override Check Out
Discard or check in a document which is checked out to another user.
Manage Personal Views
Create, change, and delete personal views of lists.
Add/Remove Personal Web Parts
Add or remove personal Web Parts on a Web Part Page.
Update Personal Web Parts
Update Web Parts to display personalized information.
Add items to lists and add documents to document libraries.
Edit items in lists, edit documents in document libraries, and customize Web Part Pages in document libraries.
Delete items from a list and documents from a document library.
Create a group of users that can be used anywhere within the site collection.
Enumerate files and folders in a Web site using SharePoint Designer and Web DAV interfaces.
View items in lists and documents in document libraries.
Use Self-Service Site Creation
Create a Web site using Self-Service Site Creation.
View pages in a Web site.
Approve a minor version of a list item or document.
Enumerate permissions on the Web site, list, folder, document, or list item.
View the source of documents with server-side file handlers.
View past versions of a list item or document.
Delete past versions of a list item or document.
Browse User Information
View information about users of the Web site.
Manage alerts for all users of the Web site.
View Application Pages
View forms, views, and application pages. Enumerate lists.
Use Remote Interfaces
Use SOAP, Web DAV, the Client Object Model or SharePoint Designer interfaces to access the Web site.
Use Client Integration Features
Use features which launch client applications. Without this permission, users will have to work on documents locally and upload their changes.
Allows users to open a Web site, list, or folder in order to access items inside that container.
Edit Personal User Information
Allows a user to change his or her own user information, such as adding a picture.