How to lock down /_layouts/people.aspx page for SharePoint 2007 and Microsoft Office SharePoint Server 2007
You can lock down the /_layouts/people.aspx page for all uses (except “Full Control” users) by doing the following steps:
1. Login on the top site (not the central admin site) of your site collection as a site collection admin or a full control user.
2. Click: Actions->Site Settings->People and Groups
3. Click: All People
4. Click: Settings->List Settings
5. Click: Advanced Settings
6. Check (see the following picture)
* “Only their own” on Read access
* “Only their own” on Edit access
You are done.
![clip_image002[6]](https://msdntnarchive.blob.core.windows.net/media/TNBlogsFS/BlogFileStorage/blogs_msdn/hanz/WindowsLiveWriter/How.aspxpageforSharePoint2007andMicrosof_70D2/clip_image002%5B6%5D.jpg "clip_image002[6]")
The above security hardening will lock down the access to _layouts/people.aspx for users with permissions such as “Design”, “Manage Hierarchy”, “Approve” “Contribute” “Read” and “Restricted Read”. However, you cannot lock down the user with “Full Control”. (see the following picture)
![clip_image002[9]](https://msdntnarchive.blob.core.windows.net/media/TNBlogsFS/BlogFileStorage/blogs_msdn/hanz/WindowsLiveWriter/How.aspxpageforSharePoint2007andMicrosof_70D2/clip_image002%5B9%5D.jpg "clip_image002[9]")
Comments
Anonymous
February 08, 2009
How to Publish SharePoint Content from an Authoring Farm Inside Corporate Network to a Production FarmAnonymous
November 11, 2012
In SharePoint 2010 this "hardening" is also effective for Users and Groups with "Full Control", which is very stupid. Do you know any possibility to workaround this problem?