Enterprise Content ManagementInformation Technology

Tracking Anonymous Access In SharePoint

I was in a Capture Server design meeting the other day and the discussion turned briefly to the topic of anonymous access[1] to web applications and web services.   The consensus of the conversation was that anything we install should not allow anonymous access by default, but the administrators would obviously set the permissions to whatever they wanted.

Of course if managing access control is pushed to the administrators, do the administrators have an easy way to see where anonymous access is enabled? Thankfully for SharePoint Administrators, Russ Maxwell at MSDN has written a PowerShell script that walks through you Site Collection and reports on which areas have anonymous access.

SharePoint Administrator’s that run this script usually want to answer one of the following questions:

  1. Is Anonymous Access enabled anywhere in my Site Collection.  If so, where?
  2. I want to confirm Anonymous Access is enabled  in a specific location
  3. I want to collect a record of how Anonymous Access is setup for an entire Site Collection.

Anonymous Access can be set at 3 different levels. … (read more)

Instructions for running the PowerShell script:

  1. Copy the below script and save it in notepad
  2. Save it with a anyfilename.ps1 extension
  3. To run, copy the file to a SharePoint Server
  4. Select Start\Microsoft SharePoint 2010 Products\SharePoint 2010 Management Shell
  5. Browse to directory holding the copied script file
  6. Run the script: .\anyfilename.ps1 (assuming anyfilename is the name of the file)

(read more)

The script is pretty easy to use even if you are new to PowerShell.  The only gotcha is if you run directly from PowerShell instead of the SharePoint 2010 Management Shell, it does require the Microsoft SharePoint PowerShell Snapin be imported. This is as simple as adding this line to the start of the script

Add-PSSnapin Microsoft.SharePoint.PowerShell

Follow Jim Hofer on Twitter (@iHunger)

[1] Anonymous Access means that any user can access the web site, application, or service without logging in.