Developer Forum

I have a top-level site. I have added users to this top-level site and
selected "Reader" as the Site Group for these users. All I want to give the
users access to is to view the website and not be able to edit anything.

I then have a sub-site underneath my top-level site. I want the same
security access for my users as the top-level site. I just want them to have
"Reader" security. For the sub-site I have selected to "inherit security
from parent site", but it doesn't seem to work.

I logged into the top-level site with a test user account and it looks fine.
The test user account appears to have only "Reader" security. Then when I
go to the sub-site, with the test user account, I have administrative access
rights. It allows me to change site settings, edit webparts, etc.

It appears the security inheritance isn't going down into the sub-site.

Any ideas or settings that I can verify?

Thanks.

Does it do it for all test accounts and users?

Make sure the test account isn't also listed as an admin for the site or
noted as a Site Collection Owner (if it is somehow assigned that, it will
have admin rights no matter what site group the account is assigned to).

Does it do it on a newly created subsite?
--
Heather Solomon, MVP WSS
http://www.yqcomputer.com/

I believe I figured out what was happening after reading through and
searching other posts on the newsgroup.

It appears they don't have admin rights after all but it just appears that
way. When I log in with this test account which is set to "reader" it still
shows the link for Site settings and shows all the links to edit lists. When
I try edit these items the test user doesn't have permissions.

I found in another post that giving a user "reader" access rights doesn't
take away the links for editing items or settings but if they do try edit a
list or setting it gives them access denied. This is the exact case that is
happening with me. I didn't think those edit links would show up with a user
that has "reader" rights.

Thanks for the reply.