Custom Lockdown deployment

Aug 6, 2012 at 3:37 PM

Hi Marc,

I've deployed your lockdown tool on WSS3.0 using stsadm however I'm not sure how you go able activating it on a site collection. I'd like to secure our forms and pages like the All People pages etc and though your wsp may addrress this. Can you pleae assist?


Oct 2, 2012 at 2:22 AM
Edited Oct 2, 2012 at 2:31 AM

Hi sorry for the late answer. 

Normally the feature is installed at the deployment time, but, yes, the feature is not activated.

you have to activate it manually.
You can only do it by using stsadm tool, because I have hidden the feature for it not to be displayed in the SharePoint UI.

Hope that helps. 


Nov 26, 2012 at 9:45 AM

Hi Marc,

I'm a relative newbie to Sharepoint.  I've been trying to deploy your solution but seem to be going around in a circle.  I attempted to deploy using stsadm -o deploysolution -name ViewFormPagesLockDownCustomFeature_1.0.0.0.wsp -url -immediate.  I get a message "needs to install assemblies in the Global Assembly Cache (GAC).  Use allowGACDeployment to deploy.  When I use "stsadm -o deploysolution -name ViewFormPagesLockDownCustomFeature_1.0.0.0.wsp -url -immediate -allowGACDeployment " I am getting error message "This solution contains no resources scoped for a Web application and cannot be deployed to a particular Web application."  I'd appreciate any help you could give me.



Nov 26, 2012 at 3:45 PM

Hi Norrie, 

it is a thing not easy to understand with SharePoint deployment. You can deploy to a particular Web Application only if there is something in the package that will add files or modify the files in the Web Application directory especially the web.config file. If I quickly think, I see a few cases : 

1 - the most obvious and frequent: you deploy a component (as a web part) that has to be registered as safe within a particular Web Application. The deployment process will modify the web.config of the Web Application to register the component as safe by adding a line in the safe controls section of the web.config file of the Web Application.

2 - less frequent: you deploy a dll in the bin directory of the Web Application or add ressources within the directory of a particular Web Application

3 - pretty rare: you deploy a solution that will change the Code Access Security policies for a particular Web Application

For the other solutions, even if you plan to deploy them to a particular Web Application, if there is not anything that modifies something within the Web Application directory, the solution is globally deployed. 

So, as in my package there is only a dll and a feature, and because the dll is to be deployed in the Global Assembly Cache, the solution can only be globally deployed. So I think that if you remove the -url parameter in your stsadm instruction, it should work. (If you had used the SharePoint UI to deploy, you shouldn't have had this problem because the UI wouldn't have let you to choose a particular web Application to deploy...)

Hope that helps...






Nov 27, 2012 at 10:18 AM

Hi Marc,

Thank you so much for taking the time to explain the options to me.  It is really helpful.  I will try your suggestion.  Just to let you know I had initially uploaded your solution to the site through the Sharpoint UI.  However, like tda above, I have not been able to activate it, hence the reason I started trying to do it through the command line.