Ban/Limit Access for a single user in SharePoint
Recently I had a request. Secure SharePoint from people casually looking through the list of our sites. Well, the site in question wasn't public facing and anonymous access is turned off, so by default, you had to be authenticated to even see it. "Oh no, this user is an authenticated user, they just shouldn't see it".... which got me off on a rant about how making Active Directory insecure makes your applications that depend on it insecure as well. If you provide a generic account with a password that doesn't expire, you opened up a hole. Even worse, it was just one user out of hundreds of users. I've seen a lot of people talk about how you can jump through hoops to remove "NT AUTHORITY\authenticated users" from sites, how you can limit exposure to people adding it to your Visitors group and so on. Yeah, it works, but it is overkill in this instance. The easiest approach is Central Administration. Central Administration > Application Manag