I have created a new no-code expenses solution in SharePoint 2010 (with InfoPath 2010) and was going to permission individual documents via SharePoint Designer workflows.
However, after a recent conversation with Microsoft technical experts the suggestion was that if there are going to be more than 5000 items in the library then we shouldn’t be setting unique permissions for each form due to performance degradation.
So whilst looking at other options I came across an out of the box STSADM command to block regular users from accessing the forms pages in the new expenses site. This would prevent a user from getting to pages such as allitems.aspx:
This would have been a great solution, however the downside was that enabling this feature also blocked regular users from connecting to the .aspx pages in the _vti_bin folder. There are pages in here that are required for my InfoPath form when it opens – lists.aspx is one.
What happens now is the user gets prompted to enter a username and password when they open the form, but their own username and password doesn’t work as their access is blocked.
So I deactivated the lockdown mode with this command: