If you don't have the Server license for SharePoint and you have to work on SharePoint Foundation (either 2010 or 2013), you should know that you have several limits regarding navigation management. The biggest limit is NOT having the page available on the path: "Site settings > Look and feel > Navigation", which provides you with a mechanism for the complete management of the navigation of your portal, starting with the creation of the hierarchy of links to get to the organization and management of security. This function is enabled through the Publishing feature of the SharePoint Server that, as you know, on SharePoint Foundation, isn't available. Without this function, the security management of the "Top link bar" gets pretty boring. Try to carry out this series of operations: Create a new site starting from the site root of your site collection In the creation phase, check "Display this site on the top link bar of the parent site?" Once the site is created, change the authorizations in such a way as to remove the possibility of entering the site for a certain user X Return to the root site and delete the link from the "Top link bar" Re-insert the link manually within the "Top link bar" In this way, you will see that the link "Subsite", on which we specified a series of customized authorizations, will be visible in the "Top link bar" even to the users that in reality can't enter and that, by clicking on this link, will see the "Access denied" page on the site. Which is really annoying because first we give the user a way to see the link in the navigation bar and click on it, but right after we tell him that actually he can't enter. How can we solve this issue on sites that are already created? Unfortunately, the only way we have is to recreate the link using Powershell, by using the following code: $web = Get-SPWeb http://sp2013 $newnode = New-Object Microsoft.SharePoint.Navigation.SPNavigationNode( "Sub site" , "/subsite" , $false) $web.Navigation.TopNavigationBar.AddAsLast($newnode) This script uses the classes of the server-side object model of SharePoint to add a new node in the "Top link bar". The important part is to set the last parameter of the constructor of the SPNavigationNode class to $false, which indicates to SharePoint that then specifies if the link is external or not. By setting this parameter to $false, SharePoint understands that it is a link within the intranet and it applies the control on the permissions. We can see this by printing the content of the variable $newnode to video. As you'll note, the property "IsExternal" of our navigation node is set to False. Title : Sub site TitleResource : Microsoft.SharePoint.SPUserResource IsVisible : True IsExternal : False Id : 2011 ParentId : 0 Parent : Navigation : Microsoft.SharePoint.Navigation.SPNavigation Url : /subsite LastModified : 10/11/2014 11:04:55 Children : {} Properties : {vti_navsequencechild} TargetSecurityScopeId : 00000000-0000-0000-0000-000000000000 TargetParentObjectType : Web We don't have this problem on new sites because once the field "Display this site on the top link bar of the parent site?" is checked in the creation phase of the site, SharePoint will add the link to the site on the "Top link bar" on its own and this link will be correctly profiled based on the authorization of the current user on this site. I repeat, we only have this problem with SharePoint Foundation.
