The following steps can be followed in enabling users the ability to create Mysites and then restrict them from making any further modifications to their Mysites Site.
For the purpose of this post I have:
- User Profile Synchronization Setup within the SharePoint 2013 farm.
- Users have been synchronized.
- Created two security groups with AD -> Sp2013CompleteMysiteAccessGroup and SP2013MysitesLockdownGroup
- User 1 has been added to the Lockdown Group
- User 2 has been added to the Complete Access Group
Browse to User Profile Synchronization Service within Central Admin and Click on Manage User Permissions. The following window shows the default permissions provided.
Remove the above shown groups from the list. Be careful since this would remove access for everyone to create. The following screenshot therefore shows a few extra users that I have added. Technically all users for Mysites should be enabled via Security Groups within AD.
All Users / Groups within the above screenshot except “Lockdown” group
have been provided all permissions.
The following screenshot is from TechNet
A User with Option Combination 1, 2, 3
A user with no options chosen against them, which means no /personal/user3 Site collection has been created
User 2 below has been given rights through security group with Combination of 1, 2, and 3
User 1 below has been given rights through the “Lockdown” security group with Combination of 1 and 2
Even though Newsfeed, SkyDrive and site link show up for the user, they don’t have any actual links and will always point at the top default page.
SharePoint 2013 Active Directory Import -> http://wellytonian.com/2012/07/sharepoint-2013-active-directory-import/