Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 15790
  • Last Modified:

Sharepoint 403 forbidden error

Just wondering if anyone else has experienced 403 Forbidden errors through sharepoint. For about two weeks all my regular non-admin users can't upload information to our sharepoint site, they get a 403 forbidden error first thing in the morning, to fix this I will go in as admin and hit upload then all my regular users can then upload the rest of the day. Then the next morning users somehow lose their rights again. We run Sharepoint services 3.0 on windows server 2003 with SP1
 
0
kazocko
Asked:
kazocko
1 Solution
 
cobrachenCommented:
You may want to check:

1. what is the iD used by your web application
2. What is the application pool identity and what is the user role assigned in SQL server.

I did read something like this before and as I could recall, this has something to do with server site account to talk to database.

Thanks.
0
 
Serena HsiMarketing ConsultantCommented:
What do you mean that you upload them? Are you re-adding them to the Active Directory? Or, have you assigned the users with specific usage permissions on particular subsites and areas?
0
 
HWSBrianCommented:
Having the same sort of problems just within the last few days.  Editing calendar items is also kicking back a 403.0.     Didn't correlate the logging in as a user with admin rights, but that scenario just happened a few minutes ago and indeed the problem was magically resolved for all users.  Will continue to sift...
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
kazockoAuthor Commented:
cogitate4u

What I mean by Upload them, is when a users is trying to upload a document to a sharepoint teamsite, currently working with Microsoft on a solution.
0
 
HWSBrianCommented:
Did anything come of working with Microsoft on this issue?
0
 
kazockoAuthor Commented:
Not yet, I will update when we have a solution.
0
 
les10Commented:
Guys,
I am facing into exactly the same issue - this is the way I found this discussion.
So I also very interested in the solution.
Thank you!
0
 
HWSBrianCommented:
It's *possible* that Microsoft is recognizing the problem here:  http://support.microsoft.com/kb/913384    There's a link to a "Hot Fixes" page, it's the second patch down on that page.  I hate to guinea pig this out, but unfortunately, I'm out of town so can't try the fix immediately - would love to know if anyone else has success with this, though!
0
 
les10Commented:
I took a look to this article but it does not seem to suit...
I am running other SharePoint Site Collections on the same server without this particular problem. So I don't think any "hotfix" should be installed on the server.

It must be something more simple setup with the Application Pool runs the Site Collection.
0
 
xaviercnsxCommented:
I have the same problem, and it appeared after applying win2003 sp2, i have another local farm in SP1 and i did not have this problem. Everyone is in AD i presume, this does not appear to happen in workgroup mode.

For the moment, it is wait and test in local, i cannot put everyone as admin... :-)
I saw some people having the same problems in telerik forum and blogs.
0
 
les10Commented:
xaviercnsx: maybe you are right - I recently installed the SP2 and I recently experienced the issue... So maybe it can be an SP2 bug?
0
 
dbmassociatesCommented:
I just started to experience a similar problem.  I can no longer edit or add to a list in sharepoint unless I am logged in as the administrator (error 403).  The environment is Windows Server 2003 and Sharepoint 3.0, but it is the beta version.  Could this be the problem - some sort of result of the expiration of the beta?  So far, no solution.  If I come across one, I will post it.
0
 
kazockoAuthor Commented:
Our sharepoint site is now working with the help of Microsoft support. We made two changes to our environment, haven't had time to figure out which change fixed the issue yet, but here are the changes we made. Hopefully it helps. We changed the Default Web Site Properties in IIS, specifically the HTTP Headers tab and unchecked Enable Content expiration, and change the Connection timeouts from 65000 to 120 seconds.
0
 
HWSBrianCommented:
We've been up and running for several days now after uninstalling "KB928365  Vulnerabilities in .NET Framework could allow Remote Code Execution (July 10, 2007)".   Not sure if it's fixed, but worth noting.
0
 
GridSouthCommented:
We have seen exactly the same behavior particularly with certain files within the _layouts folder. Users can authernticate and perform actions without error only to receive a 403 FORBIDDEN message when attempting the smae operation several minutes later!  This happens with /_layouts/aclinv.aspx in particular. The quick but temporary remedy is to do the following:

1. Upon 403 FORBIDDEN, rename the web.config file to web.config.old (name no important)
2. Refresh the page and throw the ASP.net error
3. Reset the web.config.old to web.config
4. Refresh the page and viola! It works but the joy won't last.

This issue only came to our attention over the past few weeks and may be a result of a recent hot fix. We are not sure at this point.

We are running MOSS 2007 on Windows 2003 x64 R2 with multiple sites.
0
 
GridSouthCommented:
We have unofficially confirmed that removing the update referenced at http://support.microsoft.com/kb/928365 fixes this issue. 3 sites on one server running MOSS 2007 and 1 site on a different server running WSS 3.0 were showing a 403 FORBIDDEN message when attempting to access /_layouts/aclinv.aspx. This occurred after installing the latest Microsoft updates and rebooting. The error was confirmed on each site several times. The ASP.NET 2.0 Hot Fix was first removed from the server running WSS 3.0. The site that was throwing the error was refreshed and the error did NOT occur. The server was rebooted and the site tested. Again NO error!

We then removed the ASP.NET 2.0 Hot Fix from the other server running MOSS 2007. The sites that were throwing the error were refreshed in the browser and the pages loaded without error. The server was then rebooted and the 3 sites once again tested. All 3 sites functioned without error. We will continue to monitor this and report back but so far, removing the ASP.NET 2.0 Hot Fix has resolved the issue.
0
 
MundaneDudeCommented:
I am also having the same problem, 403 whenever anyone but system administrator tries to upload information to sharepoint. Then when administrator tries, everyone else can again and eventually they can't.
I have tried the different 'solutions' posted here, none seem to be working. Kazocko's solution from Microsoft doesn't make anysense to me, those settings are already set on this sharepoint. 120 for time out, and no Content Expiration.
0
 
cobrachenCommented:
What is the account used ny your WSS application pool? Is it used the  WSSadmin's account but not a local admin account?

Thanks.
0
 
dbmassociatesCommented:
Were were getting this error regularly.  Removing http://support.microsoft.com/kb/928365 and rebooting seems to have fixed it since the error has not come back since that time.
0
 
les10Commented:
dbmassociates: you will love this:
my problem seems to be solved with INSTALLING the 928365 update (on the proper language)!!!

Now I am testing all WSS functionality - so far so good!
Interesting, huh?
Thanks, Laszlo
0
 
les10Commented:
Guys, sorry for confusing you.
After testing I left the site then logged back in half an hour and the issue showed up again...
Then I uninstalled the 928365 then restarted the MOSS 2007 server.

Now it works fine but I don't announce the success yet - let's see how it goes tommorrow.
0
 
kazockoAuthor Commented:
After several other issues that we experimented we came back to the removing of the Hot Fix as the one thing that does fix the 403 forbidden. Thanks for all the comments.
0
 
les10Commented:
I confirm: removing the 928365 Hot Fix completely solved the issue.
Thanks!
0
 
djmjdukeCommented:
Is there anything further on this... I read somewhere that you can install the 928365 hotfix but then have to re-enable ASP.NET 2.0 in IIS.  The hotfix apparently disables it.  Can anyone confirm this?
0
 
djmjdukeCommented:
Well it's about that time to install .NET Framework 2.0 SP1 and .NET Framework 3.0 SP1.  I'm worried this error is going to crop up.  I'll let you know.  I removed the hotfix 928365 months ago to fix my problem.
 
On other machines installing the SP1 framework removed the hidden hotfix from Microsoft Update.  I'm curious to see what happens.
0
 
les10Commented:
After several months of smooth operation I am facing into the same problem again.
I am sure that it's caused by Security updates again - I just don't know which one.

The 928365 hotfix seems not on the server anymore. So it should be something "new hotfix."
Recently I installed the .NET 2.0 and .NET 3.0 Service Packs...
0
 
dbmassociatesCommented:
The problem came back for us, as well.  With the the .Net 2 service pack which incorporated the offending hotfix.
0
 
moon44Commented:
I had the same problem again, too.
This helped (for now):
http://www.sharepointonlinkedin.com/post/2008/04/The-end-of-403-forbidden-errors.aspx
0
 
RMILLCCommented:
We were having the same issue but did not have the hotfix that is being referenced installed.  We resolved the issue by running a reinstallation of .Net 2.0 then running the .net optimizer service.
0
 
fantom42Commented:
This problem has reoccured.  We do not have .NET 2.0 installed.  Instead we are running .Net 4.0.  We recently started having the problem where you get a 403 forbidden error sometimes when uploading.

Anyone have a fix for .net 4.0?
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now