Sharepoint Read permissions but no site access?!!

Posted on 2009-04-23
Last Modified: 2012-05-06
Hitting out Sharepoint site are all NT AUTHORITY\Authenticated Users. Given the default set of Read permissions, they are denied access. However, if i add to the set of permissions associated with "Read", namely the permission to Edit Items, not only can they access the entire site, they also see a "Site Actions" tab with the option to Edit Page. So...they either have too little/no access, or too much/they can add/edit pages. What's happening? Where's the middle ground?!
Question by:MMarlin7
    LVL 16

    Expert Comment

    Have you open Read permission level and check what rights are checked?

    You can find the list through site settings -> settings -> permissions level and click on Read.

    Or, perhaps you use View Only permission level?


    Author Comment

    NT Authority\Authenticated Users don't have View Only, they have Read.
    Read is made of these permissions: In List Perms: View Items,Open Items,Veiw Versions, Create Alerts, Veiw Application Pages. In Site Perms: Apply Style sheets,User Self-Service Site Creation, View Pages, Browse User Information, Use Remote Interfaces, Use Client Integration Features,Open.
    With this set of perms they get 'Access Denied' hitting the homepage. If i add the List Permission of "Edit Items", not only can they access but they can also Edit Page under Site Actions, which is way too much privilege for people we don't even know.

    Author Comment

    Is it relevant that the sharepoint site runs sql report integration? Why would that affect the whole site? I ask because one user in a different group, who is right to have Contribute perms, and recieved "rsAccessDenied".

    Author Comment

    Anyone willing to take a stab at this?

    Expert Comment

    Hi, MMarlin7
    Have you solved this problem. I got exactly the same problem as yours.

    Accepted Solution

    No i haven't found a solution, only to give Design perms to everyone, and now everyone can enhance, or mess up, the configuration of webparts throughout the site. Having just Read access means they can't even see it. Go figure, i'm not kidding. I will close this question.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    Note:  There are two main ways to deploy InfoPath forms:  Server-side and directly through the SharePoint site.  Deploying a server-side InfoPath form means the form is approved by the Administrator, thus allowing greater functionality in the form. …
    I thought I'd write this up for anyone who has a request to create an anonymous whistle-blower-type submission form created using SharePoint 2010 (this would probably work the same for 2013). It's not 100% fool-proof but it's as close as you can get…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    8 Experts available now in Live!

    Get 1:1 Help Now