troubleshooting Question

Sharepoint MOSS 2007 issue with single user receiving 403 error

Avatar of jmicorp
jmicorpFlag for United States of America asked on
Microsoft SharePointMicrosoft IIS Web ServerServer Hardware
12 Comments1 Solution704 ViewsLast Modified:
We've got a few sharepoint farms in our company, a single prod unit, and multiple test and staging environments. our staging server is giving us trouble with a single test account that we can't seem to shake out. The user simply cannot log in to sharepoint. They are a simple domain user with minimal domain rights, but standard user level access in sharepoint. We've been down the path of trying to work with services permissions to fix this issue -- but as a sharepoint user, what local service permissions should this user even have? authenticated users in general should have only the slightest control over services, right?

This failure message is sporadic and unpredictable. It may have even completely gone away with my efforts to make more relaxed permissions on MSDTC. At the end of the day, that one individual user is still given SIMPLE 403 FORBIDDEN errors from IIS upon logging in. Strangely enough, it takes 3 login attempts to generate this message. Any ideas?
Event Type:	Failure Audit
Event Source:	Security
Event Category:	Object Access 
Event ID:	560
Date:		10/6/2009
Time:		2:55:20 PM
User:		domain\SP_CBP_Test_00749
Computer:	somecomputer
Object Open:
 	Object Server:	SC Manager
 	Object Name:	WinHttpAutoProxySvc
 	Handle ID:	-
 	Operation ID:	{0,475837461}
 	Process ID:	432
 	Image File Name:	C:\WINDOWS\system32\services.exe
 	Primary User Name:	somecomputernameSTAGING$
 	Primary Domain:	somedomain
 	Primary Logon ID:	(0x0,0x3E7)
 	Client User Name:	SP_CBP_Test_00749
 	Client Domain:	ALS
 	Client Logon ID:	(0x0,0x1C5CACEA)
 	Accesses:	Query status of service 
			Start the service 
			Query information from service 
 	Privileges:	-
 	Restricted Sid Count:	0
 	Access Mask:	0x94

Open in new window


Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 12 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 12 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros