Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1663
  • Last Modified:

Sharepoint 2010 Permissions Issue: Site Owners cannot edit site group permissions

Hello,

We are experinencing an issue in our new Sharepoint 2010 Production environment.

In our environment we use a very simple security hierarchy, with each site consisting of an Owners (full control), Members (contribute), and Visitors (read) group. Everything has been moving along smoothly with site owners administering their various site group memberships until late last week some of our site admins reported that they have lost the ability to get into any of their site permissions groups to add or remove members.

Using their credentials I was able to re-create the error on my PC (see SP2010-Permission-error.jpg). The site owners permissions are configured correctly, and when I run a verify permission against the site it correctly recognizes that the user has full control delegated through the site Owners Group. Also the  groups themselves are owned by the Site Owners Group and just to be sure I gave ownership of these groups to a named site admin but still no luck.

As a site collection admin I can still access these groups without issue.

At this point I am a bit stumped and am curious if anyone has seen a similar issue in the past. Any help would be much appreciated.

  SP2010-Permission-error
0
dkirchhefer
Asked:
dkirchhefer
  • 5
  • 3
  • 2
1 Solution
 
KoenVostersCommented:
Have you checked if the rights of "Full Control" are correctly set? I once had a situation where the user could edit while having Read Rights, and we found out they added base permissions to the read right.
0
 
G-BrainCommented:
Hi,
maybe there are some problems with the user profile sync.
Are your admins synchronized ?
Do you recieve the same error if you delete the profiles from the owners group and after that to reinstate them ?

0
 
dkirchheferAuthor Commented:
Thanks for the help guys.

To KoenVosters: Yes I did check the "Full control" permissions, and it really does have every permission possible on that site.

To G-brain: I to looked at user profile sync, and actually forced a full sync with AD thinking this might resolve the issue, unfortunately it still persists. Also the issue persists after deleting and re-adding the users to the Site Owners Group.

Thanks for your help so far!
0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

 
KoenVostersCommented:
Have you checked the web application policies in Central Administration?
0
 
G-BrainCommented:
Hi,
which authentication method do you have on your farm ?
0
 
dkirchheferAuthor Commented:
We use Kerberos authentication.
0
 
KoenVostersCommented:
Did u check the policies?
0
 
dkirchheferAuthor Commented:
Hello KoenVosters,

Sorry for the belated response, I really appreciate your help on this issue.

Just to make sure I understand what your asking, are you referring to "User Permissions for Web Applications" located under Web Applications-User Permissions? If so then yes I did check there and have included a screencast, everything is enabled as I would expect.

Thanks again for taking a look at this, I'm as stumped as ever.

 dkirchhefer-438273.flv
0
 
dkirchheferAuthor Commented:
Ticket closed. I finally was able to resolv this issue and suprize suprize it was user error. One of our site collection admins installed a list permissions add-on for testing, and when it expired it blocked all permissions managment at the site level. It has now been removed and everything is functioning normally.

Thanks for your help.
0
 
dkirchheferAuthor Commented:
Solved my own issue.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

  • 5
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now