[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 548
  • Last Modified:

Web application classic mode to claims based ,broken permissions for groups

I have a simple web application initially done with classic authentication mode , latter on I went changed to claims based application from central administration. All the sharepoint security groups are broken. Some people do get access denied even though they have contributor rights.
Where  does access denied  user requests be logged. i did not see in 14 hive or
should i check in event viewer or iis 7logs.
I want to see all succesfull logs in SharePoint and access denied or permission denied issues.
Sharepoint 2010 , IISlogs.
  • 4
2 Solutions
You can use the fiddler web debugger tool to check where the access denied is coming from.
Audi08Author Commented:
is there no logging for access denied for users.
where does successful  logging done as in if a user logs in successfully where is it logged in.
there is no correlation id , no errors , only access denied. there is nothing in iis logs.  how can i tell if a users logs to sharepoint site or not via logs. i check the wss loggin database view i can find some trafic, but real time how can we see what is happenning.
Audi08Author Commented:
I downloaded fillder , show i run from my client or install on the server. how can i see how a user x is denied permissions.
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Audi08Author Commented:
Users cannot log on. You may find that users cannot log on to the site.  After entering your credentials, you may be notified that you are the domain\user, but that you do not have access rights. If you see this message, it is likely that you have configured the portalsuperuseraccount property and the portalsuperreaderaccount property of the web application prior to migration. You must update them to use the new claims-based account name. You can get the new claims-based account name by looking at the web application policy for the web application after migration; copy the account name from there.
what is the meaning of the above sentense. http://msdn.microsoft.com/en-us/library/ff953202.aspx
i changed claims from classic from central admin . is there some thing else i need to do aditionally.
why are some users getiing acces denied to some sub sites . but thety are able to see some parts of the portal. so it i snot iis issue. it is sharepoint issue only. what is the correct process of converting classic to claims from central admin?any pointer is appreciated

If you go into Central Admin and your web app now shows that the Authentication is Claims then you need to run this from powershell to migrate the users and have them updated to claims based

Audi08Author Commented:

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now