Audi08
asked on
Access denied to readers to sub sites SharePoint 2010
Access denied to SharePoint 2010 sites with read access and contributor also at some sub sites.
Long story short, had a webapp initially using a classic authentication and the converted to claims via central admin. All users have been re-added and things were working fine. Unfortunately something happened latter on somehow hold and discovery feature was turned on and suddenly one fine morning we saw number of share point groups created record center web service submitter to sub site. I don’t know if that is the issues or something else. No proper logging for access denied, I cannot find this activity in the 14 hive or IIS logs or in the logging database. Where the hell does this go. We are using claims based no FBA yet all NTLM users AD users. All Sites uses publishing features and all standard SharePoint features out of box.
1) Some users are getting access denied even though they were given read access.
2) Access denied on pages where I built custom web part using Metal, LINQ This web part works only for users with contributor permissions.
3) Some Sub sites people get access denied even though the site inherits or not. Exclusive permissions given to users but still not working.
4) Access denied to contributors when they click add a document to document lib, they see the “add new item” link. So had to turn off hold feature which was activated at the site level. Once I deactivated people area able to add documents. This does not happen for any other kind of list type, users can add contacts or links.
5) When a web part is added without spmetal, if the web part has any other button events or click events, it works fine for all users.
6) I have configured super user super readers also, and also ran webapplication.migrate users (true) ps command, then completely access denied to admins , then I had to give owner write via stsamd addusers then I got complete access to the site,then cleaned upall sites role and re added users to all groups and sites.
7) No master page ,or site pages or styles custom are checked out , all are published .
8) Any help is greatly appreciated. I want to get my environment into control else, I look like a fool and also really very much interested to know what the hell is happening.
Regards
Audi
Long story short, had a webapp initially using a classic authentication and the converted to claims via central admin. All users have been re-added and things were working fine. Unfortunately something happened latter on somehow hold and discovery feature was turned on and suddenly one fine morning we saw number of share point groups created record center web service submitter to sub site. I don’t know if that is the issues or something else. No proper logging for access denied, I cannot find this activity in the 14 hive or IIS logs or in the logging database. Where the hell does this go. We are using claims based no FBA yet all NTLM users AD users. All Sites uses publishing features and all standard SharePoint features out of box.
1) Some users are getting access denied even though they were given read access.
2) Access denied on pages where I built custom web part using Metal, LINQ This web part works only for users with contributor permissions.
3) Some Sub sites people get access denied even though the site inherits or not. Exclusive permissions given to users but still not working.
4) Access denied to contributors when they click add a document to document lib, they see the “add new item” link. So had to turn off hold feature which was activated at the site level. Once I deactivated people area able to add documents. This does not happen for any other kind of list type, users can add contacts or links.
5) When a web part is added without spmetal, if the web part has any other button events or click events, it works fine for all users.
6) I have configured super user super readers also, and also ran webapplication.migrate users (true) ps command, then completely access denied to admins , then I had to give owner write via stsamd addusers then I got complete access to the site,then cleaned upall sites role and re added users to all groups and sites.
7) No master page ,or site pages or styles custom are checked out , all are published .
8) Any help is greatly appreciated. I want to get my environment into control else, I look like a fool and also really very much interested to know what the hell is happening.
Regards
Audi
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
yes i did , now for this has gone worse.
Access denied to all publishing pages
I try to activate a publishing feature on the site, I get access denied.
I created a page using publishing pages, when I clicked the created page I get access denied in this site collection. Activating this feature SharePoint Server Publishing I get access denied. I am the farm admin, site collection admin and also site owner having full permissions. It lets me create pages in sites already created by publishing features, when I create new pages and access them I get access denied error.
Create a new site and then activate the server publishing feature access denied. Please through your comments
Regards
Audi
Access denied to all publishing pages
I try to activate a publishing feature on the site, I get access denied.
I created a page using publishing pages, when I clicked the created page I get access denied in this site collection. Activating this feature SharePoint Server Publishing I get access denied. I am the farm admin, site collection admin and also site owner having full permissions. It lets me create pages in sites already created by publishing features, when I create new pages and access them I get access denied error.
Create a new site and then activate the server publishing feature access denied. Please through your comments
Regards
Audi
ASKER
actually it aided me, but did not fix it, we ended up completely cleaning it up and redo security.
1) Download Filemon tool and check on WFE and SQL Server if you can getting access denied for the windows resources.
2) Use the following blog to get the User at every access level. These API are directly fecthing the data from SharePoint Database :-
http://navdeep19.wordpress.com/2011/03/25/overview-of-the-sharepoint-2010-security-model/