Jake L

I've got myself in quite the pickle here.

When i browse to my primary sharepoint site, I get an "Access Denied" page regardless of the user (i.e. my acount is the site collection administrator and still cannot access). This is a sharepoint "Access Denied" page, not the default IIS. So IIS is allowing the authentication, however authentication is not passing through sharepoint.

At this point I'm not even sure where to look to try and get more detailed information regarding the error. Neither the event log nor the IIS logs seem to give any useful information.


A little history on how I got here:

Sharepoint (MOSS 2007) was installed on our Domain Controller (not my doing). This is a small company and we only had a single server configuration. Sharepoint was installed to use SQL Server 2005. We were using a single site collection with a single web application. Everything was running off this one box, databse server, index server, web front end, etc.

I decided to separate our DC and other services to follow a more desirable server architecture. So I staged a second box, promoted it to a DC, went through all the steps of moving DNS, GC, etc. At this point everything was still working as it should. I then demoted the sharepoint server to a member server. At this point sharepoint no longer worked (neither central administration nor our primary web application would work). I later learned it had some to do with the WSS groups existing in the domain since sharepoint was installed on a DC. After demotion the groups were no longer accessible. Creating the groups locally didn't solve everything, there also seemed to be other rights related issues, so I decided to do a reinstall.

I uninstalled sharepoint server, leaving SQL server and the databases in tact. I then reinstalled Sharepoint (advanced install). During initial configuration I told it to connect to an existing server farm. Fed it the name for the database server (itself), selected the content database, fed it the user credentials for the AD user that has admin acces to the DB, and off I went. After the reinstall, I'm now able to access the Central administration site, but I cannot access my primary web application. This was when I started getting the "Error: Access Denied" page.

Any suggestions would be greatly appreciated.


Re: SharePoint - Setup, Upgrade, Administration and Operation Access Denied for all users on all pages

Jake L

Ok I found a little more information in the SP logs. I threw the error and a CMS and Sharepoint error was generated. The CMS error message is event ID 8vzh with message:

PortalSiteMapProvider was unable to fetch current node, request URL: /default.aspx, message: Thread was being aborted., stack trace: at Microsoft.SharePoint.Utilities.SPUtility.Redirect(String url, SPRedirectFlags flags, HttpContext context, String queryString) at Microsoft.SharePoint.Utilities.SPUtility.Redirect(String url, SPRedirectFlags flags, HttpContext context) at Microsoft.SharePoint.Utilities.SPUtility.RedirectToAccessDeniedPage(HttpContext context) at Microsoft.SharePoint.Utilities.SPUtility.HandleAccessDenied(Exception ex) at Microsoft.SharePoint.SPGlobal.HandleUnauthorizedAccessException(UnauthorizedAccessException ex) at Microsoft.SharePoint.SPWeb.EnsureUser(String loginName) at Microsoft.SharePoint.Publishing.CacheManager.<.ctor>b__0() at Micros...
...oft.SharePoint.SPSecurity.CodeToRunElevatedWrapper(Object state) at Microsoft.SharePoint.SPSecurity.<>c__DisplayClass4.<RunWithElevatedPrivileges>b__2() at Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated secureCode) at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(WaitCallback secureCode, Object param) at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(CodeToRunElevated secureCode) at Microsoft.SharePoint.Publishing.CacheManager..ctor(SPSite site) at Microsoft.SharePoint.Publishing.CacheManager.GetManager(SPSite site, Boolean useContextSite) at Microsoft.SharePoint.Publishing.CacheManager.GetManager(SPSite site) at Microsoft.SharePoint.Publishing.Navigation.PortalSiteMapProvider.get_ObjectFactory() at M...
...icrosoft.SharePoint.Publishing.Navigation.PortalSiteMapProvider.get_CurrentNode()


The Sharepoint Errir is ID 8sl1 with message:

DelegateControl: Exception thrown while adding control 'Microsoft.SharePoint.Publishing.Navigation.PortalSiteMapDataSource': System.Threading.ThreadAbortException: Thread was being aborted. at Microsoft.SharePoint.Publishing.Navigation.PortalSiteMapProvider.get_CurrentNode() at Microsoft.SharePoint.Publishing.Navigation.PortalSiteMapDataSource.OnInit(EventArgs e) at System.Web.UI.Control.InitRecursive(Control namingContainer) at System.Web.UI.Control.AddedControl(Control control, Int32 index) at System.Web.UI.ControlCollection.Add(Control child) at Microsoft.SharePoint.WebControls.DelegateControl.AddControlResilient(Control ctl)







Re: SharePoint - Setup, Upgrade, Administration and Operation Access Denied for all users on all pages

Paul Galvin

One thing I would try is to add a user to the web policy with full access.

This blog entry give a little background on that: http://paulgalvin.spaces.live.com/blog/cns!1CC1EDB3DAA9B8AA!255.entry

If that works, you're still not free and clear, but at least your're on your way. If that does not work then you have bigger issues I think.






Re: SharePoint - Setup, Upgrade, Administration and Operation Access Denied for all users on all pages

Jake L

thanks for the reply. I have indeed tried granting myself full write access through the web application policy. No Luck :-(

However, I'm actually having a bit more luck today. Yesterday I had re-promoted the server to a DC and reinstalled SP to see if there was some magical DC rights that would make it work. No such luck. So I uninstalled, Demoted back to a member server and left it over night.

Came back in this AM and reinstalled SP. Now I'm actually able to access the web application again. What in the world

All is not well just yet. I'm still getting some random errors. For example, when I view a list that has items with attachments, I get prompted with a login box that won't take my credentials. After it fails out, the page still displays but the paperclip icon does not. It seems I don't have access to the files under _layouts/images. Not sure what's up with that.

I'm sure there's other bugs floating around as well. Any more ideas would be great.




Re: SharePoint - Setup, Upgrade, Administration and Operation Access Denied for all users on all pages

Jake L

so on a whim I decided to create a new web application and new site collection, then simply try to export the entire site & subsites from the old and import into the new using stsadm. It seems to have worked. Even kept the user rights.