.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Securing Access to Admin Pages

Posted By:      Posted Date: April 10, 2011    Points: 0   Category :C#


What is the easiest way to stop anonymous users accessing admin pages such as: SiteCollectionDocuments/Forms/AllItems.aspx or _catalogs/wt/Forms/Common.aspx.

This is a public facing website using Sharepoint 2007.

View Complete Post

More Related Resource Links

Can not link from MS Access to SP admin lists


We have WSS3. I am a site collection admin. The SP server is at remote location at our vendor.

I can link from MS Access to all the cusom lists - lists created by users.

I can not link from MS Access to the admin lists, for example the Site Hierarchy list. This is https://mysite.com/_layouts/vsubwebs.aspx

I know this is a LIST. It has columns Site URL, Title, etc.

I need Read only access. How can I do it?

ASP.NET Allow Admin Users Access Basic Users Accounts


We have an ASP.Net web application currently released to the public, that uses Membership and Provider features and have our users assign to a "Basic" role.  What we are working on doing is developing an administrative site, so that administrators (presumably to be assigned an "Admin" role), are able to login to the administrative site, where they will have access to a list of users in the "Basic" role.
From the admin site, we want to allow the administrators to click on any of the "Basic" users and effectively be logged into there account (loading the user's profile information in the process, as is the case when a "Basic" user logs in), while still remaining lo

Remotely access winform application through admin panel

I am going to develop following application but not sure how to do this   Application will run different instances for various clients on different servers.     Each instance will run on different criteria stored in database managed by an admin.     Would like to be able to run this from the admin section.     Maybe using a server command line component and pipin the output into a web based admin? -- Whatever you think is best.     This application will run basically 24-7   Any best solution, idea etc

master pages - how to access content page from master page?

Hello,I have a master page setup that is used throughout my site that is basically a header with a menu. I recently added a textbox and a button to this master page which is to be a quick search box that is available anywhere in the site. When a user enters text into the search box and hits the button, I need to load the actual content page which is used to search and show search results (which also uses this same master page), and have the text entered available so the search can be triggered automatically. Again, this search text box and button is now in my master page so it could be  triggered from anywhere in the app... it serves as a convenient way to do a basic search from anywhere in my app, without having to first navigate to the actual 'search page' that already exists.  You can also navigate to the actual search page, which uses the same master page, where there is many more search options.I'm thrown off by the master page arrangement, which I have not used until this project. What do I do?

Permissions:disable controls by roles(access pages too)(dynamically :each new role has special grant

HelloI have an application of many pages of consultation and same time I have a module of adding users by roles and creating accounts by role.(the application is ready but i cant manage the roles)the tutorials that i found are very useful to manage roles but its roles fixed before(administrators,supervisors)(http://www.asp.net/security/tutorials/creating-and-managing-roles-vb) if I add a new role (agent) i want to grant to this new role a new access to pages(different access than admin and supervisor) and disable new controlswhy not using checkbox to every new role checking a field related to databaseis it possible?if yes ,how can i begin?Thanks

Error: Access Denied on default.aspx and other pages of existing and new sites

Hi, since today we can't access the project portals of all our projects (Visual Studio TFS 2008/sharepoint admin 3.0 running on esx 4.0). I already checked every possible security settings, they're all OK. I also tried creating a new site but I can't access the site. I can however access all the settings. For example when I try to access: http://server/Sites/Profel I get the "Error: Access Denied" message and the browser is redirected to http://server/Sites/Profel/_layouts/AccessDenied.aspx?Source=http%3A%2F%2Fserver%2FSites%2FProfel%2Fdefault%2Easpx I have no problem navigating to: http://server/sites/Profel/_layouts/settings.aspx and I can go to al lot of pages, but when I want to create something like a calendar I can specify the parameters but when I click the create button I get the same error. http://server/Sites/Profel/_layouts/AccessDenied.aspx?Source=http%3A%2F%2Fserver%2FSites%2FProfel%2FLists%2Ftest%2Fcalendar%2Easpx&Type=list&name=%7B46CB3B46%2DD0F6%2D47F5%2DBA1A%2D3C9654A24A8E%7D I already tried this: http://support.microsoft.com/kb/926642  http://support.microsoft.com/kb/896861/en-us but no success Any help is welcome, Greetz, Peter

Access to Central Admin, but receive error when accessing sites

We have a dev environment where we've reattached the config database and content databases. We can get into Central Admin, but none of the other SharePoint sites. Here is the error I see in the event log, which I believe indicates the cause of the trouble (see below). Any ideas on how to resolve? Thanks! Event Type: Warning Event Source: ASP.NET 2.0.50727.0 Event Category: Web Event Event ID: 1310 Date:  9/17/2010 Time:  9:45:53 AM User:  N/A Computer: SVUSFULSPWEBTST Description: Event code: 3006 Event message: A parser error has occurred. Event time: 9/17/2010 9:45:53 AM Event time (UTC): 9/17/2010 4:45:53 PM Event ID: 2767d864409a4d8380e5cb38fa987b21 Event sequence: 3 Event occurrence: 1 Event detail code: 0   Application information:     Application domain: /LM/W3SVC/482174774/Root-1-129292155459206250     Trust level: WSS_Minimal     Application Virtual Path: /     Application Path: C:\Inetpub\wwwroot\wss\VirtualDirectories\collabtest.beckman.com80\     Machine name: SVUSFULSPWEBTST   Process information:     Process ID: 2192     Process name: w3wp.exe     Account name: GLOBAL\svcSPAppPoolTst   Exception information:     Exception type: HttpParseExce

user login & secured access pages via web part?

The client wants to have certain sharepoint-driven pages available only to their end customers who login to the site via secured login (to the site content, not the sharepoint CMS).  Can this be done via a web part somehow?  We're not a sharepoint house, and have been asked to take over management of this sharepoint driven site! Normally we'd write an ASP chunk to validate against a database but not sure how to do this (or by some other method) in the Sharepoint CMS. Thanks...

Customized sharepoint portal is not accessible to normal users unless a site admin access the site o


Hello there

I have created a sharepoint portal and customized it. I have created my own master page and there are many webparts implemented. This has been hosted in a MOSS server. When a normal user is trying to access the portal first thing in the morning, he is getting a "You are not authorized to view this page" error. But when a site admin access the site, there is no issue and he is able to access the site. The site admin does nothing in the site and once he has logged in to the site,  the user is able to access the site without any trouble.

I have tried to look into the master page gallery and has given full access to the users for "Style Resource Readers" user group. Even now the user is facing the same issue.

Kindly help in this regards,



Site owner getting Access Denied error on subsite pages.



I am site collection owner.I have created subsites with number of pages(140 pages) with inherit permission form parent site.After creation of subsite I want to edit subsite pages but I am getting Error Message "Access Denied" on some pages.

Anyone please help me...

I am using WSS 3.0



Windows PGM socket access error with non-admin account




I'm trying to use PGM sockets to send data. I can listen and receive data fine from a PGM socket using a non-admin account, but when I try to create a socket to send data I get an exception at this step:

socket.Bind(new IPEndPoint(IPAddress.Any, 0));

The exception is:

An attempt was made to access a socket in a way forbidden by its access permissions

Note that if I run the same code under an admin account it works fine. Is there a way to create a sender PGM socket without running under an admin account?

Access Denied on Adding to my Colleagues option in profile pages

We have an environment that only has profile pages enabled and not personal mysites.  I've noticed that the profile pages are all within one site collection.  How can I give owners of their profile pages the ability to add to their my colleagues without allowing everyone to have rights to edit other profile pages?  This is within Sharepoint 2007 by the way.

SBS 2008 Premium Edition - Securing SQL Server while allowing access from e-commerce website.


Reposted from SBS forum:

I'm currently planning an SBS 2008 Premium Edition installation for a client currently running a five old Win NT / Server 2003  machines to serve a small company (fewer than 50 people).  A complicating factor is that one of their e-commerce websites is currently served directly from their production SQL server - a security risk made necessary by the limitations of their e-commerce software.  In the SBS 2008 plan I would like to protect the production SQL server from the Internet.  My question - is there a way of replicating the production SQL database in real time on a second SQL server outside the firewall?  If not, what other options are available?

I'm not an SQL specialist so I'd also be grateful for links to useful web resources on the topic.

Thanks in advance.


DBA needs to justify Local Admin access on SQL DB server to management



Can anybody point  me to documents that would substantiate the following assertion to my network manager:

"It's standard practice to have your SQL DBA administer the host server as  Windows local admin (a VM in this instance)."

My network & servers manager wants me to document why I, the DBA, need to have Local Admin access to the production database and reporting servers.  Part of the problem is that I sit with the application team, rather than net & servers.  However, I am an experienced production and development DBA in MS SQL Server (6.5 to 2008 R2) who has performed Windows local admin tasks in the past -- and will need to in the future.

Specifically I think I need local admin privileges in order to deploy and maintain the following:

SQL Agent b/u and maint. jobs; SSRS, SSIS, SSAS, 3rd party ETL (extract-transform-load), Log Shipping from production OLTP server to reporting server.  Creation of backup files on local disk.  SQL Server and OS performance monitoring.  Start and stop services.  Some Active Directory administration (for logins and groups)

Can anybody help me substantiate why I need local admin privileges on the database server -- even though I don't have formal Windows System Admin training, experience tells me I need local admin access in order t

restricting access to a Pages on my web site using roles



          Can i restrict access to a particular page on my web site using roles or in any other way

Securing Asp.net Webservice from anonymous access.


Hello friends,

     Actually I am working on a project in which I have several webservices(.asmx pages) in which I have some webmethods. Now what I need to do is, securing the webmethods as well as the .asmx pages from anonymous access. Only application can use those methods or you can say those webservices.

Please give me some ideas or solutions or some sort of techniques by which I can be able to secure them from anonymous access.

A very Fast reply is awaited.




Admin panel access based on memberOf attribute


Hey Guys,

I have built an intranet site where the user is automatically logged in through Windows Authentication and I am now building an admin panel/section.

I was wondering if there is a way using the Active Directory memberOf attribute that people who are members of the group 'Domain Administrators' could automatically gain access to this section without needing to log in, but people who are not part of this group get redirected.

Any help would be greatly appreciated.

Many Thanks,


ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend