.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Claim Authentication - access denied for central administration sites

Posted By:      Posted Date: April 10, 2011    Points: 0   Category :C#


I have configured Sharepoint 2010 für claim based form authentication following all steps in technet articel. But after modification of web.config of central administation site, access to adminitration is denied for my windows administator account.

I am not sure that Sharepoint connects to LDAP server correctly. I have not understood the mechanisme Sharepoint connects to LDAP server. No user account/password for authentification Sharepoint server against LDAP server have to be configured!? Is that true or do I have to make additional settings in LDAP server?

Thank you for any hint.


View Complete Post

More Related Resource Links

Cannot change themes of newly created sites "Access denied"

When creating a new site i cannot change the default theme (grayed out) and a message appears something like "access denied". What's wrong? The first 6 sites where created succesfully and have a modified (OOB) site theme applied, all sites I create from now on cannot have the default theme modified. I checked any check-out settings but couldnt find anything obvious. What's wrong? I didn't use any custom code or such, just clicked around like an Admin does ;)  I thought about some check-in/out issue, but couldnt see anything. Someone HELP! please!I am a SharePoint Infrastructure Engineer, focussed on Administration and Installation of SharePoint Server environments.

Sharepoint 2010 Multi-Tenancy Access Denied on Tenant Administration Site

Hi, I am currently implementing a Sharepoint 2010 Multi-Tenancy solution. Multi-tenancy is the partitioning of service applications in 2010 to allow data to be separated between web applications or site collections. I am using multi-tenancy to separate data and user profiles between site collections hosted on a single web application. I have partitioned the User Profile Service Application and Proxy using Windows Powershell. The paritioned Proxy Application is then associated with the single web application. I am also using the Sharepoint Foundation Subscription Service Application to subscribe to different site collections within the web application. In this way data and user profiles can be separated. However, the tenant administration site, used to manage each collection, does not allow administrator access to manage the User Profile Service. I receive a standard Sharepoint 'Access Denied' error message. No other errors or details are provided. I have tried assigning different accounts to the tenant administration site but the error still appears. The issue arises when I issue the following SPSite Powershell cmdlet: NEW-SPSite -Owneralias DOMAIN\Username -Secondaryowneralias DOMAIN\Username. The attributes provided in the Cmdlet above are used to assign tenant site administrators however, the accounts cannot access the User Profile Service. Any ideas or recommendati

Lost access to Central Administration Page

After trying to troubleshoot why all the e-mail alerts stopped working, I ran the best practices analayzer and ran the commands it suggested the paragraph below. "The same account that you use to run SharePoint 3.0 Central Administration must be configured as the SharePoint Timer Service. If they are not the same, the system may not be able to send Alert Notifications and you will not be able to add a content database to a web application using the Manage Content Databases page. Although there are built in mechanisms to keep these accounts synchronized, it is possible to manually change the SharePoint Timer Service account. If the account that you are using to run SharePoint 3.0 Central Administration is the correct account, you can log on to the Web server where the SharePoint Timer Service running as the wrong account. From a command prompt change to the directory where the SharePoint Timer Service is running, this is typically C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\BIN, and run the command: stsadm -o updatefarmcredentials -identitytype configurableid -userlogin domain\account -password password. Although you could directly update the SharePoint Time Server account by opening Administrative Tools, Component Services, you should use this approach only as a last resort. To avoid inconsistencies between the

SharePoint 2010 organization installation without access to Central Administration?

Our organization of 5000+ internal users and 1000 external vendors wants to integrate SharePoint 2010. We are are being mandated to use an offering of SharePoint 2010 in the cloud. All peer organizations are also being told to use this service, and we are all going to be on a single SP farm. We want to have several internal site collections, customization of MySites, an extranet, and a public facing site. We will not have the ability to access central administration ourselves, we have to go through a centralized state IT department and have them make changes for us. We will only have admin abilities for our own site collections. Installing 3rd party web parts will be a nightmare process as well as making small changes to central admin resources as we are dependent on their time-line to test and integrate these for us. What issues are we likely to see because of this, and is this even a feasible option for us? BTW, they do not uphold SLA agreements and currently they sometimes take days or weeks to fix issues, where our people would take care of it in hours if possible.

Reinstall Central Administration without destroying sites?

Hello, I've been having a problem for awhile now where I cannot get the Configure Service Accounts under Security to work. Something I want to try is to remove/reinstall central administration. The problem is, Central Administration is running on the same server as the SharePoint sites. I want to remove/reinstall central administration without removing Sites. If I use the SharePoint Product Configuration wizard to remove and reinstall central administration, will it touch/destroy the sites? Thanks.Owner, Quilnet Solutions

Error: Access Denied on default.aspx and other pages of existing and new sites

Hi, since today we can't access the project portals of all our projects (Visual Studio TFS 2008/sharepoint admin 3.0 running on esx 4.0). I already checked every possible security settings, they're all OK. I also tried creating a new site but I can't access the site. I can however access all the settings. For example when I try to access: http://server/Sites/Profel I get the "Error: Access Denied" message and the browser is redirected to http://server/Sites/Profel/_layouts/AccessDenied.aspx?Source=http%3A%2F%2Fserver%2FSites%2FProfel%2Fdefault%2Easpx I have no problem navigating to: http://server/sites/Profel/_layouts/settings.aspx and I can go to al lot of pages, but when I want to create something like a calendar I can specify the parameters but when I click the create button I get the same error. http://server/Sites/Profel/_layouts/AccessDenied.aspx?Source=http%3A%2F%2Fserver%2FSites%2FProfel%2FLists%2Ftest%2Fcalendar%2Easpx&Type=list&name=%7B46CB3B46%2DD0F6%2D47F5%2DBA1A%2D3C9654A24A8E%7D I already tried this: http://support.microsoft.com/kb/926642  http://support.microsoft.com/kb/896861/en-us but no success Any help is welcome, Greetz, Peter

Access to Central Admin, but receive error when accessing sites

We have a dev environment where we've reattached the config database and content databases. We can get into Central Admin, but none of the other SharePoint sites. Here is the error I see in the event log, which I believe indicates the cause of the trouble (see below). Any ideas on how to resolve? Thanks! Event Type: Warning Event Source: ASP.NET 2.0.50727.0 Event Category: Web Event Event ID: 1310 Date:  9/17/2010 Time:  9:45:53 AM User:  N/A Computer: SVUSFULSPWEBTST Description: Event code: 3006 Event message: A parser error has occurred. Event time: 9/17/2010 9:45:53 AM Event time (UTC): 9/17/2010 4:45:53 PM Event ID: 2767d864409a4d8380e5cb38fa987b21 Event sequence: 3 Event occurrence: 1 Event detail code: 0   Application information:     Application domain: /LM/W3SVC/482174774/Root-1-129292155459206250     Trust level: WSS_Minimal     Application Virtual Path: /     Application Path: C:\Inetpub\wwwroot\wss\VirtualDirectories\collabtest.beckman.com80\     Machine name: SVUSFULSPWEBTST   Process information:     Process ID: 2192     Process name: w3wp.exe     Account name: GLOBAL\svcSPAppPoolTst   Exception information:     Exception type: HttpParseExce

Claims Authentication : Access Denied


I have a custom SecurityTokenService implemented and the SPTrustedLoginProvider added to my farm.  I've also implemented a custom SPClaimProvider that allows me to use the People Picker to give users permissions on the site.  Everything seems to be working fine up to a point.  When I go to my site and choose the correct login method I am redirected to the STS, login there and then get redirected back to my SharePoint site.  The problem is that I get an access denied error with message 'You are currently signed in as:  <Unique User ID FROM STS>'.  I get this even after adding the associated user as a member of the site.  If I add 'All Users (Custom STS)' as a member of the site I can login just fine.


So, what could be the disconnect between giving a user permissions and then logging in as that user?

Claims Based Authentication - Access Denied for NTLM - Network Related



We have setup a test SharePoint environment on a single box. If we create a new classic authentication web application using NTLM the site works fine, and recognizes AD users correctly. Users can then login successfully. If we create a new claims based authentication web application using NTLM all users receive an Access Denied error when trying to view the site. The application will recognize AD users when applying permissions in Central Admin's User Policy section, but none of those users are able to access the site.

If I turn on Fiddler Capture, the sites will work fine. Once I turn it off the sites no longer work and we are again presented with an Access Denied exception (or sometimes 403 Forbidden in Firefox and Chrome). I know that Fiddler create a local proxy so I'm curious what that proxy is doing that allows claims based to work correctly.

Has anyone seen this before? Does this sound Firewall/Antivirus related? Client or server?

Thank you,



SharePoint 3.0 Central Administration access issue


When I click on the icon to open SharePoint 3.0 Central Administration I get the following error:

Cannot connect to the configuration database.

The SharePoint site itself is up with no issues. The problem began after someone else restarted the server.

I stopped and started the App Pool for SharePoint 3.0 Central Administration but the problem still exists.

Anyone have any ideas?

Thanks in advance,


SharePoint Central Administration v3 access problem


When attempting to browse to SharePoint Central Administration v3 I get the following error:

Cannot connect to the configuration database.

Everything appears to running correctly, the SharePoint site comes up ok, but not the admin page.

Any ideas?

Can't access Central Administration anymore

When I try to start the Central Administration, this appears:

System.ArgumentNullException: No message was deserialized prior to calling the DispatchChannelSink. Parameter name: requestMsg at System.Runtime.Remoting.Channels.DispatchChannelSink.ProcessMessage(IServerChannelSinkStack sinkStack, IMessage requestMsg, ITransportHeaders requestHeaders, Stream requestStream, IMessage& responseMsg, ITransportHeaders& responseHeaders, Stream& responseStream) at System.Runtime.Remoting.Channels.SoapServerFormatterSink.ProcessMessage(IServerChannelSinkStack sinkStack, IMessage requestMsg, ITransportHeaders requestHeaders, Stream requestStream, IMessage& responseMsg, ITransportHeaders& responseHeaders, Stream& responseStream) at System.Runtime.Remoting.Channels.Http.HttpServerTransportSink.ServiceRequest(Object state) at System.Runtime.Remoting.Channels.SocketHandler.ProcessRequestNow()

There is no Skype on the Server, or another Application that is using Port 80..
So what to do to solve this?

BDC Service gives Access Denied on Central Admin site


We have a new installation of SharePoint 2010 using Kerberos authentication and everything works fine but Business Data Connectivity Services. We get "Access Denied" from the Central Administration site when we click on "Manage Service Applications" and then we click the name of the BDC service. The SharePoint WFE and the DB catalogs are on two different servers in case that matters. Anyone seen this issue before? 

Access is denied.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.ServiceModel.Security.SecurityAccessDeniedException: Access is denied.

Source Error:

Sharepoint services administration access denied issue


Hi i am sharepoint newbie.i was trying to configure forms authentication.and bumped onto configuring it for ssp admin site. after doing it all.ssp admin did show me fba login and i cud login as well... but sumhow im not able to access these links under "User Profiles and My sites"

i.e User Profiles and properties

   Personalization services permissions are two of those tht show access denied error.

i hv searched net for long set administrators of the site but just doesnt work any ideas here?

Using windows authentication to access SQL when using ASP.NET 4.0 via COM+


I am using SQL Server 2008 under windows authentication, front end is ASP.NET which uses COM+ to access database.

COM+ components are configured to run as domain user.

When looking through the logs (SQL Profiler), I can see the login name as the configured identity instead of windows indentity.

I have got Website running under "Intergrated Windows Authentication" and database is running locally on webserver.

Web configure contains entry for <identity impersonate="true"/>.

My connection string is

connectionString="data source=db01\test01;initial catalog=test; integrated security=SSPI;persist security info=False; Trusted_Connection=Yes"

Any ideas?




Access to report file denied. Another program may be using it.


Migrated from Windows 2000 ASP.NET 1.1 to Windows 2003, ASP.NET 2.0 and had this error. All the forums/MSDN/Blogs says to give Read/Write Access to C:\Windows\Temp folder. Why should we give Full Access to some folder in Production server?? In windows 2000, ASP.NET 2.0 development machine, no files are created when we run crystal reports from aspx pages. Then why in Windows 2003 servers, we need to give rights to temp folder?? It is a simple code


And the code is not storing anything on the disk. Then why should it store the GUID.rpt file in Temp file in Windows 2003 server?? Any alternative is there not to store anything on the disk when Crystal Reports are opened in aspx page??


Forms based users being prompted for windows authentication login for My Sites photos in user lists

Here's an issue I didn't see coming for our forms based authentication users. 

We have a web application extended to an external url to handle forms based authentication for users outside of our domain. Our setup looks like this...

Internal Users/Windows Authentication - moss.domain.com
External Users/Forms Based - mossext.domain.com
My Site for Internal Users - mysites.domain.com

When our forms based users are accessing user lists, or discussion pages that display user pictures, they are getting a windows authentication login for our internal users (mysites.domain.com) who have populated their my site with personal photo.

How do we fix this? 

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend