.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Melody Anderson
Eminent IT
Post New Web Links

No results for users that are members of a 'Deny All' policy for web application

Posted By:      Posted Date: September 01, 2010    Points: 0   Category :SharePoint
I have a SharePoint Farm with search working happily.  This farm also has a remote access component that I have configured on a separate extended web application.  The business has some accounts that it does not want to allow access to the Intranet remotely, and has added these accounts to a 'Non Remote Intranet Users' security group.  I then set up a rule on the Extranet zone to Deny All access for this group.  The Default zone still allows them to browse however, which is working great. The only problem is that members of this group do not get any search results whatsoever.  From the logs it appears that all results get security trimmed.  :( Can I disable security trimming somehow?  Is this a bug?  Any suggestions would be appreciated.  :)

View Complete Post

More Related Resource Links

PIAB And WCF: Integrating the Policy Injection Application Block with WCF Services


Using the PIAB you can enhance WCF services with policies such as validation, performance monitoring, authorization and caching without having to change a line of code.

Hugh Ang and David San Filippo

MSDN Magazine February 2008

Maintain users and groups list of Active Directory for an asp.net web application only

Hi, I have configured active directory in my server 2008. We have a web project using asp.net mvc named Audit planning and Execution Software(Apex2).What we want to do is to authenticate Active directory users for this project.I can get all active directory users, groups, users of a group etc.I want to add users in active directory for the Apex2 project only using asp.net.I also want to display only the users and groups of Active Directory registered with the Apex2 project only. And I also want to add active directory users from whole AD list to our project's AD list. Can you please tell me, how will I do this. Shall I create an Organizational Unit and maintain all users and groups there for our project? Or, is there any other way to do this?  please help me.Thank You

SharePoint Search Server 2010 Express returns no search results for non-admin users

This is going to sound crazy, but anyway... bare with me... I have a SharePoint Search Server 2010 Express (RTM) installed with a crawl account (call it sharepoint_crawl) which has full read permission to an entire site collection of 100,000 documents. I have logged in with this account to make sure it has read access to everything, and it does. I run a full crawl of all documents and allow it to finish. If I try and search the content for an extremely common term (i.e. 50,000+ hits) I get no results. However, if I log in with a site collection admin I do get search results. There are no indexing errors or query errors in either log files or event log. Everything looks like it is working correctly - just no results for non-admins Anyone tripped on this? I have recreated the crawl account and perform a full re-index with the same results. What gets me is that the crawl account does have read permission to the content it is indexing, the content is indexed correctly, but the crawl account cannot get results back. It is as if security-trimming is removing everything. Any ideas?

People search results showing members deleted from AD

Hi guysWe've configured a full nightly import of users from AD, but I'm seeing users who have been deleted showing up under the People Search function.  Does the import job delete accounts from SharePoint that no longer exist in AD?  If not, is there a way to change this?Tks,steven

Extended application: how do I specify a separate landing page for Extranet users?

This is the current scenario: http://intra - Normal internal intra. http://intra.foo.fi - Accessible through the firewall. This address extends the http://intra SharePoint application. This is the extranet. I.e. both addresses links to the same location essentially. Now our customer suddenly notified that they'd like to have a separate landing page for users arriving to the http://intra.foo.fi address (extranet users). How would you proceed in making a separate landing page? 

Users can sort the search results



I work on the search results page of my MOSS 2007 sites

Users want to sort my sites search results.
They want to sort by document type, author, and some metadata.

This feature was present on old sites
SPS2003 with this custom core search results webpart.

The page that presents this way:
-In the left column I have several links offering different views (view sorted by date, view sorted by author ..)

To make that, my predecessors

Deny users to some web pages



i have a website having a couple of pages, i'd like to allow all users to be able to browse some pages and deny them some web pages. I know it's something to do with creating an authorization tag and adding some allow or deny user, but i have no idea how to implement it.

Please help

How to create a condition and policy to deny access based on host name



With SQL Server 2008 Enterprise, can I prevent an Active Directory Account Login ( domain\user ) from connecting if its coming from a host_name?

What I really need to do is this:  


On SQL1, login mydomain\user1 is only allowed to login from servers APP2, APP3, and APP4.


If mydomain\user1, though it has a login on SQL1 attempts to connection any other hostname besides APP2, APP3 or APP4 I want to deny it access to SQL1.


Can anyone point me in the right direction for the correct condition(s) for a policy that would work?



Erik A. Grob, MCITP, MCDBA

Locking down application.master related pages to end-users.


I see that end users can access ASPX pages (such as  "_layouts/settings.aspx" etc) that are related to application.master.

My goal is that when end users try to navigate any of these pages (either directly or through OOB links), I want to return them to an error page (or home page). The end users may still need to modify "my settings" page which also has "_layouts" in it. So I have to consider this as an exception.

I did search a bit and not getting right solution yet.

Please suggest.

Search in SharePoint 2010 does not show results for all users other than the timer service account


I have setup a new SharePoint 2010 setup. Created Search Service application and configured. Confirmed that the crawl went fine without any error for both Local site and a file share. In the Search application i confirmed that the All Site scope shows 3890 items.

ISSUE: If any of the user [including site collection administrator] browses the site and try to search something it does NOT show result [No error either it says We did not find any results for .....]. All Site scopes does not show 3890 items but only 28.

But if the timer service account [system account] logs in the site and does the search it works fine.With this account loggd in if i check the All Site scopes i do see 3890 items.

This does seems to be some thing to do with the permission, but i am not able to get hint where the mistake is.

I have done the follow till now.

> I checked the application association is correct
> Created a new web application and confirmed that the issue exists there as well
> Checked ULS log but dont see any error related to this.
> No relavent event id in Application event viewer

Please help

Regards Ram

deny unauthorized users with an alert message


 Hello i am using Asp.net ,vb. I want to deny users who have not logged in with a message" you have to login to access this page".
Can someone help me write the code in vb.net?
Thanks in advance

Search Results not consistent for all the users


Hi All ,

I have site where only site collection administrator and few users are able to view the search results for a given criteria where as all other users get a message as "no results found", can anybody suggest how to go about the same .




WSS 3.0 FBA Security Issue with "Full Control" in "Policy for Web Application "


I just set up form based authentication using Active Directory.  I set the following parameters in the web.config:

    <add name="ADConnectionString" connectionString="LDAP://mydomain.com/DC=mydomain,DC=com" />

    <membership defaultProvider="ADMembershipProvider">
        <add name="ADMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider,System.Web,Version=,Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="ADConnectionString" enableSearchMethods="true" attributeMapUsername="sAMAccountName"/>

I then open the central admin, select “Policy for Web Application”...and I add the users that I want to give access from the outside.  So I grant “Full Control” and my problem arose:

When I give the user “full control” access....they can now see everything across the entire sharepoint site?

Where are all the windows permissions I set across SharePoint?

In other words, mydomain\user1 ha

Sharepoint Search finding no results for some users


Alright I've been at this one for days now so I'm pleading that someone can help me out. The crawler is working just fine, indexing over 30,000 items. I can search just fine with my account. My account is a domain admin, site collection owner, and full site owner. Domain users who are site members receive a "No results matching your search were found."

I'm completely lost- I one of my end users a domain admin, secondary site collection admin, and site owner and they still cannot query results. I made sure they have access to everything on the site including all permissions for the search center. I've tried reseting the index and using the end users own account to recrawl/reindex which succeeded. However still no results found when doing a search. I've tried changing the search service log on accounts to other domain accounts as well to no avail. Anyone have any ideas or troubleshooting steps that would guarantee search is setup correctly? Like I said, my user account is able to perform searches and recieve results but I cannot figure out what permission my account has over the other end user account I assigned permissions to.

Another thing to note is that this was a standalone MOSS 2007 upgrade to 2010. All prerequisits were installed and the upgrade went smoothly.

Please help!

Assuming identity of other logged in users in web application using Forms Authentication and Singlet



I have a web application with a login form. A user enters a user name and password. If they exist in the database the user is authenticated using these two lines:

FormsAuthentication.SetAuthCookie(userName, false);
FormsAuthentication.RedirectFromLoginPage(userName, false);

The problem is that when a user logs in at first he is logged in as himself. When navigating on the web application for a while the user assumes the identity of another logged in user. This happens all the time.

In my web.config the authentication mode looks like this:

<authentication mode="Forms">
  <forms loginUrl="LogOn.aspx" name=".ASPXFORMSAUTH">
  <deny users="?" />

The site does not use ASP.NET session variables. Instead each page initializes a Singleton class, which stores itself in a static class variable, always accessing the users data already read from the database.

The Singleton implementation is:

static readonly WebSession instance = new WebSession();


public static WebSession GetSingletonInstance
  get { return instance; }

Could the problem with assuming anoth

No search results and strange error in Application log


I have a Sharepoint Foundation installation on a single server with a SQL 2008 R2 express databse engine. I've configured the Sharepoint Foundation Search service via the Central Administration and I have connected the WSS_Content database to the Search Server via the Central Administration.

After the configuration was done I have manually started the timer job both through the Central Admin interface and also via the Command line through the stsadm tool. Even though the job have finished I get no hits on the site collection when searching for words I know are there.

However,  in the Event Viewer I can see the following warning in the Appication log:

A database error occurred. Source: Microsoft OLE DB Provider for SQL Server Code: 14 occurred 4097 time(s) Description: [DBNETLIB][ConnectionOpen (Invalid Instance()).]Invalid connection.
Anyone have any ideas if the above message is the problem or if I have forgot some crucial information.

Search returns no results for non admin users

Hi all, I can't seem to get search to return results for non-admin users. I can search fine as the administrator - but non admin users, although they can see the rest of the site content with no issues, they can't get any results on the search. I'm using MOSS 2007 on a server farm - the search config appears to be set up correctly but I can't find any info on why it might not be returning results for non admins - I would have thought security trimming would have stopped users from seeing content - so is there some way that users would be able to see the site but still not have 'real' access to it?
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend