Logo 
Search:

Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

General Access Denied Error" Adding External Users, Unable to Approve Site Creation

  Asked By: Betsy    Date: Jun 29    Category: Sharepoint    Views: 2171

I'm installing the RTM ECTS app using the MS supplied docs.

I've spent some time resolving the SSL issue with ADAM, and I setup a private Enterprise CA for the purpose. My environment is Server 2003 R2 SP2, WSS3.0, SQL2005. Everything is recently patched.

The issues I'm having are twofold:

1. When I attempt to approve a site creation request, I get an Access Denied response from Sharepoint (/_layouts/AccessDenied.aspx).

I see an eventlog error that corresponds to this action:

EVENT #

37339

EVENT LOG

Application

EVENT TYPE

Error

SOURCE

Windows SharePoint Services 3

CATEGORY

Topology

EVENT ID

6141

COMPUTERNAME

VENUS

TIME

8/14/2008 12:26:18 PM

MESSAGE

The site /sites/test3 could not be created. The following exception occured: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)).


I found this doc which suggests some troubleshooting ideas: technet.microsoft.com/.../cc561057.aspx#bkmk2

I discovered that the WSS Admin Service wasn't running which I fixed. The second suggestion about the WSS config data cache confuses me since I don't see a %systemdrive%\inetpub\wwwroot\wss\config folder, or one under E:\ where I'm keeping my Inetpub stuff for live sites. I don't want to reprovision this server since it has an already-working Intranet instance on another IP.

2. When I attempt to register an external user's e-mail address, I get this error on the "Add External Users" page (aeu.aspx): "General access denied error".

I have verified that I can connect to ADAM via SSL (I had to stuff the new root CA in a few places based on some advice I saw here), and I can logon to ADAM using the account that Sharepoint Application Pool is running under. I even tried adding that domain account to the Administrators role in ADAM (which did make a difference in that I could see more stuff when I logged in via that account with ADAM-ADSIEdit.

What am I doing wrong? I'm sure I'm going to want to completely remove and reinstall this thing before I'm done, but I'd like to get it working as it will solve a real problem for us and looks like a great (if rather complicated) tool.
E

Share: 

 

1 Answer Found

 
Answer #1    Answered By: Ahmad Johns     Answered On: Jun 29

To add a user to the Admin role, open ADSI edit to your part in the tree for for your Sharepoint users, expand those items in the left-hand pane until you see CN=Roles. Find the entry in the right that says CN=Administrators, then find the item called 'member'. Double-click on that and then you can add users  as Administrators of this part of the LDAP tree from either the AD or ADAM store.

 




Tagged: