locked
sharepoint 2010 access denied error on site creation RRS feed

  • Question

  • Hello,

    I'm working with VS2010, IIS7.5, W2008r2 and Sharepoint 2010.

    Now I'm developing a web service which has a method to create site collections and subsites, this is my code:

                        using (SPSite lSite = new SPSite(lsUrlSiteColl))
                        {
                            SPWeb lWeb;
                            if (lSite == null)
                            {
                                using (SPSite lSiteWA = new SPSite(lsUrlWebApp))
                                {
                                    SPWebApplication webApp = lSiteWA.WebApplication;
                                    SPSiteCollection siteCollection = webApp.Sites;
                                    SPSite lSiteNew = siteCollection.Add(lsUrlSiteColl, lsUrlSiteColl, lsUrlSiteColl, 1033, "STS#1", xsUser, xsUser, xsMailAddress);
                                    SPWebCollection lSiteWebs = lSiteNew.AllWebs;
                                    lSiteNew.AllowUnsafeUpdates = true;
                                    lWeb = lSiteWebs.Add(xsUrlSite, xsTitle, xsDescription, 1033, xsSiteTemplate, false, false);
                                    lWeb.Close();
                                    lSiteNew.Close();
                                    lSiteWA.Close();
                                }
                            }
                            else
                            {
                                lSite.AllowUnsafeUpdates = true;
                                SPWebCollection lSiteWebs = lSite.AllWebs;
                                lWeb = lSiteWebs.Add(lsUrlWebSite, xsTitle, xsDescription, 1033, xsSiteTemplate, false, false);
                                lWeb.Close();
                                lSite.Close();
                            }
                        }

    This code fails with "Access denied", in Sharepoint logs I found this: "Videntityinfo::isFreshToken reported failure".

    BUT if I run this code with "RunWithElevatedPrivileges" then this works fine....

    I tried test this code in a windows app, and the same results was happened.

    I'm using NTLM in my SPS installation, I'm authenticated with a domain admin, the user identity for the appPool is an SPS administrator user (web.config is also configured to use windows authentication)...

    anyone could bring some light here???

    thanks!

    Mauricio.


    Mauricio

    Friday, February 1, 2013 5:02 PM

Answers

  • Hi,

    yes, like I said, with RunWithElevatedPrivileges works fine, my problem was that I was testing with a domain admin user, BUT this user was deleted from Sharepoint administrators group and I did not know this until now! :P

    thanks,

    Mauricio.


    Mauricio

    • Marked as answer by MauricioUY Friday, February 1, 2013 6:51 PM
    Friday, February 1, 2013 6:51 PM

All replies

  • Hi

    You must use this SPSecurity.RunWithElevatedPrivileges method  because all users don't have permission for create site.If you are Site Collection admin and run this code, your code works fine but other users(Visitors,Viewers... etc) can't run this code. So you must use this method .

    SPSecurity.RunWithElevatedPrivileges(delegate()
    {
        using (SPSite site = new SPSite(web.Site.ID))
        {
        // your code
        }
    });


    SharePoint Developer (MCPD) Web Site : http://sharepointciyiz.biz





    • Edited by Mecit Semerci Monday, February 4, 2013 7:42 AM
    • Proposed as answer by Mackshaw Monday, February 4, 2013 5:17 PM
    Friday, February 1, 2013 6:36 PM
  • Hi,

    yes, like I said, with RunWithElevatedPrivileges works fine, my problem was that I was testing with a domain admin user, BUT this user was deleted from Sharepoint administrators group and I did not know this until now! :P

    thanks,

    Mauricio.


    Mauricio

    • Marked as answer by MauricioUY Friday, February 1, 2013 6:51 PM
    Friday, February 1, 2013 6:51 PM