none
Sharepoint 2010 permission The following factors also affect the level of access for RRS feed

  • Question

  • hello,

    In my development server ,suddently from no where all users ,even full control group users

    cannot able to add or edit any list or any content.

    The following factors also affect the level of access for user1(domain\user1)

    Deny
    Manage Permissions
    Create and change permission levels on the Web site and assign permissions to users and groups.
    Deny
    Create Subsites
    Create subsites such as team sites, Meeting Workspace sites, and Document Workspace sites.
    Deny
    Manage Web Site
    Grants the ability to perform all administration tasks for the Web site as well as manage content.
    Deny
    Add and Customize Pages
    Add, change, or delete HTML pages or Web Part Pages, and edit the Web site using a Microsoft SharePoint Foundation-compatible editor.
    Deny
    Manage Lists
    Create and delete lists, add or remove columns in a list, and add or remove public views of a list.
    Deny
    Apply Themes and Borders
    Apply a theme or borders to the entire Web site.
    Deny
    Apply Style Sheets
    Apply a style sheet (.CSS file) to the Web site.
    Deny
    Override Check Out
    Discard or check in a document which is checked out to another user.
    Deny
    Manage Personal Views
    Create, change, and delete personal views of lists.
    Deny
    Add/Remove Personal Web Parts
    Add or remove personal Web Parts on a Web Part Page.
    Deny
    Update Personal Web Parts
    Update Web Parts to display personalized information.
    Deny
    Add Items
    Add items to lists and add documents to document libraries.
    Deny
    Edit Items
    Edit items in lists, edit documents in document libraries, and customize Web Part Pages in document libraries.
    Deny
    Delete Items
    Delete items from a list and documents from a document library.
    Deny
    Create Groups
    Create a group of users that can be used anywhere within the site collection.
    Deny
    Use Self-Service Site Creation
    Create a Web site using Self-Service Site Creation.
    Deny
    Approve Items
    Approve a minor version of a list item or document.
    Deny
    Delete Versions
    Delete past versions of a list item or document.
    Deny
    Create Alerts
    Create alerts.
    Deny
    Manage Alerts
    Manage alerts for all users of the Web site.
    Deny

    Edit Personal User Information
    Allows a user to change his or her own user information, such as adding a picture.

    For all the users this happened ,How i need to fix this issue

    please help.

    thanks

    Tuesday, February 4, 2014 12:30 PM

Answers

  • Take a look at the user policy settings for the web application.  I suspect someone has added a User Policy that covers the user which denies all these permissions.  The User Policy at the web app level is the only place where you can deny permissions.  But that setting applies to every site collection in the web application and takes precedence over every other setting.

    Paul Stork SharePoint Server MVP
    Principal Architect: Blue Chip Consulting Group
    Blog: http://dontpapanic.com/blog
    Twitter: Follow @pstork
    Please remember to mark your question as "answered" if this solves your problem.

    Tuesday, February 4, 2014 12:39 PM

All replies

  • Take a look at the user policy settings for the web application.  I suspect someone has added a User Policy that covers the user which denies all these permissions.  The User Policy at the web app level is the only place where you can deny permissions.  But that setting applies to every site collection in the web application and takes precedence over every other setting.

    Paul Stork SharePoint Server MVP
    Principal Architect: Blue Chip Consulting Group
    Blog: http://dontpapanic.com/blog
    Twitter: Follow @pstork
    Please remember to mark your question as "answered" if this solves your problem.

    Tuesday, February 4, 2014 12:39 PM
  • how can I remove the "Deny" option from his ID permission level.Is there any way that user can access the site with Deny option.
    Wednesday, September 16, 2015 11:24 PM
  • The policy is set in the user policy settings at the web application level for the web application that holds the site collection.  The Deny policy can be set for an AD group or for a user direclty.  Depending on whihc it is you just need to remove the policy permission from the user or group that it is applied to.  There is no way to access the site with the Deny permissions in place.  Here's an article on User Policy Permissions.

    https://technet.microsoft.com/en-us/library/ff608071.aspx


    Paul Stork SharePoint Server MVP
    Principal Architect: Blue Chip Consulting Group
    Blog: http://dontpapanic.com/blog
    Twitter: Follow @pstork
    Please remember to mark your question as "answered" if this solves your problem.

    Thursday, September 17, 2015 12:14 PM
  • How can you deal with this issue if you are using SharePoint Online ?

    I shared my site with external authenticated users, even if they have Contribute access, they still got the Deny permission as above (initial post)

    Tuesday, November 20, 2018 10:13 AM
  • There is no Deny permission available in SharePoint online. User Policies policies are applied at the Web Application level, which isn't available in SharePoint online tenants.  The question was about SharePoint 2010 server and does not apply in SharePoint Online.

    Paul Stork SharePoint Server MVP
    Owner/Principal Architect: Don't Pa..Panic Consulting
    Blog: http://dontpapanic.com/blog
    Twitter: Follow @pstork
    Please remember to mark your question as 'answered' if this solves your problem.

    Tuesday, November 20, 2018 3:12 PM
  • Hi Michaalis 

    Di you ever get an answer to this? I've got the same problem.

    Tuesday, September 17, 2019 12:04 PM
  • Hi Darren,

    We had a similar issue we suspect was caused by our SharePoint backup not releasing the site lock.  We manually changed the Lock Status back to 'Not Locked' from "Read-only' in the Central Administration for the site collection and permissions returned to normal.

    Tuesday, September 24, 2019 2:02 AM