Category Archives: Permission

Access Denied Content Type Policy Templates

access denied content type policy templates

I was getting access denied error while creating content type policy template in sharepont online. i tried the solution as below to resoleve the issue. let’s disucss how to resolve access denied content type policy templates error. the solution is applicable for the error Access denied uploading template to content type.

Advertisements
Advertisements
  • Navigate to site settings in sharepoint and click on “content type policy template” to create a custom policy template.
site settings option in sharepoint online for the error access denied content type policy templates
site settings in sharepoint

Error “access denied content type policy templates” screenshot as below

access denied content type policy templates
access denied error while creating content type policy templates
Advertisements
Advertisements

Solution

Enable below settings in sharepoint admin center.

  • Allow users to run custom script on personal sites
  • Allow users to run custom script on self-service created sites
enable custom script sharepoint online
enable custom script sharepoint online

Enable Custom script in site

next step to enable cutom script in site using powershell

Connect-SPOService -Url <sharepoint admin center url>
Set-SPOSite -Identity <site url> -DenyAddAndCustomizePages 0

watch the video below to see all steps for your reference

Advertisements
Advertisements
Advertisements
ViewFormPagesLockDown feature

ViewFormPagesLockDown feature Unable to setup uniquely secured permission

I remembered once faced an error where user having Contribute permission to folder in the library but getting access denied. This issue in entire site collection. User with unique permission to list, folders are not able to view the page. The issue resolved by changing ViewFormPagesLockDown feature to Disable. Below article describes all about the information about ViewFormPagesLockDown feature Unable to setup uniquely secured permission.

Configure anonymous access

For content to be available for anonymous access, the following must be configured:
1. The site or site collection must be configured to allow anonymous access.
2. At least one zone in the Web application must be configured to allow anonymous access.
Enable anonymous access only for Web applications that require unauthenticated access. If you want to use authentication for personalization, implement forms authentication by using a simple database authentication provider

Advertisements

ViewFormPagesLockDown SharePoint Feature:

  • Allows anonymous users to only view the Publishing pages, not any of the form or view pages (DispForm.aspx, AllItems.aspx). if your portal wasn’t born as a publishing portal, all anonymous users will have access to AllItems.aspx, DispForm.aspx and other pages that you don’t want outside users to see.
  • Disallows anonymous access to pages in the “_layouts” directory that inherit from LayoutsPageBase.
  • By default, all publishing sites have the feature called “ViewFormPagesLockDown” activated, but not on the Collaboration Portal site or Team sites’ definition. Without this Feature active on anonymous public sites, any users – including search engines like Google will be able to view (and crawl) SharePoint out-of-box pages which are tied to lists and webs that allow viewing by anonymous users.
  • Yes, these users might not have the ability to do anything, but you may not want anonymous users to view the form pages.
  • If you still get the Form pages visible for the end users, try: With the ViewFormPagesLockDown feature Enabled, disable Anonymous Access in the site, then re-enable it. MSDN Link: http://technet.microsoft.com/en-us/library/cc263468(office.12).aspx
  • So this lockdown feature is useful if a site collection that is configured for Anonymous access on a Publishing site and you want to lock it down so Anonymous users don’t have access to the Forms page (e.g. http://ServerName/Pages/Forms/AllItems.aspx)
  • If a library or subsite that has broken permission inheritance, and permission is given to user or group to only that library or site. In this case to view the contents, user/group must have some access to root web else user/group cannot access although they have permission.
  • One more scenario where Publishing Portal configured for Anonymous access where users are unable to post comments (which are stored in a List) on a blog site then the lockdown feature can be disabled, which will result in allowing Anonymous users to post comments. Normally, people won’t have problem posting comments on a blog site unless it is a Publishing site, in which case they will get a prompt to enter user credentials. In such a scenario you can disable the lockdown feature.
  • If you want to place your custom application pages inside the _layouts directory, which anonymous users must hit, there’s the UnsecuredLayoutsPageBase class you can use as the base class of your page, and there’s always just the Page class as in a standard ASP.Net application page.
  • When enabled permissions for users with limited access permissions, such as anonymous users, are reduced, preventing access to application pages including item properties or list views.
  • If a document, folder, or library has unique permission, those users will not able to 1. Use the drag and drop feature to upload documents 2. Brows to the affected folder 3. Use the shared with feature 4. Open document in the office client 5. Some call out features on documents and folders will not render as expected.
Advertisements

How to check site has ViewFormPagesLockDown feature Enabled or Disabled

Run the below commands to get the status of ViewFormPagesLockDown feature

Get-SPFeature -site http://Site Collection URL
How to turn lockdown mode to off
$lockdown = Get-SPFeature viewformpageslockdown
Disable-SPFeature $lockdown -url http://Site Collection URL

SharePoint search result not found from specific document library

Advertisements

Advertisements

SharePoint search result not found from specific document library

I came across a situation where user is trying to search documents selecting the option "search in same site" instead of "all sites" from  search box and getting no result where as can find documents from other library with in same site. SharePoint search result not found from specific document library

Why such happens ?

The first point comes to mind for search error is  content not crawled, indexing not done for this situation.

Yes , its true but we need to think why  ?

As per my investigation I found the setting of the library as below

Draft-items-are-not-crawled-in-SharePoint

By default SharePoint only crawls major versions of files and draft items are only viewable by their creators. SharePoint is behaving as expected out of box.Draft items are not crawled in SharePoint

Resolution :

This behavior can be altered in Document Library Settings -> Versioning Settings -> Draft Item Security

Select the option "Any user who can read items".

This will allow all users to see draft items including the crawling account.

* Else you need to select "Create major versions" option or can publish the documents as major versions if want to get those documents in search result as per client wish.

https://support.microsoft.com/en-us/help/2304855/draft-items-are-not-crawled-in-sharepoint

Advertisements

Advertisements