SharePoint 2016: Check Permissions – Windows Auth
I’ve written several blog posts on the “Check Permissions” function and its reliance on the “External Token”, including one for SharePoint 2013 with Windows authentication, which you may consider as some good pre-reading to this post, as it discusses the External Token and the details around trying to refresh that token non-interactively. Suffice to say
SharePoint: Unique list permissions: The server was unable to save the form at this time
Consider the following scenario: You break permission inheritance on a list and give some users permission to only that list. The users can browse to the list, but when they try to add an item to the list or edit an existing item, the following error occurs: The server was unable to save
SharePoint – Intermittent error: “Sorry, this site hasn’t been shared with you”
Consider the following scenario: Randomly, when a user browses to a resource (site, list, etc) that they are supposed to have access to, they receive “Sorry, this site hasn’t been shared with you” (access denied). The users continue to get “Access Denied” for a period of time, and then it starts working again after making
SharePoint: Windows user not equal to ADFS user
I’ve been over this concept with customers and support engineers so many times, that I’m not sure why I haven’t posted about it before. My colleague Adam posted on this topic a while back, but I wanted to expand on that a bit. The Setup: Let’s say you have a SharePoint (2010, 2013, 2016, 2019,
SharePoint: 403 Forbidden accessing libraries and certain links in Site Settings
This was a special situation where most of the site appeared to work, but certain links under Site Settings would fail with 403 Forbidden. For example: Themes Master Pages Solutions Composed looks List Templates Most document libraries Actually, in some cases, the page request would result in Access Denied, and redirect the user to the
SharePoint: Check Permissions and External Tokens – ADFS (SAML auth)
This post is the third part of a series on the “Check Permissions” function. It’s focused on Trusted Provider authentication aka: SAML-claims. The way “Check Permissions” works varies by authentication method. For Windows or FBA auth, see my other posts: Windows-Claims Authentication: https://joshroark.com/sharepoint-troubleshooting-check-permissions-windows-auth/ Forms-based Authentication (FBA): https://joshroark.com/sharepoint-check-permissions-and-external-tokens-fba/ Notes: I’ll be talking about Active Directory Federation
SharePoint: The Complete Guide to PortalSuperUserAccount and PortalSuperReaderAccount
What are the Super User and Super Reader accounts for? This is explained pretty well on Docs here: https://docs.microsoft.com/en-us/SharePoint/administration/configure-object-cache-user-accounts In general, they are used in the process of making SharePoint Publishing sites (any site using the publishing features) render quickly and efficiently. Please keep in mind that these accounts aren’t actually required to be