SharePoint: Communications Sites missing links in Site Settings – DenyPermissionsMask

Problem: When you browse to site settings within a Communications site, you see that certain links under Web Designer Galleries are missing, such as: For example, Communications site on the left, and Teams site on the right: Also, if you browse directly to the Themes gallery by appending _catalogs/theme/Forms/AllItems.aspx to the URL and try to upload a file,

SharePoint: Delete user from site collection creates site outage

Consider the following scenario: You try to delete a user from a site collection, either in the UI (Site Settings | People and Groups | delete users from site collection), or by using the PowerShell command Remove-SPUser. The operation runs for a long time, during which the sites within that content database may suffer severe

SharePoint: How to configure People Picker for a one-way trust

I recently went looking for an article showing how to configure People Picker for 1-way trusts and was disappointed with what I found. Many articles reference the cringe-worthy STSADM commands. Others are either incomplete or less than concise. So here’s my take on it: Background: When using Windows authentication within SharePoint, a domain or forest

SharePoint: People Picker and Disabled Users

I’ve already written a few things on this topic, but I thought I’d add additional background, consolidate concepts, and highlight a new (to me) twist. Background: SharePoint Server (doesn’t matter which version) People Picker should not return disabled user accounts from Active Directory. If it does, there’s a configuration problem in either Active Directory or

Test-SPContentDatabase throws authentication mode error

  Consider the following scenario: You move a content database from a Windows-claims web app to a new claims-based web application in a SharePoint 2016 or 2019 farm. You run Test-SPContentDatabase against the database. Example: Test-SPContentDatabase -Name Contoso_Content -WebApplication “https://team.contoso.com” The output contains this warning: “The [contoso.com-443] web application is configured with claims authentication mode

SharePoint – Intermittent error: “Sorry, this site hasn’t been shared with you”

Consider the following scenario: Randomly, when a user browses to a resource (site, list, etc) that they are supposed to have access to, they receive “Sorry, this site hasn’t been shared with you” (access denied). The users continue to get “Access Denied” for a period of time, and then it starts working again after making

SharePoint: Shared Mailboxes, disabled accounts, and People Picker

Important: This is not something that is supposed to work. You’ll see that we can get it to work in certain scenarios, but it is not an intended design of SharePoint. At any time, a code change could be made that breaks our workarounds and leaves little recourse other than enabling the accounts in Active