SharePoint 2010 - Access denied for users that have full control on the site
Users get "Access Denied" over the whole site, despite having Full Control permission
Site Collection Administrators have no problem logging in
A SharePoint 2010 site that uses claims-based authentication has been extended to Intranet zone that uses AD as well as FBA. The site has number of users in the default owners and members groups.
All the site users always get access denied over the whole site even though they clearly have access to the site through the site groups.
Site Collection Administrators are allowed to access the site and have no problems logging in.
Make sure that all the Master page, CSS files, any other files that are required are published.
If there are files that are required in the master pages and are not published, users will get access denied even if they have full control on the site.
If you are ok with giving all authenticated users atleast road-only access to all files inorder to prevent the access denied problem, then you can try the below.
Add a new "User Policy" for the web application that allows "All Authenticated Users" the permissions "Full Read" on the desired zone.
Per a request from Nosika, I have updated the post with some screenshots that might be helpful.
Go to Central Administration
Click on Application Management
Click on Manage Web Applications
Choose the desired web application:
Click on "User Policy"
Click on "Add Users" to add a new User Policy:
Select the zone that you want to apply the new policy to. If you are not sure what to choose, leave the defaut value selected (All Zones) and cick next
Choose the permissions that you would like to give to the user(s) in this new user policy. If you do not want to give the user(s) full permission, choose "Full Read". This permission ensures that all the users in this policy can alteast access the site. Then click on "Browse" icon in the "Choose Users" area.
If you would ike to give All Authenticated Users / AD users / FBA users "Full Read" access, then choose the appropriate group(s).
In the next screens, click OK to get out of the wizard.
ICF Interactive a full-service, interactive agency with the ability to guide brands digitally – through an informed strategy, inspired design, technical know-how and an obsession for humanity, we not only can launch your site but we can digitally catapult your brand. If you have a project in mind, would like information regarding our work, career opportunities, proposal requests or anything else, please feel free to get in touch. We’re ready for what’s next. email@example.com