SharePoint 2016 - Access Denied - Limited Access

sharepoint.stackexchange https://sharepoint.stackexchange.com/questions/278593

  •  08-02-2021
  •  | 
  •  

Question

SharePoint 2010 Applications have been migrated to SharePoint 2016 applications but we are facing with an critical issue nowadays.

I will mention what we tried and what we got below.

Firstly,

After mounting the content database we executed the powershell script below:

$wa = Get-SPWebApplication https://xxx.com.tr;
$wa.MigrateUsers($true);
$wa.ProvisionGlobally();
  • The domain is same.
  • Claims based authentication is enabled.

Secondly we checked user's permissions and everything was fine.

But users are getting "Sorry, this site hasn't been shared with you", if the folder library has unique permission and sub folder also has unique permission although they have full control on that subfolder.

In SharePoint 2010, they were able to see these folders and also they were able to see upper folders empty because they had Limited Access.

What I checked :

  • I checked SPSuperUserAccount and SPSuperReaderAccount in web application.
  • I checked master pages and All Users have read permission on that.
  • I checked ULS Logs and everything was fine.
  • Also users are able to see files with full path.

Is there any change with permission structure in SharePoint 2016 ?

Was it helpful?

Solution

Did you follow the migration sequence from SharePoint 2010 to 2013 then 2013 to 2016? And we must convert to claim authentication before or after migration from SharePoint 2010 to 2013.

Give NT AUTHORITY\authenticated users and Everyone to READ Only by following the below steps :

Site actions > site settings > Master Page and page layouts > Library tab > Permissions. Add All authenticated users to READ ONLY.

If you already do the above steps, you can follow the below steps, it mostly issue with the limited access :

Add the group to SharePoint, but do not select a permission level

Place the users within you need to have limited access

Run the following PowerShell Commands to add the Limited Access:

$spGroup = $spWeb.SiteGroups["Limited Access Group"];
$spWeb.RoleAssignments.Add($spGroup);

Take special note I am using SiteGroups and not Groups, because the group hasn't been added to the site yet roles yet. The next command will do that though. You will not see the group in the GUI but if you check the group by running:

$spWeb.Groups["Limited Access Group"];

You will see the role {Limited Access} has been added. Everything should be good after that.

Source of above troubleshooting :

Access denied to folder with unique permissions in Sharepoint 2013 after migration

Licensed under: CC-BY-SA with attribution
Not affiliated with sharepoint.stackexchange
scroll top