Automating Site Collection Creation

Question

I have a need to allow non farm administrators to be able to create site collections using a very specific site definition. These people will not have access to central admin and so require a custom solution to allow the creation of these. I have tried several solutions, but want some consensus on a recommended approach.

1. Custom Web Service - I have written a custom web service to perform this task however this caused major headaches and even though the web service was running in an app pool using the same identity as the sharepoint app pool I could not get this to work. Also had form digest issues in trying to perform this v ia a web service.

2. Web Part/Application Page - No form digest issues here as we are in the SharePoint context, however I have tried using RunWithElevatedPrivileges but I still get an access denied when calling SPWebbApplication.Sites.Add(), even though all SPSite and SPWeb pbjects are being instantiated inside the elevated code block. I have tried direct impersonation at the UI level and I get an UnhandledException saying that impersonation has failed.

3. Application Wrapper Around stsadm - I have not attempted this yet as I am concerned about the viability of this approach, surely there is a cleaner way than this?

Some guidance on this would be useful as I cannot find much out there on this.

Thanks

Answer 1

the problem is that you cannot use RWEP to create the site collection. RWEP takes the the identity of the app pool and most likely (if you configured your farm correct) this account is not member of the farm adminstrators group - which is required to create the site collection. If you run the code in central admin it will work though, since it takes the identity of the CA app pool who is farm admin.

So you have a number of options to create this feature:

1. You can grant farm admin to your app pool account and proceed as normal - NOT RECOMMENDED!
2. Create a web app in Central admin to create this sites - NOT RECOMMENDED, you do not want to expose CA to your users
3. Create some timer job (running as farm admin) and then add your "create site collection request" to a list which the timer jobs checks. Then the timer job creates the site coll and eventually when it's created sends an e-mail to the user who requested the site coll. It will be a slight delay (depending on how often the timer job runs) until the user has their site coll.
4. Create a web service in CA which makes the site coll. Then call this web service from your custom code.

I've used the two last approaches successfulley.

/WW