奇怪的 Sharepoint 403 错误

发布于 2024-08-12 02:40:49 字数 335 浏览 6 评论 0原文

我已经为我的团队安装了一个 Sharepoint 网站。一切工作正常。但突然,我发现我无法编辑快速启动菜单:每次我单击“添加项目”或编辑项目时,都会收到 403 错误。

我已经用管理员帐户登录了。我尝试过使用不同的浏览器,例如 chrome、firefox,但没有希望。当我访问用户和权限下的高级权限时,也会出现相同的错误。

单击编辑列表中任何组的权限也会导致 403 错误。我认为我可能在权限方面做了一些错误的设置,但我不知道我做了什么,因为我对 Sharepoint 还很陌生。

你们能告诉我如何解决这个问题吗?

问候,

I've installed a Sharepoint site for my team. Everything work fine. But suddenly, I've found that I can not edit the quicklaunch menu: every time I click on Add Item or edit an Item, I get a 403 error.

I've logged with administrator account. I've tried using different browsers such as chrome, firefox, but no hope. The same errors occur when I access Advanced permissions under User and Permission.

Clicking to edit permissions for any group in the list will also cause a 403 error. I think that I may have done some wrong setting with permissions, but I can not figure out what I have done, as I'm pretty new with Sharepoint.

Can you guys tell me how to troubleshoot this problem?

Regards,

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(5

你丑哭了我 2024-08-19 02:40:50

您可以配置诊断日志记录设置以显示 SharePoint 在 SharePoint 跟踪日志文件中向您提供 403 错误的原因。

在中央管理中:
在顶部导航栏上,单击“操作”。

  • 事件限制部分的“选择类别”菜单中,选择常规
  • 在“要报告给事件日志的最不严重事件”菜单中,选择警告
  • 在要报告给跟踪日志的最不重要事件菜单中,选择详细
  • 单击确定

转到为跟踪日志指定的路径并重现错误。然后打开上次修改的共享点日志文件并搜索“Denied”(从文件底部向上搜索)。您应该在日志文件中看到 403 错误的原因。

You can configure diagnostic logging settings to show why SharePoint gave you a 403 error in the SharePoint Trace Log file.

In central Admin:
On the top navigation bar, click Operations.

  • On the Event Throttling section, in the Select a category menu, select General
  • In the Least critical event to report to the event log menu, select Warning
  • In the Least critical event to report to the trace log menu, select Verbose
  • Click OK

Go to the Path specified for the Trace Log and reproduce the error. Then open up the last modified sharepoint log file and search for "Denied" (searching up from the bottom of the file). You should see the cause of the 403 error in the log file.

哎呦我呸! 2024-08-19 02:40:50

使用网站集管理员帐户登录。您很可能从该网站删除了您自己的管理权限(我仍然不知道为什么 SP 会让您这样做)。

进入后,将您的普通网络帐户恢复为管理权限。

网站集管理员帐户在其网站集中拥有神一般的权限,并且可以覆盖其域中所有安全对象的所有配置权限。

Log in with the site collection administrator account. You most likely removed your own administrative rights from the site (I still don't know why SP will let you do this).

Once you are in, give your normal network account back its administrative permissions.

The site collection administrator account has godlike permissions within its site collection and can override all configured permissions on all securable objects in its domain.

心清如水 2024-08-19 02:40:50

小心使用这些

服务帐户中的设置可能不正确,导致服务器阻止某些内部请求。尝试禁用环回检查:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\

创建一个名为“DisableLoopbackCheck”且值为“1”的 DWORD。

还要确保您的应用程序池(IIS 管理器)在实际的永不过期的用户帐户(而不是系统帐户)下运行。

USE THESE CAREFULLY

You probably have a incorrect setup in the service accounts making your server block some internal requests. Try to disabled the Loopback Check:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\

Create a DWORD named 'DisableLoopbackCheck' with a '1' value.

Also make sure your Application Pool (IIS Manager) is running under an actual never-expires user account not the System Account.

有深☉意 2024-08-19 02:40:50

请不要关闭LoopbackCheck。关闭它可以解决问题,但也会让您面临反射攻击,即使是脚本小子也有能力做到这一点。请改用 BackConnection 主机文件。

转到HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
添加名为 BackConnectionHostName 的多字符串值
在此类型中输入您的主机名。示例:StackOverflow.com
在每一行中键入用于调用 SharePoint 的每个名称。

我们在这里所做的是让服务器知道如果被主机名以外的其他名称调用,则要对其自身做出响应。

Please do not turn off the LoopbackCheck. Turning it off will fix the issue but it also opens you up to a reflection attack which even script kiddies have the ability to do. Instead please use the BackConnection Host file instead.

Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
Add a Multistring value named BackConnectionHostName
In this type in the name of your host names. Example: StackOverflow.com
Type each of the names you use to call SharePoint one on each line.

What we are doing here is letting the server know to respond to itself if called by something other than its host name.

一袭水袖舞倾城 2024-08-19 02:40:50

检查 c:\program files\common files\microsoft share\web server extensions\12\template\layouts\user.aspx 上的 ntfs 权限

Check your ntfs permissions on c:\program files\common files\microsoft shared\web server extentions\12\template\layouts\user.aspx

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文