locked
SharePoint 2016 :User with full control on Web application cannot create a site collection. Getting Access denied error RRS feed

  • Question

  • Hello,

    I have faced an issue where the user with full control on web application could not create a site collection.

    Below is the error.

    Exception attempting to ApplyWebTemplate to SPWeb System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))    

    at Microsoft.SharePoint.SPGlobal.HandleUnauthorizedAccessException(UnauthorizedAccessException ex)
       at Microsoft.SharePoint.Library.SPRequest.OpenWeb(String bstrUrl, String& pbstrServerRelativeUrl, String& pbstrTitle, String& pbstrDescription, String& pbstrTitleResourceId, String& pbstrDescriptionResourceId, Guid& pguidID, DateTime& pdtTimeCreated, String& pbstrRequestAccessEmail, UInt32& pwebVersion, Guid& pguidScopeId, UInt32& pnAuthorID, UInt32& pnLanguage, UInt32& pnLocale, UInt16& pnTimeZone, Boolean& bTime24, Int16& pnCollation, UInt32& pnCollationLCID, Int16& pnCalendarType, Int16& pnAdjustHijriDays, Int16& pnAltCalendarType, Boolean& pbShowWeeks, Int16& pnFirstWeekOfYear, UInt32& pnFirstDayOfWeek, Int16& pnWorkDays, Int16& pnWorkDayStartHour, Int16& pnWorkDayEndHour, Int16& pnMeetingCount, Int32& plFlags, Boolean& bConnectedToPortal, String& pbstrPortalUrl, String& pbstrPortalName, Int32& plWebTemplateId, Int16& pnProvisionConfig, String& pbstrDefaultTheme, String& pbstrDefaultThemeCSSUrl, String& pbstrThemedCssFolderUrl, String& pbstrAlternateCSSUrl, String& pbstrCustomizedCssFileList, String& pbstrCustomJSUrl, String& pbstrAlternateHeaderUrl, String& pbstrMasterUrl, String& pbstrCustomMasterUrl, String& pbstrSiteLogoUrl, String& pbstrSiteLogoDescription, Object& pvarUser, Boolean& pvarIsAuditor, UInt64& ppermMask, Boolean& bUserIsSiteAdmin, Boolean& bHasUniquePerm, Guid& pguidUserInfoListID, Guid& pguidUniqueNavParent, Int32& plSiteFlags, DateTime& pdtLastContentChange, DateTime& pdtLastSecurityChange, String& pbstrWelcomePage, Boolean& pbOverwriteMUICultures, Boolean& pbMUIEnabled, String& pbstrAlternateMUICultures, Int32& plSiteSchemaMajorVersion, Int32& plSiteSchemaMinorVersion, Int32& plSiteSchemaBuildVersion, Int32& plSiteSchemaRevisionVersion, Int32& puiVersion, Int16& pnClientTag, Boolean& pfIsEvalSite, Guid& pgSourceSiteId, DateTime& pdtExpirationDate, Guid& pgEvalSiteId, Guid& pguidAppProductId, String& pbstrRemoteAppUrl, String& pbstrOAuthAppId, String& pbstrAppDatabaseName, Guid& pgAppDatabaseServerReferenceId, String& pbstrAppDatabaseTargetApplicationId, String& pbstrAppDatabaseLastAccessedDate, Int32& pnAppDatabaseStorageState, String& pbstrAppWebDomainId, Int32& plUpgradeFlags, DateTime& pdtReminderDate, UInt64& pmaskDeny, Int64& pllDiskQuota, Int64& pllDiskUsed, Int64& pllDiskWarning, UInt32& pulminutesSinceDenyMaskUpdate, String& pbstrDenyMaskGroupId, UInt64& pulCacheFlags, Int32& pminCacheAge, Int32& plRootWebTemplateId, Int64& pllSiteFlags2)
       at Microsoft.SharePoint.SPWeb.InitWeb()
       at Microsoft.SharePoint.SPWeb.get_Title()
       at Microsoft.SharePoint.SPSite.OpenWeb(Guid gWebId, Int32 mondoHint)
       at Microsoft.SharePoint.SPSite.OpenWeb(Guid gWebId)
       at Microsoft.SharePoint.Publishing.CachedObjectFactory.OpenWebFromSuperUserSite(Guid webId)
       at Microsoft.SharePoint.Publishing.CacheManager..ctor(SPSite site)
       at Microsoft.SharePoint.Publishing.CacheManager.GetManager(SPSite site, Boolean useContextSite, Boolean allowContextSiteOptimization, Boolean refreshIfNoContext)
       at Microsoft.SharePoint.Publishing.PublishingWeb.IsPublishingWeb(SPWeb web)
       at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigation.CreateTaxonomySessionForEdit(SPWeb contextWeb)
       at Microsoft.SharePoint.Publishing.FriendlyUrlUtilities.ActivateManagedNavigation(SPWeb web)
       at Microsoft.SharePoint.Publishing.NavigationFeatureHandler.<>c__DisplayClass1.<ApplyNavigationProperties>b__0()
       at Microsoft.Office.Server.Utilities.CultureUtility.RunWithCultureScope(CodeToRunWithCultureScope code)
       at Microsoft.SharePoint.Publishing.NavigationFeatureHandler.FeatureActivated(SPFeatureReceiverProperties receiverProperties)
       at Microsoft.SharePoint.SPFeature.DoActivationCallout(Boolean fActivate, Boolean fForce)
       at Microsoft.SharePoint.SPFeature.Activate(SPSite siteParent, SPWeb webParent, SPFeaturePropertyCollection props, SPFeatureActivateFlags activateFlags, Boolean fForce)
       at Microsoft.SharePoint.SPFeatureCollection.AddInternal(SPFeatureDefinition featdef, Version version, SPFeaturePropertyCollection properties, SPFeatureActivateFlags activateFlags, Boolean force, Boolean fMarkOnly)
       at Microsoft.SharePoint.SPFeatureCollection.AddInternalWithName(Guid featureId, Int32 compatibilityLevel, String featureName, Version version, SPFeaturePropertyCollection properties, SPFeatureActivateFlags activateFlags, Boolean force, Boolean fMarkOnly, Boolean fIgnoreMissing, SPFeatureDefinitionScope featdefScope)
       at Microsoft.SharePoint.SPFeatureManager.EnsureFeaturesActivatedCore(SPSite site, SPWeb web, String sFeatures, Boolean fMarkOnly, Boolean fIgnoreMissing)
       at Microsoft.SharePoint.SPFeatureManager.<>c__DisplayClass7.<EnsureFeaturesActivatedAtWeb>b__6()
       at Microsoft.SharePoint.SPSecurity.RunAsUser(SPUserToken userToken, Boolean bResetContext, WaitCallback code, Object param)
       at Microsoft.SharePoint.SPFeatureManager.EnsureFeaturesActivatedAtWeb(Byte[]& userToken, Guid& tranLockerId, Int32 nZone, Guid databaseid, Guid siteid, Guid webid, String sFeatures, Boolean fIgnoreMissing)
       at Microsoft.SharePoint.Utilities.SPUtility.HandleAccessDenied(Exception ex)
       at Microsoft.SharePoint.Library.SPRequest.ApplyWebTemplate(String bstrUrl, String bstrWebTemplateContent, Int32 fWebTemplateContentFromSubweb, Int32 fDeleteGlobalListsWithWebTemplateContent, Int32 fIgnoreMissingFeatures, String& bstrWebTemplate, Int32& plWebTemplateId)
       at Microsoft.SharePoint.SPWeb.ProvisionWebTemplate(SPWebTemplate webTemplate, String webTemplateToUse, SPFeatureWebTemplate featureWebTemplate, Page page, SPFeatureDependencyErrorBehavior featureDependencyErrorBehavior, ICollection`1& featureDependencyErrors)
       at Microsoft.SharePoint.SPWeb.ApplyWebTemplate(SPWebTemplate webTemplate, Page page, SPFeatureDependencyErrorBehavior featureDependencyErrorBehavior, ICollection`1& featureDependencyErrors)
       at Microsoft.SharePoint.SPWeb.ApplyWebTemplate(String strWebTemplate)
       at Microsoft.SharePoint.SPWeb.CreateWeb(String strWebUrl, String strTitle, String strDescription, UInt32 nLCID, String strWebTemplate, Boolean bCreateUniqueSubweb, Boolean bConvertIfThere, Guid appInstanceId)
       at Microsoft.SharePoint.SPWeb.SPWebCollectionProvider.CreateWeb(String strWebUrl, String strTitle, String strDescription, UInt32 nLCID, String strWebTemplate, Boolean bCreateUniqueSubweb, Boolean bConvertIfThere, Guid appInstanceId)
       at Microsoft.SharePoint.SPWebCollection.Add(String strWebUrl, String strTitle, String strDescription, UInt32 nLCID, String strWebTemplate, Boolean useUniquePermissions, Boolean bConvertIfThere, Guid appInstanceId)
       at Microsoft.SharePoint.SPWebCollection.Add(String strWebUrl, String strTitle, String strDescription, UInt32 nLCID, String strWebTemplate, Boolean useUniquePermissions, Boolean bConvertIfThere)

    However if we provide the Full read permission to NT_Authority/Authenticated users on web application level, it starts working.

    Can anyone suggest why this is happening and how it can be avoided in future?

    • Moved by Dave PatrickMVP Friday, November 6, 2020 1:25 PM looking for forum
    Friday, November 6, 2020 1:08 PM

Answers