Re: Restored Server but SharePoint refusing admin access

I went ahead and forwarded my post to the SharePoint forums. They were able
to help get it working. I figured since I posted here I would go ahead and
provide the solution here so anyone else may use it if needed.

First of all, They did confirm what you and I stated earlier about the SID
and Binary IDs being different. The primary goal was to either change the
SID/BID or remove the user from the database and add it again. (To be clear,
removing the user from the database is not the same thing as removing them
from the SharePoint site. evidentally removing them from the site just
disables their access. The still exist in the database). Since we cannot get
access to the Windows Internal Database (SQL Embedded: MSSQL$MICROSOFT#SSEE)
we have to force access to it. First, open the Named Pipe from the server
(locally or from a RDP/TS), In SQL Configuration Manager go to SQL Server
2005 Network Configuration and go to the properties page of the "Protocols
for MICROSOFT#SSEE". Insure Named Pipes is enabled. Also remember (or copy to
the clipboard) the Pipe name. Use SQL Management Studio and use the pipe name
for the SQL Server address to access the database. If you are unable to
connect (Access Denied error) like I had you will have to add yourself to the
policy list for the web application. Here comes the tricky part. If you
previously were in the web applications user list (regardless of what role
you had) you cannot access the database from that account. The system will
complain that you already exist. You will need to use an administrator
account which has not been previously used or create a new administrator
account. (This part sucks for Active directory users if you have strict
security policies). Nonetheless once you have a non-sharepoint administrator
account open the SharePoint Central Administration site. Go to Application
Management. Click "Policy for Web Application" Make sure the web application
you are wanting access to is listed at top right (Change is if not). then
click add users. Fill in the form with the administrator account that you
either created or has never had access to SharePoint. Once you are done you
will need to open the database server again with the pipe name but under the
newly added administrator account (for me, since I added a new admin account
to the server I just right-clicked SQL Management Studio and chose "Run As"
but if you use an existing admin you will need to get them to do this or get
their password). Once SQL Management Studio is running under the newly added
admin context you should have no problems accessing the named pipe. Once
there locate the Content Database name for the Web Application you need
access to and open the table "UserInfo" Once done you will see all the users
for this web application. locate your account and remove it from the table
completely. disconnect. Open a new command window (CMD) under the newly added
admin account (Just like SQL Mangement studio). use stsadm to add a new user
for yourself. use your existing server account (stsadm.exe -o adduser -url
<url of web application to add new account to> -userlogin <DOMAIN\User>
-useremail <email@xxxxxxxxxxxxxxx> -role <Role Name such as Full Control;
Must match an existing role for this web application; use stsadm.exe -o
enumroles -url <WebAppURL> to get a list> -username <Display Name as it would
appear in SharePoint; "FirstName LastName"> -siteadmin

Use Site Admin is you are taking over the site. If there is an existing site
admin who will stay the site admin do not use -siteadmin in your command.

Once you run this you should have full access to the web application. If you
are not to have full access (Full control role) you can use a different role
type.

"Bill Peng" wrote:

Well, this won't work for sharepoint 3.0...

FYI.
http://technet2.microsoft.com/windowsserver/WSS/en/library/64171b8c-5608-4e69-881a-67996080b7ff1033.mspx?mfr=true

In addition, posting to sharepoint newsgroup can be a good idea.

Sincerely,
Bill

"Quilnux" <Quilnux@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:6D85453C-8F9C-48F1-9E1F-34EB6486B50E@xxxxxxxxxxxxxxxx
I have not had a chance to try this yet. I will get the oppertunity
tomorrow.
Just to be clear, we are using SharePoint 3.0 not 2.0. Will that still be
the
same for your suggestion? I didn't know the user templates would touch
3.0.
I'll let you know of the results tomorrow.

"Bill Peng" wrote:

I think your assumption is correct. Please open server management, and
change user permission. then use appropriate user template to rebuild
user
permissions. this can restore default sharepoint permissions for every
user.

Sincerely,
Bill

"Quilnux" <Quilnux@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5EF53C5C-68CB-48BE-915F-D30E8E9A7812@xxxxxxxxxxxxxxxx
Hello, (We are using SharePoint Services 3.0)

We recently had to reinstall our server. We also had to manually
re-enter
all user accounts including administrator accounts. We have everything
working now except SharePoint. We are able to run a successful restore
(we
used the stsadm.exe command-line). We can tell it is correctly restored
by
the database file sizes however it will not let anyone in. We get an
"Access
Denied" error. We can access the Central Administration Site without
any
problems. Its only the SharePoint site. I've done restores before but
never
seen a site not let an admin in after one. Also, I tried accessing the
database server using SQL Server Management Studio but it won't let us
in
that either. I would assume the issue has something to do with the
SID's
being different for the new admin accounts. Is there anyway to get into
the
site or a way that we can add one of the new admin accounts to the site
to
let us in?
Thank you for your help.


.

Relevant Pages

  • Re: Help with WSS 3.0 Server Farm Config - Backend SQL 2005
    ... I had to use only "sharepoint" to get the ... What interest me though is that the database get created but fails after ... Virtual Server with DBSVR ... an account local to the WEBSVR) to create and access the SQL server, ...
    (microsoft.public.sharepoint.windowsservices)
  • Re: Restored Server but SharePoint refusing admin access
    ... > SID/BID or remove the user from the database and add it again. ... >, In SQL Configuration Manager go to SQL> Server ... > you had) you cannot access the database from that account. ... > newly added administrator account (for me, since I added a new admin ...
    (microsoft.public.windows.server.sbs)
  • Re: WSS MSDE DB Location Change Nightmare
    ... STS_servername_1 database. ... able to do your reinstall of MSDE and restore over top of the new Content DB ... Sharepoint Services was installed. ... Pool Is the Account That Has the Required Permissions to the SQL Server ...
    (microsoft.public.sharepoint.windowsservices)
  • WSS MSDE DB Location Change Nightmare
    ... Sharepoint Services was installed (with MSDE). ... the Windows SharePoint Services database files" ... Pool Is the Account That Has the Required Permissions to the SQL Server ...
    (microsoft.public.sharepoint.windowsservices)
  • Re: Restored Server but SharePoint refusing admin access
    ... SID/BID or remove the user from the database and add it again. ... In SQL Configuration Manager go to SQL Server ... you had) you cannot access the database from that account. ... newly added administrator account (for me, since I added a new admin account ...
    (microsoft.public.windows.server.sbs)