2

I am trying to log into a new SharePoint application, which has it's authentication method set to Claims based authentication (CBA). The user I am logging in with is Site collection admin. When trying to log in I get the access denied page. When looking in the event log on the WFE the site is running on, I see the following error:

An exception occurred in Active Directory claim provider when calling SPClaimProvider.FillResolveClaim(): Requested registry access is not allowed.

Event ID: 8307

User: NT AUTHORITY\IUSR

I get why IUSR would not have registry access, but why would SharePoint run a request under that account, the webapp is running under a domain service account? Pretty much everything is running as it should except this web app. The Claims based authentication is needed because of search requirements (one-way domain trusts).

Improve this question

1 Answer 1

Reset to default
2

Ended up rebuilding the farm, after a clean install verything worked. One-way domain trusts need a lot of pre work is all i can say...

Improve this answer
1
  • Truth! I feel your pain. :-/ Commented May 27, 2015 at 19:43

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.