SharePoint 2013: how to create a custom access denied page

Procedure

  1. Log into one of the farm WFEs as a farm administrator.
  2. Open Windows Explorer, and then navigate to this folder:

    C:\Program Files\Common Files\microsoft shared\Web Server Extensions\15\TEMPLATE\LAYOUTS\

     

  3. Add a subfolder to this folder, naming it CustomPages.

    Note that this is the physical path to the CustomPages folder. The relative path would be:

    [web app URL]/_layouts/15/custompages

  4. In the LAYOUTS folder copy the file AccessDenied.ASPX into the CustomPages subfolder, renaming itAccessDeniedNew.ASPX. .
  5. Modify AccessDeniedNew.ASPX as desired.  To add text or other HTML elements to this page, be sure to introduce them within <asp:Content tags. In the example below, formatted text has been added so that it will appear just below the “Sorry, this site…” message.  The intent here is to keep the message simple in order to facilitate rapid comprehension and engagement. Added text is highlighted. .
  6. After completing the modification on this WFE, copy the CustomPages subfolder into the LAYOUTS folder of each of the WFEs in your farm.

    NOTE: if you don’t do this, your users will experience inconsistent responses – some getting the default accessdenied page and some the new one, depending on which WFE the farm’s NLB service routed the user’s request to.

  7. Open a SharePoint Management Shell using a farm administrator account having the SharePoint_Shell_Accessrole for the farm configuration database.  To check for those accounts that do have this role for the farm configuration database, execute Get-SPShellAdmin.
  8. Execute Get-SPCustomLayoutsPage to view what custom pages have already been configured. If you haven’t configured any custom message pages yet, you will see something like the following: .
  9. Execute the command that will update the farm configuration database to point to the new location of the AccessDenied page:
    Set-SPCustomLayoutsPage -Identity "AccessDenied" -RelativePath "/_layouts/15/custompages/AccessDeniedNew.aspx" -WebApplication "http:/mywebapplication/"

    The AccessDenied page path is now updated:

     .

  10. Open a browser using a standard account, and then navigate to a site or page that your account does not have access to.  The new AccessDenied page is presented.  Note that an IISReset does not need to be performed.  The change takes affect immediately. .

References

Notes

  • Thanks to KeithTuomi for his response, to this posting, providing the necessary steps.
  • This procedure was performed on a small, traditional-topology SharePoint 2013 farm that includes one DB, one App and two WFEs in (Windows) NLB configuration.
  • Using the steps shown in this posting, you can also deploy custom Confirmation, Error, Login, RequestAccess, Signout and WebDeleted pages. Just change the value of the Identity parameter appropriately.

Geef een reactie

Het e-mailadres wordt niet gepubliceerd. Vereiste velden zijn gemarkeerd met *