Customize the Access Denied Page

Part of the reason we want to change the Access Request page is the users get confused when they see “Error”. We want them to “knock on the door of sites” and request access so the email will go to the user-site manager of the site. They see – and focus on – “Error”, ignore the tiny “Request Access” link, and call the help desk saying they can’t get to SharePoint. There is no error; this is the process we want them to use. Our Access Denied page needs to be more user-friendly.

This took much research and was a little scary for me, as it involved delving into Visual Studio instead of just using the SharePoint Designer. I was able to piece it together thanks to Vijai Anand (How to create custom SharePoint 2010 Application Page using Visual Studio 2010) and Soderlind (SharePoint 2010: Customize out of the box Application Pages (AccessDenied, Confirmation, Error, Login, RequestAccess, Signout, WebDeleted )) and a co-worker who helped with the CSS portion. This was developed on a Development Server (that had Visual Studio 2010 installed and SharePoint installed) and then deployed to our Test Server using PowerShell (the same will be used to go to Production.) I’m including all of the steps for the benefit of admins who are not developers.

Step 1: Make the page using Visual Studio.

File > New > Project

Empty SharePoint Project. (We use Team Foundation Server for our Source Control, so the part about “Add to Source Control” may not apply to you.)

Connect to your Development SharePoint application. Select “Deploy as a farm solution”.

Right-click the project, Add > New Item

Select Application Page and name your new page.

Now, because we want to retain the ability to “Request Access” and “Sign in as different user” and those parts are looking for pages relative to the called page, I’m going to move the ExampleAccessDenied.aspx out of the folder where it got created and delete the folder. This is because, if I don’t, the deployment will create a folder in the layouts directory and mess up my relative path.


Step 2: Modify the page

I want most of the functionality provided by the default Access Denied page so I’m going to copy and paste all of the code out of the OTB page into my own. Find the AccessDenied.aspx in the hive. (Typically: C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\TEMPLATE\LAYOUTS)

Once you’ve replaced all the code in your page with the copied code, you can build and deploy your solution for a look at your progress. Right-click and build your solution.

Then right-click and deploy your solution. This will put a copy of the application page into the layouts folder of your web application.

You should be able to browse to your application page. It looks just like the Access Denied page.

Back to Visual Studio and the code on the page. I’m going with the assumption that you’re not a developer and most of this looks like Sanskrit. I’m going to show you section by section what was there and what I put so hopefully, if you want to make simple changes similar to mine, you’ll be able to figure it out. All the code, before and after, is included here: ExampleAccessDenied

PlaceHolderPageTitle

This is what puts the Error: Access Denied at the top of the Explorer bar and the tab window.

We want to replace the word Error with our company initials.

BTW, you can comment out sections by selecting the code and hitting the icon next to the tab-in tab-out icons. It puts the <%– marks around the commented code –%>

PlaceHolderPageTitleInTitleArea

This is the other Error: Access Denied we wanted to get rid of.

A friendlier You do not have access to this resource.

PlaceHolderPageImage

The very intimidating X; that’s got to go.

We’re just going to comment that section out altogether.

PlaceHolderAdditionalPageHead

This is where my co-worker helped me. We wanted to control the formatting of the section and needed a little brute force to get the error image to stop showing. Sorry I don’t have more commentary for this section, but hopefully you’ll be able to use what we did.

PlaceHolderMain

This is the main meat and potatoes section. We removed the icon, made a friendlier list of options, and moved the user info to the bottom. I’ve included the entire thing in a pdf you can download. ExampleAccessDenied

Build and deploy the solution again.

Package your solution

Change the configuration from Debug to Release.

Right-click and package the solution.

The output will show you where it put the wsp file. This is the file you will need to deploy to our other environments (because you DO follow an SDLC process right?)

Step 3: Tell SharePoint to use the new page

We do NOT want to just rename our page to AccessDenied.aspx.

cls $snapIn = Get-PSSnapin | where-object {$_.Name -eq "Microsoft.SharePoint.PowerShell"}
if($snapIn -eq $null) { 
 Add-PsSnapin Microsoft.SharePoint.PowerShell 
} 
Set-SPCustomLayoutsPage -Identity "AccessDenied" -RelativePath "/_layouts/ExampleAccessDenied.aspx" -WebApplication "http://DEVWEBAPPLICATION" 
Get-SPCustomLayoutsPage –Identity "AccessDenied" -WebApplication "http://DEVWEBAPPLICATION " 
iisreset

Step 4: Deploy

In the new environment, put the wsp file into a temporary holding place. We used a folder called solutions. Then run the powershell to deploy the solution and Set SPCustomLayoutsPage. I have the powershell saved in a pdf for that as well (DeployCustomAccessDeniedPowershell.)

Set the variables at the top for the solution name, release folder name, and web applications you need to release to:

$allSolutions = (“CustomAccessDenied.wsp”)
$releaseFolderName = “C:\Solutions\CustomABCD\”
$allURLs = (“https://WEBAPP1&#8243;,https://WEBAPP2)

At the very bottom, you’ll need to change the aspx page as well:

“/_layouts/CustomAccessDenied.aspx”

Voila!

ExampleAccessDenied
DeployCustomAccessDeniedPowerShell

About these ads

3 Responses to Customize the Access Denied Page

  1. Kim says:

    Great Article! Do you have a similar article for the Sign-In as different user page too?:

  2. Jason Vickers says:

    Very helpful, thanks for taking the time to write this up.

  3. Liz says:

    Hi! How can this be implemented per site collection only and not in the whole Web App? Do you know? :?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 123 other followers

%d bloggers like this: