Permission error

Error : PermissionMask check failed. asking for 0x00000005, have 0x2000011001

One of our SharePoint 2010 sites started throwing an error with correlation ID. This site has multiple user permissions.

The issue started occurring after a routine windows maintenance. so I figured this should not have happened due to code or DB issues. ULS logs also pointed out there was an issue with space but when I checked all the drives had enough free space. Though there was enough free space I did delete some old files as I have seen before in VM’s with SAM storage there could be some drive corruption and though it shows free space you will not be able to write any files to it. It did not help.

Next thing was to look into the error above. I googled it and read some articles talking about app pool permissions so I checked to make sure app pool account was good. This account was not changed since the site was created and it was active.

Next, I restarted the app pool which will recycle the IIS cache and that did the trick.

The site was up and running.


Thank you




Before any major release, it is fun to create excitement among users. It will also encourage users to look forward to the new product. Recently I used a timer to keep up the excitement of a new site we were going to release. I have used SharePoint script editor webpart and embedded this script which will show a timer countdown on your page.

<b>New release in</b>

TargetDate = “02/01/2018 5:00 PM”;
BackColor = “#e1e2e3”;
ForeColor = “navy”;
CountActive = true;
CountStepper = -1;
LeadingZero = true;
DisplayFormat = “%%D%% Days, %%H%% Hours, %%M%% Minutes, %%S%% Seconds.”;
FinishMessage = “It is finally here!”;


















Why not customize a SharePoint master page.

I came across this question a lot. Simple answer would be that there are times when you need to modify and some times you don’t have to. If you are an experienced developer and know the best practices, you can modify. If not stick with html as it is much easier to handle. Recently  on SharePoint stack exchange  I read some one asking how to modify seattle.master and whether he should modify or not. Below is the best answer.


If you will bear with my I will first answer a question you did not ask, and then I’ll get to your actual question.

What did you modify exactly, the file on disk or on the web site (through SharePoint Designer or a mapped drive) ?

If you have modified the file on disk, you should copy your changes some place safe (for later, see next) and immediately revert to the original file. Any modification to SharePoint’s OOTB files are bound to a) cause loads of problems and b) be overwritten by future updates. By modifying the file on disk you are effectively changing the master page for each and every existing site that uses that style. Most files you see in a web site are in fact links to the file on disk until they are customized(next paragraph).

If you have modified the file in the web site (in _catalogs/masterpage), in effect you have customized the file, that is you have detached it from its source definition on disk and created a local copy that now lives in the database, only for that site.

What a customized file means is: – You will need to re-apply those changes manually to any other site where you want it as they are all independent. This includes production, future sites, etc. – All of those sites, after you have modified them directly, will have their own independent copy of the file which are not related to one another so you will not be able to make mass updates to your branding.

If you have only one site at this time, you might think you are ok. But SharePoint has a tendency to grow…

If you are doing custom branding, the bare minimum would be to make a copy of seattle.master to a custom name, and work on that. That will avoid you the interference headaches with official updates and modifications to the standard master page (which you should keep as fallback should things go wrong).

Next, you should really consider a deployment package (e.g. a file on disk). Then when you create a new site, you just set it to use that master page (manually, through feature activation, at this point it does not matter). This way, all of your sites will still use an un-customized master page, meaning they will in fact all be references to the one on disk. This makes updates much easier and is the norm in enterprise settings. The same goes for your CSS and JS files.

You could have CSS and JS files in the _layout directory but for this you really want a deployment package, never drop files there manually.

And now, to specifically answer your original question:

The difference between the .master and .html pages is not that much, but you can view .html as preceding the .master. Some master pages do not have an associated .html page, but if you upload a .html file SharePoint will automatically create a .master. The latter is the one that is used in the end, with the .html being more of a “designer file” and is easier to work with for most HTML folks (has all the markup as comments, so you have fewer chances of wrecking the final ASPX markup).

So, if you have both, work on the .html file. If you have only the .master, work on that one. What you should avoid is uploading a .html file, then working on both the .master and .html files because every time you save the .html SharePoint will overwrite your .master. Once the .master is generated the .html is mostly ignored by the system.



SharePoint List Title column

I was working on a SharePoint list and had to create few custom columns. There is no way I could use the default “Title” column. I realized that even if I hide it use a list view it will still show up when I create a new item.  There is another way to achieve this

Go to List Settings ->Advanced settings and select “Yes”  to “Allow management of content types”

Go back to list settings and you should be able to see available content types. The list should be displayed there. Click on it.


Now should be in “List content types “screen where you can see different content types available by default. Select “Item” and select “Hidden”


Custom access denied page SharePoint 2013

Last week I was trying to figure out a way to set up  a custom access denied page and found some useful information which I want to share.  Most of the clients and SharePoint users I spoke to always say they don’t want their site to look like SharePoint. When you do not have access to a SharePoint site then you will be directed to this page to request access. When you post a request it will show at the bottom of the message box.


In SharePoint 2013 this page can be easily customized. Below steps should be performed on all the web front ends.

  1. Go to C:\Program Files\Common Files\microsoft shared\Web Server Extensions\15\TEMPLATE\LAYOUTS
  2. Accessdenied.aspx page will be located here. I took out access AccessRequestsDialog div and added some text to AccessDeniedAdditionalDetails as below. Too small to read I guess , try zoom in please.
  3. accessdenied
  4. You can customize all you want here and create your own access request page.
  5. There is no need to reset IIS and this should take effect right away.
  6. If you do not want to change the existing SharePoint file which Microsoft does not recommend then you can create a folder in Layouts folder called “custom pages” and copy the accessdenied.aspx to this folder and make changes there. But SharePoint does not know about the new page. So you have to execute below power shell but running the SP management shell as farm admin . Set-SPCustomLayoutsPage -Identity “AccessDenied” -RelativePath “/_layouts/15/custompages/AccessDeniedNew.aspx” -WebApplication “http:/mywebapplication/”

Good to know details:

I have read few people saying that some times when you create a new folder and run power shell , the changes you mage will not take effect due to a bug. This happens is SharePoint 2013 SharePoint 2013 Custom Access Denied . And the solution to this is to install April 2014 CU.

cannot open central admin

Environment: SharePoint 2013 on windows server 2012r2

All of a sudden yesterday I was not able to open central admin. Browser returned 404. Tried IISreset , reboot server, application pools were fine, all the services seemed fine.

Looked in to the ULS error logs and found an error “An exception occurred when trying to issue security token: Loading this assembly would produce a different grant set from other instances. (Exception from HRESULT: 0x80131401).”

Posted on MSDN forums and received a suggestion about windows update. It seems .net update caused missing registry keys and the solution was to update the registry as below

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework’, create a new ‘DWORD (32-bit) Value’ named “LoaderOptimization” with a value 1.

‘HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework‘, create a new ‘DWORD (32-bit) Value’ named “LoaderOptimization” with a value 1.

MSDN forum research