Tag: Create Site Collection

AutoSPInstaller – Create Site Collection – Access Denied

AutoSPInstaller is a great project that facilitates Automated SharePoint installation including Sharepoint 2010, 2013, 2016 and 2019.

Auto SP Installer provides a powerful way to deploy and configure a single-server development environment to multiple-server SharePoint farm.

During the AutoSPInstaller run, received an Access Denied error when trying to provision the root Site Collection for my new Web Application.

--------------------------------------------------------------
--------------------------------------------------------------
 - Creating web applications...
 - Web app "Portal" already provisioned.
 - Setting up managed paths for "https://hub.1GN.local:443"
  - Setting up explicit managed path "help" at "https://hub.1GN.local:443" and HNSCs...
 - Done setting up managed paths at "https://hub.1GN.local:443"
--------------------------------------------------------------
 - Applying object cache accounts to "https://hub.1GN.local:443"...
 - Done applying object cache accounts to "https://hub.1GN.local:443"
 - Checking for Site Collection "https://hub.1GN.local"...
 - Creating Site Collection "https://hub.1GN.local"...
--------------------------------------------------------------
 - Script halted!


Exception             : System.UnauthorizedAccessException:
                        0x80070005Access denied.
                           at Microsoft.SharePoint.SPGlobal.HandleUnauthorizedAccessException(UnauthorizedAccessExceptio
                        n ex)
                           v Microsoft.SharePoint.Library.SPRequest.CreateSite(Guid gApplicationId, String bstrUrl, Int
                        32 lZone, Guid gSiteId, Guid gDatabaseId, String bstrDatabaseServer, String bstrDatabaseName, S
                        tring bstrDatabaseUsername, String bstrDatabasePassword, String bstrTitle, String bstrDescripti
                        on, UInt32 nLCID, String bstrOwnerLogin, String bstrOwnerUserKey, String bstrOwnerName, String
                        bstrOwnerEmail, String bstrSecondaryContactLogin, String bstrSecondaryContactUserKey, String bs
                        trSecondaryContactName, String bstrSecondaryContactEmail, Boolean bADAccountMode, Boolean bHost
                        HeaderIsSiteName, Int32 iDatabaseVersionMajor, Int32 iDatabaseVersionMinor, Int32 iDatabaseVers
                        ionBuild, Int32 iDatabaseVersionRevision, String bstrSiteSchemaVersion)
                           v Microsoft.SharePoint.Administration.SPSiteCollection.Add(SPContentDatabase database, SPSit
                        eSubscription siteSubscription, String siteUrl, String title, String description, UInt32 nLCID,
                         Int32 compatibilityLevel, String webTemplate, String ownerLogin, String ownerName, String owne
                        rEmail, String secondaryContactLogin, String secondaryContactName, String secondaryContactEmail
                        , String quotaTemplate, String sscRootWebUrl, Boolean useHostHeaderAsSiteName, Boolean override
                        CompatibilityRestriction)
                           v Microsoft.SharePoint.PowerShell.SPCmdletNewSite.CreateDataObject()
                           v Microsoft.SharePoint.PowerShell.SPNewCmdletBase`1.InternalProcessRecord()
                           v Microsoft.SharePoint.PowerShell.SPCmdlet.ProcessRecord()
TargetObject          : Microsoft.SharePoint.PowerShell.SPCmdletNewSite
CategoryInfo          : InvalidData: (Microsoft.Share...SPCmdletNewSite:SPCmdletNewSite) [New-SPSite], UnauthorizedAcce
                        ssException
FullyQualifiedErrorId : Microsoft.SharePoint.PowerShell.SPCmdletNewSite
ErrorDetails          :
InvocationInfo        : System.Management.Automation.InvocationInfo
ScriptStackTrace      : at CreateWebApp, D:\Install\AutoSPInstaller\AutoSPInstaller\AutoSPInstallerFunctions.ps1: line
                        2790
                        at CreateWebApplications, D:\Install\AutoSPInstaller\AutoSPInstaller\AutoSPInstallerFunctions.p
                        s1: line 2575
                        at Setup-Farm, D:\Install\AutoSPInstaller\AutoSPInstaller\AutoSPInstallerMain.ps1: line 209
                        at , D:\Install\AutoSPInstaller\AutoSPInstaller\AutoSPInstallerMain.ps1: line 408
                        at , : line 1
PipelineIterationInfo : {}
PSMessageDetails      :

Cause:
The default web site with an ID of 1 was removed before the script was run. There is a call within the AutoSPInstaller function where the default Web Site is stopped after adding the Managed Accounts, and because of this Security Token Service is not available causing the Access Denied issue.

Resolution:
Open IIS Manager. When the AutoSPInstaller script has finished adding the Managed Accounts into Central Admin, go to IIS and start the SharePoint Web Service web site which should have the Default ID of 1.
This will allow the Site Collection to create because the Security Token Service can verify your credentials.