SharePoint Farm Administrator Cannot Access Site, Gets Access Denied

Problem: SharePoint 2013 farm administrator cannot access site! They get access denied error.

Root cause:
Its a common misconception that SharePoint Farm Administrator will get access to all SharePoint sites in the farm automatically! Farm administrator get access denied error in SharePoint 2010 site collection when trying to browse.

sharepoint 2010 farm administrator access denied

Solution to SharePoint farm administrator access denied error

Farm Administrators get control over SharePoint Central Administration, but not all sites. So, we have to explicitly grant access to required web applications to the Farm Administrator through web application user policies by navigating to:

  • Central Administration  >> Security
  • Specify web application user policy >>
sharepoint farm administrator permissions

Add web application user policy in SharePoint using PowerShell

The above step can be automated for all web applications using PowerShell. Let’s add a user policy in the web applications to grant full access to all web applications on the farm.

Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue

#User to Add

#Add user to Web App user Policy

#Get All Web Applications and Iterate through
Get-SPWebApplication | foreach-object {
                $WebAppPolicy = $_.Policies.Add($UserID, $UserID)
                #Set Full Access 
                $PolicyRole = $_.PolicyRoles.GetSpecialRole([Microsoft.SharePoint.Administration.SPPolicyRoleType]::FullControl)
                Write-Host "Added user to $($_.URL)"

Salaudeen Rajack

Salaudeen Rajack - SharePoint Expert with Two decades of SharePoint Experience. Love to Share my knowledge and experience with the SharePoint community, through real-time articles!

One thought on “SharePoint Farm Administrator Cannot Access Site, Gets Access Denied

  • helpful


Leave a Reply

Your email address will not be published. Required fields are marked *