Roles - Created Role Reporting and gave access to reports only

Jason Buck asked on February 8, 2018 20:31

I created a Role called Reporting. Assigned the Permission to the Role.

Assigned the Role to a user.

Attempted to login as that user, but Kentico just spins and doesn't allow entry. Event Log > is AUTHENTICATIONFAIL

Event ID: 8652300
Event type: Information
Event time: 2/8/2018 10:45:15 AM
Source: Authentication
Event code: AUTHENTICATIONFAIL
User name: usernamehere
IP address: xxxxxxxxxx
Description:
Site name: xxxxx Public - PRODUCTION
Machine name: 869930-xxxxxx-KEN
Event URL: /CMSPages/logon.aspx?ReturnUrl=%2fAdmin%2fCMSAdministration.aspx
URL referrer: http://www.xxxxxx.com/CMSPages/logon.aspx?ReturnUrl=%2fAdmin%2fCMSAdministration.aspx
User agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36

Any indicator on what I am doing wrong?

permission for user administration

Recent Answers

Trevor Fayas answered on February 8, 2018 23:11

There user isn't even authentication so probably not an issue with permissions, but just in case try logging in with a normal user.

So you have any custom authentication? Is forms based authentication enabled on your iis?

You can also try removing from role and trying to log in, making sure the base site is accessable without permission (as it could be that there is no place for the logged in user to go and it just keeps trying to find a place to redirect the user till it fails)

0 votesVote for this answer Mark as a Correct answer

Jason Buck answered on February 9, 2018 19:58 (last edited on February 9, 2018 20:28)

UPDATE. So if I make the user a global admin or administrator, the login works. Once I reduce them to a Editor with only access to the Reporting, login to the CMS doesn't give the access to the Dashboard, but when I navigate to another page on the live site, it shows them as logged in.

0 votesVote for this answer Mark as a Correct answer

Trevor Fayas answered on February 12, 2018 19:51

Then it's a permission issue. Setting the user as an Editor alone doesn't necessarily give them access to the dashboard and other elements. There are some global CMS Roles that you can assign that give basic Editor access, but from there you will need to give them permission to those User interfaces and operations. If you simply want to give "read access" to a report, best way is to just create a Page on your site, require authentication (set some roles if you wish to which can access), then add the report via the Reporting webpart/widget.

If you give access to the Reporting interface and stuff, they can often do more than just 'read' existing reports.

https://docs.kentico.com/k11/securing-websites/designing-secure-websites/configuring-permissions-securely

1 votesVote for this answer Mark as a Correct answer