Thank you for that info, I didn't know about that. I enabled All logging (quickly) and logged out as Admin and logged into one of the broken accounts. The logSecurity.log
file had this at the very top:
// /CMSPages/logon.aspx?ReturnUrl=%2fAdmin%2fCMSAdministration.aspx [6/1/2023 8:34:49 AM]
ISINSITE = True [User: JW] [Site: Wco]
// /Admin/CMSAdministration.aspx [6/1/2023 8:34:49 AM]
ISINSITE = True [User: JW] [Site: Wco]
CHECKPRIVILEGELEVEL = False [User: JW]
ISAUTHORIZEDPERUIELEMENT =
ISINSITE = True [User: JW] [Site: Wco]
CHECKPRIVILEGELEVEL = False [User: JW]
REDIRECTTOACCESSDENIED = [User: JW] [Site: Wco]
// /CMSModules/Admin/accessdenied.aspx?resource=CMS&uielement=Administration&hash=45tg01f3b3d1jkl3ead4e0csddfd58bdd337dacf2e4fac9e56b05 [6/1/2023 8:34:49 AM]
VALIDATEHASH = True
I see that CHECKPRIVILEGELEVEL = False
but don't know where to address it. Is this in the Users app somewhere in the person's account?