Anonymous Access for SharePoint Sites

When we build an internet-facing website using SharePoint, the first question that arises is the accessibility of this site to anonymous users. SharePoint takes care of this feature too, the only thing we need to do is enable the anonymous access to our site.

How do we enable anonymous access?
Enabling anonymous access has two stages. First, this has to be enabled in Central Administration for the respective Web-Application. Then it has to be set for the respective Site (site collection).

 Navigate to the central administration page.
Click on Application Management ->Manage Web Applications. Select the web application and click on ‘Authentication providers’

A pop-up window opens, from which you need to select your authentication provider as shown in the image below. Click on ‘Default’

This opens up the edit window of the selected authentication provider. In this window CHECK the “Enable Anonymous Access” field and click on ‘Save’

The above process sets anonymous access at CA level. We still have to set the anonymous access for a single site-collection or for a root site.

Enabling Anonymous Access for a Site
Go to the respective site, for which anonymous access has to be enabled.
Navigate to Sites->Site Permissions. You will notice a new option ‘Anonymous Access’ in the ribbon.

Click on Anonymous Access and select the required option. Selecting ‘Entire Web site’ gives read-only permissions to all users who visit the site.

The process described above is how we enable Read-Only access to anonymous users. But there are also few scenarios where we need to give limited Write/Edit permissions to anonymous users.

For example, when we create a blog site in SharePoint we need to give permissions for all users to add comments to the (published) posts.

(**Note: A SharePoint blog site has three lists – Categories, Posts and Comments—which are created by default. Categories and Posts can be ‘Read only’ lists. But when Comments are taken into consideration, we need to allow anonymous users to write/enter their comments.)

Enabling Anonymous Users to Add Comments to Blog Posts
Navigate to your blog site. Click on, Sites->Site Settings. There in the left menu bar find all the available lists in the blog site. Select ‘Comments’

Now all the available comments will be shown.
In the ribbon select, List Tools->List->List Permissions

Here, we can set permissions for anonymous users to add comments by stopping ‘Inherit permissions’ and giving permissions exclusively for this list. Click on ‘Stop Inheriting Permissions’, this stops inheriting permission from parent site.

When we stop inheriting permissions from parent site, ‘Anonymous Access’ appears in the ribbon menu. Click on this and select ‘Add Items- Add items to lists’

You are done and any user can add comments to your blog posts!!!
But wait, this may not work in cases where BLOG is set as a sub site under a publishing site.
This is because site collection is based on publishing portal and have a ‘ViewFromPagesLockdown’ feature. This feature prevents anonymous users from gaining access to certain areas of site. So, first check if ‘ViewFromPagesLockdown’ feature is enabled for the site.

To determine if a site has ‘ViewFromPagesLockdown’ enabled run the following in Powershell:
get-spfeature -site http://sitecollectionURL
If ViewFormPagesLockDown is listed, it’s enabled.
To toggle lockdown mode to off:
$lockdown = get-spfeature viewformpageslockdown
disable-spfeature $lockdown -url

Now re-set the anonymous access and try to add comments to a blog post without signing in. You can add comments!!!!

Are you interested? follow us and get notified of new posts

6 thoughts on “Anonymous Access for SharePoint Sites

  1. SP Pro
    at 6:14 pm

    Great post. I am doing same thing, in the SharePoint 2010 blog. I configured everything as you said above.
    My requirement is, I want to show the blog for anonymous users, they can view all posts, comments and categories links on the left navigation, they should not have permissions for the ‘view all site content’ page.
    For Authenticated users, they can able to view posts, comments and add comments for the comments part. They should not have permission to view ‘view all site content’ page as well.
    So, I can able to do these things in MOSS 2007. It is working as expected and how it suppose to.
    Where as in SharePoint 2010, I configured the same thing exactly in MOSS2007 in terms of ‘Restricted Read’ permissions and all.
    I can able to view the default.aspx page anonymously, When i click on the comment section or any section in the page, it is taking system account details.
    And When I logged in as authenticated user, I can able to view default.aspx page, and when I tried to open comments section or any other section, it is giving access denied page.
    Please help me here.
    If you need any further details, I am ready to provide here. Thanks in advance.

  2. esspweb
    at 12:10 pm

    Your post have the information that is helpful and very informative. I would like you to keep up the good work. You know how to make your post understandable for most of the people.

  3. I am still getting some issue. I have enabled anonymous read and write on the post and comments list but after submitting the comment, the blog post does not display the comments. The only error message displayed instead of the comments is “TypeError: b is null”

Leave A Reply

16 − 5 =