What provider does it say the group has been created with when you look in Adminster groups?
Are you using ASP.NET Identity (The OOTB standard) for CMS access?
I checked and this is working in the Alloy Demo
Hi Scott, thanks for your helpful input as usual. Under provider it says: EPi_AspNetIdentityRoleProvider (in fact this provider is under all existing groups on our site as far as i can see) is this the OOTB?
Can you check everything for asp.net identity is configured as per https://world.optimizely.com/documentation/developer-guides/CMS/security/episerver-aspnetidentity/
You should have code for it in your startup.cs file and the areas for auth and members removed. Such as
<authentication mode="None"> <forms name=".EPiServerLogin" loginUrl="Util/login.aspx" timeout="120" defaultUrl="~/" /> </authentication> <profile defaultProvider="DefaultProfileProvider"> <properties> <add name="Address" type="System.String" /> <add name="ZipCode" type="System.String" /> <add name="Locality" type="System.String" /> <add name="Email" type="System.String" /> <add name="FirstName" type="System.String" /> <add name="LastName" type="System.String" /> <add name="Language" type="System.String" /> <add name="Country" type="System.String" /> <add name="Company" type="System.String" /> <add name="Title" type="System.String" /> <add name="CustomExplorerTreePanel" type="System.String" /> <add name="FileManagerFavourites" type="System.Collections.Generic.List`1[System.String]" /> <add name="EditTreeSettings" type="EPiServer.Personalization.GuiSettings, EPiServer.Cms.AspNet" /> <add name="ClientToolsActivationKey" type="System.String" /> <add name="FrameworkName" type="System.String" /> </properties> <providers> <add name="DefaultProfileProvider" type="System.Web.Providers.DefaultProfileProvider, System.Web.Providers, Version=220.127.116.11, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="EPiServerDB" applicationName="/" /> </providers> </profile> <membership> <providers> <clear /> </providers> </membership> <roleManager> <providers> <clear /> </providers> </roleManager>
Interestingly, my startup.cs looks completely different with many sections commented out: [removed]
Scott did I understand you correctly, is the configuration blocked you shared, supposed to be in my Startup.cs or elsewhere? I still can't get this group assignment to work unfortunately and pretty desperate here.
I don't see anything wrong with your Startup.cs code. What Scott was showing is some of what's needed in Web.config to support ASP.NET Identity, such as setting the mode in <authentication> to "None", and making sure the <membership> and <roleManager> is cleared out.
What groups do you see in the pop up? Are they just the virtual roles?
I'm seeing the following groups only:
Interestingly enough, when I edit the users, I can see under "Not member of" a list of all the groups including the new ones I have created and can add the user to these groups.
I you able to share your web.config (removing any sensitive areas).
Also can you check your solution for any references to ISynchronizedUsersRepository as this is the system that syncs users/roles and also returns results when looking in roles.
I have gone ahead and removed and renamed sensitive areas. Here is the web.config, do you see anything that could be the culprit? [removed]
Can you remove
<securityEntity> <providers> <add name="SynchronizingProvider" type="EPiServer.Security.SynchronizingRolesSecurityEntityProvider, EPiServer" /> </providers> </securityEntity>
And try again
Wow bingo! I can now see all the groups that have been created and can assign them. Thanks so much Scott! Is this something I can safely remove from our production server? Any drawbacks to having it removed?
Has anyone experienced the following or would know how to fix it:
Under Admin > Access Rights > Administer Groups I created a new group, and added some users to it.
Under Admin > Access Rights > Set Access Rights I click on a page in the tree and wish to edit the rights for this section. I untick "Inherit settings from parent item" and then click on "Add Users/Groups" button.
In the form that pops up under Type I select Groups. I leave the Name field empty and click on Search. I am presented with some groups but the one I have created does not appear in the list.
Any idea what's going on and how to get my group to show up?