SaaS CMS has officially launched! Learn more now.

Episerver CMS User Roles and Commerce Manager Account Roles



I have installed Episerver commerce sp1 and sample site package, tried to create a contact and an account for that contact. By default, in commerce manager,  you see Registered and Everyone roles. I have assigned "Admins" role to that contact. After that, i wanted to check if i see same at EpiServer CMS User Information (Admin Mode -> Search User/Group, select that account) page. But no, "Member of" listbox is empty!

Anyone has any idea about that? I do/configure something wrong or a bug or by design?

Best regards,


Nov 11, 2010 15:03

If I create user with the CMS with any roles, it inserts rows into aspnet_UsersInRoles table and user is not visible as a contact(or anywhere) in Commerce Manager. if i create user/contact from Commerce Manager and assign any roles, it inserts rows into Security_RoleAssignment table (no rows for the contact in aspnet_UsersInRoles table). So it seems nothing gets synchronized except user/membership records.

Btw for the default admin user there are rows both in aspnet_UsersInRoles and Security_RoleAssignment tables (which is the expected behaviour I guess).

Since Commerce Manager checks Security_RoleAssignment table, it doesn't make any sense if i create user/assign roles from Episerver CMS and will deny access to any commerce manager page.

So what is the correct way to use with Episerver Commerce? Maybe manually creating an insert trigger for aspnet_usersinroles table and inserting records to Security_RoleAssignment?

Thanks, Aytek

Edited, Nov 11, 2010 17:27

I think it's by design in Commerce SP1, the Cms userRoles and Commerce userRoles are managed seperately. If you want that, you must do it manually. In next release version of Commerce, it will have synchronization feature to achieve this goal.

Nov 12, 2010 8:59

I used [mc_Security_RoleAssignmentInsert] to insert the value manually - other wise it gave me access denied message when trying to access commerce server.

May 28, 2012 12:58


Sandeep's workaround is also the solution over here.

In case anybody needs it, here are the SQL scripts:

1. first figure out the user id that you need to grant admin access to

SELECT UserId FROM aspnet_Users u where UserName like 'nikolaos%'

2. then, using that GUID from the previous select, execute mc_security_roleAssignmentInsert

DECLARE @SecurityRoleAssignmentId uniqueidentifier
DECLARE @RoleParticipant uniqueidentifier
DECLARE @Role nvarchar(4000)
DECLARE @Scope nvarchar(max)
DECLARE @CheckMode int
DECLARE @IsOnlyForOwner bit

-- TODO: Set parameter values here.

SET @SecurityRoleAssignmentId = NEWID()
SET @RoleParticipant = 'this is where you paste the guid from the previous select'
SET @Role = 'Admins'
SET @Scope = NULL
SET @CheckMode = 0
SET @IsOnlyForOwner = 0

EXECUTE @RC = mc_Security_RoleAssignmentInsert

and good luck!


Feb 04, 2014 13:50
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.