I'm currently looking for a new job, preferably in the Asia-Pacific region but I would consider other regions as well. If you are hiring or have any leads, I would appreciate if you would drop me a message via the contact form, e-mail (daniel(at)spoodoo.com), Twitter, or LinkedIn.


Change the Access Denied message

If you don’t have sufficient permissions to access a SharePoint resource you are presented with one of three messages. If you have Access requests activated for the site you will see something like this:

From my experience many people tend to think that this is just a plain error message and click it away, followed by an email with the question to please provide the necessary permissions to access the resource. They don’t *really* realize (or know) that they can send a request with a custom message which the admin will read and cause him to react accordingly. That means that the big advantage of sending a request in the context of a resource stays untapped and the email odyssey begins in which you (the admin) try to figure out what the user has just clicked right before this message appeared.

I want to prevent this in the future and I tried to figure out where the message “Let us know why you need access to this site” is stored in order to replace it with a better message that gives some explanation. However, searching with ‘grep’ I couldn’t find the sentence anywhere in the hive. So I decided to hard-code it into the AccessDenied.aspx page.

As I mentioned at the beginning of this post there are two cases:
1: Access requests are not permitted
2: Access requests are permitted

In case 1 there is no text area on the page and thus, it is not possible for the user to send an access request. In that case, the message “Sorry, this site hasn’t been shared with you.” is fine for me and I’ll keep it.

in case 2 I want to replace the text “Let us know why you need access to this site” or “Sorry, you don’t have access to this page” with a much more verbose message:

“You don’t have sufficient permissions to access this site!

If you think that this is a mistake, please write a message in the text box below and click the ‘Send request’ button to send an access request to the administrator of this site.

Thank you!”

Navigate to “c:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\TEMPLATE\LAYOUTS” on your server and make a backup of the file AccessDenied.aspx.

Then open this file and locate the closing tag of:
<asp:Content ContentPlaceHolderId=”PlaceHolderMain” runat=”server”>

Put the following JavaScript snippet directly in front of it:

if(document.getElementById("ms-accessRequestsControl-mainDiv") !== null){
	var messageElement = document.getElementById("ms-error-header").children[0]
	messageElement.style.whiteSpace = 'inherit';
	messageElement.style.textAlign  = 'justify';
	messageElement.style.fontSize   = '22px';
	messageElement.innerHTML        = "<div style='font-size: 26px; font-weight: 400'>" + 
"You don't have sufficient permissions to access this site!</div><br>" + 
"If you think that this is a mistake, please write a message in the textbox below and click " + 
"the 'Send request' button to send an access request to the administrator of this site.<br>" + 
"<br>Thank you!"

Chances are that your file will then look like this: (probably less colorful)

Save the file, open your browser and have a look at ‘http://your domain/_layouts/15/AccessDenied.aspx’

And here is what you will get:

I know that this is just a workaround and that it would be better to somehow change the string in a language resource file directly but since I couldn’t find it I chose this way.

If you know a better a way, please let me know in the comments!

Tweet about this on TwitterShare on RedditShare on FacebookShare on Google+Share on LinkedInShare on StumbleUponShare on TumblrPin on PinterestDigg thisPrint this pageEmail this to someone


  1. I have made the change above, but now I get an error saying that errorv15.master does not exist.
    I changed back to the original accessdenied file and it works, but as this file does exist I don't understand why this is happening.
    Any ideas ?

  2. Just a word of advice: Don't! Changing of SharePoint files directly on the disk should not be performed, because of several drawbacks:
    – You are out of support by Microsoft
    – You have to modifiy the file on each server in your farm
    – The changes can be overwritten by every Update (CU, SP, etc.)
    – Changes of OOTB files may break an update or other functionality in SharePoint

    So I would not recommend to change any files manually. Changes to SharePoint should only occur through the offical hooks that Microsoft provides, even though this means that you cannot modify some settings/pages/etc.

  3. You can use URL mapping/rewriting in web.config file to substitute your copy of AccessDenied in place of original one. So in fact you do exactly what you did above, but not in original file but a copy of it and then you create a rule that executes your copy instead of built in page.

    More on URL rewriting and mapping @ https://support.microsoft.com/en-us/kb/976111

  4. https://social.technet.microsoft.com/wiki/contents/articles/31253.sharepoint-2013-how-to-create-a-custom-access-denied-page.aspx

    Don't change the original access denied page or change the web config of the site directly, follow the article above for the proper way to customize to avoid problems when updating/maintaining the site

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.