When we build an internet-facing website using SharePoint, the first question that arises is the accessibility of this site to anonymous users. SharePoint takes care of this feature too, the only thing we need to do is enable the anonymous access to our site.
How do we enable anonymous access?
Enabling anonymous access has two stages. First, this has to be enabled in Central Administration for the respective Web-Application. Then it has to be set for the respective Site (site collection).
Navigate to the central administration page.
Click on Application Management ->Manage Web Applications. Select the web application and click on ‘Authentication providers’
A pop-up window opens, from which you need to select your authentication provider as shown in the image below. Click on ‘Default’
This opens up the edit window of the selected authentication provider. In this window CHECK the “Enable Anonymous Access” field and click on ‘Save’
The above process sets anonymous access at CA level. We still have to set the anonymous access for a single site-collection or for a root site.
Enabling Anonymous Access for a Site
Go to the respective site, for which anonymous access has to be enabled.
Navigate to Sites->Site Permissions. You will notice a new option ‘Anonymous Access’ in the ribbon.
Click on Anonymous Access and select the required option. Selecting ‘Entire Web site’ gives read-only permissions to all users who visit the site.
The process described above is how we enable Read-Only access to anonymous users. But there are also few scenarios where we need to give limited Write/Edit permissions to anonymous users.
For example, when we create a blog site in SharePoint we need to give permissions for all users to add comments to the (published) posts.
(**Note: A SharePoint blog site has three lists – Categories, Posts and Comments—which are created by default. Categories and Posts can be ‘Read only’ lists. But when Comments are taken into consideration, we need to allow anonymous users to write/enter their comments.)
Enabling Anonymous Users to Add Comments to Blog Posts
Navigate to your blog site. Click on, Sites->Site Settings. There in the left menu bar find all the available lists in the blog site. Select ‘Comments’
Now all the available comments will be shown.
In the ribbon select, List Tools->List->List Permissions
Here, we can set permissions for anonymous users to add comments by stopping ‘Inherit permissions’ and giving permissions exclusively for this list. Click on ‘Stop Inheriting Permissions’, this stops inheriting permission from parent site.
When we stop inheriting permissions from parent site, ‘Anonymous Access’ appears in the ribbon menu. Click on this and select ‘Add Items- Add items to lists’
You are done and any user can add comments to your blog posts!!!
But wait, this may not work in cases where BLOG is set as a sub site under a publishing site.
This is because site collection is based on publishing portal and have a ‘ViewFromPagesLockdown’ feature. This feature prevents anonymous users from gaining access to certain areas of site. So, first check if ‘ViewFromPagesLockdown’ feature is enabled for the site.
To determine if a site has ‘ViewFromPagesLockdown’ enabled run the following in Powershell:
get-spfeature -site http://sitecollectionURL
If ViewFormPagesLockDown is listed, it’s enabled.
To toggle lockdown mode to off:
$lockdown = get-spfeature viewformpageslockdown
disable-spfeature $lockdown -url
Now re-set the anonymous access and try to add comments to a blog post without signing in. You can add comments!!!!