More in this section
Blogs RSS feed

What Happens When the Sitefinity User Limit Is Reached

by Peter Marinov

The question with no answer 

Today I am going to take a look inside a functionality, which is not used every day and even the people who have seen it before tend to forget it and… that also includes me. In the next few paragraphs, this post will quickly reveal what happens when the maximum number of concurrent backend users is reached.

What is a backend user?

To clear any confusion down the road, I want to briefly explain what is the meaning and the logic behind the notion of a concurrent backend user. Sitefinity CMS separates the users into two main types – backend users and everyone else. The backend users are all the users who have permissions to access the administration pages of Sitefinity and execute various content editing or other CMS actions. Each Sitefinity version has a certain licensing differentiator, which defines a limitation on the amount of such backend users who are simultaneously logged into Sitefinity.

With that said, let’s see what happens when a backend user tries to log in when already the maximum allowed users limit is reached.

What actually happens?

Scenario #1 A non admin user tries to log in

The user enters his/her credentials and a new dialog opens showing the currently logged in users. In the image below you can see what is presented to the less powerful user:


Scenario #2 Administrator tries to log in

Now we have a more powerful user stepping in and things are different. Admins now see the button saying "Force someone to logout":


Once they click that button, admins have the ability to select any of the currently logged in users and they can forcefully log off any user so they can get their job done:


See you soon

That's it! I told you it is going to be a quick one. I hope that if you came here searching for an answer, this article was what you were looking for.



Leave a comment
  1. Peter Marinov Apr 07, 2014

    Hello sir,

    this is the author and I am surprised to see that I am sending messages that are "somewhat misleading, if not an outright lie". I am pretty confident that is not the case here and I am surprised that you have made such a conclusion and especially by the tone of your comment.

    That makes me think that you are talking based on experience on a particular project. If that is the case, I think the best way will be to contact me (email:, so we can sit down and analyse the situation. And don't worry, I am not a sales guy, so I won't try to sell you bundles of new users or a new car :)

    So just in case you decide not to contact me and in the best interest of the readers coming to this blog post, I would like to do some clarification here:

    As I said, backend users are the users having permissions to access the backend - that means they are members of the "backend users" role. You need to use that role only if you plan to allow the users to access the backend. Looking the above described scenario, even if you use personalization for logged in users browsing the public pages of an intranet/extranet, Sitefinity won't impose any licensing limitations unless you make the users members of the "backend users" role. And if the plan is to control the level of access only, why should you give them access for the Sitefinity backend, right?

    Is there any reason for making all the users members of the "backend users" role at first place? 

  2. Professor Blail Apr 08, 2014

    Thanks for the reply.  I will be contacting you via email with some more details, but for the benefit of other readers, I offer this.

    The reason I want so many users to have the backend role is because this is for an intranet, where the (only) people viewing the content are those that also create the content.  In a typical public web site, you have a few people creating all the content that a comparatively large audience of viewers consumes.  For an intranet, you typically have, and want, a larger number of content contributors.  The fact that Telerik offers an Intranet Edition license with a higher user count indicates that Telerik agrees, at least in principle.  Our intranet, like countless other intranets, is designed to be a collaborative space. Content contribution is not only highly encouraged for all, for some users it is a requirement of their job.  So, in this context, why would I ever want to limit how many people can contribute content?  I may not want every user to have full permissions on every content type, but I see no reason why, for an intranet, every user should not be able to contribute some form of content.  This is especially true for dynamic content types created to facilitate the aforementioned collaboration.

    It's also important to note that the "goal", as you say, is not to control the level of access, the "goal" is to know who is browsing the front end.  That is a basic function of any corporate intranet.  Since the site is behind the firewall and only accessible internally, I don't NEED to set the View permission of all pages to the App_Role of Authenticated. I only do that because that is the ONLY mechanism provided by Sitefinity to get the Windows username of a front end visitor since Sitefinity can't run under Windows Authentication in IIS.

    I hope that sheds more light on why this is such a problem for me, and others, I'm sure.  

  3. ADam Sep 01, 2014

    Unfortunately we have found ourselves in exact same situation. Built an intranet site using Sitefinity CMS and now as soon as you hit 10 back end users the rest is unable to log in.

    To be frank having 10 back end users is more than sufficient in most cases, the only real pain is the fact that content editors have to be back end users...

  4. kifftfer Oct 22, 2014

    We accidentally created a bunch (300) of non-admin back end users when pre-populating our SF7 site because our site developer had that back end user box checked by default. Now, even though we have removed this role, every time a front end user logs in it says that a seat is taken up and only admins can log in. How can we stop front end users who used to have the back end user role being seen as logged in back end users by Sitefinity when they log in to the front end?

  5. BarryW Feb 05, 2015

    I agree with the original poster and found myself in this exact situation.  Sitefinity needs to separate authentication from backend editing.  I need to deny anonymous access to my intranet to be able to get users to authenticate via STS/Ldap (would prefer IIS Windows Authentication) so when adding content, comments, etc, there is a record of who posted it.  Additionally we make our intranet available over the internet via SSL so anonymous access MUST be disabled.

    If Sitefinity would count the license once the user actually went to the backend (, this would be a non issue.  They would get into the backend, make their edits and get out.  The license should then be returned to the pool.  This should have nothing to do with authentication other than checking if the user is allowed to enter the backend.  THE LICENSE SHOULD NOT BE COUNTED SIMPLY BY CHECKING THE BACKEND ROLE.  IT SHOULD ONLY BE COUNTED WHEN THE BACKEND IS ENTERED SO EDITING CAN OCCUR.

    Leave a comment