In some cases (it has been reported especially with new portals created in DNN 5.4.x), some portal settings are not properly initialized, which are required for DNN security to operate properly. The problem is easy to identify by the following situation in permission grids for new pages:
(note that the lock icon is assigned for all users instead of admins).
To fix this, you may run the following script from Host :: SQL:
/***********************************************************
* Script to fix AdministratorRoleId and RegisteredRoleId *
* in Portals table (common install issue in DNN 5.4.x) *
* for SQL Server 2008 and above *
* *
* (c) Sebastian Leupold, 2010 *
***********************************************************/
MERGE INTO {databaseOwner}{objectQualifier}Portals P
USING {databaseOwner}{objectQualifier}Roles R On P.PortalID = R.PortalID
WHEN MATCHED
AND R.RoleName Like 'Administrators'
AND IsNull(P.AdministratorRoleId, -1) <> R.RoleID
THEN UPDATE SET P.AdministratorRoleId = R.RoleId;
GO
MERGE INTO {databaseOwner}{objectQualifier}Portals P
USING {databaseOwner}{objectQualifier}Roles R On P.PortalID = R.PortalID
WHEN MATCHED
AND R.RoleName Like 'Registered Users'
AND IsNull(P.RegisteredRoleId, -1) <> R.RoleID
THEN UPDATE SET P.RegisteredRoleId = R.RoleId;
GO
Note: The script has been tested, however, as a best practice, always perform a database backup before running scripts.
After running the script, you need to restart the application to clear the internal cache, either from Host :: Host Settings menu item, by restarting IIS application pool or by re-saving web.config unchanged.