I was able to get around it by setting the default roleManager and membership Provider to MultiplexingRoleProvider and MultiplexingMembershipProvider respectively.

Then I logged on using my windows account and I was able to create users and groups.

THanks!

*Edit: How do I mark this post as resolved?

can you explain what you did ...plz

thanks

You can't create Windows users using EPiServer CMS. You do that in Windows. You can however use another provider that stores the users in the database, then you can create new users (and delete). This is what Jan did when he switched to Multiplexing provider, that enabled him to log in with his Windows account AND create users. But those users will be created in the database not in Windows.

But you can't do anything to Windows users in EPiServer CMS. You'll have to manage them in Windows.

hey thanks toni,

i can get that point ..

i hope i should change that in the wen.config file..

my question is what to change/ replace ....

is thera any guidelines for that.. for example i give my settigns in web.config file below

<system.web>
        <roleManager enabled="true" defaultProvider="WindowsRoleProvider" cacheRolesInCookie="true">
            <providers>
                <clear/>
                <!-- Comment the following lines when running on oracle. -->
                <add name="MultiplexingRoleProvider" type="EPiServer.Security.MultiplexingRoleProvider, EPiServer" provider1="SqlServerRoleProvider" provider2="WindowsRoleProvider" providerMap1="SqlServerMembershipProvider" providerMap2="WindowsMembershipProvider"/>
                <!--  comment when running on oracle  -->
                <!-- Uncomment the following lines when running on oracle. -->
                <!--<add provider1="OracleRoleProvider" provider2="WindowsRoleProvider"
        providerMap1="OracleMembershipProvider" providerMap2="WindowsMembershipProvider"
         name="MultiplexingRoleProvider" type="EPiServer.Security.MultiplexingRoleProvider, EPiServer" />-->
                <!--Uncomment the lines above running oracle-->
                <add name="WindowsRoleProvider" applicationName="EPiServerSample" type="EPiServer.Security.WindowsRoleProvider, EPiServer"/>
                <add name="SqlServerRoleProvider" connectionStringName="EPiServerDB" applicationName="EPiServerSample" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
                <!--<add name="ActiveDirectoryRoleProvider"
            type="EPiServer.Security.ActiveDirectoryRoleProvider, EPiServer"
            connectionStringName="ActiveDirectoryProviderConnection"
            connectionUsername="DOMAIN\ADServiceAccount"
            connectionPassword="password"
            attributeMapUsername="sAMAccountName" />-->
            </providers>
        </roleManager>
        <membership defaultProvider="WindowsMembershipProvider" userIsOnlineTimeWindow="10">
            <providers>
                <clear/>
                <!-- Comment the following lines when running on oracle. -->
                <add name="MultiplexingMembershipProvider" type="EPiServer.Security.MultiplexingMembershipProvider, EPiServer" provider1="SqlServerMembershipProvider" provider2="WindowsMembershipProvider"/>
                <!--  comment the lines above when running on oracle  -->
                <!-- Uncomment the following lines when running on oracle. -->
                <!--<add provider1="OracleMembershipProvider" provider2="WindowsMembershipProvider"
          name="MultiplexingMembershipProvider" type="EPiServer.Security.MultiplexingMembershipProvider, EPiServer" />-->
                <!--Uncomment the lines above running oracle-->
                <add name="WindowsMembershipProvider" type="EPiServer.Security.WindowsMembershipProvider, EPiServer" deletePrefix="BUILTIN\" searchByEmail="true"/>
                <add name="SqlServerMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="EPiServerDB" requiresQuestionAndAnswer="false" applicationName="EPiServerSample" requiresUniqueEmail="true" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression=""/>
                <!--<add name="ActiveDirectoryMembershipProvider"
            type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
            connectionStringName="ActiveDirectoryProviderConnection"
            connectionUsername="DOMAIN\ADServiceAccount"
            connectionPassword="password"
            enableSearchMethods="true"
            attributeMapUsername="sAMAccountName" />-->
            </providers>
        </membership>
        <profile enabled="true" defaultProvider="SqlProfile" automaticSaveEnabled="true">
            <properties>
                <add name="Address" type="System.String"/>
                <add name="ZipCode" type="System.String"/>
                <add name="Locality" type="System.String"/>
                <add name="Email" type="System.String"/>
                <add name="FirstName" type="System.String"/>
                <add name="LastName" type="System.String"/>
                <add name="Language" type="System.String"/>
                <add name="Country" type="System.String"/>
                <add name="Company" type="System.String"/>
                <add name="Title" type="System.String"/>
                <add name="SubscriptionInfo" type="EPiServer.Personalization.SubscriptionInfo, EPiServer"/>
                <add name="CustomExplorerTreePanel" type="System.String"/>
                <add name="FileManagerFavourites" type="System.Collections.Generic.List`1[System.String]"/>
                <add name="EditTreeSettings" type="EPiServer.Personalization.GuiSettings, EPiServer"/>
                <add name="ClientToolsActivationKey" type="System.String"/>
                <add name="FrameworkName" type="System.String"/>
            </properties>
            <providers>
                <clear/>
                <add name="SqlProfile" type="System.Web.Profile.SqlProfileProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="EPiServerDB" applicationName="EPiServerSample"/>
            </providers>
        </profile>
        <!-- DYNAMIC DEBUG COMPILATION
          Set compilation debug="true" to enable ASPX debugging.  Otherwise, setting this value to
          false will improve runtime performance of this application.
          Set compilation debug="true" to insert debugging symbols (.pdb information)
          into the compiled page. Because this creates a larger file that executes
          more slowly, you should set this value to true only when debugging and to
          false at all other times. For more information, refer to the documentation about
          debugging ASP .NET files.
          -->
        <compilation defaultLanguage="c#" debug="true">
            <assemblies>
                <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
                <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
                <add assembly="System.Web.Abstractions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
                <add assembly="System.Web.Routing, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
                <add assembly="System.Web.Mvc, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
                <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
                <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
                <add assembly="System.Data.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
            </assemblies>
        </compilation>
        <!-- CUSTOM ERROR MESSAGES
          Set customError mode values to control the display of user-friendly
          error messages to users instead of error details (including a stack trace):

          "On" Always display custom (friendly) messages 
          "Off" Always display detailed ASP.NET error information.
          "RemoteOnly" Display custom (friendly) messages only to users not running
          on the local Web server. This setting is recommended for security purposes, so
          that you do not display application detail information to remote clients.
          -->
        <customErrors mode="RemoteOnly"/>
        <!-- AUTHENTICATION
   
          !!!! IMPORTANT SECURITY NOTE !!!!!
       
          If you enable forms authentication by uncommenting the Forms authentication information below AND
          you are using Windows 2000 (any version) as web server, you must enable the "Act as part of the
          operating system" user right for the ASPNET user account. If this is not done, you will not be able
          to logon with windows accounts, only Extranet accounts. However this may be regarded as compromising
          the security on your system since the ASPNET account should be a low-privilege account.

          This section sets the authentication policies of the application. Possible modes are "Windows", "Forms",
          "Passport" and "None". However only "Windows" and "Forms" are supported by EPiServer.
          -->
        <!-- authentication mode="Windows" / -->
        <authentication mode="Forms">
            <forms name=".EPiServerLogin" loginUrl="Util/login.aspx" timeout="120"/>
        </authentication>
        <!-- APPLICATION-LEVEL TRACE LOGGING
          Application-level tracing enables trace log output for every page within an application.
          Set trace enabled="true" to enable application trace logging.  If pageOutput="true", the
          trace information will be displayed at the bottom of each page.  Otherwise, you can view the
          application trace log by browsing the "trace.axd" page from your web application
          root.
          -->
        <trace enabled="false" requestLimit="10" pageOutput="false" traceMode="SortByTime" localOnly="true"/>
        <!-- SESSION STATE SETTINGS
          By default ASP .NET uses cookies to identify which requests belong to a particular session.
          If cookies are not available, a session can be tracked by adding a session identifier to the URL.
          To disable cookies, set sessionState cookieless="true".
        -->
        <sessionState mode="InProc" stateConnectionString="tcpip=127.0.0.1:42424" sqlConnectionString="data source=127.0.0.1;user id=sa;password=" cookieless="false" timeout="20"/>
        <!-- GLOBALIZATION
          This section sets the globalization settings of the application.
          -->
        <globalization culture="en-US" uiCulture="en" requestEncoding="utf-8" responseEncoding="utf-8" resourceProviderFactoryType="EPiServer.Resources.XmlResourceProviderFactory, EPiServer"/>
        <pages validateRequest="false" enableEventValidation="true" pageParserFilterType="System.Web.Mvc.ViewTypeParserFilter, System.Web.Mvc, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
            <controls>
                <add tagPrefix="EPiServer" namespace="EPiServer.WebControls" assembly="EPiServer"/>
                <add tagPrefix="EPiServer" namespace="EPiServer.Web.WebControls" assembly="EPiServer"/>
                <add tagPrefix="EPiServer" namespace="EPiServer.Web.WebControls" assembly="EPiServer.Web.WebControls"/>
                <add tagPrefix="XForms" namespace="EPiServer.XForms.WebControls" assembly="EPiServer.XForms"/>
                <add tagPrefix="WebParts" namespace="EPiServer.WebParts.WebControls" assembly="EPiServer"/>
                <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
                <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
            </controls>
            <namespaces>
                <add namespace="System.Web.Mvc"/>
                <add namespace="System.Web.Mvc.Ajax"/>
                <add namespace="System.Web.Mvc.Html"/>
                <add namespace="System.Web.Routing"/>
                <add namespace="System.Linq"/>
                <add namespace="System.Collections.Generic"/>
            </namespaces>
        </pages>
        <!-- Uncomment this section to enable webpart support on the site -->
        <!--<webParts>
            <personalization defaultProvider="EPiServerPersonalizationProvider">
                <providers>
                    <add name="EPiServerPersonalizationProvider" type="EPiServer.WebParts.Core.EPiServerPersonalizationProvider" connectionStringName="EPiServerDB" />
                </providers>
                <authorization>
                    <allow verbs="enterSharedScope" roles="WebAdmins, WebEditors, Administrators" />
                </authorization>
            </personalization>
    </webParts>-->
        <caching>
            <outputCacheSettings>
                <outputCacheProfiles>
                    <add name="ClientResourceCache" enabled="true" duration="3600" varyByParam="*" varyByContentEncoding="gzip;deflate"/>
                </outputCacheProfiles>
            </outputCacheSettings>
        </caching>
    </system.web>

If you want to use Multiplexing provider you need to switch out the defaultProvider in both the role and membership provider section, this is currently set to Windows in your config, For example your role provider looks like this :defaultProvider="WindowsRoleProvider", change that to defaultProvider="MultiplexingRoleProvider" and do the same for your membership provider!

To get a better grasp of membership and role providers in EPiServer please read this documentation about it:

http://sdk.episerver.com/library/CMS5/Developers%20Guide/Membership%20and%20Role%20Providers.htm?id=24871 

First a big thanks for your response

and a hats off for your guidelines and kindness

thanks man.