Domain Users AD group disappearing from SharePoint security

Similar Messages

• VBS: Add domain user and group to local administrators

  I have a piece of VBS code that I have modified that basically adds a specified domain user and group to the PCs local Administrators group. It works on Windows 7, but not on Windows 8 at all.
  Call AddUserToGroup("./Administrators", "myDomain.net/NetworkAdminis")
  Call AddUserToGroup("./Administrators", "myDomain.net/Domain Admins")
  Call addDomainUser("myDomain", "myUserGroup")
  Sub AddUserToGroup(local, domain)
  Dim objLocalGroup
  Dim objDomainGroup
  Dim server
  For Each server in servers
  Set objLocalGroup = GetObject("WinNT://" & local & ",group")
  Set objDomainGroup = GetObject("WinNT://" & domain & ",group")
  With objLocalGroup
  .Add(objDomainGroup.AdsPath)
  .SetInfo
  End With
  Next
  Set objLocalGroup = Nothing
  Set objDomainGroup = Nothing
  End Sub
  Sub addDomainUser(strDomain, strUser)
  Dim strComputer
  Dim objWshNet
  Dim objGroup
  Dim objUser
  Set objWshNet = CreateObject("WScript.Network")
  strComputer = objWshNet.ComputerName
  Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators,group")
  Set objUser = GetObject("WinNT://" & strDomain & "/" & strUser & ",user")
  If Not objGroup.IsMember(objUser.ADsPath) Then
  objGroup.Add (objUser.ADsPath)
  End If
  Set objWshNet = Nothing
  Set objGroup = Nothing
  Set objUser = Nothing
  End Sub
  I have debugged the code line by line using VBA's IDE and there seems to be no error condition firing. It executes all lines, but it is not adding the users and groups as it did with Windows 7 and below. The script is being run as local administrator.

  Hi,
  The first step is to comment out your On Error Resume Next line and try again.
  Don't retire TechNet! -
  (Don't give up yet - 13,225+ strong and growing)

• How to get the user and groups information from http header

  Hi All,
  In my current scneario, we are using Siteminder for SSO setup.. And in this process, after authentication and authorization, they are going to append the user information and group information of the user into a HTTP header and it will be sent back to our presentation services.. We have to extract the user information and group information from the http header.
  My HTTP header will look like as follows..
  SM_USER XYZ
  SM_USERDN CN=Firstname\, Lastname\, xyz, OU=GPO-Low Level Security,OU=Domain Users,OU=BU FDT,
  SM_USERGROUPS CN=GG-CA-SiteminderAdmins, OU=Global,OU=Domain Groups, DC=com^CN=GG-ServiceDeskAdmin-TCCORPCEFS
  And also if anyone explain me the overall working of SSO in detail like how presentation services will make a connection to BI server( I guess using Impersonator User), and also how our BI server will read the URL from presentation services and the over all working flow in our OBIEE..
  Thanks a lot....

  Please use the search! this topic has come up lots of times already.

• Want to configure a GPO "Stop (domain) users [having admin rights] from installing software"

  Want to configure a GPO "Stop (domain) users [having admin rights for some particular users]  from installing/uninstalling software"
  Requirements :-
  1. Domain user should not be allowed to install/uninstall any software's. Rest all the actions can be performed by the user like an administrator can do.
  Please suggest if possible then how can I implement the same.

  Hi Amar Chand,
  You can do so by using certain Group Policy settings to control the behavior of the Windows Installer, prevent certain programs from running or restrict via the Registry Editor. The Windows Installer, msiexec.exe, previously known as Microsoft Installer,
  is an engine for the installation, maintenance, and removal of software on modern Microsoft Windows systems.
  You can try the following method to resolve this issue:
  Method 1: Disable or restrict the use of Windows Installer via Group Policy
  Open “GPMC”, create a GPO linked to the correct scope. You can refer to this article
  Create a new Group Policy object.
  Right-click it, click Edit, and then navigate to
  Computer Configuration/Policies/Windows Components/Windows Installer.
  In RHS pane double-click on Disable windows installer.
  Click Enable and configure the option as required. "Always "option indicates that Windows Installer is disabled.
  This setting affects Windows Installer only. It does not prevent users from using other methods to install and upgrade programs.
  Click Apply to save this configuration.
  Run gpupdate /force on the clients. 
  For your information, please refer to the following article to get more help:
  Managing options for computers through Group Policy
  http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/sag_wininstall_group_policy_computers.mspx?mfr=true
  Method 2: Restrict Programs from being installed via Registry Editor
  Open Registry Editor and navigate to the following key: HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer\DisallowRun
  Create String value with any name, like 1 and set its value to the program’s EXE file.
  e.g., If you want to restrict msiexec, then create a String value
  1 and set its value to msiexec.exe. If you want to restrict more programs, then simply create more String values with names 2, 3 and so on and set their values to the program’s exe.
  Note: You may have to restart your computer.
  In addition, if you choose this method, you could deploy the registry configuration via GPO. Please refer to the following article:
  Configure a Registry Item
  http://technet.microsoft.com/en-us/library/cc753092.aspx
  Regards,
  Lany Zhnag

• My user folder has disappeared from my hard drive though if I do a find for it it says it is still there. Anyone know how to restore it. I can drag a duplicate from the find window onto the hard drive but don't want two copies with one hidden.

  My user folder has suddenly disappeared from my hard drive though if I do a find for it it comes up as still being there with all its data. Can drag a duplicate copy from the find window back onto the hard drive but don't want two copies there with one of them hidden. Any suggestions anyone?

  Did you update to 10.9.3?
  If you did then update to iTunes 11.2.1.
  That is the fix for that problem.
  Allan

• Weird User error - Items disappear from Workflow inbox when refreshed

  Hi All,
  One of our end users gets this error -
  He logs into business workplace, and clicks on one of the items and exits without doing anything - on refresh the item vanishes from his workflow inbox - not visible in any sub folders or Outbox (Work items exceuted by me).
  Same thing occurs when he clicks on the "Reserve" or "Replace" icons for an item and does a Refresh. The item disappears from Inbox.
  Tried to swtich off the Preview pane and refresh - same occurence.
  Tried to refresh / reserve from another computer and the same thing occurs.
  Is this a problem with the GUI / user profile?
  Any pointers highly appreciated.
  Rgds,
  Rahul Kochhar ([email protected])

  Rahul,
  Welcome to SDN Forums!!
  Is the user in question a selected agent for the work item(s)? Does this happen only for a specific user? If so, it could be an authorization issue. Check for any failed authorizations (SU53) for the user. What is the status of the WI when it disappears from the inbox? If in error, check for error messages in the technical display of the WF log.
  Cheers,
  Ramki Maley.
  Please reward points if the answer is helpful.
  For info on awarding points click on this link: https://www.sdn.sap.com/sdn/index.sdn?page=crp_help.htm

• Cross domain call to Azure ASPX from SharePoint Online Site Collection

  We have a ASPX page hosted on Azure that is creating a Zip of documents from a SharePoint Document Library against IDs that we are passing it through query string. Next we are flushing this ZIP as a download response to the client
  browser so that user can save it somewhere on his machine. This is working as expected.
  Next we are calling this ASPX from our SharePoint Online Site Collection. Sometime it takes time to create the ZIP & return to the client and therefore we want to implement a Progress Image showing something is happening at the server. We
  have used window.open() method to call this ASPX and at the same time we are showing up the Progress Image. But due to same origin policy we are not able to track any window specific events in Internet Explorer to close the Progress Image when the response
  returns to the client.
  Please suggest a suitable workaround for this scenario. Any help would be greatly appreciated.
  Thank you in advance!
  Jitendra

  Hi Jitendra,
  According to your description, my understanding is that you want to call a aspx page hosted on Azure from SharePoint Online site and implement a progress image to show the progress happening at the server.
  In your scenario, if you want to call the aspx page on Azure to create zip and return to the client, the better way is createing a web service and call it in clinet side. You can add the progress status in the custom code and then judge the status to
  show correponding progress image.
  Here is a detailed article for your reference:
  How to Create and Deploy a Cloud Service
  Best Regards
  Zhengyu Guo
  TechNet Community Support

• How to log the user and group setup from weblogic console

  If I use the file realm to setup my acls, does it possible to log these
  action?
  Our customer ask us must to log which user or group you added, deleted.
  Thanks and Best Regards,
  Tom Hsu
  ³\®aºa (Tom Hsu)
  Project Manager
  Banking Solution Dept.
  Bull Information Systems Taiwan Ltd.
  8F, 2, Min-Sheng E. Road, Sec. 3,
  Taipei, Taiwan
  E-mail: [email protected]
  TEL¡G02-25013090 Ext:205
  FAX¡G02-25055439
  Mobil: 0939-869-316

  You might want to Try Re-run the Config utility from the Linux-Essbase server and Re-register the Essbase with HSS.
  Start the Essbase in Foreground and check if it is running
  Now log on to the EAS/AAS with default admin/password if you havent changed it :); add your Essbase server using the Super user/Owner of essbase i mean the id..if you are succesful; i would always create a Test user as before Externalisation i can create users at EAS/AAS and then using Admin id ; i will push the Users/groups to the HSS by Externalising.. let me know if that helped you. GUd Luck..
  Sriram

• User accounts have disappeared from the Sys prefs and log-in screen!

  When upgrading to 10.4 from 10.3, I used Carbon Copy Cloner to create a bootable copy of my hard disk to an external (La Cie) drive. After performing an erase and install, the Migration Assistant would not recognize the installation on the external drive. After numerous attempts, I finally re-entered all my settings and transferred most of my files by hand into the new OS. Everything seemed to be fine until I attempted to update the user settings on one of the standard accounts. When I went to the Limitations window for this account in System Preferences the computer froze completely, necessitating a forced shutdown. When I rebooted, the account I was modifying had disappeared from the log-in screen. When I attempted to restore it in Sys Prefs, the Accounts window was blank, and clicking on the resulting items in a Spotlight search gets a preferences error message. I repaired the disk and the permissions with Disk Utility to no avail, and DiskWarrior says the directory is too damaged to rebuild. I re-installed Tiger using archive and install, also with no success. I can log in as Root and access all data, including all user accounts, but still no user accounts in the log-in window or sys prepfs. Does anyone have any thoughts on this before I (aauuugghhh) erase and install again? Any idea why the Migration Asst. can't see the clone? Did I move something into the new OS I shouldn't have?
    Mac OS X (10.4.3)   700mHz G4 iMac (Flat panel)

  When upgrading to 10.4 from 10.3, I used Carbon Copy Cloner to create a bootable copy of my hard disk to an external (La Cie) drive.
  Did you boot into the clone to ensure that it was working just like the original? If so, can you still do that? If so, I'd boot into the clone, use Disk Utility to erase and reformat the internal HD. Then, clone the clone to the original and install Tiger on top of it using the upgrade earlier version option. Then, you won't have to change or migrate anything. IMHO, it's the best way to do it.

• Importing user and group database from 2.6 to 4.0

  Hi,
  I need to import the user and groups from version 2.6 ACS to version 4.0. The 2.6 online documentation talks of using the CSUtils to create a .txt back up of the users and group. But I cannot see how to import that into 4.0. Has anyone done this. Any info would be appreciated,
  cheers,

  Hi Darran,
  I looked at what I had imported using the instructions you had supplied me and it looked fine, all users and group, tacacs privelege levels had been imported. I modified a router on our network to point at the ACS 4.0. on testing it looks like the passwords hadn't been copied across successfully. Logins are failing with 'invalid CS password' in the failed authentication log. If I changed the password manually it was fine.
  Have you seen that before?
  Thanks for your help on this.
  Rgds,
  Russell.

• User and Group Externalization from EAS console Fails!!

  Hi All, I am trying to externalize users and groups from EAS and once its done, all the login Id's (including admin and essadmin) fail. We cant log in into the server anymore because the logins are disabled.
  The shared services is running fine and is talking pretty well with Essbase, but the externalization thing is not working.
  The Essbase is on Linux server and shared services is on windows server and all the products are 9.3.1.
  If any one faced a similar problem or have any idea regarding this issue, please let me know ASAP and would highly appreciate that as we will have to move to production soon.
  Message was edited by:
  user639077

  You might want to Try Re-run the Config utility from the Linux-Essbase server and Re-register the Essbase with HSS.
  Start the Essbase in Foreground and check if it is running
  Now log on to the EAS/AAS with default admin/password if you havent changed it :); add your Essbase server using the Super user/Owner of essbase i mean the id..if you are succesful; i would always create a Test user as before Externalisation i can create users at EAS/AAS and then using Admin id ; i will push the Users/groups to the HSS by Externalising.. let me know if that helped you. GUd Luck..
  Sriram

• Retrieving user and group information from LDAP using j_securrity_check

  Hi
  I am using j_security_check to authenticate users against LDAP. I have made all necessary configuration for the server to perform LDAP group search as well as mentioned in the WAS documentation of LDAP settings. Now, how can I retrieve the user and the user group info after the j_secuirty_check. Apart from the UserPrincipal object which I can get from the request which just has the user name, is there any other object which will give me the user and user group info by which I need to connect to LDAP using my java code to retrieve these informations?
  Regards
  Deepak

  Hi
  I am using j_security_check to authenticate users
  against LDAP. I have made all necessary configuration
  for the server to perform LDAP group search as well
  as mentioned in the WAS documentation of LDAP
  settings. Now, how can I retrieve the user and the
  user group info after the j_secuirty_check.
  Apart
  from the UserPrincipal object which I can get from
  the request which just has the user name, is there
  any other object which will give me the user and user
  group info by which I need to connect to LDAP using
  my java code to retrieve these informations?Hmm, you don't need the user group info to connect to the LDAP server, right? You would need the user's Id (which you have) and password (which you don't). You could use the LDAP credentials and bind as that to look up the user info via the user id. Or if the server is set up to allow anonymous bind you could do it without credentials. But if all you want is group info then you should be able to call Security.getCurrentSubject().getPrincipals() to get the user principal as well as all groups (this is true in BEA WebLogic at least).
  Good Luck
  Lee

• User entered data disappears from view in fields after entry in Reader 9

  This is a repost. The form was recreated and same problem (see below) has occurred. The person who has created these forms is a basic user, and so is not changing any settings or doing any programming, just adding fill-in fields (text boxes) and check boxes, then distributing by email through Acrobat. The problem also occurs with other forms. I cannot find any information on this problem anywhere. Any new ideas? File is attached.
  A simple form with basic text boxes is created in LiveCycle ES and distributed with Acrobat Pro 9. All users have been upgraded to Acrobat Reader 9. But when the user fills in the form in Reader, the text disappears when they tab or enter into the next field. Check boxes are fine. The user also does not see the data when printing. But, after submission, the data can be seen and printed from Acrobat Pro 9 by the original sender.

  This form image was created using a Toshiba MFP and had form fields added with Acrobat. There appears to be a font problem. I saved the form in Acrobat Pro Extended 9. When I opened the form in Reader 9 I was asked to install Japanese fonts since the form uses the KozMinPrN6-Regular font.
  After dismissing the install request, the form fields behaved predictibly in Reader 9 (with the exception of requesting 10MB of Japanese fonts).
  Steve

• User Profiles option missing from SharePoint Designer 2013 workflows

  I noticed the User Profiles is missing as a Data Source option in the SharePoint Designer 2013 workflow platform (see image); whereas, it exists in the SharePoint 2010 workflow platform. Is there a way to connect this feature in SharePoint 2013 workflows
  by registering it or configuring through Workflow Manager? If not, what is the new approach in SP 2013 to call User Profiles services?

  Hi,
  Based on your description, you want to use user profile in SharePoint 2013 workflow.
  In SharePoint 2013 workflow user profiles is missing, if you have to use the user profile, you can create a SharePoint 2010 workflow, and use Start a List workflow action in 2013 workflow to start the 2010 workflow.
  The article below is about How to start a SharePoint 2010 Workflow within a SharePoint 2013 Workflow Using SharePoint Designer 2013
  http://www.c-sharpcorner.com/UploadFile/anavijai/how-to-start-a-sharepoint-2010-workflow-within-a-sharepoint/
  And in SharePoint 2013 there is an approach to user profile, you can add the action call http web service to get the information of user profile.  
  The article below is about how to use call http web service in SharePoint 2013 workflow.
  https://msdn.microsoft.com/en-us/library/office/dn567558.aspx
   Best regards
  Sara Fan
  TechNet Community Support

• Some RDS users cannot open documents from SharePoint

  Hi,
  I'm running into a weird problem in our demo environment. All demo users log on to a Windows 2012R2 RDS server and access SharePoint using Internet Explorer 11.
  Some (not all) users are able to open Word documents just fine. Those users that have the problem, are unable to open any document by clicking it. They have to right click the document, and open it by choosing any of the open-options in the context menu.
  If I set the document mode to IE9 using the developer toolbar, Word documents open just fine. The browser is configured to open sites in the intranet zone using the compatibility view for all users.
  Has anyone seen this behavior before?
  Thanks,
  Jeroen Hems
  Jeroen Hems
  Please help and appreciate others by using these features: "Propose As Answer", "Vote As Helpful" and "Mark As Answer"

  Hi
  Did you receive any error message when you try to open the documents?
  We recommend you start your Internet Explorer in compatibality mode, and follow the advice in the article below:
  http://blogs.technet.com/b/asiasupp/archive/2011/06/13/error-message-quot-your-client-does-not-support-opening-this-list-with-windows-explorer-quot-when-you-try-to-quot-open-with-explorer-quot-on-a-sharepoint-document-library-in-office-365-site.aspx
  In addition here's a thread for your reference:
  http://social.technet.microsoft.com/Forums/en-US/3cbe6b22-e307-485b-a1af-1699cdf5ba86/office-2013-applications-are-not-able-to-open-sharepoint-2007
  Thanks,
  Tylor Wang
  Forum Support
  Come back and mark the replies as answers if they help and unmark them if they provide no help.
  If you have any feedback on our support, please click
  here