GPP runs in System account even if specified that it should run i user context
The user 'xlsx' preference item in the 'USER-Microsoft-Office Group Policy object did not apply because it failed with error code '0x80070005 Access is denied.' This error was suppressed.
I have a problem with GPP that should make a program (Libreoffce or Microsoft office) the default opening option for certain file-types (.doc, xls, .ppt etc...)
But the GPP runs in system account even tho I have set the policy to "Run in user's security context"
Hi Martin,
Thank for your patiences!
Here is another log of a user that I'm certain that it is a failure on
2013-07-04 08:06:04.800 Entering ProcessGroupPolicyExFolderOptions()
2013-07-04 08:06:04.800 SOFTWARE\Policies\Microsoft\Windows\Group Policy\{A3F3E39B-5D83-4940-B954-28315B82F0A8}
2013-07-04 08:06:04.801 BackgroundPriorityLevel ( 0 )
2013-07-04 08:06:04.801 DisableRSoP ( 0 )
2013-07-04 08:06:04.801 LogLevel ( 2 )
2013-07-04 08:06:04.801 Command subsystem initialized. [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.818 Background priority set to 0 (Idle).
2013-07-04 08:06:04.819 ----- Parameters
2013-07-04 08:06:04.819 CSE GUID : {A3F3E39B-5D83-4940-B954-28315B82F0A8}
2013-07-04 08:06:04.819 Flags : ( ) GPO_INFO_FLAG_MACHINE - Apply machine policy rather than user policy
2013-07-04 08:06:04.819 ( X ) GPO_INFO_FLAG_BACKGROUND - Background refresh of policy (ok to do slow stuff)
2013-07-04 08:06:04.819 ( ) GPO_INFO_FLAG_SLOWLINK - Policy is being applied across a slow link
2013-07-04 08:06:04.819 ( ) GPO_INFO_FLAG_VERBOSE - Verbose output to the eventlog
2013-07-04 08:06:04.819 ( X ) GPO_INFO_FLAG_NOCHANGES - No changes were detected to the Group Policy Objects
2013-07-04 08:06:04.819 ( ) GPO_INFO_FLAG_LINKTRANSITION - A change in link speed was detected between previous policy application and current policy application
2013-07-04 08:06:04.819 ( ) GPO_INFO_FLAG_LOGRSOP_TRANSITION - A change in RSoP logging was detected between the application of the previous policy and the application of the current policy.
2013-07-04 08:06:04.819 ( ) GPO_INFO_FLAG_FORCED_REFRESH - Forced Refresh is being applied. redo policies.
2013-07-04 08:06:04.820 ( ) GPO_INFO_FLAG_SAFEMODE_BOOT - windows safe mode boot flag
2013-07-04 08:06:04.820 ( ) GPO_INFO_FLAG_ASYNC_FOREGROUND - Asynchronous foreground refresh of policy
2013-07-04 08:06:04.820 Abort Flag : Yes (0x003967d0)
2013-07-04 08:06:04.820 HKey Root : Yes (0x000015e0)
2013-07-04 08:06:04.820 Deleted GPO List : No
2013-07-04 08:06:04.820 Changed GPO List : Yes
2013-07-04 08:06:04.820 Asynchronous Processing : Yes
2013-07-04 08:06:04.820 Status Callback : No (0x00000000)
2013-07-04 08:06:04.821 WMI namespace : No (0x00000000)
2013-07-04 08:06:04.821 RSoP Status : Yes (0x068ced48)
2013-07-04 08:06:04.821 Planning Mode Site : (none)
2013-07-04 08:06:04.821 Computer Target : No (0x00000000)
2013-07-04 08:06:04.821 User Target : No (0x00000000)
2013-07-04 08:06:04.821 Calculated list relevance. [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.822 ----- Changed - 0
2013-07-04 08:06:04.822 Options : ( ) GPO_FLAG_DISABLE - This GPO is disabled.
2013-07-04 08:06:04.822 ( ) GPO_FLAG_FORCE - Do not override the settings in this GPO with settings in a subsequent GPO.
2013-07-04 08:06:04.822 Options (raw) : 0x00000000
2013-07-04 08:06:04.822 Version : 2293795 (0x00230023)
2013-07-04 08:06:04.822 GPC : LDAP://CN=User,cn={A357D87E-6F4D-4762-9F9A-6B5D3BE436F7},cn=policies,cn=system,DC=domain,DC=net
2013-07-04 08:06:04.822 GPT : \\domain.net\sysvol\domain.net\Policies\{A357D87E-6F4D-4762-9F9A-6B5D3BE436F7}\User
2013-07-04 08:06:04.822 GPO Name : {A357D87E-6F4D-4762-9F9A-6B5D3BE436F7}
2013-07-04 08:06:04.822 GPO Link : ( ) GPLinkUnknown - No link information is available.
2013-07-04 08:06:04.823 ( ) GPLinkMachine - The GPO is linked to a computer (local or remote).
2013-07-04 08:06:04.823 ( ) GPLinkSite - The GPO is linked to a site.
2013-07-04 08:06:04.823 ( ) GPLinkDomain - The GPO is linked to a domain.
2013-07-04 08:06:04.823 ( X ) GPLinkOrganizationalUnit - The GPO is linked to an organizational unit.
2013-07-04 08:06:04.823 ( ) GP Link Error
2013-07-04 08:06:04.823 lParam : 0x00000000
2013-07-04 08:06:04.823 Prev GPO : No
2013-07-04 08:06:04.823 Next GPO : Yes
2013-07-04 08:06:04.823 Extensions : [{00000000-0000-0000-0000-000000000000}{2EA1A81B-48E5-45E9-8BB7-A6E3AC170006}{3BFAE46A-7F3A-467B-8CEA-6AA34DC71F53}{BEE07A6A-EC9F-4659-B8C9-0B1937907C83}{CF848D48-888D-4F45-B530-6A201E62A605}][{25537BA6-77A8-11D2-9B6C-0000F8080861}{88E729D6-BDC1-11D1-BD2A-00C04FB9603F}][{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{D02B1F73-3407-48AE-BA88-E8213C6761F1}][{5794DAFD-BE60-433F-88A2-1A31939AC01F}{2EA1A81B-48E5-45E9-8BB7-A6E3AC170006}][{A2E30F80-D7DE-11D2-BBDE-00C04F86AE3B}{FC715823-C5FB-11D1-9EEF-00A0C90347FF}][{A3F3E39B-5D83-4940-B954-28315B82F0A8}{3BFAE46A-7F3A-467B-8CEA-6AA34DC71F53}][{B087BE9D-ED37-454F-AF9C-04291E351182}{BEE07A6A-EC9F-4659-B8C9-0B1937907C83}][{E4F48E54-F38D-4884-BFB9-D4D2E5729C18}{CF848D48-888D-4F45-B530-6A201E62A605}]
2013-07-04 08:06:04.823 lParam2 : 0x33d71cd8
2013-07-04 08:06:04.824 Link : LDAP://OU=ou,DC=domain,DC=net
2013-07-04 08:06:04.827 RunOnce value created [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.830 Read GPE XML data file (1124 bytes total).
2013-07-04 08:06:04.831 RunOnce value created [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.831 Starting filter [AND FilterCollection].
2013-07-04 08:06:04.831 Starting filter [AND NOT FilterOs].
2013-07-04 08:06:04.832 Starting filter [AND NOT FilterOs].
2013-07-04 08:06:04.832 Starting filter [AND NOT FilterOs].
2013-07-04 08:06:04.833 RunOnce value created [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.841 ----- Changed - 1
2013-07-04 08:06:04.841 Options : ( ) GPO_FLAG_DISABLE - This GPO is disabled.
2013-07-04 08:06:04.841 ( ) GPO_FLAG_FORCE - Do not override the settings in this GPO with settings in a subsequent GPO.
2013-07-04 08:06:04.842 Options (raw) : 0x00000000
2013-07-04 08:06:04.842 Version : 12517567 (0x00bf00bf)
2013-07-04 08:06:04.842 GPC : LDAP://CN=User,cn={F45570D0-E3E9-4C02-B471-11E5708EC6F8},cn=policies,cn=system,DC=domain,DC=net
2013-07-04 08:06:04.842 GPT : \\domain.net\SysVol\domain.net\Policies\{F45570D0-E3E9-4C02-B471-11E5708EC6F8}\User
2013-07-04 08:06:04.842 GPO Display Name : USER-Microsoft-Office
2013-07-04 08:06:04.842 GPO Name : {F45570D0-E3E9-4C02-B471-11E5708EC6F8}
2013-07-04 08:06:04.842 GPO Link : ( ) GPLinkUnknown - No link information is available.
2013-07-04 08:06:04.842 ( ) GPLinkMachine - The GPO is linked to a computer (local or remote).
2013-07-04 08:06:04.842 ( ) GPLinkSite - The GPO is linked to a site.
2013-07-04 08:06:04.842 ( ) GPLinkDomain - The GPO is linked to a domain.
2013-07-04 08:06:04.843 ( X ) GPLinkOrganizationalUnit - The GPO is linked to an organizational unit.
2013-07-04 08:06:04.843 ( ) GP Link Error
2013-07-04 08:06:04.843 lParam : 0x00000000
2013-07-04 08:06:04.843 Prev GPO : Yes
2013-07-04 08:06:04.843 Next GPO : No
2013-07-04 08:06:04.843 Extensions : [{00000000-0000-0000-0000-000000000000}{3BFAE46A-7F3A-467B-8CEA-6AA34DC71F53}{CEFFA6E2-E3BD-421B-852C-6F6A79A59BC1}][{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{D02B1F73-3407-48AE-BA88-E8213C6761F1}][{A3F3E39B-5D83-4940-B954-28315B82F0A8}{3BFAE46A-7F3A-467B-8CEA-6AA34DC71F53}][{C418DD9D-0D14-4EFB-8FBF-CFE535C8FAC7}{CEFFA6E2-E3BD-421B-852C-6F6A79A59BC1}]
2013-07-04 08:06:04.843 lParam2 : 0x382b2bc8
2013-07-04 08:06:04.843 Link : LDAP://OU=ou,DC=domain,DC=net
2013-07-04 08:06:04.847 RunOnce value created [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.851 Read GPE XML data file (4376 bytes total).
2013-07-04 08:06:04.852 RunOnce value created [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.853 RunOnce value created [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.857 RunOnce value created [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.861 RunOnce value created [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.864 RunOnce value created [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.868 RunOnce value created [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.872 RunOnce value created [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.876 RunOnce value created [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.880 RunOnce value created [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.884 Properties handled. [ hr = 0x80070005 "Access is denied." ]
2013-07-04 08:06:04.887 Error suppressed. [ hr = 0x80070005 "Access is denied." ]
2013-07-04 08:06:04.888 RunOnce value created [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.892 RunOnce value created [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.896 RunOnce value created [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.899 RunOnce value created [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.909 Completed get next GPO. [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.909 Completed get GPO list. [SUCCEEDED(S_FALSE)]
2013-07-04 08:06:04.927 Leaving ProcessGroupPolicyExFolderOptions() returned 0x00000000
Similar Messages
-
Hello,
I have a WScript File that includes an external resource (js file).
It works on one computer and it does not work on another computer.
If I run this file from a normal admin command prompt everything runs fine on both computers.
If I run this file from the Local System account using PsExec it runs fine on one of the computers and throws an error "Cannot Retrieve referenced URL" on the other computer.
The reason I want it to run from the Local System account is that it is executed from a Windows Service.
Is there some setting or some way for the IE cache to get corrupt on the Local System account or something like that?JRV,
You are by far the worst 'support' person I've ever seen. If you aren't going to be thoughtful in providing support, don't pretend. If you're going to pretend, leave your condescension on the shelf. You have provided no thoughtfulness whatsoever to his issue,
and have in no way improved the discourse. You are arrogant and condescending without exhibiting any intelligence whatsoever. I'm impressed Matt kept calm through your demeaning, counterproductive diatribes.
Matt,
First I'd check UAC settings, because I believe that can change how elevation works substantially.
Second, I would check the versions of wscript.exe on both machines, both in System32 and SysWow, and I'd check for updates bypassing WSUS to make sure there's not something silly going on there (totally a shot in the dark, catch-all theory).
Have you made any headway in the last few weeks?
-John
This is not a support forum and it is not for assistance in fixing broken configurations. It is a scripting forum. The OP proved that the issue is not the script but the environment it is running in. You should not get mad just because you are
not getting satisfaction.
¯\_(ツ)_/¯ -
Can't delete admin account even as Root
We're experimenting with integrating our Mac users into Active Directory. I've read that you should delete the user account in Sys Prefs first and leave the home folder.
The problem we're having is that I can't delete the users account in system prefs even if I log in as the root user. I get a generic error after about 10 minutes of looking like it is working that says the account could not be deleted.
My guess is it has something to do with the fact that I had already logged into the same acount with an Active Directory login and the permissions have been changed on certain files and now it can't complete archiving the home folder because of some rights issue.
I have unbound the computer from the AD forest and ran disk permissions to no avail. I'd like to keep the existing home folder to use with the network login if possible so I haven't tried the quick delete option.
Any advice would be greatly appreciated.
Thanks
-T
MacBook Pro 2Ghz, iMac, XServe, G5 Mac OS X (10.4.8)You can't delete an account if it is logged in, or if it is the only admin account on the system. So make sure that there is at least one other admin account, and that the account you want to delete os logged out.
-
What problem may arise if we remove "system" account from ACL on files & folders
hi friends
as wee see, in the ACL of all files & folders ,the account called "system" exist & usually has full permission.
what is the usage or benefit of this here ? if we remove system from here, which problems may occur? if possible please give me some examples.
thanks in advanceHi,
We have an old article for explaining this question:
How the System account is used in Windows
http://support.microsoft.com/kb/120929/en-us
The system account and the administrator account (Administrators group) have the same file privileges, but they have different functions. The system account is used by the operating system and by services that run under Windows.
There are many services and processes within Windows that need the capability to log on internally (for example during a Windows installation).
The system account was designed for that purpose; it is an internal account, does not show up in User Manager, cannot be added to any groups, and cannot have user rights assigned to it. On the other hand, the system account does show up on
an NTFS volume in File Manager in the Permissions portion of the Security menu. By default, the system account is granted full control to all files on an NTFS volume. Here the system account has the same functional privileges as the administrator account.
NOTE: Granting either account Administrators group file permissions does not implicitly give permission to the system account. The system account's permissions can be removed from a file but it is not recommended.
On shared folders if there is no system file stored inside, you can remove SYSTEM account from NTFS permission.
If you have any feedback on our support, please send to [email protected]
hi shaon
nice. thank you very much
best regards -
So, I'm having some problems getting a logon script to work. I need a way to deploy the agent that we use via login/startup scripts and what I have works fine if the user has admin rights, or if UAC is disabled. I've tried to convert the .exe
to an .msi to make it easier, but the .msi never works and it's only distributed as an .exe. We deploy this to different clients, I can't disable UAC in their environment unless they specifically tell us to. Can anyone think of a way around this?
I've been searching for days and I'm just lost. If we could execute the file as the system account, or connect to shares using a startup script instead of logon, that would be perfect. Basically what it does is check to see if the process for the
agent is running (agentmon.exe) so we don't attempt to install it if it is already installed, if it's not, then it calls on a different agent installer depending on the IP address of the system (for clients that have more than one location). Here's what
I've got written that works for me in my test environment:
Const strAgent1 = "\\home.wiginton.local\SysVol\home.wiginton.local\Policies\{CD4ED3BD-0709-4E3D-A303-C9E3B0F5198D}\User\Scripts\Logon\Test-KcsSetup1.exe"
Const strAgent2 = "\\home.wiginton.local\SysVol\home.wiginton.local\Policies\{CD4ED3BD-0709-4E3D-A303-C9E3B0F5198D}\User\Scripts\Logon\Test-KcsSetup2.exe"
Const strAgent3 = "\\home.wiginton.local\SysVol\home.wiginton.local\Policies\{CD4ED3BD-0709-4E3D-A303-C9E3B0F5198D}\User\Scripts\Logon\Test-KcsSetup3.exe"
Const strFolder = "C:\Temp\"
Const Overwrite = True
dim objFSO, objNIC1, arrNIC, strIP, strMask, objShell, objWMIService
dim
'Checks for Kaseya agent process, AgentMon.exe, exits if running
Set objWMIService = GetObject ("winmgmts:")
Set proc = objWMIService.ExecQuery("select * from Win32_Process Where Name='agentmon.exe'")
If proc.count > 0 Then
WScript.Quit
End If
'Instantiate a NIC configuration object
Set objNIC1 = GetObject("winmgmts:").InstancesOf("Win32_NetworkAdapterConfiguration")
'Instantiate a shell object
Set objShell = CreateObject("wscript.shell")
Set objFSO = CreateObject("Scripting.FileSystemObject")
'Create Temp Dir if it doesn't exist
If Not objFSO.FolderExists(strFolder) Then
objFSO.CreateFolder strFolder
End If
For Each arrNIC in objNIC1
if arrNIC.IPEnabled then
StrIP = arrNIC.IPAddress(i)
strMask = arrNIC.IPSubnet(i)
Set WshNetwork = WScript.CreateObject("WScript.Network")
end if
next
Function NetworkID(Address, Mask)
Dim AddressOctets, MaskOctets, Result, N
AddressOctets = Split(Address, ".")
MaskOctets = Split(Mask, ".")
ReDim Result(UBound(AddressOctets))
For N = 0 To UBound(AddressOctets)
Result(N) = AddressOctets(N) And MaskOctets(N)
Next
NetworkID = Join(Result, ".")
End Function
Select Case NetworkID(strIP,strMask)
Case "192.168.0.0"
' Kaseya install commands for 192.168.0.0 subnet
objFSO.CopyFile strAgent1, strFolder, Overwrite
Wscript.Sleep 1*60*1000
objShell.run "C:\Temp\Test-KcsSetup1.exe"
Case "192.168.1.0"
' Kaseya install commands for 192.168.1.0 subnet
objFSO.CopyFile strAgent2, strFolder, Overwrite
Wscript.Sleep 1*60*1000
objShell.run "C:\Temp\Test-KcsSetup2.exe"
Case "192.168.2.0"
' Kaseya install commands for 192.168.2.0 subnet
objFSO.CopyFile strAgent3, strFolder, Overwrite
Wscript.Sleep 1*60*1000
objShell.run "C:\Temp\Test-KcsSetup3.exe"
Case Else
' Some sort of error checking. Maybe a BLAT SMTP command to send an email
End Select
Set objWMIService = Nothing
Set objNIC1 = Nothing
Set objShell = Nothing
Set WshNetwork = Nothing
Wscript.quitYou need to read the documentation carefully:
The Deploy Agents install package is created using a Configure Automatic Account Creation wizard. The wizard copies agent settings from an existing machine ID or machine ID template and generates an install package called
KcsSetup.All settings and pending agent procedures from the machine ID you copy from—except the machine ID, group ID, and organization ID—are applied to every new machine ID created with the package.
Including Credentials in Agent Install Packages
If necessary, an agent install package can be created that includes an administrator
credentialto access a customer network. Credentials are only necessary if users are installing
packages on machines and do not have administrator access to their network. The administrator credential is encrypted, never available in clear text form, and bound to the install package.
¯\_(ツ)_/¯ -
Environment:
OS: Windows 7 32/64 bit, Windows 2008 Server 64
bit/ Windows 2012 Server 64 bit
Priority:
- Critical
Requirement: - Since
the Windows Service is running under the Local System Account, we would like to emulate this same behaviour.
Basically, we would like to run CMD.EXE under the Local System Account. So that we can map a network drive to be used by a service using following
command
net use z: \\servername\sharedfolder /persistent:yes.
Already Attempt:
We tried to launch the CMD.exe using the DOS Task Scheduler AT command. Here’s a sample command:
AT 10:36 /interactive cmd.exe
But I received a warning that “due
to security enhancements, this task will run at the time excepted but not interactively.”
It turns out that this approach will work for XP, 2000 and Server 2003 but due to session isolation
Interactive services no longer work on Windows 7, Windows Server 2008 and above.
2. We
tried to create a secondary Windows Service via the Service Control (sc.exe) which merely launches CMD.exe.
<Drive>:\sc create RunCMDAsLSA binpath= "cmd" type=own type=interact <Drive>:\sc
start RunCMDAsLSA
In this case the service fails to start and results it the following error message:
FAILED 1053: The service did not respond to the start or control request in a timely fashion.
3. One
suggestion, we found to launch CMD.exe via a Scheduled Task, but
it is not giving any option to launch CMD.exe in interactive mode; so that I can map network drive using net command.
4. I read an article, which
demonstrates the use of PSTools from SysInternals. I launched the command line and executed following command
psexec -i -s cmd.exe
PSTools worked fine, but It seems that in scope of Sysinternals Software License
Terms. You may not "use the software for commercial software hosting services."
Application will deploy on client, which will be like commercial,
so we are not able to use PSTools.
Kindly assist us for achieving the requirement. We have tried all the ways, but nothing is working for us. Kindly suggest.
I will be really thankful.Hi Sir,
Nothing worked from above for us. You can see our remarks on posted query.
That’s why, we posted on forum.
And there will not be any vulnerability, because, if we will use "net
use ..."
in network domain; definitely,
we will provide username and password of mapped drive system.
And, that system, itself is given by client; so that, there must not be any vulnerability; they are ready to provide user name and password.
We need a way; by which we can complete the requirement. Kindly assist.
Regards,
S. P. Singh -
Ifweb60 processes run as local system account on w2k- how do i change?
i am running forms 6i on an 2000 box using
the forms servlet config and oc4j with 9ias.
this runs fine except that the ifweb60 processes
are owned by the local system account. this in
turn means i can't map the forms60_path to a
network drive because i can't give network
privileges to a local system account. so,
how do i change the account that spawns the
ifweb60 processes?
thanks,
martaNever mind, resolved this myself by using the netbios name to substitute the value I need on each individual domain.
$domain = Get-ADDomain | Select-Object -expandproperty netbiosname
Set-Location "dc=$domain,dc=dom,dc=co,dc=uk'
Sets location as:
PS AD:\dc=a,dc=dom,dc=co,dc=uk>
ON another domain same script results
PS AD:\dc=b,dc=dom,dc=co,dc=uk>
Exactly what I needed! -
Running 10G as a non local system account on Windows Server 2003
Hi,
I have an Oracle 10G database running on Windows Server 2003, SP2. I have created the database and it all works fine while the service is running as the default local system account. However, when I change the user that the service runs as to a different account the database starts and opens, and I can log on as SYS using a bequeath connection but I am unable to log on as any other user going through the listener. The listener responds to TNSpings, and all seems to be OK. When I switch it back to the local system user again it all works fine.
Can anyone offer any advice or help?
Thanks,
RobThat's probably because the listener is still running as the local system account. Have you tried to change the listener service to run as the same account as the Oracle service?
-
SMA on Windows 7 with local system account
Hello,
I use SMA on Windows 7.
When I launch the wizard (sma.exe) to capture the profiles with an admin account : it works, i have myfile.sma and myfile.sma.DriveC, which contains all profiles.
But if I launch the same wizard (sma.exe) with Local System account, none of profiles are saves, so I don't have a myfile.sma.DriveC, juste myfile.sma one.
(i must use Local System account)
(to launch sma.exe as a local system account on Windows vista/7, you have to run cmd.exe as an admin, then launch "psexec -i -s cmd.exe" (so you have to dl psexec))
ThanksWhen I launch SMA under the "SYSTEM" account, it seems the problem is that the user folders are not selected by default (even if you select the user accounts to migrate). So you have to select the files and folders that you want to migrate (e.g. the "c:\users" folder). When I did this, then I got both the .sma file and the .DriveC file in the location that I specified.
The way I run as "SYSTEM" is by replacing c:\windows\system32\magnify.exe with c:\windows\system32\cmd.exe and then choosing the Magnifer option at the windows logon screen (note that you have to take ownership of magnify.exe in order to replace it). This gives me a command prompt at the logon screen to do whatever I want to.
I don't think SMA was really designed to be run this way (under the "SYSTEM" account), so if you're still having problems after trying the above, then you're going to need to change your process to run SMA under an actual user account or else find some other tool to use. -
I am trying to fix a friend’s eMac. It was working fine until the name of the administrator was changed incorrectly in Systems Accounts. Upon restart the computer failed to mount. I tried to reinstall Tiger and could not. The destination to do this install could not be found. While in Disk Utilities I tried to repair and then zero out erase the hard drive, this also could not be successfully done. The hard drive was working perfectly before the name change. I may try to load Tiger from the eMac onto an external drive and then hope to erase the eMac internal drive.
Thank you for your thoughts on this as it would be a shame to retire this trusted computer.
Nick M.Hello,
Thank you very much for your attention to this. Yesterday I was able to get the eMac to install Leopard onto an external drive. I had hoped that once done I would be able to initialize or erase the content of the internal drive in Disk Utility, but was not able to do so, I only received error messages telling me my request failed. This was also true when I tried to create partitions on it. So in effect, the computer runs, but only from the external drive. I could not even find the internal drive while running from the external drive. Where is it? And the internal drive only occasionally shows up in Disk Utility.
As for holding Option and Alt, the internal drive did not show up.
And Leopard was running on the eMac when I lost contact with it. Again, all failed when a name of the administrator was changed, but was not properly done. Or something like this.
Is there anyway I can use Terminal to help reach the internal drive?
I realize I am asking a lot of questions.
And I thank you for your time,
Nick M. -
I have a workflow firing on create and update in a list. The list is a calendar that is email enabled. The tasks are assigned with the requested by set to be the System Account, which shows underlined in red when trying to complete the workflow task. This
is a sharepoint designer 2010 workflow using the assing approval task action. I was hoping to see a variable used when assigning the task to allow changing that from the system account to the created by on the original list, which I am able to assign for the
approval workflow starting notification since that also was trying to go to the system account.
Here is the task as it looks which will not allow completion even by site collection administrator.
If the workflow starts with direct entry in the list, all works fine. This is related to the system account creating the initial item, but was hoping to override that during the task process.
Anyone else run into this and have solution?Hi Alan,
I can’t reproduce your issue, but you can change the requested by on the task form to “created by” column. Go to SharePoint
designer, open the workflow, under forms section, click task type form workname.xsn to open it in InfoPath form, then you can change the requested by to created by.
For more information, see
http://blogs.msdn.com/b/edhild/archive/2011/06/01/creating-custom-workflow-task-approval-forms-with-sharepoint-designer-2010.aspx
Best Regards.
Kelly Chen
TechNet Community Support -
The system cannot find the specified file
I have tried to download and install a driver for hp officejet 4500 wireless on 2 different computers, one windows 7
the other windows 8, with no sucess. I keep getting a message saying " The system cannot find the specified file".
I even paid for a driver on a disk and got the same message.
HELP ME PLEASE
Sincerely
meyerretHi,
Follow the steps below and check if that resolve the issue:
1. Open Mcafee software, from the Virus and Spyware Protection section click on Schedule and run scans. Click on Real time scanning and then on Turn Off. select till I restart the PC and confirm by clicking the Turn Off button.
Now try reinstalling the HP Software and check if the installation goes as expected.
If the issue persists continue following the next steps below:
2. Open the run dialog by clicking both the Windows key and the R key on your keyboard. Type %windir% and click on OK.
3. Type hpoins*.dat into the top search bar, if there are any results rename the extention into old instead of dat. (e.g. hpoins1.old)
4. Type hpwins*.dat into the top search bar, if there are any results rename the extention into old instead of dat. (e.g. hpwins1.old)
5. Launch the Run dialog by clicking both the Windows key and the R key on your keyboard. Type MSIEXEC /UNREGISTER into the Run dialog and click on OK.
6. Launch the Run dialog by clicking both the Windows key and the R key on your keyboard. Type MSIEXEC /REGSERVER into the Run dialog and click on OK.
7. Run the installation file and check for any difference.
Regards,
Shlomi
Say thanks by clicking the Kudos thumb up in the post.
If my post resolve your problem please mark it as an Accepted Solution -
Workflow configuration error - System Account connection test failed
Hi,
Has anybody faced a problem with Workflow configuration? The version we are using is 2.6.2 on Oracle database 9.2.0.5 on AIX5L. The workflow installation from 9.2.0.1 installation CDs goes through without any problem. But when the workflow configuration tool comes up it fails with the following error.
"SYSTEM account connection test failed".
The system and sys accounts are fine as verified by sqlplus. Any help is greatly appreciated.
The log file is shown below.
Workflow Configuration Assistant-AIX
WorkflowCA:
WorkflowCA: Workflow Configuration in progress...
WorkflowCA:
WorkflowCA: Screen width -2304-, screen height -1024-
WorkflowCA: Graphics User Interface mode
WorkflowCA:
WorkflowCA: Language - US
WorkflowCA:
WorkflowCA: Start testing connection, which takes less than 3 minutes.
WorkflowCA:
WorkflowCA: Account connection test for SYSTEM
WorkflowCA: SQL Thread: Thread[TstSQL,5,main]
WorkflowCA: chkSQL: true
WorkflowCA: cmdLine: /app/oracle/product/9.2.0/bin/sqlplus system/<Masked Password> @/app/oracle/product/9.2.0/wf/sql/wftstcon.sql
WorkflowCA: envVar[0]: -ORACLE_SID=rsdb-
WorkflowCA: envVar[1]: -ORACLE_HOME=/app/oracle/product/9.2.0-
WorkflowCA: envVar[2]: -WF_RESOURCES=/app/oracle/product/9.2.0/wf/res/wfus.res-
WorkflowCA: envVar[3]: -TZ=EST5EDT-
WorkflowCA: envVar[4]: -WF_NLS_LANG=AMERICAN_AMERICA.WE8ISO8859P1-
WorkflowCA: envVar[5]: -PATH=/app/oracle/product/9.2.0/bin:/app/oracle/product/9.2.0/lib:$PATH-
WorkflowCA: envVar[6]: -LD_LIBRARY_PATH=/app/oracle/product/9.2.0/lib-
WorkflowCA: envVar[7]: -WF_TNS_ADMIN=/app/oracle/product/9.2.0/network/admin-
WorkflowCA: envVar[8]: -WF_SHLIB_PATH=/app/oracle/product/9.2.0/lib-
WorkflowCA: Exit Val : 126
WorkflowCA: chkSQL is alive after 1 seconds: false
WorkflowCA: SYSTEM account connection test failed.
WorkflowCA: Terminating...
Thanks,
ChethanWe had this problem on 2 machines.
On the 1st machine, we tried the local install option after a few days (Local option with no connect string) and it worked with no problems!
On the 2nd machine, we could never get it to work even after opening a tar with Oracle. Finally we did a remote install from the 1st machine into the database on the 2nd machine. During the remote install while running wfinstall on the 1st machine, we just had to choose the remote option and the database service name for the connect string.
Thanks,
Chethan -
Cannot access primary user account - even with Install CD
I’ve been racking my brain trying to figure out how to solve a OSX problem for a friend that ran into some problems on his iMac. For some reason, he wasn’t able to log onto his user account – the only one on this computer. He didn’t try to change his password, but something strange must have happened.
We tried to reset the password with an OS X install disc, but I couldn’t even find, much less access his user account. Thanks to the help of some folks at the Genius Bar of an Apple store, we were able to log onto the Root account and create a new account. I tried t recreate the original user account, but the computer wouldn’t allow it, as that account was already being used. If that user account was still active, why wasn’t I able to reset it with an install disc?
I’ve rebuilt the volumes with Disk Warrior, and repaired permissions with Disk Utilities. I’m at a loss on how to deal with accessing the original user account, which has a lot of important data. I’ve copied the user data to an external drive, and I’m thinking I might be able to import various files – email data, photographs, and various documents, but I’m hoping there be an alternative to what seems like a tedious route. Other than using an install disc to reset the password to the user account it can’t seem to recognize, are there any other ways to gain access to this account?
My friend’s computer is a G4 iMac running, I believe, 10.3.9.There are several possibilities as to why a user account may
not be correctly available or a password to it reset to fix it.
One of them may be, if the short name of the computer or of
an account was changed by the user; and later the system
may appear different or changed, with some of the user acct
settings or preferences no longer as they were prior to that.
There is a way to create a new admin level user account and
then move the older user info into the new account; then go
in and delete the other one. I am not certain as to how to do
this; but the topic has come up in these discussions, and the
general path is about the same from Panther through Leopard.
A few details may be named different, but similar as things go.
• Mac OS X: *How to change user short name* or home directory name:
http://support.apple.com/kb/ht1428
• How do I change owner's name in my Mac:
http://www.askdavetaylor.com/howto_change_owners_name_applemac.html
While these kinds of details may not be behind the exact problem in
the computer in question, directory and user account issues do often
have similar causes. Often, they are user-caused events. If the general
Directory of information on the hard disk drive has a problem, the use
of a third-party disk tool such as Disk Warrior is usually advised. If that
were needed, usually more evidence across the system would appear.
There may be a way to use a Setup Assistant to recreate a new user
experience and start over with a new admin account and user name.
Then go into the system to ferret out the old user info.
+Sorry I can't be of more help; as I am being distracted by an elderly+
+person who can't figure out why I am online or what it means to be.+
Good luck & happy computing! -
Access to sys and system accounts
How to determine who can access sys and system accounts?
we have oracle 10.2.0.4. I want to know which users can access sys and system accounts?
Please advise
Thanks
S.ski123 wrote:
How to determine who can access sys and system accounts?That depends... access to SYS can be done via o/s - no need to compromise the db instance. Only the o/s account running it.
Even inside Oracle, it is possible to logon as SCOTT and execute SQL and PL/SQL code as SYS - without having any DBA like privs or access to the password for SYS (possible by using a compromised DBMS_SYS_SQL package).
Bottom line is, you cannot just look at privs inside Oracle to determine who has SYS access. Security and hardening are more complex than that.
Maybe you are looking for
-
PO line item material can not be changed. SAP gives message 06387.
Hello, When we create purchase orders with reference to Quotations, SAP is not letting us change the PO part number after the PO has been created. SAP generates message 06387 saying that 'Agreement item contains a different material'. Because we cre
-
Finding the multiple JRE installed path in Linux OS
for my requirement on finding the JRE installaiton folder on windows and Linux machines , I can able to get it in windows but I am facing problem in getting the jre installed path from Linux machine. I am using Debian etch OS. Can anyone help me to f
-
Error in installing SAP Web AS ABAP (Unicode Version)
I have SAP Web AS Java in my machine already, but in order to install XI, I need to install also ABAP unicode. During the installation, I got the following error. I can't interpret it what it is or what I have done wrong. Can anybody give me a hand?
-
hello, we are not using currently Lean WM as this is managed outside of SAP. But to use small part of this functionality like picking and packing and handling untit as well as Two step picking can we create a dummy warehouse to use this functionality
-
Best Interface To Use With Logic 7.2
Hello, Last May, I finally decided to make the plunge and purchase a Mac - iMac Intel Core Duo 20" with 2 GB of RAM - and it's been a great computer, (God sent, really) but after fiddling with Garageband for about a month, I decided recently to try a