How to List User Permissions in CMC XI 3.1?

Similar Messages

• How to list users under multiple groups and users sub groups

  Hi, I am stump, which is not hard to do. i have a list of groups and i want to list the users in those groups and then in the next column lists all the citrix only groups for each user. hopefully im describing that correctly. Heres what i have but it is
  not listing the users groups. I am not sure how to proceed.
  $CurrentDate = Get-Date
  $CurrentDate = $CurrentDate.ToString('MM-dd-yyyy_hh-mm-ss')
  $Groupname = "Distribution Lists"
  $excel = New-Object -comobject Excel.Application
  $excel.visible = $True
  $wbook = $excel.Workbooks.Add()
  $wsheet = $wbook.Worksheets.Item(1)
  $wsheet.Cells.Item(1,1) = "Groupname"
  $wsheet.Cells.Item(1,2) = "Member"
  $wsheet.Cells.Item(1,3) = "ACID"
  $wsheet.Cells.Item(1,4) = "Department"
  $range = $wsheet.UsedRange
  $range.Interior.ColorIndex = 19
  $range.Font.ColorIndex = 11
  $range.Font.Bold = $True
  $intRow = 2
  $groups = get-adgroup -Filter * -properties * -Searchbase "OU=Citrix,OU=Permission,OU=Groups,OU=Home Office,OU=domain,DC=Domain,DC=com"
  $targetFile = "c:\temp\$groupname $CurrentDate.csv"
  Add-Content $targetFile "Group;Member;ACID;Department"
  foreach ($group in $groups){
  $groupMembers = get-adgroupmember $group -Recursive | Get-ADUser -Properties Department, DistinguishedName| Where-Object { $_.Enabled -eq 'True' } | Select-Object Name, samaccountname, department, distinguishedname, @{n='MemberOf';e={$_.MemberOf -replace '^cn=([^,]+).+$','$1' -join '; '}
  foreach ($groupMember in $groupMembers){
  $groupName = $group.Name
  $memberName = $groupMember.Name
  $acid = $groupMember.samaccountname
  $groups = $usergroups
  #$department = $groupMember.department
  $department = $groupMember.memberof
  #$DistinguishedName = $gropmember.distinguishedname
  $line = "($groupName)--------($memberName)-----($acid)-------($department)------($usergroups)"
  add-content $targetFile $line
  $wsheet.Cells.Item($intRow,1) = $groupName
  $wsheet.Cells.Item($intRow,2) = $memberName
  $wsheet.Cells.Item($intRow,3) = $acid
  $wsheet.Cells.Item($intRow,4) = $groups
  $wsheet.Cells.Item($intRow,5) = $DistinguishedName
  $intRow++
  $WorkBook.EntureColumn.AutoFit()
  $excel.SaveAs("DL" + "name.xlsx")
  $excel.Close()

  Hi Glacket,
  Below codes should give you headsup.
  This command will give you estimate the result count for each group:
  PS C:\Users\Administrator> Get-ADGroup -Filter {Name -like "TestGroup*"} | Select Name, @{Expression={get-adgroupmember $_ -recursive | Measure | Select -ExpandProperty Count};Label="Count"}
  Name Count
  TestGroup1 7
  TestGroup2 8
  Note that as said earlier we are getting duplicated results(12,13,14) for users belonging to multiple groups. Result is in order as per earlier code's count and order.
  Get-ADGroup -Filter {Name -like "TestGroup*"} | get-adgroupmember -recursive | Select Name,@{Expression={Get-ADPrincipalGroupMembership $_ | Select -ExpandProperty Name};Label="GroupMemberOfName"}
  Name GroupMemberOfName
  User100 {Domain Users, TestGroup1}
  User14 {Domain Users, TestGroup1, TestGroup2}
  User13 {Domain Users, TestGroup1, TestGroup2}
  User12 {Domain Users, TestGroup1, TestGroup2}
  User11 {Domain Users, TestGroup1}
  User10 {Domain Users, TestGroup1}
  User1 {Domain Users, TestGroup1}
  User19 {Domain Users, TestGroup2}
  User18 {Domain Users, TestGroup2}
  User17 {Domain Users, TestGroup2}
  User16 {Domain Users, TestGroup2}
  User15 {Domain Users, TestGroup2}
  User14 {Domain Users, TestGroup1, TestGroup2}
  User13 {Domain Users, TestGroup1, TestGroup2}
  User12 {Domain Users, TestGroup1, TestGroup2}
  Use below to export to CSV:
  Get-ADGroup -Filter {Name -like "TestGroup*"} | get-adgroupmember -recursive | Select Name,@{Expression={Get-ADPrincipalGroupMembership $_ | Select -ExpandProperty Name};Label="GroupMemberOfName"} | Export-Csv C:\ListGroups.csv
  Regards,
  Satyajit
  Please “Vote As Helpful”
  if you find my contribution useful or “Mark As Answer” if it does answer your question. That will encourage me - and others - to take time out to help you.

• URGENT!!!! How to list users from a content of groups in Quest PowerShell! HELP!!!

  Hi everybody
  I have this script:
  $out = @()
  Get-Content D:\Tools\Reportes_Power_Shell\Contenedor_Power_Shell\Users.txt | ForEach {
      $date = (Get-Date).ToString()
      $username = $_
      $displayName = (Get-QADUser $username -Properties DisplayName).DisplayName
      $groups = Get-QADMemberOf $username | Sort-Object Name
      ForEach ( $group in $groups ) {
          $obj = New-Object -TypeName PSObject
          $obj | Add-Member -MemberType NoteProperty -Name Date -Value $date
          $obj | Add-Member -MemberType NoteProperty -Name UserName -Value $username
          $obj | Add-Member -MemberType NoteProperty -Name DisplayName -Value $displayName
          $obj | Add-Member -MemberType NoteProperty -Name GroupName -Value $group.name
          $out += $obj
  $out | Export-CSV D:\Tools\Reportes_Power_Shell\Reportes_de_Power_Shell_y_AD_Info\Users_Memberships.csv
  What I need now is exactly the opposite, I need to put Groups in a container and in the same format list all users within plus the cmdlet "AccountIsDisabled". I need this ASAP, could you help me?
  Thanks a lot.

  Hi,
  Based on what I can gather, you're looking to read in an input file of group names, check each group's membership, and then export that information to a CSV file.
  I don't have the Quest tools, but here's how I'd do this with the AD module:
  Get-Content .\groupList.txt | ForEach {
  $groupName = $_
  Get-ADGroupMember $_ | ForEach {
  $props = @{
  'Group Name'=$groupName
  UserName=$_.SamAccountName
  Name=$_.Name
  DisplayName=(Get-ADUser $_.SamAccountName -Properties DisplayName).DisplayName
  New-Object PsObject -Property $props
  } | Export-Csv .\groupMembers.csv -NoTypeInformation
  Don't retire TechNet! -
  (Don't give up yet - 12,420+ strong and growing)

• How to add User Permissions to form created in InfoPath 2010 created for SharePoint document Library

  Hi,
  I created a form in InfoPath 2010 with three views (one for user input, the other two views to be used by supervisors) and published this to a SharePoint 2010 document library. Now the way this form is supposed to work is that when a User goes to the document
  library and adds a document, it is supposed to open the Form with the User's input view. When the User submits the document, only him/her should be able to open and possibly edit the the form. When the Immediate Supervisor opens the form, it should open in
  the Supervisors view and allow them to fill in only their section and not be able to edit or alter the user's data. When the Immediate Supervisor saves the document, the Over-all Supervisor should be able to open it in their view and not be able to edit or
  alter the sections filled out by the User and Immediate Supervisor.
  How would i go about completing this? I have the views created but now have the problem of associating these views with their respective users or groups.

  Hello,
  You need to first create user group in sharepoint site then add user in group according to their role. Later you need to call usergroup.asmx web service to get current logged-In user group name so you can switch view and also apply rule for editing or disabling
  controls in form.
  Follow this link to get group name:
  http://social.technet.microsoft.com/wiki/contents/articles/13271.sharepoint-2010-extracting-user-group-of-current-login-user-in-infopath-2010.aspx
  http://social.msdn.microsoft.com/Forums/en-US/018f5184-5c83-4a53-b66b-8c376fc800fc/how-to-get-current-users-sharepoint-group-name-sharepoint-2010-infopath-2010
  To apply rule on control:
  http://office.microsoft.com/en-in/infopath-help/add-rules-for-performing-other-actions-HA101783373.aspx
  Hope it could help
  Hemendra:Yesterday is just a memory,Tomorrow we may never see
  Please remember to mark the replies as answers if they help and unmark them if they provide no help

• Copy Users/Permissions/objects from a database to another database

  Can anyone help me how to copy users, permissions, stored procedures, views, functions and all other objects from one database to another database.
   I need a SQL Script to get this job done. I cannot use backup restore or SSIS Package.

  There's also a transfer sqlserver objects task available in SSIS
  http://www.mssqltips.com/sqlservertip/2064/transfer-database-task-and-transfer-sql-server-objects-task-in-ssis/
  Please Mark This As Answer if it helps to solve the issue Visakh ---------------------------- http://visakhm.blogspot.com/ https://www.facebook.com/VmBlogs

• How to force my Web part to run regardless of users permissions

  I have created the following custom permission , which will allow users to Create items without being able to view,edit them:-
  $spweb=Get-SPWeb -Identity "http://vstg01";
  $spRoleDefinition = New-Object Microsoft.SharePoint.SPRoleDefinition;
  $spRoleDefinition.Name = "Submit only";
  $spRoleDefinition.Description = "Can submit/add forms/files/items into library or list but cannot view/edit them.";
  $spRoleDefinition.BasePermissions = "AddListItems, ViewPages, ViewFormPages, Open";
  $spweb.RoleDefinitions.Add($spRoleDefinition);
  $spweb.Dispose();
  then inside my "Issue Tracking List" i stop inheriting permission from team site , and i define the following permission for all users:-
  now users can add items and they can not view them ,, which is perfect :).
  But now i wanted to add a custom web part to my Create form which will hide certain fields if the user is not within specific group ,the web part looks as follow:-
  protected override void OnInit(EventArgs e)
  base.OnInit(e);
  InitializeControl();
  using (SPSite site = new SPSite(SPContext.Current.Site.Url))
  using (SPWeb web = site.OpenWeb())
  web.AllowUnsafeUpdates = true;
  SPGroup group = web.Groups["Intranet Visitors"];
  bool isUser = web.IsCurrentUserMemberOfGroup(group.ID);
  if (!isUser)
  SPList myList = web.Lists.TryGetList("Issue List");
  SPField titleField = myList.Fields.GetField("Category");
  titleField.Hidden = true;
  titleField.ShowInEditForm = false;
  titleField.ShowInNewForm = false;
  titleField.ShowInDisplayForm = false;
  titleField.Update();
  myList.Update();
  // web.AllowUnsafeUpdates = false;
  else
  SPList myList = web.Lists.TryGetList("Issue List");
  SPField titleField = myList.Fields.GetField("Title");
  titleField.Hidden = false;
  titleField.Update();
  myList.Update();
  // //web.AllowUnsafeUpdates = false;
  web.AllowUnsafeUpdates = false;
  then i deploy the web part and i add it to the Create form. but after doing so user are not able to create items and they will get the following error:-
  Sorry this site has not been shared with you
  so can anyone advice how to force my web part to run , without checking the users permissions or with minimal permssions ?

  in this case, use the elevated privileges to read/add/edit items with elevated privileges with below code.
  but make sure the page which you add this web part have at least read access to all user.
  SPSecurity.RunWithElevatedPrivileges(delegate()
  using (SPSite site = new SPSite(web.Site.ID))
  // implementation details omitted
  More: http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.spsecurity.runwithelevatedprivileges.aspx
  Bistesh
  Ok after adding :-
  SPSecurity.RunWithElevatedPrivileges(delegate()
  users with the following permissions can create items:-
  "AddListItems, ViewPages, ViewFormPages, Open";
  and they can not edit/read them, which is great. but i am facing a caching problem , because if user is inside the "Intranet visitor" he will be able to see Category field as mentioned in my code, but if i remove him from the "Intranet Visitor"
  he still can see the field,, although in the web part i specify not to display the Category column if the user is not inside the "Intranet visitor " group... here is my current code:-
  protected override void OnInit(EventArgs e)
  base.OnInit(e);
  InitializeControl();
  SPSecurity.RunWithElevatedPrivileges(delegate()
  using (SPSite site = new SPSite(SPContext.Current.Site.Url))
  using (SPWeb web = site.OpenWeb())
  web.AllowUnsafeUpdates = true;
  SPGroup group = web.Groups["Intranet Visitor"];
  bool isUser = web.IsCurrentUserMemberOfGroup(group.ID);
  if (!isUser)
  SPList myList = web.Lists.TryGetList("Risk & Issue Management");
  SPField titleField = myList.Fields.GetField("Category");
  titleField.Hidden = true;
  titleField.ShowInEditForm = false;
  titleField.ShowInNewForm = false;
  titleField.ShowInDisplayForm = false;
  titleField.Update();
  myList.Update();
  // web.AllowUnsafeUpdates = false;
  else
  SPList myList = web.Lists.TryGetList("Risk & Issue Management");
  SPField titleField = myList.Fields.GetField("Category");
  titleField.Hidden = false;
  titleField.ShowInEditForm = true;
  titleField.ShowInNewForm = true;
  titleField.ShowInDisplayForm = true;
  titleField.Update();
  myList.Update();
  web.AllowUnsafeUpdates = false;
  so can you advice please ? is this a caching problem, or once the user add at-least single item he will be able to see all columns ?

• In Solaris8 how give to simple user permissions to execute shutdown

  In Solaris8 how give to simple user permissions to execute only shutdown (init 5)

  Just to save you wasting time:
  one approach to avoid in this case
  is 'setfacl' (set-file-access-control-list).
  If 'bob' is a normal user, then...
  # getfacl /usr/sbin/shutdown
  # file: /usr/sbin/shutdown
  # owner: root
  # group: sys
  user::rwx
  group::r-x #effective:r-x
  mask:r-x
  other:r-x
  # getfacl `which shutdown`
  # file: /usr/sbin/shutdown
  # owner: root
  # group: sys
  user::rwx
  user:bob:r-x #effective:r-x
  group::r-x #effective:r-x
  mask:r-x
  other:r-x
  ssh bob@0
  bob@0's password:
  $ who am i
  bob pts/2 Jan 31 16:30 (localhost)
  $ shutdown -i 2 -g 300
  /usr/sbin/shutdown: Only root can run /usr/sbin/shutdown

• How to add multiple users permissions to a calendar using powershell?

  I have an organization that was recently setup in Exchange Online and they have unique circumstances in that every user in the organization needs "reviewer"
  access to every other users calendars.  I cannot change the default permission since new users added after this should not be able to see these calendars details.  There are a few I will go back to run a Set command on to change an individual permission
  here and there for specific needs, but the main need is below.
  I have basic experience with powershell commands and have found how to manually add a single users permissions to a calendar using the command below:
  Add-MailboxFolderPermission -Identity alias:\calendar -user alias -AccessRights reviewer
  Since it's not realistic to run this command thousands of times changing the user aliases each time, I was hoping someone could help me build a command to run on a single mailbox's calendar that would add every current user in the organization with certain
  permissions such as "reviewer" or "availabilityonly".
  Thanks for the help!

  Hi,
  A possible solution is to do this via Security Groups.
  Add-MailboxFolderPermission -Identity [email protected]:\Calendar -User [email protected] -AccessRights Owner
  This way, you simply add users that require access to the CalendarOwnerAccessGroup
  You still have to run this on every mailbox that should have this feature, but that could be solved using powershell piping.
  http://technet.microsoft.com/en-us/library/ee176927.aspx
  /Anders Eide

• How to make users to select the date from calendar control my making the date field read only in date time control in external list in sharepoint 2010

  How to make users to select the date from calendar control only, by my making the date text field read only (don't want to let users type the date) in date time control in external list in sharepoint 2010. I am looking for a solution which can
  be done through sharepoint desginer / out of the box.
  thanks.

  Congratulate you got the solution by yourself. I am new to a
  WinForms calendar component, I feel so helpless on many problems even I'd read many tutorials. This question on the
  calendar date selection did me a great favor. Cheers.

• How to save users added to list using people picker to sharepoint Group

  Hi
              I have created List with some people picker columns and now when I save a list,the data is saved to list as well as the users in particular column will be added to particular sharepoint
  group. Is there any sharepoint out of box solution for this or I need to do it programmatically. Kindly provide me any procedures or solutions as you know.
    1) how to bind the particular sharepoint group to the particular column
    2) How to add users to the particular sharepoint group
  Thanks
  Razvi444

  Hi Razvi444,
  There is no out of the box way to achieve this.You need to write a custom event receiver ,inside event receiver
  event,  you
  can check column (people picker value) and add it to desired group if that user not exist already.
  Thanks

• How to add users from person or group field in a sharepoint list to sharepoint group

  Hi,
  How to add users(single or multiple) from person or group field in a sharepoint list to sharepoint group programmatically?
  Any suggestions would be appreciated.
  Thank you,
  AA.

  Hello,
  Use SPGroup.AddUser() method to add user in group. I have just written sample code in notepad so it is not tested:
  SPSecurity.RunWithElevatedPrivileges(delegate()
  using(SPSite Site = new SPSite(SPContext.Current.Site.Url))
  Using(SPWeb Web = Site.OpenWeb())
  SPList list = web.Lists["ListName"];
  SPQuery query=new SPQuery ();
  query.Query = "<Where><Eq><FieldRef Name='Title' /><Value Type='Text'>Test</Value></Eq></Where>";
  SPListItemCollection items = list.GetItems(query);
  if(items.Count > 0)
  foreach(SPListItem item in items)
  //Get USers from person or group column
  SPFieldUser userField = (SPFieldUser)item.Fields.GetField("Users");
  SPFieldUserValueCollection userFieldValueCollection = (SPFieldUserValueCollection)userField.GetFieldValue(item["Users"].ToString());
  SPGroup spGroup = spSite.RootWeb.Groups[groupName];//group name
  if (users.Count != 0)
  bool isUserInGroup = false;
  foreach (SPFieldUserValue user in users)
  foreach (SPUser item in spGroup.Users)
  string itemUserName = item.LoginName;
  string UserName = user.User.LoginName;
  if (itemUserName == UserName)
  isUserInGroup = true;
  break;
  if (!isUserInGroup)
  spGroup.AddUser(user.User);
  The above code will query list item and then get users from "Users" column. Now it will check whetehr user is already in group not, if not then add user in group.
  http://rajanijilla.blogspot.sg/2012/09/add-users-to-group-programmatically.html
  Hope it could help
  Hemendra:Yesterday is just a memory,Tomorrow we may never see
  Please remember to mark the replies as answers if they help and unmark them if they provide no help

• How to list all users present in Default Autheticator  in WebLogic Security Realm

  Hi All,
  I need to get a list of all the users in my Weblogic server--> security realm--> Default Authenticator
  There are more than 1000 users present in my security realm for different different Authentication Providers. So I can not get these details from WebLogic Admin Console.
  Can anyone please help me in getting this list of all users in Default Authenticator? Please let me know how can I get these details.
  My WebLogic version is 10.3.4.0
  Thanks in Advance!

  You can use JMX to list users
  http://weblogic-wonders.com/weblogic/2010/11/10/list-users-and-groups-in-weblogic-using-jmx/

• How do you give user permissions to access a terminal server?

  How do you give user permissions to access a terminal server?

  Refer : http://technet.microsoft.com/en-us/library/cc781509(v=ws.10).aspx
  Arnav Sharma | http://arnavsharma.net/ Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading
  the thread.

• How to create users in SAP BO (in cmc)

  Hi All,
  How to create users in SAP BO (in cmc) (pls step by step).
  Thanks in Adavance,
  Nitin

  Hi Erika
  I need your help
  "Account information not recognized.The secLDAP Security Plugin is not enabled.contact your system administrator for details."
  I am getting an error page when i am try to access BO reports from Flex UI.
  This BO reports should work in the same single sign on session with Flex UI as per the application developed.
  Note :The same users when login directly login to BO get access..

• Sunone Messaging Server 6.1--How to list all mail user's last login time

  hi,i want to know how to list all the mail user's last login time.
  There are more than 100000 mailbox accounts on our mail server,
  i want to know which account is not used for more than 2 or 3 years.
  thanks.

  http://wikis.sun.com/display/CommSuite/imsconnutil
  Somchai.