Access Denied for User with Contribute Rights to a SP list

Similar Messages

• MySQL connection with OWB 11gR2 results in "access denied for user"

  Hello,
  I just try to establish a connection to a MySQL database with OWB 11gR2, but I always get the error "access denied for user...". I did the things written on [http://blogs.oracle.com/warehousebuilder/2010/01/owb_11gr2_mysql_open_connectivity.html] and I also used the platform configuration from this description. Newest JDBC driver was downloaded and I put the jar-file into the folder OWB_HOME/owb/lib/ext. The definition of the MySQL platform worked and the entry "MySQL" was created in OWB, but no connection can be established. I also tried other tools like MySQL Administrator in order to find out whether the problem is caused by network configuration or sth. like that, but with this tool the connection works.
  OWB is installed on OpenSuse 11.1 64bit. Does anyone know why this error occurs? Perhaps I missed some configuration tasks, which I don't know so far?
  I'm looking forward to your answers.
  Greetings
  Joerg

  Hi David,
  thank you for your reply. The corresponding user has already got this host setting. Anyway he got the wildcard '%' and with other tools I can connect.
  I solved the problem now due to just trying around with usernames. The error was quite funny: OWB changes the username always into upper case and MySQL cannot handle this username. The username must match 100% to be able to login.
  Now I just changed the user in MySQL and wrote the username in upper case. But in fact I would like to know if it is possible to avoid that OWB changes the username, with quotes it didn't work ;-)
  Greetings
  Joerg
  UPDATE:
  Now I'm facing another problem: the connection works, but I cannot import any metadata. When I click on "Browse" to select the correct schema in MySQL DB, no result is displayed. The user anyway has go the privileges to select data from this schema. I also tried to provide the user with every possible privileges for this schema, but I still cannot select any schema. When I write the schema manually and then try to import database objects iin OWB the error message "definitions of userdefined metadata interface are invalid" is displayed (translated from german, so the wording could be different). Does anybody have an idea what the problem could be?
  Edited by: Scantid on 15.01.2010 00:41

• BI Dashboard - access denied for user to path /users/administrator/_portal/

  Hi,
  While I am within OBI EE, I try to access My Dashboards and I get this error message:
  " access denied for user to path /users/administrator/_portal/dashboard layout.
  Error Details
  Error Codes: O9XNZMXB "
  I have looked in other forums and found a solutions which was to delete cookies and then restart the system whole. It didn´t work at first. After a while, the system would allow me to access My Dashboards but then....
  ....I wasn´t able to access the shared filters that are on the network, thus impeding my others dashboards to work.
  Does anybody know what the correct procedure for having this work is?
  Thanks in advance,
  Javier Rincon

  Hi...
  go to Catalog Manager.
  Open and navigate to particular folder (_portal in shared)
  right click that and go to permissions.
  In left pane are you able to see the presentation Administrator ??
  If then, check what kind of permission Administrator has (full control or not), if not.. add Administrator into this pane from right pane (In the right pane, You can see the user by Unchecking the check box present below show groups only check box.)
  you didn't tell with whom you logged in?
  If administrator then follow the steps i mentioned,
  else... same steps but instead of administrator check it for particular user.
  Thanks & Regards
  Kishore Guggilla

• [solved] mysql suddenly access denied for user root ..

  Hi folk,
  I am in total panic right now!
  As of an hour ago i suddenly got 'Error establishing a database connection' from all of my sites
  I then first tried to login through phpmyadmin but got #1045 Cannot log in to the MySQL server
  I then tried to login through the terminal but got ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
  I am not really sure where to find solutions because primarily this error is on new installs:
  I have tried the following :
  mysql_safe --skip-grant-tables
  [odp@odp ~]$ sudo mysqld_safe --skip-grant-tables &
  [4] 3181
  [odp@odp ~]$ 140115 19:43:50 mysqld_safe Logging to '/var/lib/mysql/odp.err'.
  140115 19:43:50 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
  140115 19:43:52 mysqld_safe mysqld from pid file /var/lib/mysql/odp.pid ended
  [4] Done sudo mysqld_safe --skip-grant-tables
  here is the odp.err
  140115 19:25:41 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
  140115 19:25:41 InnoDB: The InnoDB memory heap is disabled
  140115 19:25:41 InnoDB: Mutexes and rw_locks use GCC atomic builtins
  140115 19:25:41 InnoDB: Compressed tables use zlib 1.2.8
  140115 19:25:41 InnoDB: Using Linux native AIO
  140115 19:25:41 InnoDB: Initializing buffer pool, size = 128.0M
  140115 19:25:41 InnoDB: Completed initialization of buffer pool
  140115 19:25:41 InnoDB: highest supported file format is Barracuda.
  140115 19:25:41 InnoDB: Waiting for the background threads to start
  140115 19:25:42 Percona XtraDB (http://www.percona.com) 5.5.34-MariaDB-31.1 started; log sequence number 38562281
  140115 19:25:42 [Note] Plugin 'FEEDBACK' is disabled.
  140115 19:25:42 [ERROR] /usr/bin/mysqld: unknown option '--skip-grant-tables'
  140115 19:25:42 [ERROR] Aborting
  140115 19:25:42 InnoDB: Starting shutdown...
  140115 19:25:42 InnoDB: Shutdown completed; log sequence number 38562281
  140115 19:25:42 [Note] /usr/bin/mysqld: Shutdown complete
  140115 19:25:42 mysqld_safe mysqld from pid file /var/lib/mysql/odp.pid ended
  140115 19:35:48 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
  140115 19:35:48 InnoDB: The InnoDB memory heap is disabled
  140115 19:35:48 InnoDB: Mutexes and rw_locks use GCC atomic builtins
  140115 19:35:48 InnoDB: Compressed tables use zlib 1.2.8
  140115 19:35:48 InnoDB: Using Linux native AIO
  140115 19:35:48 InnoDB: Initializing buffer pool, size = 128.0M
  140115 19:35:48 InnoDB: Completed initialization of buffer pool
  InnoDB: Unable to lock ./ibdata1, error: 11
  InnoDB: Check that you do not already have another mysqld process
  InnoDB: using the same InnoDB data or log files.
  140115 19:35:48 InnoDB: Retrying to lock the first data file
  InnoDB: Unable to lock ./ibdata1, error: 11
  InnoDB: Check that you do not already have another mysqld process
  InnoDB: using the same InnoDB data or log files.
  140115 19:37:28 InnoDB: Unable to open the first data file
  InnoDB: Error in opening ./ibdata1
  140115 19:37:28 InnoDB: Operating system error number 11 in a file operation.
  InnoDB: Error number 11 means 'Resource temporarily unavailable'.
  InnoDB: Some operating system error numbers are described at
  InnoDB: http://dev.mysql.com/doc/refman/5.5/en/operating-system-error-codes.html
  140115 19:37:28 InnoDB: Could not open or create data files.
  140115 19:37:28 InnoDB: If you tried to add new data files, and it failed here,
  140115 19:37:28 InnoDB: you should now edit innodb_data_file_path in my.cnf back
  140115 19:37:28 InnoDB: to what it was, and remove the new ibdata files InnoDB created
  140115 19:37:28 InnoDB: in this failed attempt. InnoDB only wrote those files full of
  140115 19:37:28 InnoDB: zeros, but did not yet use them in any way. But be careful: do not
  140115 19:37:28 InnoDB: remove old data files which contain your precious data!
  140115 19:37:28 [ERROR] Plugin 'InnoDB' init function returned error.
  140115 19:37:28 [ERROR] Plugin 'InnoDB' registration as a STORAGE ENGINE failed.
  140115 19:37:28 [ERROR] mysqld: Can't lock aria control file '/var/lib/mysql/aria_log_control' for exclusive use, error: 11. Will retry for 30 seconds
  I have also tried the solution where you move the ibdata1 and copy it back with -a to no success.
  The result of mysqld_safe --skip-grant-tabels
  [odp@odp ~]$ mysqld_safe --skip-grant-tabels &
  [4] 3555
  [odp@odp ~]$ 140115 19:49:21 mysqld_safe Logging to '/var/lib/mysql/odp.err'.
  touch: cannot touch '/var/lib/mysql/odp.err': Permission denied
  chmod: cannot access '/var/lib/mysql/odp.err': Permission denied
  140115 19:49:21 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
  /usr/bin/mysqld_safe: line 138: /var/lib/mysql/odp.err: Permission denied
  rm: cannot remove '/var/lib/mysql/odp.pid': Permission denied
  /usr/bin/mysqld_safe: line 182: /var/lib/mysql/odp.err: Permission denied
  touch: cannot touch '/var/lib/mysql/odp.err': Permission denied
  chown: cannot access '/var/lib/mysql/odp.err': Permission denied
  chmod: cannot access '/var/lib/mysql/odp.err': Permission denied
  140115 19:49:21 mysqld_safe mysqld from pid file /var/lib/mysql/odp.pid ended
  /usr/bin/mysqld_safe: line 138: /var/lib/mysql/odp.err: Permission denied
  [4] Exit 1 mysqld_safe --skip-grant-tables
  any advice is greatly appreciated
  Last edited by odp (2014-01-15 19:46:39)

  OK super random, it works now.
  First off I too took and added skip-grant-tables to [mysqld] /etc/mysql/my.cnf
  restarted mysqld and finally had passwordless login. From within mysql i ran
  UPDATE mysql.user SET Password=PASSWORD('password') WHERE User='root';
  FLUSH PRIVILEGES;

• Error...java.sql.SQLException:Access denied for user

  Hi,
  I am getting the following error message while connecting with the MySQL .(O/S :Sun OS 5.6)
  Error.....java.sql.SQLException: Invalid authorization specification: Access denied for user: 'some_user&password@localhost' (Using password: NO)
  Note that i have given all permission to the user using,
  GRANT ALL PRIVILEGES .......................
  The code i have used to connect with the database is,
  import java.io.*;
  import java.sql.*;
  class test
  public static void main(String a[])
  try
  Connection con;
  Statement stmt;
  ResultSet rs;
  Class.forName("org.gjt.mm.mysql.Driver");
  con=DriverManager.getConnection(jdbc:mysql://localhost/db_name?user=some_user&password=some_pass");
  stmt=con.createStatement();
  //do something with resultset
  catch(Exception e)
  System.out.println("Exception in second try.."+e);
  plese guide me on this problem to solve.
  Thankz,
  Bala.

  Hi friends...
  I've read the last post...
  The problem that I have is as follow....
  1. I have installed on my machine MySQL 5.0 Server running
  1.1 I have a database called "base1"
  1.2 User "root", password "works"
  1.3 I have the following sentence to connect it using JDBC
  Connection con = DriverManager.getConnection("jdbc:mysql://localhost/base1", "root", "works");
  More notes:
  - I use the JDBC 5.0
  - My Machine is a Windows XP SP2 Pentium 3.0 512Mb
  and it connects����
  but I have this environment to develop applications, now that I want to connect to Production Environment happens the following:
  2 The Production database is mounted on a Linux Server with MySQL 3.2.
  2.1 I change the sentences as follow:
  Connection con = DriverManager.getConnection("jdbc:mysql://192.168.0.7/base1", "user", "password");
  2.3 But a message appears when I run the Java Program:
  java.sql.SQLException:Access denied for user: '[email protected]' (Using password: YES)
  2.4 As you can see it changes the IP Address...
  More notes:- I have the MySQL Query Browser and I got connection.
  - The IP that display the Error Message is my Second IP configurated on my Network Properties.
  - Server is a Pentium 4 3.0 GHz 2Gb Linux Red Hat 3.0
  I leave this case for the spider... I hope that somebady has the solution.
  What is the problem? Why the JDBC doesn't respect the IP that I wrote.

• : Could not create connection; - nested throwable: (java.sql.SQLException: Access denied for user 'adobe'@'localhost' (using password: YES))

  hi all can anyone help me i am geting Exception while starting LCES server
  : Could not create connection; - nested throwable: (java.sql.SQLException: Access denied for user 'adobe'@'localhost' (using password: YES))

  hi all can anyone help me i am geting Exception while starting LCES server
  : Could not create connection; - nested throwable: (java.sql.SQLException: Access denied for user 'adobe'@'localhost' (using password: YES))

• SP2010: Users with Contribute rights can Add but not edit items in Calendar View

  Hello,
  One of our users was recently trying to update a Calendar item in the Calendar view, but was unable to do so. Here are the facts of the case:
  - The members of the user's group have Contribute rights on the Calendar list, and on each of the specific Calendar items tested
  - I logged in as a member of the same group and am able to Add items in the calendar view, but when I click on an item title the Ribbon options (including Edit) are not available - whether I created the item or not
  - While logged in as a member of that group, I can edit calendar items using the Allitems view, using the dropdown menu and Edit Item (if I click on the item title, I get the item details without the Ribbon)
  - I created a new Calendar view ("Calendar2") but the problem was the same
  When logged in with admin rights, I get the Edit ribbon when I click on an item title from the Calendar view. Is there a way to do the same for non-admin users? Thanks. 

  Hi,
  According to your post, my understanding is that you were able to add items into a Calendar List, but you couldn’t edit some items of the Calendar List in Calendar View as a member of your group with Contribute rights. And if you edit the Calendar List’s
  items in the “All Events” view or log in with admin rights, you can edit these items.
  Therefore, I wonder if you use the “Calendar Overlays” to display some items of other Calendar Lists in the current Calendar List as John suggested.
  And if you don’t have permissions to edit items of other Calendar Lists, you can’t edit those items of other Calendar Lists in the current Calendar List in Calendar View.
  So, I recommend that you should check if using the “Calendar Overlays” to display some items of other Calendar Lists in the current Calendar List at first.
  If yes, you need to check if you have permissions to edit items of other Calendar Lists.
  For test, I suggest that you can create a new Calendar List and test to see how it works.
  Best Regards,
  Thanks
  Victoria Xia
  TechNet Community Support

• Install for users with limited rights.

  Is there a way to install Flash player so users with limited rights can perform updates?  I don't want to touch hundreds of machines each time a minor upgrade is released.  Security policies dictate that users cannot have local admin rights.

  Hi, not that I have heard of. If you can't update, then most likely you are under Group Policy and the IT Department would be in charge of that.
  If it is possible, then someone else would need to reply to you.
  Thanks,
  eidnolb

• Adobe acrobat 9 Pro Convert to PDF Access Denied for users

  I recently installed IE 9 on my computer (windows 7 ultimate 64 bit). From this moment on I cannot convert web page to pdf. I am getting " permission denied", code 0.
  Can anyone help me?

  Good day astryian,
  Acrobat 9's development was completed while IE8 was still in beta.  The PDFMaker Add-in from Acrobat 9 was never designed for use with IE9.  You may want to try printing to the Adobe PDF printer from IE9 instead.  If the results you receive contain either missing or garbled text, please refer to the following knowledgebase document: http://kb2.adobe.com/cps/896/cpsid_89623.html
  Thank you,
  David
  Adobe Technical Response Team

• File sharing only works for users with Admin rights

  Hi.
  I am trying to set up file sharing in Lion Server but am having problems getting all my users access to shared folders. So far, only users that are "allowed to administer this server" are seeing shared files, even though they seem to have "read/write" permissions.
  Can anybody tell me what I might be missing?
  Is being allowed to "administer" the server different than truly being an Admin?
  I want to allow users to read and write files, but not change any server settings.
  Any suggestions would be appreciated.
  Thanks!

  What permissions are you setting on the share?  My guess is you are only using user, group, and other (POSIX).  You need to add an ACL to the list and then set read/write or full control.

• OBIEE access denied for some users only

  Hi All,
  we are using OBIEE 10.1.3.4 version on windows envorinment .The users can access the OBIEE reports using 'PORTALPATH' session varible in RPD.For some of the users are got "access denied" while they are accessing for thir particular dashboard.Eariler these user got access this dashboard with out any errors.We dnt changed in our system anything from last three months.
  We have no idea why we are getting these error for particular users only.Its Prod issue we need to reslove these error ASAP.
  we are getting these error"acess denied for user to path/shared/shared/_test/testdashboard
  Error Codes:09XNZMXB"
  but last one year its working without any issues .From our side we dnt did any changes in production like RPD level,Catalog level and config file changes , we have no idea why suddenly we are getting these kind of error for some users only not for all users.
  Could u please advice me how to reslove this PROD issueASAP.
  Thanks,

  Well its Prod (you have a dashboard called testdashboard in Prod?) anyway - someone might have changed the presentation catalogue permissions on the dashboard. All it takes is for someone to remove 'Everyone' or change a Group permission and it could effect.
  If they changed the Parent folder and cascaded the changes down this might cause this issue.
  You have a folder called 'Shared' - check the groups that the people are in have 'Traverse' , 'Read' or higher. Also chek dashboard permissions themselves from Settings-Manage Interactive Dashboards - Check the Padlock icon.
  Are you users getting allocated into the correct WEBGROUPS ? Is this assisngment done explicitly in the webcat or via an RPD Variable ? Have you checked NQQueryl.log to make sure any init blocks are completing successfully?
  Either persmissions have changed or group memebership is not completing.
  Good luck
  Alastair

• Access denied for all (most?) users in all site collections of web app

  Hi,
  I have a Sharepoint 2010 farm pre-SP1 (yes should be updated!) and for all site collections of a web app, all users are getting access denied.
  Now in my title I said "most?" because I have found one user in another office who does not have this issue. This web app/site collections also do not go through f5 or any proxies.
  Even if I add myself as a site collection admin via central admin, I get the same result. I've looked at everything, windows time on the server (not using kerberos), errors in event log (nothing), uls logs just say access denied (very helpful!), etc...
  I can try what's suggested at http://social.technet.microsoft.com/Forums/en-US/e66f1b09-605d-4546-a581-2a9283c238c0/access-denied-for-all-users-and-for-site-collections-owner?forum=sharepointgeneralprevious but when asking colleagues, there's been no
  changes, let alone with those accounts? I can do a get on the property tomorrow to find if there is a value set first, however.
  Any suggestions on this?

  Hi,
  Please try logging in the site with farm account.
  If it works, please make sure you have superuser and superreader accounts in CA > Application management > web application policy. If not, please add both accounts with the powershell script in the article below, this can cause all users denied when
  access the site:
  http://technet.microsoft.com/en-us/library/ff758656.aspx
  Here is a similar thread:
  http://social.technet.microsoft.com/Forums/sharepoint/en-US/a49b1ab8-273f-41e4-a0b8-be0e31c6733b/all-users-including-site-collection-admins-receiving-access-denied-from-one-site-collection?forum=sharepointadminprevious
  Regards,
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected] .
  Rebecca Tu
  TechNet Community Support

• Can a user with Contribute privileges invoke SPFolder.SubFolders.Add(folder) Sharepoint 2010 API in a Webservice?

  We have a Webservice deployed on a Sharepoint 2010 deployment with a method as follows:
  public static string ensureParentFolder(SPWeb parentSite, string destinationUrl)
  destinationUrl = parentSite.GetFile(destinationUrl).Url;
  int index = destinationUrl.LastIndexOf("/");
  string parentFolderUrl = string.Empty;
  if (index > -1)
  parentFolderUrl = destinationUrl.Substring(0, index);
  SPFolder parentFolder
  = parentSite.GetFolder(parentFolderUrl);
  if (!parentFolder.Exists)
  SPFolder currentFolder = parentSite.RootFolder;
  foreach (string folder in parentFolderUrl.Split('/'))
  try
  currentFolder = currentFolder.SubFolders.Add(folder);
  catch (Exception ex)
  FINEOSLogger.Medium(LoggerCategory.FINEOSToSharePointDMS, "User could not create SP folder so elevating permissions");
  SPSecurity.RunWithElevatedPrivileges(delegate()
  currentFolder = currentFolder.SubFolders.Add(folder);
  return parentFolderUrl;
  When invoked by a User with only Contribute rights the SubFolders.Add( ) call appears to fail and the
  SPSecurity.RunWithElevatedPrivileges
  code is invoked, which also fails.
  1. So the first question is should you be able to invoke SubFolders.Add() with only Contribute?  It works with Design privileges for the Customer.  You can add folders on the Sharepoint website as a Contribute user so why not on the API. 
  Customer raising this as a security concern.
  2. Also why would the
  SPSecurity.RunWithElevatedPrivileges
  part fail, is the syntax incorrect for Sharepoint 2010?  We migrated this code from Sharepoint 2007 project.
  The error I get when I try run the code as a Contribute user is
  com.fineos.ta.dms.external.DMSException: The exception [A SharePoint error occured "An Error occured in SharePoint". For user "FINEOS\bryces" uploading the file "Ru Ext_1501.txt", with title "Ru Ext_1501.txt", to the SharePoint Library "FINEOSDocumentLibrary/2015/02/23/13/18".] was caused by the exception [A SharePoint error occured "An Error occured in SharePoint". For user "FINEOS\bryces" uploading the file "Ru Ext_1501.txt", with title "Ru Ext_1501.txt", to the SharePoint Library "FINEOSDocumentLibrary/2015/02/23/13/18".]., Ta Exception info,Exception Class=class com.fineos.ta.dms.external.DMSException,Root cause ID=10,Root cause host=IEL163,Localized message=A SharePoint error occured "An Error occured in SharePoint". For user "FINEOS\bryces" uploading the file "Ru Ext_1501.txt", with title "Ru Ext_1501.txt", to the SharePoint Library "FINEOSDocumentLibrary/2015/02/23/13/18"
  at com.fineos.integration.dms.internal.thirdparty.GenericDMS.add(GenericDMS.java:149)
  at com.fineos.frontoffice.documentmanager.DocumentManager.saveToThirdPartyDMS(DocumentManager.java:280)
  at com.fineos.frontoffice.documentmanager.fileupload.UploadDocumentWidget.save(UploadDocumentWidget.java:401)
  at org.apache.jsp.sharedpages.documentmanager.fileupload.uploaddocumentpage_jsp._jspService(uploaddocumentpage_jsp.java:77)
  Caused by: com.fineos.integration.dms.external.services.SharePointDmsException: A SharePoint error occured "An Error occured in SharePoint". For user "FINEOS\bryces" uploading the file "Ru Ext_1501.txt", with title "Ru Ext_1501.txt", to the SharePoint Library "FINEOSDocumentLibrary/2015/02/23/13/18".
  at com.fineos.integration.dms.external.services.GenericDMSClient.uploadDocument(GenericDMSClient.java:139)
  at com.fineos.integration.dms.internal.thirdparty.GenericDMS.add(GenericDMS.java:132)
  ... 88 more
  Caused by: org.apache.axis2.AxisFault: Error_occured_sharepoint [Message Details = An Exception occurred in SharePoint; System.UnauthorizedAccessException: <nativehr>0x80070005</nativehr><nativestack></nativestack>Access denied.
  at Microsoft.SharePoint.Library.SPRequest.AddOrDeleteUrl(String bstrUrl, String bstrDirName, Boolean bAdd, UInt32 dwDeleteOp, Int32 iUserId, Guid& pgDeleteTransactionId)
  at Microsoft.SharePoint.SPFolderCollection.AddInternal(String strUrl, Int32 userId)
  at FINEOSIntegration.FINEOSToSharePointDMS.SharePointDMSUtilities.<>c__DisplayClass9.<ensureParentFolder>b__5()
  at Microsoft.SharePoint.SPSecurity.<>c__DisplayClass4.<RunWithElevatedPrivileges>b__2()
  at Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated secureCode)
  at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(WaitCallback secureCode, Object param)
  at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(CodeToRunElevated secureCode)
  at FINEOSIntegration.FINEOSToSharePointDMS.SharePointDMSUtilities.ensureParentFolder(SPWeb parentSite, String destinationUrl)
  at FINEOSIntegration.FINEOSToSharePointDMS.FINEOSToSharePointDMS.uploadDocument(String UserName, String FolderPath, String Filename, Byte[] File, DocumentProperties DocumentProperties, Boolean NotifyFINEOS, Boolean NotifyFINEOSSpecified, Boolean OverwriteIfExists, Boolean OverwriteIfExistsSpecified, String& DMSDocType)]
  at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:512)
  at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:370)
  at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416)
  at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
  at org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
  at com.fineos.frontoffice.thirdpartydms.operationtypes.ThirdPartyDmsServicesStub.uploadDocument(ThirdPartyDmsServicesStub.java:761)
  at com.fineos.integration.dms.external.services.GenericDMSClient.uploadDocument(GenericDMSClient.java:119)
  ... 89 more
  Note that the user SPWeb being passed into the method is from an impersonated user, don't know if that matters.
  So the webservice payload contains the id of the user who wants to do the Sharepoint work while the webservice is invoked by anonymous or some other service user.  We then impersonate the user specified in the webservice payload like follows and use
  that web SPWeb from then on in the webservice methods:
  userToImpersonate = currentWeb.AllUsers[user];
  site = new SPSite(fileUrl, userToImpersonate.UserToken);
  web = site.OpenWeb();
  Any help appreciated.
  Thanks,
  Ruairi.

  Ideally, a user with Contribute permissions should be able to add folders. Not sure what is the issue there. But I can see that SPSecurity.RunWithElevatedPrivileges is not written properly. You must create a new SPSite object inside the delegate
  because SPSite objects created outside do not have Full Control even when referenced inside the delegate. Use the using keyword to ensure that the object is disposed in the delegate. Example:
  SPSecurity.RunWithElevatedPrivileges(delegate()
  using (SPSite site = new SPSite(web.Site.ID))
  // implementation details omitted
  });See this for more information about SPSecurity.RunWithElevatedPrivilegeshttps://msdn.microsoft.com/en-us/library/microsoft.sharepoint.spsecurity.runwithelevatedprivileges%28v=office.12%29.aspx?f=255&MSPPError=-2147217396
  Blog | SharePoint Learnings CodePlex Tools |
  Export Version History To Excel |
  Autocomplete Lookup Field

• Same user with administrative rights on all the servers in single domain versus domainadmin as a part of administrator group in all the servers

  same user with administrative rights on all the servers in single domain user as a part of administrator group in all the servers:
  same user is configured as administrator on all the servers in one domain at windows 2003 server. Should this user be made part of domain admin and then this can be set up in the group of administrator for all the servers.
  How this is technically different?
  If same user is set up as an administrator on all the servers in domain, will it have the same access on all the files as a domain admin user?
  dhomya

  If the account is not admin on the domaincontrollers and the account is not member of domain admins or any other privileged AD group, the account has only user privileges on AD and thus cannot perform actions like creating and managing  accounts,
  groups, OUs,policies, sites, ...in other words cannot potentially ruin Active Directory.
  I think that is a pretty big difference.
  In fact, it is bad practice to perform you daily server management with an AD privileged account.
  In regards of file access. The domain administrator will be just an admin, and thus has the privilies assigned to the local admin group, just as any other admin. But if it are different accounts they might be member of different groups assigning different
  privileges. Always be carefull when assuming resulting privileges will be the same.
  MCP/MCSA/MCTS/MCITP

• Additional User with admin rights

  Hi all,
  i checked the documentation but i could not found a possibility to create an additional user with admin rights to access the Vibe Management Console.
  Does anybody know if this is possible and how to do this?
  Thanks in advance
  Alex

  Hi Willem,
  thank you for the great post. It did the job very well.
  Alex
  >>> <[email protected]> schrieb am 1.8.2013 um 07:46 AM:
  > arlorenz;2275156 Wrote:
  >> Hi all,
  >>
  >> i checked the documentation but i could not found a possibility to
  >> create an additional user with admin rights to access the Vibe
  >> Management Console.
  >> Does anybody know if this is possible and how to do this?
  >>
  >> Thanks in advance
  >>
  >> Alex
  >
  > Hey Alex,
  >
  > Yes, that's possible. It's somewhat a twofold/threefold process, as
  > you have to give an accounts right to administer the zone, and then also
  > have to give that account rights to the personal workspace root (to be
  > able create/delete user accounts) and any workspaces that need to be
  > administered.
  >
  > I always create an vibe-admins group (local group) that gets the rights
  > to the zone and workspace roots. Then add the needed users to that
  > group.
  >
  > Access for the zone can be set within the administration console:
  > https://www.novell.com/documentation...ata/bk4saug.ht
  > ml
  >
  > Then add the needed rights on the workspace roots, Global, personal &
  > team workspaces.
  >
  >
  > !Do note that admin is the only user that is not allowed to get
  > blocked. Other admin users can be filtered out via ACL's.
  >
  >
  > Cheers,
  > Willem