Access rights , privileges on XML DB

Similar Messages

• How do i change the access rights for every file in every sub-folder?

  I have an external drive that was shared between my PC and my iMac (running Snow Leopard 10.6.5).
  Some of the files created by my PC have the following access rights (privileges):
  Me: Custom
  staff: Custom
  everyone: Custom
  I want every file to have the following access rights (privileges):
  Me: Read & Write
  staff: Read & Write
  everyone: Read & Write
  I presume that I need to go into the terminal and run some command line program, but I have no idea what program or what options (or even where to look for such a program). Can someone tell me how to do this, so that every file in every sub-folder has the same access rights?

  Well, that's different. Most people do not install anything on their PC to read an HFS+ disk, so I assumed it was formatted for the PC. [See my above post|http://discussions.apple.com/thread.jspa?messageID=12843313#12843313].
  Note that it is the same as what you asked about, except with numbers instead of the letter equivalents.
  Posix permissions are for User;Group;Other (ugo) and each one can have read/write/execute permissions. Read = 4, Write = 2, and Execute = 1. So, for rwx you set 421=7.
  I try to make it safe by not typing in the file path. If you do what you posted, you will change the startup volume's permissions. The path to your external is /Volumes/ext hd mount point. If you start typing the path and accidentally hit return before finishing the full path, you could fubar something you didn't want to. So, I type the command, leave a space, and then drag the target to the Terminal window.
  You might also consider the GUI based permission changing program, [BatChmod|http://www.macchampion.com/arbysoft/BatchMod/Welcome.html].
  Message was edited by: Barney-15E

• Can not access CRM from outside the office network - Access denied You do not have sufficient access rights or privileges to perform this action.

  Hi,
  I can not access CRM from outside the office network - Access denied You do not have sufficient access rights or privileges to perform this action.  I can access CRM with same user id and password from our office inside the network.  I can get
  the page to give login details once I have login details I got below error. Please help me to solve this issue.  It was working before.
  Access denied You do not have sufficient access rights or privileges to perform this action. 
  Regards,
  Noushad
  [email protected]

  On Premise system Configured with AD FS server for claims-based authentication you need to update your host file with server url to access it from outside office network.
  Refer
  this on how to update host file.
  Regards, Saad

• You do not have sufficient access rights, pls help

  Hi folks,
  I'm getting the "You do not have sufficient access rights" error accessing the Identity System Console. The same admin account can access User/Group/Org Manager screen, however, for some reasons user and group searches return no results. This is the second OIS install against the same ldap dir (ovd to sun 6.3), so I had to specify Id server was not the first one to avoid profile conflict with oblix DBAgents. The admin user had been selected during prev install, and exists under o=Oblix in both cn=Web Masters and cn=Directory Administrators.
  I have LDAPMaxNoOfRetries set to the number of dir servers +1 in all globalparams.xml on OIS. I also can modify ldap dir via both ldapmodify and ldap browser binding to OVD as same user. Turning the TRACE on didn't showed any errors except for the following:
  DB_RUNTIME WARNING 0x00000504 ldap_config_db.cpp:187 "Exception during DB runtime code" function^LDAPConfigDB::Open() status^17
  DB_RUNTIME WARNING 0x00000504 ldap_config_db.cpp:355 "Exception during DB runtime code" function^LDAPConfigDB::ReadOblixDBConfig()status^17
  SCHEDULER_FRAMEWORK ERROR 0x00000501 ../obschedulerthread.cpp:316 "ObError exception caught" ObScheduledTaskLiaison::LoadTasks^ObWFScheduledTaskLiaison
  PPP INFO 0x000008C7 obeventcatalog.cpp:183
  Cannot find the action
  function^ObEventCatalog::GetActionEntry2Modify()
  actionName^front_page_admin_klogin_post
  APP_BASE WARNING 0x00000833 oblixbasecommon2.cpp:1235
  Login failed
  Error^You do not have sufficient access rights
  numLoginFailures^1
  There's nothing in the ldap logs either. The only warning I get per that user is in the ovd log:
  DoSManager: Found unbound connection from active ip addresses
  DoSManager: Found unbound connection from active users
  The Oracle Support is clueless, please help.
  Thank you, Roman

  Hi Vinod,
  Thanks for the post. OK, if I got it right, I have two entries under obcontainerId=DBAgents for each of my primary Id servers. For the one I currently use, I have this towards the bottom:
  obname=oblixConfig-OIS_mdi-oamlx-3
  obname=default-OIS_mdi-oamlx-3
  Both entries have obdbusedby set to OIS_mdi-oamlx-3 which is my OIS id. The obsearchbasestr is different: o=Oblix,o=paychex inc for the oblixConfig, and o=paychex inc,c=us for the default one. Is that's the way it should be?
  Thanks Roman
  P.S: I've noticed I get same error accessing My profile under User Manager.

• Oracle access manager: "You do not have sufficient access rights."

  Hi gurus,
  I'm doing self training on OAM, following an exercise I installed OAM and
  created a couple of Master Admins.
  Everything seams to work except the fact that this admins are not allowed
  to create users/orgs/groups and get the message "You do not have sufficient access rights".
  I may have missed something during the setup, however the question is: how can I recover this situation? How I can give more privileges to those admins?
  I tried to create a policy in directory server, without success.
  Please, help.
  Thank you very much.

  You will need to create a create user Workflow.
  Out of the box OAM does not know which attibutes to create for your user.
  Use the quickstart tool as follows
  http://download-west.oracle.com/docs/cd/B28196_01/idmanage.1014/b25343/workflow.htm#sthref961

• Access Rights Portal

  Is there anyway to get the access rights information of all pages in Portal and also a way to modify (add or remove) access to all pages (and not to go through each page).
  Thanks in advance
  Remy

  For doing that programatically, take a look at following link: http://portalstudio.oracle.com/pls/ops/docs/FOLDER/COMMUNITY/PDK/PLSQL/DOC/PLDOC_9026/wwsec_api.html
  To list few as under:
  - Function privilege_list returns an array containing all of the privileges currently granted on a specified object
  - Function grantee_list return a list of users who have been granted privileges on a specific object, given an object type and an object name.
  Try modifying the access to all pages using Global privs. Example below shows how to programmatically grant group MYGROUP with the global privilege to create page groups.
  wwsec_api.set_group_acl(
  p_group_id => wwsec_api.group_id('MYGROUP'),
  p_object_type_name => wwsec_api.ANYSITE_OBJ,
  p_name => wwsec_api.ALL_OBJECTS,
  p_privilege => wwsec_api.CREATE_PRIV
  And similarily, 'remove_group_acl' for removing the privileges.
  Hope above helps....

• Access Rights

  I need two different access rights to a same user. One when he signs on to the application using forms and another when he sign on using SQL*PLUS. Is there a way to do this??

  One way we do is that, when launching the forms application, it first logs on as a dumb user login/login, that only has the rights of executing some stored functions in a package that return the name & password of a user that has all the needed privileges. After the making the calls to those functions, the form has the name & password of the user that will be used to logon and perform what's needed.
  You may say that this way one may easily find-out the name & password of that "priviledged user". Still, those functions are not returning "in clear" the name & password, but they have to be combined in a way one would not easily guess. Moreover, the "login" user has no other priviledges except executing the respective package, no selects, no other things at all.
  null

• Repository Access Rights

  There are several right you can grant on a workarea
  -Administrate Grant, revoke or delete access rights on a repository
  object
  -Compile Refresh a workarea
  -Delete Delete an object (or perform force delete or purge if they have
  the necessary repository privileges)
  -Insert Create an object
  -Select Query an object
  -Update Modify an object
  -Update Spec Redefine a workarea
  -Version Check out/check in an object
  What Access Rights are usually applied to a developer in a shared
  workarea?
  null

  Hi,
  Typically, you would want to grant all of those except administrate and delete/purge. But it depends on your own team's security policies (for example, you might decide that developers are not allowed to alter the spec of a shared workarea so that other team members are not affected by changes).
  Brian

• BAM tab access rights

  Hi,
  I’m currently working on user access rights for tab groups in BAM.
  If the tabs within BAM each access different reports located in different directories, then by controlling the user access rights on those directories it is possible to control which tabs (ie. directories) the users will be able to view.
  However, in my design there is a single report with an input filter parameter. Each tab opens up the same report by applying a different input filter parameter. Instead of replicating the same report multiple times in separate directories for each of the 12 different input parameters, is there any way I can control access to the different tabs by different users?
  Any comments/suggestions would be greatly appreciated.
  Thanks in anticipation,
  Shiraz

  One way we do is that, when launching the forms application, it first logs on as a dumb user login/login, that only has the rights of executing some stored functions in a package that return the name & password of a user that has all the needed privileges. After the making the calls to those functions, the form has the name & password of the user that will be used to logon and perform what's needed.
  You may say that this way one may easily find-out the name & password of that "priviledged user". Still, those functions are not returning "in clear" the name & password, but they have to be combined in a way one would not easily guess. Moreover, the "login" user has no other priviledges except executing the respective package, no selects, no other things at all.
  null

• How do I fix an access rights error when launching Image Processor in Adobe Bridge CC?

  Often when I am working on files and want to batch process Jpegs for clients I get an error message from Image Processor.  It will state "I am unable to create a file in this folder.  Please check your access rights to this location ...."
  I have cleared cache and up'd my history levels.  I checked to make sure the files were not locked and read/write was enabled.  I am not sure why this error keeps occurring.  I am using Adobe Photoshop CC 2014 (2014.2.2 release) with Adobe Bridge CC (6.1.0.115)

  It's an endless circle.
  See if these instructions help: iTunes repeatedly prompts to authorize computer to play iTunes Store purchases

• How to access System properties in xml file

  hi,
  i want to read system properties in my xml file using ${} .
  I tried it but did not find any way.But when i use log4j if i set some variable in
  System properties that properties is read by the log4j.properties .
  I am writing a simple program that read a xml properties file file
  try {
              props   = new Properties();
              fis     = new FileInputStream(xmlFile);
              props.loadFromXML(fis);
  }before reading this file i set some properties and accessing this properties from that xml .but i cant.
  Thanks

  sabre150 wrote:
  fun_with_java wrote:
  can you give some example?Not really - I would have to write the code for you and I'm not getting paid for writing your code.Thanks for your kindness.
  I dont ask you to write the code.Need some help to start it .Actually i dont have knowledge that
  whether xml file automatically read it or i have prase the system property manually. Now i got the way to
  access system property in xml..
  Ok thanks again..
  Thanks & Regards

• How to define a new user in Enterprise manager with Specific access rights?

  Hi,
  I want to create a new user in OEMS 11g who should be able to access only the scheduler jobs section.
  How can this be acheived?

  You can create new administrators via the Setup --> Administrators page
  You can grant certain access rights to targets, you can not however grant priv to only access the job system
  Take a look at http://download.oracle.com/docs/cd/E11857_01/em.111/e14586/security3.htm#sthref235
  Regards
  Rob
  http://oemgc.wordpress.com

• OAM- "You do not have sufficient access rights" message with Master Admin

  Customer has configured the OAM system to have both the primary and the secondary side for failover purposes. The back end directory server on both systems are in sync. The primary side of the systems works well as far as this issue is concerned.
  On the secondary side, if you login with the MASTER administrator of the system and click 'Identity System Console' or click any of the configurations under the Configurations in the User Manager, you get the error message saying "You do not have sufficient access rights". However, if they navigate to the Access system on the same browser and access the "Access System Console", and then navigate back to the Identity system, the Master Administrative rights are granted and now have a full access to the system.
  We tried following things to resolve the issue, but could not resolve it:
  1) Tried deleting 'cookieencryptionkey' which is found under "obcontainerid=encryptionkey,o=oblix" and restarted both the Identity Servers.
  2) Confirmed that the OAM administrator is present in cn=Web Masters,o=Oblix,<> and cn=Directory Administrators,o=Oblix,<> from the LDAP.
  3) Under the apps=PSC node, checked the Advance Properties for the 'obuniquememberStr' attribute:
  - Master Web Resource Admins (cn=master web resource admins, obapp=PSC, o=oblix, ...)
  Made sure that the values for the 'obuniquememberStr' attribute has the correct value there.
  4) Reconfigured the Secondary Identity Server.
  None of the above really helped to resolve the issue.
  Could anybody please help here to get rid of this issue.
  -Amol

  Hi Vinod,
  Here is the customer's response to your above 2 questions:
  1. We have 4 Directory server profiles for Identity servers; one for user data and one for configuration data for each server.
  I have at least reduced them to two and used only the ones initially used by the primary identity server as our user and configuration data do not reside together. User data is consumed via OVD.
  However, this does not seem to have any effect on the current behavior.
  2. All components except for the access server are on 10.1.4.2 and the access server is on 10.1.4.1
  Also below are the errors from the oblogs:
  dentity Server log
  =============
  2008/03/19@10:04:16.508530 4332 262160 PPP INFO 0x000008C7 obeventcatalog.cpp:183 "Cannot find the action" function^ObEventCatalog::GetActionEntry2Modify() actionName^ENCRYPTION_cookieEncryptionKey
  Access Server Log
  =============
  2008/03/19@10:03:56.329959 13608 1687633 CONNECTIVITY DEBUG3 0x00000201 /usr/abuild/Oblix/1014lwhf/palantir/netlib/src/obmessagechannel.cpp:601 "Received " ipaddr^10.217.209.81 ipport^1853 seqno^12 opcode^1 opcodeStr^IsResrcOpProtected Message^ro=t%253d0%2520o%253d%2520no%253d%2520r%253d%2520nr%253d%2520wu%253d/identity/oblix/apps/admin/bin/frontpage_admin.cgi%2520wh%253d10.217.209.81%2520wo%253d1%2520wa%253d0%2520ws%253d st=ma%253d2%2520mi%253d2%2520sg%253d0%2520sm%253d version=3 pd=
  2008/03/19@10:03:56.340433 3099 802864 AUTHENTICATION DEBUG2 0x00000201 /usr/abuild/Oblix/1014lwhf/palantir/aaa_server/src/aaa_service_server.cpp:2779 "Authorization successful"
  Webgate Log
  ==========
  2008/03/19@10:04:05.661000 5796 4516 HTTP_REQ DEBUG3 0x00000201 \Oblix\coreid1014\palantir\webgate2\src\isprotected.cpp:185 "Resource is protected" ResourceOperation^GET ResourceType^http Resource^//10.217.209.81/identity/oblix/apps/admin/bin/front_page_admin.cgi authnSchemeName^Oracle Access and Identity Basic Over LDAP
  2008/03/19@10:04:14.661000 5796 4516 LDAP DEBUG3 0x00000201 \Oblix\coreid1014\np_common\db\ldap\util\ldap_util2.cpp:537 "MLK-Memory leak for LDAP error information. This will show up as memory leak in LDAP SDK calls." key^25
  2008/03/19@10:04:14.661000 5796 4516 LDAP DEBUG3 0x00000201 \Oblix\coreid1014\np_common\db\ldap\util\ldap_util2.cpp:537 "MLK-Memory leak for LDAP error information. This will show up as memory leak in LDAP SDK calls." key^25
  2008/03/19@10:05:54.552000 5796 5256 CONFIG DEBUG2 0x00000201 \Oblix\coreid1014\palantir\access_api\src\obconfig.cpp:865 "Client configuration not updated"
  2008/03/19@10:05:54.552000 5796 5256 CONFIG INFO 0x0000182D \Oblix\coreid1014\palantir\access_api\src\obconfig.cpp:866 "The Access Server has returned a fatal error with no detailed information." raw_code^302
  I checked the OVD logs but did not find any error in it. Customer also tried to unprotect the /identity and /access URLs but the issue persist.
  Also I do not feel this as a bug, because this environment was working quite for few months without any such issues, also there were no changes made on the OVD/AD configurations. However, the server that hosts the OVD/AD was shut down and when it was restarted, we started experiencing this issue.

• I can't sync my iPod classic with iTunes 10 anymore. A notice comes "You don't have the adequate access rights to make modifications." What happend?

  I can't sync my iPod classic with iTunes 10 anymore. A notice comes "You don't have the adequate access rights to make modifications." What happend?

  bump

• Access rights in case of a tree-like structure, with inheritance

  Hello,
  the project I've just started to work on should include an easy way (from the user's point of view) to grant/revoke access rights on a tree-like structure with inheritance.
  Basically we are working for several international companies who want to use our application to watch/manage some of their web projects - each project belongs to one company and consisting of several 'campaigns' in several countries (there can be several campaigns per country, but each campaign belongs to exactly one country).
  From our point of view this is a tree-like structure, with a 'root' node at the top level, 'companies' at the first level, 'countries' at the second level, 'campaigns' at the third level, and modules of our application (for example a module to display overall stats of the campaing, and so on) at the fourth level. There could be (and probably will be) some more levels, but that's not important at this point - it will always be a tree-like structure.
  The customer's reqirements are natural - the administrators should be able to grant/revoke access to 'subtrees' of this structure. For example the top managers should be able to see all the data related to their company, the local managers should be able to see all the data related to their company in the country they work in, etc. On the other hand the relular employees should not see some of the modules (with details about clients of the company).
  I wonder whether this can be solved using JAAS in an elegant and flexible manner - from the documents / whitepapers / tutorials I've seen till now it seems to me it seems to me not too suitable.
  All the data will be stored in relational database (Oracle, and in some cases PostgreSQL), and it would be nice to have the access rights stored in the same way (but it's not required). We have some ideas how to solve that using a single table containing paths in the tree, but at this point it's only an idea (not a single line of code written).
  We are sure somebody has already to solve such a problem - maybe using JAAS, maybe some other technology - and we don't want to reinvent a wheel. Do you have an idea how to solve this (using JAAS or something else)?

  Well, I forgot to explain what the 'inheritance' means ...
  We do not want to set the access right on each node of the tree - we prefer (as well as the users) to set/store only as much information as needed. We'd like the nodes to inherit the access rights from their parent nodes. For example we'd like granting access to particular project to mean granting access to all campaigns in all countries (related to the project), without the need to set and store these rights for each of the campaigns/countries.