Add user to permissions through terminal

Similar Messages

• Add users to OpenDirectory through web interface??

  Is there any way to implement a solution where people can create an account on my OpenDirectory server through a web interface instead of having to go through the OS X Server application?

  Not an answer, but maybe some pointers to how this'd probably work when you write your own...  Haven't seen such a tool and don't see one posted anywhere, but wrapping a CGI script around the command line user creation tools shouldn't be that difficult, likely starting from this Apple user-creation script, and invoked via CGI. 
  Probably the most challenging part of all of this work will be getting su_exec installed, configured and working within OS X Server, or you'll have to figure out how to communicate between the web form and something with administrative access to the directory server; of getting the Open Directory access necessary for the user creation.
  I've built an application allowing users to anonymously request a login (for another platform, not web based and not tied to Open Directory), and it can be a decent-sized development project by the time you add in error checking, logging, the inevitable forgotten-password-reset support, and related features.

• Repair user folder Permissions using terminal

  Disk utility won't repair ownership & permmisions in the root user folder. I did a transfer of apps from my old Tibook and something went wrong. Some of my folders list "Owner" as unkown etc. I had this issue a few years back when restoring from a cloned drive, and someone on this forum suggested a Terminal command to reset my user folder back to defaults with the proper ownership and that worked! Unfortunately I can't remember the command line ("sudo chown...something like that). Changing permissions on each folder and file using the "get info" command is too tedious. Thanks for any help.
  MBP 17in 2.33ghz Mac OS X (10.4.8)
  TiBook 667 Mac OS X (10.3.7)
  TiBook 667   Mac OS X (10.3.7)  

  Since the cursor advanced to the next line after entering each command, and no error message was returned, it sounds like the commands worked.
  The Get Info panel is sometimes slow to reflect permissions changes. Try control-option-clicking Finder's Dock icon and select Relaunch. See if that kick-starts the Get Info permissions report.
  You can verify that everything changed correctly by typing this into a Terminal window:
  ls -laR ~ > ~/Desktop/list.txt
  That will create a file on your desktop called list.txt. Open it with TextEdit. It will list every file and folder in your home directory. If your username is listed as the owner of everything then it worked correctly.

• Calendar Server - Unable to add users

  When I try to add users to a node I get an error message like:
  Working please wait...
  unidsattach failed, see /users/unison/log/unidsattach.log, Error Code =
  0x13205
  Add user [uid=ttesting,o=Airius.com] to node: failed
  Add user(s) to node completed.
  <P>
  This means that the Calendar Server is unable to communicate
  properly with the Directory Server. There are some Calendar-specific
  entries and an ACI that are added to the Directory Server when a node is
  created. These are critical to the proper functioning of the Calendar
  Server. This error may mean that they are missing.
  <P>
  You can also check the access log file of the Directory server to see what
  the problem may be. If you see entries like:
  [27/Jan/1999:07:39:47 -0500] conn=1 op=2 SRCH base="o=Airius.com" scope=2 filter="(nsc
  alxitemid=15000:00001)"
  [27/Jan/1999:07:39:47 -0500] conn=1 op=2 RESULT err=0 tag=101 nentries=0
  This indicates that 0 entries were returned for the search on the SYSOP
  Calendar user.
  <P>
  If you have recently imported data into your Directory Server, it is likely
  that these entries no longer exist. An import to a Directory Server does
  not append data; it replaces the current directory with the data in the
  LDIF file being loaded. You will need to recreate this Calendar information.
  Export your directory to an LDIF file and review the output to see if these
  entries exist.
  <P>
  Here is a boilerplate that may be useful if you don't have a backup copy
  of the original LDIF. Try replacing the baseDN (o=Airius.com) and the node
  id (15000) to match your Calendar configuration. The password is "password".
  The following is for illustration purposes and may not fix all problems:
  aci: (target ="ldap:///o=Airius.com")(targetattr = "*")(version 3.0
  ; acl "Untitled"; allow (write, add , delete ) groupdn = "ldap:///cn=Cal-A
  dministrators-15000, o=Airius.com" ;)
  dn: cn=Cal-Administrators-15000, o=Airius.com
  cn: Cal-Administrators-15000
  objectclass: top
  objectclass: groupofuniquenames
  uniquemember: nsCalXItemId=15000:00001, o=Airius.com
  uniquemember: nsCalXItemId=15000:00002, o=Airius.com
  uniquemember: nsCalXItemId=15000:00003, o=Airius.com
  uniquemember: nsCalXItemId=15000:00004, o=Airius.com
  uniquemember: nsCalXItemId=15000:00005, o=Airius.com
  uniquemember: nsCalXItemId=15000:00006, o=Airius.com
  creatorsname: uid=admin,o=Airius.com
  modifiersname: uid=admin,o=Airius.com
  createtimestamp: 19980501140113Z
  modifytimestamp: 19980501140113Z
  dn: nsCalXItemId=15000:00001, o=Airius.com
  objectclass: top
  objectclass: nsCalAdmin
  nscalxitemid: 15000:00001
  sn: SYSOP
  userpassword: {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=
  creatorsname: uid=admin,o=Airius.com
  modifiersname: uid=admin,o=Airius.com
  createtimestamp: 19980501140114Z
  modifytimestamp: 19980501140114Z
  dn: nsCalXItemId=15000:00002, o=Airius.com
  objectclass: top
  objectclass: nsCalAdmin
  nscalxitemid: 15000:00002
  sn: CWSOP
  userpassword: {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=
  creatorsname: uid=admin,o=Airius.com
  modifiersname: uid=admin,o=Airius.com
  createtimestamp: 19980501140114Z
  modifytimestamp: 19980501140114Z
  dn: nsCalXItemId=15000:00003, o=Airius.com
  objectclass: top
  objectclass: nsCalAdmin
  nscalxitemid: 15000:00003
  sn: STREAMOP
  userpassword: {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=
  creatorsname: uid=admin,o=Airius.com
  modifiersname: uid=admin,o=Airius.com
  createtimestamp: 19980501140114Z
  modifytimestamp: 19980501140114Z
  dn: nsCalXItemId=15000:00004, o=Airius.com
  objectclass: top
  objectclass: nsCalAdmin
  nscalxitemid: 15000:00004
  sn: FOREIGN
  userpassword: {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=
  creatorsname: uid=admin,o=Airius.com
  modifiersname: uid=admin,o=Airius.com
  createtimestamp: 19980501140114Z
  modifytimestamp: 19980501140114Z
  dn: nsCalXItemId=15000:00005, o=Airius.com
  objectclass: top
  objectclass: nsCalAdmin
  nscalxitemid: 15000:00005
  sn: SYNCH
  userpassword: {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=
  creatorsname: uid=admin,o=Airius.com
  modifiersname: uid=admin,o=Airius.com
  createtimestamp: 19980501140114Z
  modifytimestamp: 19980501140114Z
  dn: nsCalXItemId=15000:00006, o=Airius.com
  objectclass: top
  objectclass: nsCalAdmin
  nscalxitemid: 15000:00006
  sn: HOLIDAYOP
  userpassword: {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=
  creatorsname: uid=admin,o=Airius.com
  modifiersname: uid=admin,o=Airius.com
  createtimestamp: 19980501140114Z
  modifytimestamp: 19980501140114Z

  Probably in the next couple of weeks, we are releasing beta-2.
  Kumar
  Jim Clark wrote:
  >
  thanks, how often is there a beta refresh?
  Jim
  "Kumar Allamraju" <[email protected]> wrote in message
  news:[email protected]..
  Jim,
  I do not see this problem in the latest source line.
  Probably I'm running a WLS server that is slightly newer than the beta,
  so maybe
  some things might have been fixed.
  Kumar
  Jim Clark wrote:
  I was able to add users and groups through the "console" app, but I was
  unable to add users to the groups. After I added a user "jim" and a
  group
  "clark", I tried adding "jim" to the "clark". It just said "Addeduser...",
  and this, "Members: (none)".
  Jim

• SharePoint Online switching to mobile view when attempting to add user permissions

  Hello,
  I am having a very weird problem that just started out of no where. It happens when I go to the Site Settings of my site collection and click on Site Permissions. When I click Grant Permissions to try to add users, the browser will immediately switch to
  the mobile view.
  I am able to switch back to the regular browser view, then when I click Grant Permissions, the box to select the user opens. I then choose the user and click Share. After clicking Share, the popup immediately goes to the mobile view. When I exit that the
  users were never granted permissions.
  This only happens so far when I am trying to add permissions. Is there something that I could have messed up?
  What is happening and how can I fix this? I am out of ideas and unable to add permissions for users. I do not want to have to blow this site collection away.
  Thanks.

  Hi Andy,
  According to your description, my understanding is that the page would switch to mobile view when attempting to add user permissions in SharePoint Online.
  I recommend to verify the things below:
  Clear the caches in browser to see if the issue still occurs.
  Test the same scenario in another computer to see if the issue still occurs.
  Append mobile=0 to the URLs in SharePoint Online.
  In the meanwhile, you can post your question to the forum for SharePoint Online: http://social.technet.microsoft.com/Forums/msonline/en-US/home?forum=onlineservicessharepoint.
  More experts will assist you, then you will get more information relation to SharePoint Online.
  Best regards.
  Thanks
  Victoria Xia
  TechNet Community Support

• Error: "LDAP Synch status is enabled. Cannot add users through BAT."

  In 10.x it looks like Cisco has disallowed user imports (via BAT) into LDAP-integrated systems.  Has anyone else run into this?  Below is the error I'm receiving in the Job Status log file.  The error implies that "it's a feature, not a bug".  How are large companies supposed to import new phones/users when they open new branches or do a phone refresh?  Breaking LDAP to do the import isn't a option because you have to blow away your LDAP directory config to do so - not to mention people wouldn't be able to log into Jabber or their user pages while it was broken.  I'm hoping someone has a workaround or has already spoken with TAC about this.   
  Failure Details :
  Device Name/User ID Error Code Error Description
  LDAP Synch status is enabled. Cannot add users through BAT.
  Result Summary :
  INSERT for 0 PHONES passed.
  INSERT for 5 PHONES failed.
  INSERT for 0 USERS passed.
  INSERT for 5 USERS failed.

  So if a company has a large CUCM deployment and adds another branch (let's say 100 phones/users), I would have to go user by user and do the phone associations, profile associations, primary extensions, etc 100 times? 
  Is there a better way that I'm missing?  That just doesn't seem logical.  In previous versions (I'm not sure about 6.x in the link.  I started with 7.x) I could have sworn that I could import from BAT even if LDAP was integrated.  I would get an error and only the non-LDAP fields would get changed, but the changes, associations, etc. would still go through.

• C# Code that can add user directly to the AD through custom share Point form

  Hi
  Here is my requirement. Can anyone resolve??? 
  Trying to build a Visual web Part in which system administrator can add user directly to the AD through custom share Point form.
  Please help in doing this...

  Hi
  Use DirectoryEntries.Add Method
  https://msdn.microsoft.com/en-us/library/system.directoryservices.directoryentries.add.aspx
  Or
  www.codeproject.com/Articles/18102/Howto-Almost-Everything-In-Active-Directory-via-C
  Or.
  www.morgantechspace.com/2013/10/create-new-active-directory-user-in-c.html?m=1
  Regards, Rajendra Singh If a post answers your question, please click Mark As Answer on that ost and Vote as Helpful http://sharepointundefind.wordpress.com/

• Fix another users settings through Terminal

  I screwed up.
  I was trying to increase the max scrolling speed through Terminal (and didn't fully understand the command...).
  i typed:
       defaults write -g com.apple.scrollwheel.scaling -5
  and should have used
       defaults write -g com.apple.scrollwheel.scaling -float <float>
      ...I think.
  Logged out. Now I can't use that account. When it loads I get the "must restart" screen.
  Can I fix this screw up from another user account in Terminal? Or any other way?
  Power Mac G5 Quad, 10.5.8

  Fixed. Deleted the globalpreference.plist for that user.

• How to add User Permissions to form created in InfoPath 2010 created for SharePoint document Library

  Hi,
  I created a form in InfoPath 2010 with three views (one for user input, the other two views to be used by supervisors) and published this to a SharePoint 2010 document library. Now the way this form is supposed to work is that when a User goes to the document
  library and adds a document, it is supposed to open the Form with the User's input view. When the User submits the document, only him/her should be able to open and possibly edit the the form. When the Immediate Supervisor opens the form, it should open in
  the Supervisors view and allow them to fill in only their section and not be able to edit or alter the user's data. When the Immediate Supervisor saves the document, the Over-all Supervisor should be able to open it in their view and not be able to edit or
  alter the sections filled out by the User and Immediate Supervisor.
  How would i go about completing this? I have the views created but now have the problem of associating these views with their respective users or groups.

  Hello,
  You need to first create user group in sharepoint site then add user in group according to their role. Later you need to call usergroup.asmx web service to get current logged-In user group name so you can switch view and also apply rule for editing or disabling
  controls in form.
  Follow this link to get group name:
  http://social.technet.microsoft.com/wiki/contents/articles/13271.sharepoint-2010-extracting-user-group-of-current-login-user-in-infopath-2010.aspx
  http://social.msdn.microsoft.com/Forums/en-US/018f5184-5c83-4a53-b66b-8c376fc800fc/how-to-get-current-users-sharepoint-group-name-sharepoint-2010-infopath-2010
  To apply rule on control:
  http://office.microsoft.com/en-in/infopath-help/add-rules-for-performing-other-actions-HA101783373.aspx
  Hope it could help
  Hemendra:Yesterday is just a memory,Tomorrow we may never see
  Please remember to mark the replies as answers if they help and unmark them if they provide no help

• Change user rights ONLY with terminal

  Hi!
  I've got some problems with adding users on a specific folder using the "information" window. It is the iPhoto Library folder. I give 2 users "RW" permissions on the folder, but only one is able to see the iPhoto Library. Just so you know : I did it on my computer, and it worked.
  Here's what I'd like to do, and ONLY WITH THE TERMINAL :
  1°) delete all users access except for one account ("GG" for instance) on the "iPhoto Library" and all its containing files and folders
  2°) give the 2 accounts all rights on the folder and all its containing files and folders.
  For the second part, I found this :
  sudo chmod +a "UserName allow delete,chown,list,search,add_file,\
  addsubdirectory,delete_child,file_inherit,directoryinherit" \
  /Users/Shared/iPhoto\ Library
  Does it work well?
  Thanks.

  Hello,
  All what I read in this thread is bizarre (no offense here).
  a/ If you want to block access to files within a folder to a specific Unix user, you don't have to recursively alter the permissions of all files within the folder. Just block the "execution" permission of the top folder and noone will be able to look into it. It's a 0740 permission
  drwxr-----
  Currently, iPhoto Library folder is 0755 (drwxr-xr-x)
  b/ What is your "requirement" first? You're talking us about a problem you have with your "proposed solution", but at first, we're not sure this is the best solution to address our problem !!!
  What I understand is that you want to restrict access of someone to some iPhoto Library. Well ! That doesn't tell us much of the background situation.
  You're telling us you want to add 2 users the permission to view this iPhoto Library folder.
  Well, tell us first:
  - Where is located that iPhoto Library folder
  - How many users exists on your system already
  - Why 2 users and not 3. This specific requirement requires more details given to us.
  Globally, the Unix permission scheme considers Owner, Group and Others. Not one specific user. To create a permission mask for a specific user, you have to use ACLs (Access Control Lists), recently added to MacOSX.
  As you want to use shell commands (aka Terminal, as you write), please check the "man pages" for chmod.
  Now, if you want to share your photos with someone else - even on the same computer. You can simply turn "Sharing" on in your iPhoto Preferences; Use Fst User Switching to allow two or more users to have an opened session; and leave your account session on with iPhoto iconized. All users on your machine will be able to access your photos ... without messing up with file permissions schemes.
  Tell us more then on what is your initial goal.
  Rgds,
  Thierry

• UPS Service Account Replicate Directory Changes Permissions through AD group?

  I am trying to configure the UPS.
  Is it possible to grant the sync account SP-UPS Replicate Directory Changes permissions through an AD group or do these permissions need to be granted exclusively using ADSI edit?

  you can add a group or user name using the ADSI, that's what you want to know or something else?
  check the page 11 to 13 from the below white paper.
  http://download.microsoft.com/download/3/5/4/354670EE-4E80-4932-B1B6-CBCC3CD66444/oit2010-whitepaper-plan-deploy-user-profiles-mysites.doc
  Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog

• Active Directory and 10.8 Server: Can't add users

  I would be most appreciative of any help you folks can give a Mac user at a predominantly Windows/MS/Exchange Tier I university.
  I bought a MacMini to act as the departmental File server to allow a granular level of permissions on folders for faculty, administration, residents and students. The students and residents rotate in yearly or for 2 years at a time.
  The problem has become when I try and add users from the IT ActiveDirectory domain. The IT folks set-up the DNS, gave it a static IP address etc. all correctly.
  The MacMini was also bound to AD in Sys Prefs > Users & Groups > Login Options > Network Account Server to the domain.
  There are over 200,000 users in the university system. When I try and search for a user in the Users sidebar it pulls up a completely random list of users and lists "500+ users" next to the buttons. When I try and search for a user, invariably it fails. Furthermore, there is the term "Not Allowed" next to the names of all the random AD users.
  What am I doing wrong?
  The Sys Admin guy I spoke with said the only way he could figure it out was to go to Groups sidebar, create a new group and add the user that way.
  The whole premise for this is to allow the users the same login ID and PWD they do for every other service on campus. That's it. I then want to be able to control folder permissions directly on the MacMini. Is this possible or do I need to use Open Directory in conjunction with AD?
  Any help for this formerly Apple Power User would be greatly appreciated.
  Thanks folks.

  Hi
  This is a Jabber-ism I think.
  You get this if you are using UDS and the users you are trying to add aren't CUPS-enabled.
  You probably also get it if the users are from LDAP and aren't CUPS enabled.
  CUPC by comparison allows manual contact creation as well as adding of non CUPS people.
  Regards
  Aaron

• System Image Utility / Automator Add User Account no default shell

  I've noticed when creating a customized netrestore flow in System Image Utility for Yosemite, the result of the "Add User Account" action is a user missing a default shell. Noticed this when terminal kept closing as soon as it was opened. dscl -create localhost /Local/Default/Users/USERNAME UserShell /bin/bash fixed the issue but is obviously undesired for provisioning new computers. Any ideas how to configure a default shell for new users created in this way?

  Solved by ensuring the add user account action immediately follows the define image source action.

• Add User to Group Behavior

  Hi all
  I found
  this post that explains the same issue I'm having, but the marked answer isn't relevant to my environment. I've built a user creation runbook, using 2012 R2 and this
  Active Directory Integration Pack. Everything works properly, except I'm getting strange security log events when using the Add User to Group activity.
  In one of the tests, I added a single user that was being created to about 100 different groups. Let's say one group has 50 members. When the user gets added to that group, the security audit shows that 50 users were removed from the group, and then those
  50 users were added back plus my new user. It shows this activity for every group that the user was added to. I get the following two actions for every member of the group:
  Member '-' was removed from 'Domain\Group' by 'Domain\User' on...
  Member 'DN of Member' was added to 'Domain\Group'...
  This is a problem because it makes our audit reports and notifications worthless since we'd have to read through all the noise to see an actual anomaly. I'm also concerned that if users are actually being removed and re-added to those groups, that there
  could be some consequences of that that we aren't seeing yet (i.e. application access interruptions, or what if the connection to AD is lost after removing the users but before adding them back in). Although I should say I'm not convinced that the users are
  actually being removed because as you can see above, no member information is recorded on the removal, and all the removals and additions have the same exact time stamp meaning they occurred within 1 second, which seems pretty fast given that some of our groups
  are large.
  Is this the intended behavior of the Add User to Group activity? If so, is there a workaround I can use to avoid this behavior? The next thing I'll try is using PowerShell to add the user to the group, but this option isn't ideal since the runbook will be
  managed by users who are not that familiar with scripting, so I'd like the solution to contain as little as possible.
  Thanks

  Hi,
  the issue of the AD IP 7.0 is reported here 
  http://social.technet.microsoft.com/Forums/de-DE/eef9cdda-774f-4b95-bd89-aa3f86feee9b/ad-integration-pack-add-user-to-group-activity-problem?forum=scoscip
  Try the up-to-date Version 7.2
  http://www.sc-orchestrator.eu/index.php/scoblog/115-updated-system-center-2012-r2-orchestrator-integration-packs-available
  Regards,
  Stefan
  www.sc-orchestrator.eu ,
  Blog sc-orchestrator.eu

• File Sharing - External Drive - Unable to add user

  Hello,
  I am trying to share a folder within an external firewire drive. However, when in the "File Sharing" section, I am unable to add users after adding the folder to the "Shared Folders:". The add user dialog appears, but when a user is selected and the "Select" button is clicked, the user does not appear in "Users:".
  The external drive is formatted "Mac OS Extended (Journaled)" with an Apple Partition Map.
  Thanks for any suggestions.

  try adding this user from finder rather than fro system preferences. select this folder in finder and enter command+i. in the resulting popup go to the permissions section and add the user you want.