Allowing non-root access to view disk quotas

Hi, we have a need to allow a non-root user (as in the Help Desk) to look at users' quotas on various filesystems. I have tried running the quota command as an argument to ppriv, but rather than telling me what privileges are needed, I just get this:
ppriv -De quota -v youngbp
quota: youngbp (uid 200): permission denied
Is there a way in Solaris 10 to allow a non-root user to do this?
Also, does anyone have any experience using the perl Quota module as a non-root user to examine a user's quota? Thanks...
Jim McCullars
University of Alabama in Huntsville

You may also try RBAC
http://www.sun.com/blueprints/0603/817-3062.pdf
http://docs.sun.com/app/docs/doc/819-3321/6n5i4b7ao?l=en&a=view&q=RBAC
http://docs.sun.com/app/docs/doc/806-4078/6jd6cjs4o?a=view
Edited by: Noel.del@Rosario on Feb 19, 2008 4:07 AM
Edited by: Noel.del@Rosario on Feb 19, 2008 4:13 AM
Edited by: Noel.del@Rosario on Feb 19, 2008 4:40 AM

Similar Messages

Issue: non-root access to Java Desktop System

Hello,
Rookie here. i have been using Solaris 10 with no problem and accessing the GUI thru the Java Desktop system with no problem. i created a new non-root user 'user1' on the system with all default parameters assigned to the user when doing 'useradd user1'. these default parameters assume a default home directory is assigned to the user, correct? i am able to access the system with 'user1' via console and remote, but i cannot access the GUI thru the Java Desktop system with this user. It accepts my credentials then it flashes a couple of times and sends me back to the welcome log-in screen.
Are there additional permission that i need to grant this user to access GUI via JDS? i'm able to do everything else as normal. Any help is appreciated.

doing 'useradd user1'. these default parameters assume a default home directory is assigned to the user, correct? i am Incorrect. man useradd paying attention to -d and -m. Solaris defaults to /export/home and will usually throw an error if you try to use /home as it's controlled by the automounter.
If it's just a test user account then userdel followed by useradd again.
alan

Non-root access to JDS

Hello,
Rookie here. i have been using Solaris 10 with no problem and accessing the GUI thru the Java Desktop system with no problem. i created a new non-root user 'user1' on the system with all default parameters assigned to the user when doing 'useradd user1'. these default parameters assume a default home directory is assigned to the user, correct? i am able to access the system with 'user1' via console and remote, but i cannot access the GUI thru the Java Desktop system with this user. It accepts my credentials then it flashes a couple of times and sends me back to the welcome log-in screen.
Are there additional permission that i need to grant this user to access GUI via JDS? i'm able to do everything else as normal. Any help is appreciated.

Unless you specify the '-m' flag to 'useradd', the new users homedirectory will Not be created.
You will have to create the directory manually, first determine the setting of the homedirectory with, for example, finger, aka:
finger user1
Then create the directory with
mkdir <directory>
and then change the ownership of it:
chown user1 <directory>
HTH
.7/M.

User option in fstab not allowing non-root to mount drives

Hi, when i try to mount my drives, mount says "only root can do that". they mount fine as root but i thought putting the user option in fstab meant any user can mount that device. My fstab is as follows
/dev/dvd /mnt/dvd udf ro,user,noauto,unhide 0 0
/dev/hdb1 /mnt/win ntfs user,umask=022 0 0
i looked at the /dev devices - dvd is just a symlink to hdc. Please bear in mind i am a member of both disk and optical groups
brw-rw---- 1 root disk 3, 65 2006-05-31 10:31 hdb1
brw-rw---- 1 root optical 22, 0 2006-05-31 10:31 hdc
Hope someone can clear this up for me as its not good being root all the time
Thanks
Dan

nobby_trussin wrote:
Hi, when i try to mount my drives, mount says "only root can do that". they mount fine as root but i thought putting the user option in fstab meant any user can mount that device. My fstab is as follows
/dev/dvd /mnt/dvd udf ro,user,noauto,unhide 0 0
/dev/hdb1 /mnt/win ntfs user,umask=022 0 0
What is the exact command you are trying? As user, you must only specify either the device or the mountpoint, never both (specifying both will result in the exact error message you quoted).
i looked at the /dev devices - dvd is just a symlink to hdc. Please bear in mind i am a member of both disk and optical groups
brw-rw---- 1 root disk 3, 65 2006-05-31 10:31 hdb1
brw-rw---- 1 root optical 22, 0 2006-05-31 10:31 hdc
You don't need read and/or write permissions to the devices to mount them. While being in optical may prove useful for some tasks, being a member of disk is useless and irresponsible. You could read the whole filesystem (including files owned by root) and even overwrite or manipulate the whole thing without root privileges. This is a big security risk.

Non-root access of ports / services

Our application needs to grap a "reserved" port (/etc/services port number under 1000) as "nobody" as it is spawned from a web application. Is there some way in Solaris to allow this? Specifically, our application fires up it's own snmp service, but needs to use 161/162 and start it from the application, not from a root session.
Thanks for any help.
DaveS @apengines

Unless you specify the '-m' flag to 'useradd', the new users homedirectory will Not be created.
You will have to create the directory manually, first determine the setting of the homedirectory with, for example, finger, aka:
finger user1
Then create the directory with
mkdir <directory>
and then change the ownership of it:
chown user1 <directory>
HTH
.7/M.

Group Policy to Allow Non-Administrative Users to View All User Processes in Task Manager

Hi All:
Trying to get users with just Remote Services right (can remote in, no administrative permissions what-so-ever, to have the ability to view all processes by all users on the server.
I would like to do through group policy, however I cannot seem to find a policy doing just this. Any ideas?
2008 R2 Forest btw.

Hi,
Thank you for posting in Windows Server Forum.
The connection permissions that are set in Remote Desktop Session Host Configuration also determine the actions that a given user can perform in Remote Desktop Services Manager. For example, a user must have at least the Remote Control special access permission
to remotely control a user session by using Remote Desktop Services Manager.
Please check below article for details.
Configure Permissions for Remote Desktop Services Connections
http://technet.microsoft.com/en-us/library/cc753032.aspx
In regards to viewing process on RDSH server, can view the process in process Tab in RDSH manager.
Managing Users, Sessions, and Processes
http://technet.microsoft.com/en-us/library/cc732808.aspx
Hope it helps!
Thanks.
Dharmesh Solanki

[SOLVED] How to set non-root access to serial ports?

I have this device which is listed as
/dev/ttyUSB0
I need to
sudo chown sms /dev/ttyUSB0
every time I reboot. Normally I would think to add myself to some group but "tty" group is not doing the trick... proof:
[sms@sms-linux ~]$ groups sms
tty wheel sms
[sms@sms-linux ~]$ MinOZW
Starting MinOZW with OpenZWave Version 1.0.758
2014-03-15 06:32:07.921 Cannot find a path to the configuration files at ../../../config/, Using /usr/local/etc/openzwave/ instead...
2014-03-15 06:32:07.928 mgr, Added driver for controller /dev/ttyUSB0
2014-03-15 06:32:07.929 Opening controller /dev/ttyUSB0
2014-03-15 06:32:07.931 Trying to open serial port /dev/ttyUSB0 (attempt 1)
2014-03-15 06:32:07.933 ERROR: Cannot open serial port /dev/ttyUSB0. Error code 13
2014-03-15 06:32:07.935 ERROR: Failed to open serial port /dev/ttyUSB0
2014-03-15 06:32:07.936 WARNING: Failed to init the controller (attempt 0)
^C
[sms@sms-linux ~]$ sudo MinOZW
[sudo] password for root:
Starting MinOZW with OpenZWave Version 1.0.758
2014-03-15 06:32:23.776 Cannot find a path to the configuration files at ../../../config/, Using /usr/local/etc/openzwave/ instead...
2014-03-15 06:32:23.782 mgr, Added driver for controller /dev/ttyUSB0
2014-03-15 06:32:23.784 Opening controller /dev/ttyUSB0
2014-03-15 06:32:23.786 Trying to open serial port /dev/ttyUSB0 (attempt 1)
2014-03-15 06:32:23.794 Serial port /dev/ttyUSB0 opened (attempt 1)
Edit: yes, it was after logout and even reboot.
Last edited by smsware (2014-03-15 15:07:15)

Hi,
I also have a similar problem. I added myself to uucp group, but I still cannot access the serial port.
[manjaro@mycomp work]$ sudo gpasswd -a manjaro uucp
[sudo] password for manjaro:
Adding user manjaro to group uucp
[manjaro@mycomp work]$ groups manjaro
lp wheel uucp network video audio storage users
[manjaro@mycomp work]$ ls -l /dev/ttyUSB0
crw-rw---- 1 root uucp 188, 0 23.06.2014 21:32 /dev/ttyUSB0
[manjaro@mycomp work]$ lpc21isp firmware.hex /dev/ttyUSB0 19200 11059
lpc21isp version 1.97
File firmware.hex:
loaded...
Start Address = 0x00004F9C
converted to binary format...
image size : 30304
Image size : 30304
Can't open COM-Port /dev/ttyUSB0 ! (Error: 13d (0xD))
But when I try as root, it works:
[manjaro@mycomp work]$ sudo lpc21isp firmware.hex /dev/ttyUSB0 19200 11059
[sudo] password for manjaro:
lpc21isp version 1.97
File firmware.hex:
loaded...
Start Address = 0x00004F9C
converted to binary format...
image size : 30304
Image size : 30304
Synchronizing (ESC to abort)..... OK
Read bootcode version: 13
Download Finished... taking 27 seconds
Now launching the brand new code
Do you have any idea what I am doing wrong?
Last edited by manjaro (2014-06-23 19:57:40)

[Solved] Non-root user cannot access mounted ntfs filesystem

Hi -,
i have a dualboot system (arch/xfce + win7) and i use a ntfs partition /dev/sda2 to store files i use with both operating systems. I added the partition to fstab and it gets mounted, but i cannot access it with my non-root user. With root it works fine...
My fstab:
# cat /etc/fstab
# /etc/fstab: static file system information
# <file system> <dir> <type> <options> <dump> <pass>
tmpfs /tmp tmpfs nodev,nosuid 0 0
LABEL=home /home ext4 defaults 0 1
LABEL=root / ext4 defaults 0 1
LABEL=swap swap swap defaults 0 0
/dev/sda2 /media/sda2 ntfs defaults 0 2
Is there any option that allows all users to use the mounted device? Or how is this usually done ...
Last edited by muzzel (2012-05-30 20:39:58)

See: NTFS-3G for important setup information.
My fstab line looks like:
/dev/sdb1 /media/Win_USB ntfs-3g uid=1000,gid=users,fmask=113,dmask=0022 0 0
This sets up some important parameters which the NTFS-3G Wiki Page covers. Basically, "ntfs" is only a basic driver and is built into the kernel. "ntfs-3g" is a much better, and less disk-eating, driver that you should install and use if you need the drive in Linux any more than occasionally. My fstab line makes my user (1000) the owner and the masks lets me write and etc to it. When you install NTFS-3G it is automatically used when you use the mount command to mount NTFS drives. In fstab, as above, you would specify it explicitly.
You can find your own user number by entering "id" at a terminal.

"Always Open In..." View Options for Root Level of a Disk Image File

I ran into a problem/bug tonight that I can't find listed anywhere and was wondering if anyone else has encountered it. I am using Snow Leopard (now 10.6.1), upgraded from the last revision of Leopard.
I create DVD-R sized disk images with Disk Utility (using "Mac OS Extended" only w/o Journaling) for saving downloaded files. Because of the number of files on this disk, I create single-letter folders (for alphabetical filing) and set up these disk images to "Always Open In List View". For the individual folders, I can set these to "Always Open In List View" without a problem. However, for the "root level" of these disk images, I can only access "Always Open In Icon View" no matter which view option is selected.
For previously created disk images that were already set to "Always Open In List View", these show the previously set "List View" at the disk image "root level" as expected. But if I uncheck the box, it immediately goes to "Always Open In Icon View". And like before, no matter which view option is selected, I can never get back to "Always Open In List View". Note also that I can set this option as expected for "root levels" of real disks - this only seems to be a problem with the disk image files.
I had no problems at all with this under Tiger or Leopard. I've only run into this now under Snow Leopard. The upgrade tonight to 10.6.1 hasn't seem to affect this problem.
So should I be doing something differently now to get this option to reappear, a possible conflict with something on my computer or is this a bug with Snow Leopard? Can anyone else duplicate this issue?

Additional info, in case anyone is running into this issue...
If I do the following with the "root level" of the disk image, I can set the "Always Open in List View" option.
1. Open the "root level" view of the disk image - for me, it always opens in icon view. Then, select "Show View Options" from the View menu.
2. Check the "Always Open in Icon View" box. While leaving this dialog open, select "as List" from the View menu.
3. Uncheck the "Always Open in Icon View" box. It will instantly turn into "Always Open In List View". Recheck this box immediately, then close dialog. This will make the setting stick.
I've been able to repeat this situation several times. I might be wrong, but it sure acts like a small bug to me. Hope this helps anyone else who might have encountered this issue.

View read allows read only access

Hi friends,
I have created maintainance view, I am getting this warning " View read allows read only access , Maintainance not possible". So to avoid this, what should i do now.
Thank you

Hi,
In Delivery and maintence check if the field Data Browser/Table View Maint. has the value delivery and maint allowed
or delivery and maint allowed with restrictions.
Regards,
Rajesh Kumar

Setting previleges to a non-root user account to access ports

Hello ,
I am tring to do an icmp-ping to a machine in the network from an application by connecting to icmp port through a raw socket.
My question is i am able to connect to icmp port using raw socket only in root user account. But my application should run under a non root user account and do the ping for me.
1)How do i set previleges to a particular user to access icmp port?
I am running the application on solaris 9
2)I read a paper on net saying ports from 0 to 1024 can only be accessed by a root user account?
Why is this and what can be done for a non-root user account to access these ports.
3) Is this possible in solaris 9.
Thanks in Advance,
cheers,
pal

There is only one solution: create a new Standard user account and set it as your auto login account, if you use that feature.
Using what you describe is mostly a false sense of security. Were someone to hack into the computer they could hack into the standard account, so you would not wish to keep any sensitive data in that account. Other things to consider:
Turn on your Firewall in Security & Privacy preference panel.
Use software to mask your online presence such as ProxyCap 2.03, MacProxy, Proxifier, or Hotspot Shield.

Aironet 1262N - Access Point behind Non-Root Bridge possible?

Hi,
I want to connect two buildings. Let's call them Building A (main) and Building B.
„A“ is the main building and provides a wired LAN to an AAA server (192.168.1.2) and the WAN gateway (192.168.1.1).
There I placed a 1262N with the IP 192.168.1.3 connected to the wired LAN and configured it as Root-Bridge. Let's call it AP01.
„B“ is a pretty large building and has a wired LAN from one end to the other end.
So I placed two 1262N there, each at one end.
The first 1262N is configured as non-root Bridge (AP02) and connects to the Root Bridge (AP01).
The IP address of AP02 is 192.168.1.4.
The second 1262N is configured as Access Point (AP03) and connects to the non-root Bridge (AP02) via the wired LAN.
The IP adress of AP03 is 192.168.1.5
My Questions:
1. Do I need tell AP02 about the AAA Server in Building A or acts AP01 like a AAA Proxy for AP02 because of it Root Bridge functionality?
2. How Do I tell AP03 that it should use AP02 as a gateway to building A?
I attached a diagram.

Hello Mr. Vogl,
Thank you for your question.
However, the Small Business Support Community is limited to Cisco Small Business Products, and the Aironet products are considered as a Enterprise level devices.
I recommend you to post this question on the on the correct forum, in order to get a better response.
You can move your post using the Actions panel on the right.
Best regards,
Diego Rodriguez
Cisco Small Business Community Engineer

1310 Non-Root Bridge Accessing Different Subnets

From this non-root 1310 bridge, we are connecting to an old BR500 root bridge via wireless.
Clients inside the non-root bridge are able to access devices anywhere on the subnet (servers, workstations, etc.) via the bridge (wireless connection) with no problems. But, these clients cannot access the default gateway of the subnet or pass through the router (I can't even ping the default gateway router interface from the 1310 bridge; yet from the bridge, I can ping anything else on the same subnet).
Of course, clients on the wired LAN are able to browse the Internet, etc. -- it is only clients behind this bridge that cannot seem to "get out" so to speak.
This is a small LAN -- so everything is VLAN1 with a router at the boundary.
I have even ran a "sh ip arp" on the 1310 to ensure that a MAC entry is in the table for the default gateway IP, and it is there.
Any ideas?

Make sure there is no access list confiugred on the router blocking the access. Save the configurations and restart the bridge .

Disk Quota support?

Hey Folks,
I've got a 10.5 server with an attached RAID volume that I'd like to apply user and group quotas to. I can only find quota configuration options for the user's home folder, but I'd prefer to not enable home folders on the system if possible.
I've got a single share on the RAID volume called "Guests", and have created a group called "serverguests" who are allowed to mount and read/write the "Guests" share via AFP or SMB protocols. I cannot figure out how to limit certain members of the "serverguests" group, or the entire group itself, in terms of a disk quota.
I've tried using "edquota", but that command doesnt do anything. At first it created the ".quota.users" and similar files (command was: sudo "edquota -g serverguests"...as described in the server documentation and the command man page) but it didnt open them for editing. I manually removed the quota files from the root of the RAID drive, and now the "edquota" command will not create new files. It doesnt give any errors...it seems to do nothing. Using "quotacheck" the system reports that no users or groups on the system have any quota restrictions.
How do I get OS X 10.5 server, updated with all the latest updates (including stuff like iTunes and Safari) to have quotas for users? At the very most I could create guest users' home folders in the "Guests" share and invoke the home folder quota, but I'd much prefer to be able to apply quotas to any share I'd like.
Thanks a bunch.

I am having a similar problem..
I am attempting to create quotas on a file server connected to a different OD master server for users in the OD directory and not having success. Doing "edquota -u <ldapuser>" I do get the vi edquota editor and I can successfully edit quotas for an ldap user that appear to be saved somewhere (when i exit and then do it again my edits are still there, so I assume it is editing the .quota.user file) but doing "repquota -a" the user does not show up in the list or in the list under the quota tab in Server Admin -> File Sharing; Only all of the local users show up (_spotlight, _lp, daemon, etc). I can't use network home folders because the clients are using local home folders.
In summary, I want to create a single share on a dedicated leopard file server that network users whose accounts are in a separate OD master can access and still have disk quotas enforced on these users... does anyone know if leopard supports this? I can't seem to find anything on the web other than this excellent tutorial http://www.secure-computing.net/wiki/index.php/HFS%2BDiskQuotas which, while good, doesn't help me.

I get a Group Policy Disk Quota failure at every system start

This is very long, my apologies
I asked this question about a month ago and then had some medical problems so I'm starting over again.
Whenever I start my system I get a message on the screen that the system is trying to run Group Policy for Disk Quotas. To my knowledge I've never set a disk quota policy and I can't find any indication that one is currently set. I freely admit
that I could be responsible for this. I might have done something in the early days of the system because it wasn't happening for the first month or two.
This time I did more reading and found a procedure on TechNet at:
"http://technet.microsoft.com/en-us/library/cc749336(WS.10).aspx" which led me step by step through the procedure, although I still can't make sense of the results.
So far I've verified that there are no policies set and that all the hard drives (3) have the Disk Quota bit 'disabled'. I did this as 'Administrator'.
The results from the TechNet procedure turned out to be quite long but I'm listing it here in hope that someone in the community will be familiar with this problem and be able to use the information to figure out the problem.
Here are the results:
From: TechNet Group Policy Testing
( "http://technet.microsoft.com/en-us/library/cc749336(WS.10).aspx" )
1 - Troubleshooting using the Group Policy operational log
   a - Determine the instance of Group Policy processing
   (Before you view the Group Policy operational log, you must first determine
   the instance of Group Policy processing that failed.)
My ActivityID from the Group Policy operational log = C87E5BC2-FD21-4794-B678-787AB587D8D5
2 - Create a custom view, via a query, of the Group Policy instance
My resultant query:
<QueryList><Query Id="0" Path="Application"><Select Path="Microsoft-Windows-GroupPolicy/Operational">*[System/Correlation/@ActivityID='{C87E5BC2-FD21-4794-B678-787AB587D8D5}']</Select></Query></QueryList>
3 - Results of running the query from step 2 are listed below, in chronological order, including the complete 'detail' sections from each event.
event 4000
Event Description(s) = Computer startup
BEGIN DETAIL SECTION-----------------------------------------------------------------------------
- System
  - Provider
   [ Name] Microsoft-Windows-GroupPolicy
   [ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
   EventID 4000
   Version 1
   Level 4
   Task 0
   Opcode 1
   Keywords 0x4000000000000000
   - TimeCreated
   [ SystemTime] 2010-05-15T13:29:33.598400000Z
   EventRecordID 22707
   - Correlation
   [ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
   - Execution
   [ ProcessID] 1280
   [ ThreadID] 1784
   Channel Microsoft-Windows-GroupPolicy/Operational
   Computer GROK
   - Security
   [ UserID] S-1-5-18
- EventData
  PolicyActivityId {C87E5BC2-FD21-4794-B678-787AB587D8D5}
  PrincipalSamName WORKGROUP\GROK$
  IsMachine 1
  IsDomainJoined false
  IsBackgroundProcessing false
  IsAsyncProcessing false
  IsServiceRestart false
  ReasonForSyncProcessing 2
END DETAIL SECTION-------------------------------------------------------------------------------
event 5320
Event Description(s) = Checking for Group Policy client extensions that are not part of the system.
Event Description(s) = Service configuration update to standalone is not required and will be skipped.
BEGIN DETAIL SECTION------------------------------------------------------------------------------
- System
  - Provider
   [ Name] Microsoft-Windows-GroupPolicy
   [ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
   EventID 5320
   Version 0
   Level 4
   Task 0
   Opcode 0
   Keywords 0x4000000000000000
   - TimeCreated
   [ SystemTime] 2010-05-15T13:29:33.614000000Z
   EventRecordID 22711
   - Correlation
   [ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
   - Execution
   [ ProcessID] 1280
   [ ThreadID] 1784
   Channel Microsoft-Windows-GroupPolicy/Operational
   Computer GROK
   - Security
   [ UserID] S-1-5-18
- EventData
  InfoDescription %%4161
END DETAIL SECTION-------------------------------------------------------------------------------
event 5313
Event Description(s) = The following Group Policy objects were not applicable because they were filtered out :
BEGIN DETAIL SECTION------------------------------------------------------------------------------
- System
  - Provider
   [ Name] Microsoft-Windows-GroupPolicy
   [ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
   EventID 5313
   Version 0
   Level 4
   Task 0
   Opcode 0
   Keywords 0x4000000000000000
   - TimeCreated
   [ SystemTime] 2010-05-15T13:29:33.614000000Z
   EventRecordID 22710
   - Correlation
   [ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
   - Execution
   [ ProcessID] 1280
   [ ThreadID] 1784
   Channel Microsoft-Windows-GroupPolicy/Operational
   Computer GROK
   - Security
   [ UserID] S-1-5-18
- EventData
  DescriptionString None
  GPOInfoList
END DETAIL SECTION-------------------------------------------------------------------------------
event 5311
Event Description(s) = The loopback policy processing mode is "No loopback mode".
BEGIN DETAIL SECTION------------------------------------------------------------------------------
- System
  - Provider
   [ Name] Microsoft-Windows-GroupPolicy
   [ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
   EventID 5311
   Version 0
   Level 4
   Task 0
   Opcode 0
   Keywords 0x4000000000000000
   - TimeCreated
   [ SystemTime] 2010-05-15T13:29:33.614000000Z
   EventRecordID 22708
   - Correlation
   [ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
   - Execution
   [ ProcessID] 1280
   [ ThreadID] 1784
   Channel Microsoft-Windows-GroupPolicy/Operational
   Computer GROK
   - Security
   [ UserID] S-1-5-18
- EventData
  PolicyProcessingMode 0
END DETAIL SECTION-------------------------------------------------------------------------------
event 5312
Event Description(s) = List of applicable Group Policy objects:
Event Description(s) = Local Group Policy
BEGIN DETAIL SECTION------------------------------------------------------------------------------
- System
  - Provider
   [ Name] Microsoft-Windows-GroupPolicy
   [ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
   EventID 5312
   Version 0
   Level 4
   Task 0
   Opcode 0
   Keywords 0x4000000000000000
   - TimeCreated
   [ SystemTime] 2010-05-15T13:29:33.614000000Z
   EventRecordID 22709
   - Correlation
   [ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
   - Execution
   [ ProcessID] 1280
   [ ThreadID] 1784
   Channel Microsoft-Windows-GroupPolicy/Operational
   Computer GROK
   - Security
   [ UserID] S-1-5-18
- EventData
  DescriptionString Local Group Policy
  GPOInfoList <GPO ID="Local Group Policy"><Name>Local Group Policy</Name><Version>524296</Version><SOM>Local</SOM><FSPath>C:\Windows\System32\GroupPolicy\Machine</FSPath><Extensions>[{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{D02B1F72-3407-48AE-BA88-E8213C6761F1}][{3610EDA5-77EF-11D2-8DC5-00C04FA31A66}{D02B1F72-3407-48AE-BA88-E8213C6761F1}][{F3CCC681-B74C-4060-9F26-CD84525DCA2A}{0F3F3735-573D-9804-99E4-AB2A69BA5FD4}]</Extensions></GPO>
END DETAIL SECTION-------------------------------------------------------------------------------
event 4016
Event Description(s) = Starting Microsoft Disk Quota Extension Processing.
Event Description(s) = List of applicable Group Policy objects: (Changes were detected.)
Event Description(s) = Local Group Policy
BEGIN DETAIL SECTION------------------------------------------------------------------------------
- System
  - Provider
   [ Name] Microsoft-Windows-GroupPolicy
   [ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
   EventID 4016
   Version 0
   Level 4
   Task 0
   Opcode 1
   Keywords 0x4000000000000000
   - TimeCreated
   [ SystemTime] 2010-05-15T13:29:33.614000000Z
   EventRecordID 22714
   - Correlation
   [ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
   - Execution
   [ ProcessID] 1280
   [ ThreadID] 1784
   Channel Microsoft-Windows-GroupPolicy/Operational
   Computer GROK
   - Security
   [ UserID] S-1-5-18
- EventData
  CSEExtensionId {3610EDA5-77EF-11D2-8DC5-00C04FA31A66}
  CSEExtensionName Microsoft Disk Quota
  IsExtensionAsyncProcessing false
  IsGPOListChanged true
  GPOListStatusString %%4102
  DescriptionString Local Group Policy
  ApplicableGPOList <GPO ID="Local Group Policy"><Name>Local Group Policy</Name></GPO>
END DETAIL SECTION-------------------------------------------------------------------------------
event 5320
Event Description(s) = Finished checking for non-system extensions.
BEGIN DETAIL SECTION------------------------------------------------------------------------------
- System
  - Provider
   [ Name] Microsoft-Windows-GroupPolicy
   [ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
   EventID 5320
   Version 0
   Level 4
   Task 0
   Opcode 0
   Keywords 0x4000000000000000
   - TimeCreated
   [ SystemTime] 2010-05-15T13:29:33.614000000Z
   EventRecordID 22713
   - Correlation
   [ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
   - Execution
   [ ProcessID] 1280
   [ ThreadID] 1784
   Channel Microsoft-Windows-GroupPolicy/Operational
   Computer GROK
  - Security
   [ UserID] S-1-5-18
- EventData
  InfoDescription %%4165
END DETAIL SECTION-------------------------------------------------------------------------------
event 4016
Event Description(s) = Starting Audit Policy Configuration Extension Processing.
Event Description(s) = List of applicable Group Policy objects: (No changes were detected.)
Event Description(s) = Local Group Policy
BEGIN DETAIL SECTION------------------------------------------------------------------------------
- System
  - Provider
   [ Name] Microsoft-Windows-GroupPolicy
   [ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
   EventID 4016
   Version 0
   Level 4
   Task 0
   Opcode 1
   Keywords 0x4000000000000000
   - TimeCreated
   [ SystemTime] 2010-05-15T13:31:21.987200000Z
   EventRecordID 22718
   - Correlation
   [ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
   - Execution
   [ ProcessID] 1280
   [ ThreadID] 1784
   Channel Microsoft-Windows-GroupPolicy/Operational
   Computer GROK
   - Security
   [ UserID] S-1-5-18
- EventData
  CSEExtensionId {F3CCC681-B74C-4060-9F26-CD84525DCA2A}
  CSEExtensionName Audit Policy Configuration
  IsExtensionAsyncProcessing true
  IsGPOListChanged false
  GPOListStatusString %%4101
  DescriptionString Local Group Policy
  ApplicableGPOList <GPO ID="Local Group Policy"><Name>Local Group Policy</Name></GPO>
END DETAIL SECTION-------------------------------------------------------------------------------
event 7016
Event Description(s) = Completed Microsoft Disk Quota Extension Processing in 108374 milliseconds.
BEGIN DETAIL SECTION-------------------------------------------------------------------------------------
- System
  - Provider
   [ Name] Microsoft-Windows-GroupPolicy
   [ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
   EventID 7016
   Version 0
   Level 2
   Task 0
   Opcode 2
   Keywords 0x4000000000000000
   - TimeCreated
   [ SystemTime] 2010-05-15T13:31:21.987200000Z
   EventRecordID 22717
   - Correlation
   [ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
   - Execution
   [ ProcessID] 1280
   [ ThreadID] 1784
   Channel Microsoft-Windows-GroupPolicy/Operational
   Computer GROK
   - Security
   [ UserID] S-1-5-18
- EventData
  CSEElaspedTimeInMilliSeconds 108374
  ErrorCode 2147942402
  CSEExtensionName Microsoft Disk Quota
  CSEExtensionId {3610EDA5-77EF-11D2-8DC5-00C04FA31A66}
END DETAIL SECTION-----------------------------------------------------------------------------------------
event 5016
Event Description(s) = Completed Microsoft Disk Quota Extension Processing in 108374 milliseconds.
BEGIN DETAIL SECTION----------------------------------------------------------------------------------------
- System
  - Provider
   [ Name] Microsoft-Windows-GroupPolicy
   [ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
   EventID 5016
   Version 0
   Level 4
   Task 0
   Opcode 2
   Keywords 0x4000000000000000
   - TimeCreated
   [ SystemTime] 2010-05-15T13:31:22.314800000Z
   EventRecordID 22720
   - Correlation
   [ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
   - Execution
   [ ProcessID] 1280
   [ ThreadID] 1784
   Channel Microsoft-Windows-GroupPolicy/Operational
   Computer GROK
   - Security
   [ UserID] S-1-5-18
- EventData
  CSEElaspedTimeInMilliSeconds 312
  ErrorCode 2147483658
  CSEExtensionName Audit Policy Configuration
  CSEExtensionId {F3CCC681-B74C-4060-9F26-CD84525DCA2A}
END DETAIL SECTION-----------------------------------------------------------------------------------------
Event 8000
Event Description(s) = Completed computer boot policy processing for WORKGROUP\GROK$ in 108 seconds.
BEGIN DETAIL SECTION----------------------------------------------------------------------------------------
- System
  - Provider
   [ Name] Microsoft-Windows-GroupPolicy
   [ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
   EventID 8000
   Version 1
   Level 4
   Task 0
   Opcode 2
   Keywords 0x4000000000000000
   - TimeCreated
   [ SystemTime] 2010-05-15T13:31:22.330400000Z
   EventRecordID 22721
   - Correlation
   [ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
   - Execution
   [ ProcessID] 1280
   [ ThreadID] 1784
   Channel Microsoft-Windows-GroupPolicy/Operational
   Computer GROK
   - Security
   [ UserID] S-1-5-18
- EventData
  PolicyElaspedTimeInSeconds 108
  ErrorCode 0
  PrincipalSamName WORKGROUP\GROK$
  IsMachine 1
  IsConnectivityFailure false
END DETAIL SECTION-----------------------------------------------------------------------------------------
End of results.
Thanks to all,
wegrok
Win7 Ultimate x64, 8 GB ram, AMD Phenom 9950 Quad-proc @2.6Ghz, HD = 1TB ASUS M4N72-E mobo, Video = NVIDIA GeForce 8800 GT w/ Dell 2407 Digital Monitor -------------------------------------------------------------------------------------------------------

Did you ever have luck tracking this down? Im getting this error and have no clue where it is coming from. I have not enabled gp disk quotas, but I do have a network share on a domain member server that has quotas attached to each users folder.
I removed the quotas and still get this error when I manually perform a gpupdate.

Allowing non-root access to view disk quotas

Similar Messages

Maybe you are looking for