Basic Server Config question: Restricting user access to files & folders

Similar Messages

• Is it possible to restrict user access to files that need read/write permissions?

  I am in the process of implementing electronic payments for a company's AP department.  Dynamics GP (Great Plains) needs to create an EFT file that will get sent to the bank.  After it is created, a script is run that sends the TXT file to the
  bank and then renames the file extension to SNT.  Users are logged on to the Great Plains server and have their own permission group.
  Because the file is sending payment instructions, it is essential that users cannot modify or create a file with fraudulent payment instructions to the bank (incorrect bank account info).
  With testing, I was able to save the file from GP to a folder where users cannot read it's contents, however the script cannot send the file to the bank without "read access" (it says not files available).
  Any ideas for solutions?  For instance, is it possible to make Great Plains and/or the script file "system" so that it can override the user profile's permissions? 
  I was also looking into the ability to hide the folder/files, but it appears users can choose to view hidden files and folders.

  I dont think so you can do it that way..

• How to restrict user access in Oracle Application Server 10g (9.0.4)?

  Can anybody please let me know how to restrict user access in 10g AS? To be specific, how to allow http requests from specific IPs only?

  Hi,
  You have to edit httpd.conf and modify acces rights for each protected directory
  e.g.
  <Directory /var/www/sub/payroll/>
  Order allow,deny
  Allow from 192.168.1.0/24
  </Directory>
  then you have to restart Oracle HTTP Server
  jm--

• Time restricted user access

  Dear Experts,
  we are dealing with the following issue. Is it possible to set up time restricted user access in BPC 7.5? It means e.g. we want user to have access to BPC only in the first half of the year or (a bit trickier) in every first half of each month.
  And is it possible to temporarily prohibit access for an user without deleting him or his rights?
  Thanks for the reply,
  Jakub

  Hi Jakub,
  Can you explain why you want to set up your system this way? Depending on what you are trying to accomplish, there may be a good way to make it work in BPC (work status, security, data model design), but as Nilanjan said, there is not an easy way to totally lock out users based on date.
  Ethan

• Restrict Users from saving files on Local PC but forced to Network Shared Location

  Hi,
  We have the Domain in Windows 2003 Standard.
  How can I restrict users from saving files in their Local PC? 
  Also, need to forced them to save the files in Network Location with permissions...
  Thanks.
  ~CoolPra~

  Hi,
  You can create a file screen to prevent users from saving files on a certain volume. File screens are used to block specific types of files from being saved on a volume or in a folder tree. A file screen affects all folders in the designated path. You need
  to update the server to Windows Server 2003 R2 to install the File Server Resource Manager.
  File Screening Management
  http://technet.microsoft.com/en-us/library/cc772675(v=ws.10).aspx
  Best Regards,
  Mandy 
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Windows 2008 : How to Restrict Users to Copy file from Shared Folder

  Hello All,
  I need to Restrict Users to Copy file from Shared Folder. Please let me know is there any method to achieve this requirement.

  If user have Read permission, they can copy it. So actually you cannot restrict user from copy your files if they could read/edit.
  Some programs could help restrict users from edit/modify/copy the content of their files such as Office files, PDF files etc as Oscar said above.
  TechNet Subscriber Support in forum |If you have any feedback on our support, please contact [email protected]

• When a win7 users accesses a file on the server the permissions on the file revert to read only.

  Hi there,
  Originally my enviroment was 100% Mac, but now we have merged with another company who are all PC users.
  The issue I'm having is when a Windows 7 client accesses a file on the Snow Leopard server the file becomes Read Only, and I have to manually propergate the permissions to fix it. This isn't an issue with XP users.
  So far this is only happening with Excel files.
  Is anyone else experiencing this issue?  Any help would be greatly appreciated.
  Cheers,
  J

  I'm having a similar issue as well.  Excel 2007 appears to be the culprit, but hard for me to say.  Running 10.6.8 here as well.

• Restricted User Access

  Hi All!
  Is it possible to restrict the access of a user in that way that he can only edit a part of the columns, but he can see the whole table even the columns he isn't permitted to change! How can i solve this problem?

  Hi user552848,
  please provide your first name...
  I would see 2 possible solutions here:
  1) Create or own access roles
  a) create an application item where you store which "access role" the user has and
  b) use the "Read only" property of the page item, where you specify a condition of type "Value of Item in Expression 1 != Expression 2". Write the name of your application item into Expression 1 and eg UPDATE_ALLOWED (=>name of your access role) into Expression 2
  2) You use the APEX authorization.
  a) Create one at Shared Components\Authorization Schemes).
  b) Use the "Read only" property of the page item, where you specify a condition of type "PL/SQL Expression" with the following code in Expression 1
  NOT WWV_Flow.public_security_check('Name of the Authorization you created');Note 1: "Name of the Authorization you created" is case sensitive
  Note 2: WWV_Flow.public_security_check isn't a documented function, so use it at your own risk, Oracle may change it/remove in the next release.
  Hope that helps
  Patrick
  Check out my APEX-blog: http://inside-apex.blogspot.com

• Restrict user to view All folders in WebI

  Hi,
  I am using BO4.1, we have many report folders. We want to restrict users to have view access to only one specific folder.
  Users dont have rights to view reports of other folder.
  Please guide me steps to apply this restriction.
  Warm regards,
  Sonal

  Hi Sonal,
  I think the problem is with the Access level for that particular user.Just check whether the rights are not inherited from any group.
  OR
  You can try following steps:
  1. Recreate the user.
  2.Go to that particular folder which you want to grant View.
  3.Right click and go to user_security -> Everyone -> select the user -> View security -> add principle -> available access level -> grant "view/full control" whatever grant you want to assign.
  Now he can only view/modify that particular folder.
  For more help check the topic in Admin Guide.
  http://help.sap.com/businessobject/product_guides/boexir4/en/xi4_bip_admin_en.pdf
  Hope it helps!
  Regards,
  Shardendu

• Restricting users from uploading files greater than certain size in Kpro

  Hi,
  How can we restric users from uploading files in SAPoffice which are greater than certain size (5MB)?
  Awaiting for reply.

  Hello Gino,
  you go to Tcode DC10, in the define document type,
  there is a option file size, this gives you restriction , only if you are not using KPro and content server.
  If you are using Kpro and content server, then please do the enhancement (SE80, package ,CV)
  With the help of this you can restrict and put the warinig message if your original size is exceed.
  Thanks & Regards,
  nitin
  Award point if useful

• User Access to Public folders durring migration

  I built a test environment in preparation for a migration I am doing. I have a 2007 and 2013 set up.
  After I moved the test users from the 2007 exchange server to the 2013 server, they can no longer open the public folders still in the 2007 environment. The error is "the server mailbox cannot be opened because this address book entry is not
  a mail user.".
  The Public Folders will eventually be migrated, but I want to ensure users will still have access to them as they are migrated. What step am I missing?

  Hi IT2B,
  Is there any update after referring to these links?
  Best regards,
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
  Niko Cheng
  TechNet Community Support
  Won't be able to work on until tomorrow. I'll post my results.

• User Access to Public Folders Disappearing (Outlook 2013)

  I have one particular user who is losing access to public folders in Outlook 2013.  I have found that going to
  File > Account Settings > Account Settings > Email [TAB] > Repair... and then following through that dialog temporarily restores public folder access after restarting Outlook.  However, once Outlook is restarted
  for 30-60 seconds, the public folders disappear again. This is only happening for this one user.  They receive their public folder permissions via group membership.  Other group members report no such issue. I had another user with identical permissions
  log into the same workstation and they again had no issue.
  What could be causing this? This is a particularly bothersome problem since this user happens to be the office scheduler and the calendar they schedule on is public (which, thanks to reduced functionality in Exchange 2013, is no longer accessible in OWA).
  Tech specs: Exchange 2013 CU5 accessed from Outlook 2013 running on Windows 8.1 Update.  Outlook did not log any events during the time when public folders were dropped, nor are there any network connectivity issues being logged.
  Any ideas for resolving this?

  Hi,
  Please check the connection status for Outlook.
  Press the CTRL key and right-click the Outlook icon in the notification area, then select Connection Status.
  Please run the command get-mailbox administrator | fl defaul* to check the default public folder mailbox for this affected user.
  Do you have mail-enabled public folders? If you have mail-enabled public folders, you can check if this user can view public folders in OWA.
  If possible, please re-add the public folder permissions for this user to check result.
  Best regards,
  Belinda Ma
  TechNet Community Support

• Restricting users froms uploading files greater than certain size in km.

  Hi,
         How can we restric users to upload files in KM which are greater than certain size (5MB)?Awaiting for reply.

  Hi,
     It is out of standard you must develop your own upload command (SAP Developer Studio).
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/kmc/knowledge management and collaboration developers guide.html
  Patricio.

• Acs 5.3 and wlc 2504 config with restricted network access

  Hello,
  i submit you the following issue that i'm actually facing:
  i must configure a secured wireless network with access restriction based on SSID. the equipements are : cisco wlc 2504 (soft 7.3) cisco secure acs aplliance 1121 (soft 5.4) .
  the users that will connect to the network are regrouped by identity groups, each identity group having it's own SSID. Clearly each group of users must access only one SSID.
  i followed the procedure below to configure it:
  -- creating user identity groups;
  -- creating users and assigning them to the groups;
  --- creating authorization profiles for each SSID under policy element/ authorization and permission/network access/authorization profiles and putting the Airespace-Wlan-Id(the SSID number) in the radius tab.
  --- assigning the authorization profiles to the identity groups under access policies.
  after all these config the users can access the network using there userid/password configured. But the problem is Every user can access every SSID, seems like the restriction is so not very well configured.
  i found some documentation on this kind of config but the version of ACS used seems older than the one that i use, so menu are very different.
  Please can someone provide with the right steps to follow to achieve this kind of config.
  tkx in advance

  Yes.. you only have to add the end filter like what I posted... as far as the calling station id in the WLC security tab, it doesn't matter because that is not used when using 802.1x.  I would also try to not enable everything that you have just to start from the basic and make sure it works first.  The WAP Authentication Method might or might not work for you.  Uncheck that for now and when you have a successful authentication, look at the monitor log and see what radius attributes are being sent, because those attributes is what you can use to build your policies.
  Thanks,
  Scott
  Help out other by using the rating system and marking answered questions as "Answered"

• Restricting Users access to BW Query based on Criteria

  Hello  ,
  Haven't found much help with the security implementation documents , i have been given a objective to create Profiles/roles and which would be used only for reporting on 1 single Cube by users from multiple departments. 
  Create profile/Roles and provide access to users for Query ZREP_C0_1 .
  User belonging to comp_code1 & region4 & plant6 should be able to view only his data and none other  even if the user wishes to see Compcode2 & region3 & plant4. 
  ( Reporting with restrictions over the User authorizations  on Region/Compcode )
  Creating the Role has been the easy as it was just to provide access to the infoarea , cubes, infobjects , query and authorization objects to execute query.   However i am stuck on how to proceed further on the above scenario  regarding restricting the users.
  Your help is much appreciated .
  Regards
  Raja

  Hi Pratheesh,
  If you are going to use client authentication in SSL and if client authentication fails since not all users will have client cert provided by you, SSL handshake will not complete and hence no access. But this is a performance impacting option. Restricting access on FW would be a good option.
  During the flow of a normal SSL handshake, the server sends its certificate to the client. The client verifies the identity of the server through the certificate. However, the client does not send any identification of its own to the server. When you enable the client authentication feature on the ACE, the ACE requires that the client sends a certificate to the server. The server then verifies the following information on the certificate:
  The CA has not revoked the certificate.The certificate signature is valid. The valid period of the certificate is still in effect. A recognized CA issued the certificate.
  You can specify the certificate authentication group that the ACE uses during the SSL handshake and enable client authentication on this SSL proxy service by using the  authgroup command in SSL proxy configuration mode. The ACE includes the certificates configured in the group with the certificate that you specified for the SSL proxy service
  Regards,
  Kanwal