Changing users and groups settings without unlocking
I recently upgraded to Mountain Lion and have noticed that I can change the settings in preferences for Users and Groups without unlocking.
Should this be the case?
I tried what you suggested but there is no change.
Many Thanks
Similar Messages
-
Event ID 1085 on DC - Failed to Apply the Group Policy Local Users and Groups Settings
I have a domain with 2 DCs. The primary DC is running Server 2012 and is raising Event ID 1085 every 10 minutes and 20 seconds.
Windows failed to apply the Group Policy Local Users and Groups settings. Group Policy Local Users and Groups settings might have its own log file. Please click on the "More information" link.
System
- Provider
[ Name] Microsoft-Windows-GroupPolicy
[ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
EventID 1085
Version 0
Level 3
Task 0
Opcode 1
Keywords 0x8000000000000000
- TimeCreated
[ SystemTime] 2014-10-20T20:09:03.706992400Z
EventRecordID 130087
- Correlation
[ ActivityID] {FDDFB8C5-9ECF-41B9-B2B4-3AD0B345A37A}
- Execution
[ ProcessID] 1000
[ ThreadID] 3280
Channel System
Computer SERVER.DOMAIN.NAME
- Security
[ UserID] S-1-5-18
- EventData
SupportInfo1 1
SupportInfo2 4404
ProcessingMode 0
ProcessingTimeInMilliseconds 10343
ErrorCode 183
ErrorDescription Cannot create a file when that file already exists.
DCName \\SERVER.DOMAIN.name
ExtensionName Group Policy Local Users and Groups
ExtensionId {17D89FEC-5C44-4972-B12D-241CAEF74509}
Everything I look up for Event ID 1085 seems to be about a different cause.
Any ideas?I enabled tracing on a domain gpo and I still get the error when running gpupdate /force .
I'm also still getting Event 1085. Here's the trace file. I've anonymized the site/domain and the GUIDs.
2014-10-21 11:16:54.003 [pid=0x3e8,tid=0xcd0] Entering ProcessGroupPolicyExLocUsAndGroups()
2014-10-21 11:16:54.018 [pid=0x3e8,tid=0xcd0] SOFTWARE\Policies\Microsoft\Windows\Group Policy\{GUID-1}
2014-10-21 11:16:54.018 [pid=0x3e8,tid=0xcd0] BackgroundPriorityLevel ( 0 )
2014-10-21 11:16:54.018 [pid=0x3e8,tid=0xcd0] DisableRSoP ( 0 )
2014-10-21 11:16:54.018 [pid=0x3e8,tid=0xcd0] LogLevel ( 2 )
2014-10-21 11:16:54.018 [pid=0x3e8,tid=0xcd0] Command subsystem initialized. [SUCCEEDED(S_FALSE)]
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] Background priority set to 0 (Idle).
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ----- Parameters
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] CSE GUID : {GUID-1}
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] Flags : ( X ) GPO_INFO_FLAG_MACHINE - Apply machine policy rather than user policy
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( X ) GPO_INFO_FLAG_BACKGROUND - Background refresh of policy (ok to do slow stuff)
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_SLOWLINK - Policy is being applied across a slow link
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_VERBOSE - Verbose output to the eventlog
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_NOCHANGES - No changes were detected to the Group Policy Objects
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_LINKTRANSITION - A change in link speed was detected between previous policy application and current policy application
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_LOGRSOP_TRANSITION - A change in RSoP logging was detected between the application of the previous policy and the application of the current policy.
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( X ) GPO_INFO_FLAG_FORCED_REFRESH - Forced Refresh is being applied. redo policies.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_SAFEMODE_BOOT - windows safe mode boot flag
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_ASYNC_FOREGROUND - Asynchronous foreground refresh of policy
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Token (computer or user SID): S-1-5-18
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Abort Flag : Yes (0x313be090)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] HKey Root : Yes (0x80000002)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Deleted GPO List : No
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Changed GPO List : Yes
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Asynchronous Processing : Yes
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Status Callback : No (0x00000000)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] WMI namespace : Yes (0x32273740)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] RSoP Status : Yes (0x320cc7f4)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Planning Mode Site : (none)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Computer Target : No (0x00000000)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] User Target : No (0x00000000)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Calculated list relevance. [SUCCEEDED(S_FALSE)]
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ----- Changed - 0
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Options : ( ) GPO_FLAG_DISABLE - This GPO is disabled.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GPO_FLAG_FORCE - Do not override the settings in this GPO with settings in a subsequent GPO.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Options (raw) : 0x00000000
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Version : 19267878 (0x01260126)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] GPC : LDAP://CN=Machine,CN={GUID-2},CN=Policies,CN=System,DC=SITE,DC=DOMAIN
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] GPT : \\SITE.DOMAIN\sysvol\SITE.DOMAIN\Policies\{GUID-2}\Machine
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] GPO Display Name : Default Domain Policy
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] GPO Name : {GUID-2}
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] GPO Link : ( ) GPLinkUnknown - No link information is available.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GPLinkMachine - The GPO is linked to a computer (local or remote).
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GPLinkSite - The GPO is linked to a site.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( X ) GPLinkDomain - The GPO is linked to a domain.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GPLinkOrganizationalUnit - The GPO is linked to an organizational unit.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GP Link Error
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] lParam : 0x00000000
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] Prev GPO : No
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] Next GPO : Yes
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] Extensions : [{00000000-0000-0000-0000-000000000000}{GUID-3}][{GUID-1}{GUID-3}][{GUID-4}{GUID-5}{GUID-6}{GUID-7}{GUID-8}][{GUID-9}{GUID-10}][{GUID-11}{GUID-5}{GUID-6}]
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] lParam2 : 0x3146f978
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] Link : LDAP://DC=SITE,DC=DOMAIN
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] Purge GPH : C:\ProgramData\Microsoft\Group Policy\History\{GUID-2}\Machine\Preferences\Groups\Groups.xml
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] Read GPE XML data file (592 bytes total).
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ----- Changed - 1
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Options : ( ) GPO_FLAG_DISABLE - This GPO is disabled.
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ( ) GPO_FLAG_FORCE - Do not override the settings in this GPO with settings in a subsequent GPO.
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Options (raw) : 0x00000000
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Version : 1245203 (0x00130013)
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] GPC : LDAP://CN=Machine,CN={GUID-12},CN=Policies,CN=System,DC=SITE,DC=DOMAIN
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] GPT : \\SITE.DOMAIN\sysvol\SITE.DOMAIN\Policies\{GUID-12}\Machine
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] GPO Display Name : Default Domain Controllers Policy
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] GPO Name : {GUID-12}
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] GPO Link : ( ) GPLinkUnknown - No link information is available.
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ( ) GPLinkMachine - The GPO is linked to a computer (local or remote).
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ( ) GPLinkSite - The GPO is linked to a site.
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ( ) GPLinkDomain - The GPO is linked to a domain.
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ( X ) GPLinkOrganizationalUnit - The GPO is linked to an organizational unit.
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ( ) GP Link Error
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] lParam : 0x00000000
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Prev GPO : Yes
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Next GPO : No
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Extensions : [{00000000-0000-0000-0000-000000000000}{GUID-3}][{GUID-1}{GUID-3}][{GUID-9}{GUID-10}]
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] lParam2 : 0x324e8198
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Link : LDAP://OU=Domain Controllers,DC=SITE,DC=DOMAIN
2014-10-21 11:16:54.127 [pid=0x3e8,tid=0xcd0] Purge GPH : C:\ProgramData\Microsoft\Group Policy\History\{GUID-12}\Machine\Preferences\Groups\Groups.xml
2014-10-21 11:16:54.127 [pid=0x3e8,tid=0xcd0] Read GPE XML data file (592 bytes total).
2014-10-21 11:16:54.143 [pid=0x3e8,tid=0xcd0] Completed get next GPO. [SUCCEEDED(S_FALSE)]
2014-10-21 11:16:54.143 [pid=0x3e8,tid=0xcd0] WQL : SELECT * FROM RSOP_PolmkrSetting WHERE polmkrBaseCseGuid = "{GUID-1}"
2014-10-21 11:16:54.143 [pid=0x3e8,tid=0xcd0] Purged 2 old RSoP entries.
2014-10-21 11:16:54.143 [pid=0x3e8,tid=0xcd0] Logging 2 new RSoP entries.
2014-10-21 11:16:54.159 [pid=0x3e8,tid=0xcd0] RSoP Entry 0
2014-10-21 11:16:54.174 [pid=0x3e8,tid=0xcd0] RSoP Entry 1
2014-10-21 11:16:54.174 [pid=0x3e8,tid=0xcd0] Completed get GPO list. [SUCCEEDED(S_FALSE)]
2014-10-21 11:16:54.174 [pid=0x3e8,tid=0xcd0] IsRsopPlanningMode() [SUCCEEDED(S_FALSE)]
2014-10-21 11:17:04.252 [pid=0x3e8,tid=0xcd0] Completed settings update (csePostProcess). [ hr = 0x800700b7 "Cannot create a file when that file already exists." ]
2014-10-21 11:17:04.252 [pid=0x3e8,tid=0xcd0] Completed CSE post-processing. [ hr = 0x800700b7 "Cannot create a file when that file already exists." ]
2014-10-21 11:17:04.267 [pid=0x3e8,tid=0xcd0] Leaving ProcessGroupPolicyExLocUsAndGroups() returned 0x000000b7 -
User and group settings are not pushed
Hello,
I am just setting up a Mavericks environment including Server.app and I am facing a problem that I could not solve up to now.
None of my profile manager settings for users or groups are pushed to the mobile users on my client computer. The device registration worked without problem and also the computer settings are pushed but not the ones for user and group settings.
In my productive mountain lion environment this is no problem.
Is there any was to force the settings update for users as it is possible for computers?
Any hints are appreciated
MichaelI too am having this issue.. I had my school environtment running great on 10.8... then we had to upgrade the server to 10.9 to use the new volume purchashing stuff with ipads.. now this 10.9 has broken all my previous macbooks in the school... I can enroll, install certs, and some networks stuff but the main group with all the macbooks and restrictions will not push... it even removed them from the machiens that were working with 10.8... very big issue.. apple needs to help?
-
Change User and Group to Nobody
If I were to change the User and Group (in httpd.conf) to Nobody, what should I do? Is there any other setting that I need to change?
I'm on AIX5.2. Both user and group nobody are exist.
There is a note in the httpd.conf file on the user/group setting as below. What does it mean? Thanks.
# NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
# when the value of (unsigned)Group is above 60000;
# don't use Group nobody on these systems! -
I jumped on my parents computer, which is on a domain. I added a new local user(with my live.com login) and gave it admin status. That's when the trouble began.
The main user profile disappeared. I used the command prompt fix (see other fixes) to add the missing user back into admin. I logged back in, and it set up the account for the first time (WTF?). I cannot access any files from the main account
(that I logged into just fine before to get this debacle started.)
When going to Local Computer Management --> System Tools, my users and groups tool is missing.
I ran lusrmgr.msc only to find out that the most current version of Windows 8.1 and this is what it said "This snapin may not be used with this edition of Windows 8.1. To manage user accounts for this computer, use the User Accounts tool in the
Control Panel." <---- Awesome! (that was sarcasm.)
I have spent over two hours in the User Account tool during the course of this problem only to prove that a picture of a computer is more useful that that "tool".
To anyone reading this ticket, the best advice I can offer you (as long as its not a crucial machine) is to back up what you can gain access to, format your hard-drive and reinstall windows and start over again. I wouldn't recommend reinstalling 8.1,
I would say go back to 7 and wait until 10 comes out. Windows 8 is the new Vista. Good luck!Hello AhavahOlam,
I can understand your feelings.
If my understanding is right, after adding a new local user in domain-joined Windows 8.1, you can’t open the local users and groups.
Can you still add account by going to Control Panel\User Accounts and Family Safety\User Accounts\Manage Accounts?
As this computer is domain-based, it is recommended to contact the domain administrator to see if the option is blocked.
Best regards,
Fangzhou CHEN
Fangzhou CHEN
TechNet Community Support -
How to change default /Users and /Groups to different Volume?
Users are created in /Volumes/<boot>/Users and groups in /Volumes/<boot>/Groups.
We need these to be created on a different volume, eg., /Volumes/External/Users, and /Volumes/External/Groups.
Setup Assistant correctly put user Backups into */Volumes/External/Shared Items/Backups* and also correctly put web services on /Volumes/External/ServiceData -- we want to do the same for Groups and Users.
Groups are the most critical, as the group needs bulk storage. Users we could leave as is if it can't be done.
How can this be configured? We've read File Server Admin, Open Directory Admin, and Advanced Server admin from http://www.apple.com/server/macosx/resources/documentation.html without finding an answer.
Thanks in advance.1. Create new folders on the external volume to hold users and groups, but to prevent confusion name them something other than "Users" and "Groups". /Volumes/External/NetUsers and /Volumes/External/NetGroups would be reasonable choices.
2. Share both of these folders (in Server Admin -> server name in sidebar -> File Sharing -> Volumes & Browse modes -> select each folder -> click Share near the top right).
3. Enable both folders for automounting on clients (Server Admin -> server name in sidebar -> File Sharing -> Share Points-> select each folder -> Share Point tab under that -> Enable Automount option) with the default options (Directory: /LDAPv3/127.0.0.1, Protocol: AFP, Use for: User home folders and group folders). Be sure to click Save (not just OK in the dialog).
4. To migrate users, run Workgroup Manager, and change the home location for the users you want to move (select Accounts in the toolbar -> /LDAPv3/127.0.0.1 from the hidden pop-up menu under that -> User icon tab at the left -> select the user(s) you want to change -> Home tab on the right -> select the NetUsers option from the "Where" list). Then, for each user, run this command on the server: "sudo cp -Rp /Users/username /Volumes/External/NetUsers".
5. Similarly, move Group folders in WGM (Accounts -> /LDAP... -> Groups icon on left -> select groups to move -> Group Folder tab on right -> NetGroups in the list). Then, for each group, run "sudo cp -Rp /Groups/groupname /Volumes/External/NetGroups".
6. Test to make sure all is working before deleting the old user and group folders from /Users and /Groups (do NOT delete /Users and /Groups themselves, just the individual folders from under them). -
in system settings 15 item are not accessible, get the message: cannot open it, is not possible on intel based MAC. Items like security, iCloud user and groups network and more.
Genius bar told me to erase the harddisk and install OSX Maverick again. This has not changed the problems with the system settingsYou need to Repartition the drive as One partition which will erase all data from it and then reinstall OS X. then with the initial setup system you chose the language on the first screen that comes up. That sets the language for the whole system.
There is no other way of completely removing certain information created by a previous owner. this hold strue whether you are selling or give a Mac to someone.
To do the repartitioning you need to use the Online Internet Recovery system, if the Mac came with Lion 10.7 or above, or from the original system reinstall discs that came with it when it was new. -
Impossible to unlock network-admin, services, users and groups
Hi all,
it is impossible to unlock network-admin, services, users and groups in gnome.
Suggestions or ideas?
Thanks in advance
Greetsalessandro_ufms wrote:
xaiviax wrote:Just fyi, rebuilding system-tools-backends with ABS does not fix issue for me.
Are you put your login user on group stb-admin, put stbd in DAEMONS on rc.conf and restart the computer?
yes, although didn't have stbd in DAEMONS before (worked fine), still didn't fix issue. Been watching this thread, just downgraded package again, works great. I'd rather not downgrade on principal, but that the only thing that works for me currently, so... -
Mount usb with fstab, users and groups.
This is my fstab file.
UUID=5d0339ca-83ab-4ce6-9dff-ed407fc3c5e0 / ext4 rw,relatime,data=ordered 0 1
# /dev/sda2
UUID=75552890-f5f6-4472-bef4-37965baf2dac /home ext4 rw,relatime,data=ordered 0 2
# samsung1tb
UUID=15957579-4fa5-4726-815c-d9762f584120 /home/spiritech-ext ext4 rw,relatime,data=ordered 0 2
# corsair8gb
UUID=75602c63-1935-4ed9-8401-6dd2a7853878 /home/corsair8gb ext4 rw,users,relatime,noauto 0 0
my problem is when i mount the usb /home/corsair8gb the users and groups become root. is this normal for usb drives. it does not happen when the samsung1tb is mounted, so was wondering how i can mount the corsair8gb without changing the users and groups of the directory i mount it to???
NOTE: /home/corsair8gb directory user is myusername and group is users when device is not mounted.rebootl wrote:
Have you tried the option user instead of users? It's not exactly the same.
Edit: To enforce it you can also set the user/group id by uid=<youruserid>,gid=<yourgroupid> .
Note that these are numbers, to find them e.g. issue "id" in a terminal.
ok i will try this way. i did try before. didnt realise it was with codes. -
Huge list of Groups in Users and Groups
I just upgraded SL to ML. I've been learning and setting things up.
I use the machine as a standard user and I have a "silent" admin user, too.
I was wondering if anyone has come across this? I went into System Preferences and noticed that there was a HUGE list of Groups. Some had "logical" names like admin server, etc. The list was super long. Some of the name were strange, like "umbg" I have no idea how they got there. And, searching here, and googling doesn't give me any info.
I don't know how all these groups got there. I did not add a single one.
I did make a mistake, because I deleted them all and then ML made my admin user a standard user and I could not unlock System Preferences, or use my password anywhere. ugh.
I tried finding a way to fix it, but I ended up just using Restore from disk utility. no worries, didn't have that much going on, yet.
Is it normal to have a list of groups that you did not create? Does ML just create groups in your Users and Groups list??
How do I take care of it if it happens again? Can some be deleted? If so, which ones? What are they for?
Thanks for any help with this.Okay, I did do the restore.
And, the groups were not there.
So, first off, I opened TinkerToolSystem and went through all thes options. I found one: Show Groups in users and groups. I made sure it was not checked. Hopefully, it will not repopulate.
Then I remembered something. I did download Onyx. I was just looking for a way to change something simple. Mostly, I just looked around, didn't click on buttons, etc. But, Onyx may have change this setting (or me using Onyx inadvertently). Whichever, whatever, I've used TinkerToolSystem for years and it's always worked so well. I think I'm sticking with it and not install Onyx - which I had to go through the Gatekeeper exception deal... so it makes me nervous.
I'll post back if further issues with this. -
How to reset users and groups in Server.app?
Recently after change settings in the Server.app (like turn off/on open directory, delete/add certificates), I got a strange problem:
In the users and groups list, it display all local users and groups (looks like system users and groups, about 100 users and groups, but this is a new server)
I tried reset the server.app by following
howto reinstall/reinitialize os x server
http://support.apple.com/kb/HT200271?viewlocale=en_US
These users and groups still showing there.
Have you seen this before and how can I completely reset the server.app to factory default so that I can start over the set up?In theory, that should restore the users. You can do some surgery if you are really brave. But the reinstall generally should be enough.
These accounts are in the DSLocal data store. Basically, this is very similar to the any OS X machine. Apple keeps a default copy of the Local Database here:
/System/Library/DirectoryServices/DefaultLocalDB/Default
Should you need to reset a machine to the default local database, you can remove the current database (/var/db/dslocal/nodes/Default) and then copy the default one to the same location. I would not go this far unless the reinstall was unsuccessful.
To check, you can run this command:
dscl . list /Users
That will list all the Users in the local DB. To get a count, pipe to wc
dscl . list /Users | wc -l
On a Server that I just jumped on, I see 79 users and 111 groups (dscl . list /Groups | wc -l) But this is a system will man SACL groups so I likely have more than the default.
Hope this continues to help. Probably more info that you want.
Reid
Apple Consultants Network
Author "Mavericks Server – Foundation Services" :: Exclusively available in Apple's iBooks Store
Author "Mavericks Server – Control and Collaboration" :: Exclusively available in Apple's iBooks Store -
Hello, i´ve some problems using task worker control.
Some times my application shows an Error, and sometimes, (without code or configuration
change) doesn´t. The user "prueba" belongs to "TaskCreators" group (is logged
at error time).
This is the error, all of it shown at same time:
<Oct 31, 2003 11:13:37 AM GMT-05:00> <Error> <WLI-Worklist> <BEA-610030> <The
parameter prueba is an Invalid WLS user and group.>
<Oct 31, 2003 11:13:37 AM GMT-05:00> <Error> <WLI-Worklist> <BEA-610030> <The
parameter prueba is an Invalid WLS user and group.>
<Oct 31, 2003 11:13:37 AM GMT-05:00> <Error> <WLI-Worklist> <BEA-610066> <You
must be in the worklist admin role or task owner or the task claimant or in the
assignee list to perform this operation.
<Oct 31, 2003 11:13:37 AM GMT-05:00> <Warning> <WLW> <000000> <Id=top-level; Method=common.control.Tareas.getTaskInfo();
Failure=com.bea.control.ControlException: Error in the worklist control[0]>
[cgr] Unhandled exception caught in Global.app:
java.rmi.RemoteException: EJB Exception: ; nested exception is:
com.bea.control.ControlException: Error in the worklist control[0]
at weblogic.ejb20.internal.EJBRuntimeUtils.throwRemoteException(EJBRuntimeUtils.java:103)
at weblogic.ejb20.internal.BaseEJBHome.handleSystemException(BaseEJBHome.java:295)
at weblogic.ejb20.internal.BaseEJBObject.postInvoke(BaseEJBObject.java:253)
at weblogic.ejb20.internal.StatelessEJBObject.postInvoke(StatelessEJBObject.java:141)
at com.bea.wlw.runtime.core.bean.SyncDispatcher_k1mrl8_EOImpl.invoke(SyncDispatcher_k1mrl8_EOImpl.java:110)
at com.bea.wlw.runtime.core.dispatcher.ServiceHandleImpl.invoke(ServiceHandleImpl.java:285)
at com.bea.wlw.runtime.core.dispatcher.WlwProxyImpl.invoke(WlwProxyImpl.java:240)
at $Proxy8.getTaskInfo(Unknown Source)
... 100 more
Caused by: java.lang.ArrayIndexOutOfBoundsException: 0
at com.bea.wli.worklist.control.TaskWorkerControlHelper.invoke(TaskWorkerControlHelper.java:645)
... 64 moreHas anybody got the solution for this problem? We have exactly the same problem.
Any suggestions to solve this problem will be appreciated.
thanks,
Jin,
"Leonardo Contreras" <[email protected]> wrote:
>
Hello, i´ve some problems using task worker control.
Some times my application shows an Error, and sometimes, (without code
or configuration
change) doesn´t. The user "prueba" belongs to "TaskCreators" group (is
logged
at error time).
This is the error, all of it shown at same time:
<Oct 31, 2003 11:13:37 AM GMT-05:00> <Error> <WLI-Worklist> <BEA-610030>
<The
parameter prueba is an Invalid WLS user and group.>
<Oct 31, 2003 11:13:37 AM GMT-05:00> <Error> <WLI-Worklist> <BEA-610030>
<The
parameter prueba is an Invalid WLS user and group.>
<Oct 31, 2003 11:13:37 AM GMT-05:00> <Error> <WLI-Worklist> <BEA-610066>
<You
must be in the worklist admin role or task owner or the task claimant
or in the
assignee list to perform this operation.
<Oct 31, 2003 11:13:37 AM GMT-05:00> <Warning> <WLW> <000000> <Id=top-level;
Method=common.control.Tareas.getTaskInfo();
Failure=com.bea.control.ControlException: Error in the worklist control[0]>
[cgr] Unhandled exception caught in Global.app:
java.rmi.RemoteException: EJB Exception: ; nested exception is:
com.bea.control.ControlException: Error in the worklist control[0]
at weblogic.ejb20.internal.EJBRuntimeUtils.throwRemoteException(EJBRuntimeUtils.java:103)
at weblogic.ejb20.internal.BaseEJBHome.handleSystemException(BaseEJBHome.java:295)
at weblogic.ejb20.internal.BaseEJBObject.postInvoke(BaseEJBObject.java:253)
at weblogic.ejb20.internal.StatelessEJBObject.postInvoke(StatelessEJBObject.java:141)
at com.bea.wlw.runtime.core.bean.SyncDispatcher_k1mrl8_EOImpl.invoke(SyncDispatcher_k1mrl8_EOImpl.java:110)
at com.bea.wlw.runtime.core.dispatcher.ServiceHandleImpl.invoke(ServiceHandleImpl.java:285)
at com.bea.wlw.runtime.core.dispatcher.WlwProxyImpl.invoke(WlwProxyImpl.java:240)
at $Proxy8.getTaskInfo(Unknown Source)
... 100 more
Caused by: java.lang.ArrayIndexOutOfBoundsException: 0
at com.bea.wli.worklist.control.TaskWorkerControlHelper.invoke(TaskWorkerControlHelper.java:645)
... 64 more -
Manage users and groups on 10.5 client like 10.5 server?
can anyone recommend software for managing local users and groups on 10.5 client? we only need filesharing and don't need the added expense of OS X Server.
thanksoh, right. we can add users with the File Sharing pref pane and can add groups under the Accounts pref pane.
i'm assisting a friend reconfigure a 'server' (os x client box) that was damaged.
i'd like to create a new group and then add a handful of users to that group for filesharing. these users don't really need to access the mac for local login.
they are using Windows Vista from the clients and the way it's set up now, if a user connects and modifies/creates a file, no one else can then modify the file. we have to run chmod on the file/directory for everyone to be able to change it. i'd like to configure it so the permissions work correctly without having to do this. -
How to do a Clean Install (Don't preserve users and network settings)
I'd like to make a clean install of Snow Leopard -- but NOT erasing the whole drive and NOT migrating/preserving my users and network settings.
I have a bunch of applications and huge data sets (about 40G) on the boot drive that I don't want to go through the trouble of reinstalling or backing up, and that do not install Application Support folders and the like. I'd like to keep them, as well as migrate files like fonts and preferences over manually. Thus I don't want to format in disk utility and install.
I seem to remember there was the option in Tiger (Leopard maybe?) to Archive and Install Without Preserving anything, such as network settings, users, extensions and preferences. It would leave a completely fresh System, and a Previous System where I could manually migrate over everything I wanted to keep.
Is this possible in Snow Leopard?
Thanks.Let me clarify.
Snow Leopard does an Archive and Install, BUT it PRESERVES Users and Settings. The default install "upgrades in place".
I have been having all sorts of weird crashes and hangs on my Leopard install and i want a fresh, not upgraded install.
I WANT to keep my old Leopard system so I can manually transfer over fonts, files, and applications.
I WANT an upgrade that DOES NOT preserve Preferences, Application Settings, extensions, etc. etc. etc.
But, I do NOT want to have to completely format and install, because that would involve burning approximately 60G of files and applications to DVD-Rs and copying them back.
Thanks.
Message was edited by: J Law -
Dear readers and admins
My question is about the "correct" setting of the user and group rights, so the following is possible. It relates to Server 10.3 and to 10.4.
Requirements:
Group 1 = "Regular user"
Group 2 = "Administration, Accounting"
User 1 and 2 belong to Group 1, users 3 and 4 belong to Group 2.
User 1 & 2 must have read/write access to files and folders in Group 1, but may not have access to files and folders of Group 2.
User 1 & 2 must be in a position of creation and deletion of file and directory of Group 1, as if they were their own files and directories. I.e. User 2 must be in a position to delete or change files and directories that an other user of Group 1 has created.
User 3 & 4 must have read and write access to files and directories of Group 1 & 2. They must be able to creating and changing such files and directories, as if they were their own files and directories. I.e. User 3 & 4 must be able to create and change files and directories which belong to user 1 & 2.
As I understand it, this can be achieved with ACL's under Server 10.6.
Am I right?
What would such a structure look like with ACL's?
I unfortunately don't have a server 10.6 running, as, down due to technical problems, my server is down.
Thank you in advance for your help.
All a happy new year.
Regards
Thomas ThalerYes - and it's pretty easy.
1. You would create whatever share points you would like (very easy to do)
2. You would make sure in Workgroup Manager you have the users assigned to the correct groups that you discussed.
3. On the folders for Group 1 you would add ACL permissions of Full Control for Group 1 and Full Control for Group 2.
4. On the folders for Group 2 you would add an ACL permission of Full Control for Group 2.
Maybe you are looking for
-
IWork (Pages) does not work after last system update!
since some days (after last system update) iWork programms are not starting any more! macosx 10.7.5 new update solution atemd: cancel p-ram and p-list, re-installing iwork from DVD and update it from http://support.apple.com/kb/DL1563 macbookpro 2.53
-
File port query File transfer from SAP R/3 to Webmethods using Unix Script
SAP drops the files in the /sapio/ directory and triggers an unix script using File port partner destination. Unix script will perform a secure copy of files to Webmethods server. If in unix script, error occurs then an RFC function will be called to
-
I'm trying to sync my iphone in IPhoto. I get this message "your MobileMe account information is not correct". "The provided login or password is not valid." when I click on the "Open MobileMe Preferences" button, it doesn't take me there. Help plea
-
how to configure automatic purchase order based on purchase requisition can anyone explain step by step. Failed to search properly. Locked. Edited by: Csaba Szommer on Apr 22, 2011 7:54 AM
-
I have this pic that shows what my screen is doing from time to time and i have to sleep it to make it normal again. have no idea what it is and would love to get some light on what it could be and what it is , or if its fixable, When i take a Screen