Create user-only directory

Hi guys,
I've got an administrator account on my mini, and my colleague has got a standard (non-admin) account. He would like to create a directory on the external HD that only he could access, i.e. no access for me, the admin. But we dont know how to do that. No matter what we do, I (the admin) can always read&write in that directory when I'm logged in into my account. Any ideas?
Thanks in advance
Alex

this is not really possible. an administrator has full control over a computer and can change access to anything if he/she wants to.
You can of course, set the permissions on that folder as you like them but an admin will always be able to change them.
the only way to hide something from an admin is to put it inside an encrypted disk image. you can create one with disk utility.
BTW, I would suspect that you have ownership turned off on the external which is why you always have read+write privileges. select it enter command+I and in the resulting popup window see if the box at the bottom "ignore ownership on this disk" is checked.

Similar Messages

  • Automatically create users in SharePoint based on Active Directory OU

    Hi,
    This is one of our client's requirements.
    Is it possible to automatically create a user in SharePoint and assign him/her read privileges on the portal when ever a new user is created in Active Directory?
    To re-iterate the above question in a different way; when a new employee joins the organization, a user is created in the Active Directory OU. Is it possible to automatically create this user in SharePoint without any manual intervention?
    If yes, how? Is it a third party synchronization tool or does SharePoint has a sync feature / service?
    Thank you,
    Regards,
    Gagandeep Singh
    My CRM blog |
    My SharePoint blog

    Hi,
    user profile synchronization is responsible for that, once user are created in active directory you have syn service running on certain schedule and all users are grabbed the only left step is to either grant permission on SharePointor you have a generic
    access to grant to all authenticated users or certain active directory groups that the user is assigned to
    More about user profile :
    https://technet.microsoft.com/en-us/library/ee721049.aspx
    http://social.technet.microsoft.com/wiki/contents/articles/12545.sharepoint-2013-setting-up-user-profile-synchronization-12.aspx
    https://technet.microsoft.com/en-us/library/ff382639.aspx
    http://blog.sharedove.com/adisjugo/index.php/2012/07/23/setting-user-profile-synchronization-service-in-sharepoint-2013/
    Kind Regards,
    John Naguib
    Senior Consultant
    John Naguib Blog
    John Naguib Twitter
    Please remember to mark this as answered if it helped you

  • Creating users in Active Directory through LDAP connector

    Hello,
    If we need to create users in Active directory using LDAP connector, what are the options for the following:
    1) Update back into SAP from AD. LDAP connector updates only in one direction i.e from SAP to Active directory.
    2) Can we add additional fields in LDAPMAP which are not standard e.g can we we write our own code to extract data from HR to map the value with an attritube within Active directory?
    Regards,
    Ahmad

    Hello!
    I noticed the email in my inbox and understand the reason for deleting it - checked the rules again - no problem with that.
    Here is the posting again - sanitized this time.
    You can create users in LDAP/AD from SAP without a problem. SAP provides function modules to create/maintain/delete users with LDAP attributes in the correct ou path.
    You can also perform group membership assignment in LDAP from SAP if needed.
    I have done this quite a few times at different companies that use SAP HCM.
    A userid in SAP is created automatically during hiring action with default password e.g. birthday of employee and certain authorization roles based on configured information.
    The userid is then created right away in LDAP in the correct ou path (controlled via custom configuration table) and LDAP group membership is assigned.
    A job runs every 8 hours to perform delta updates in LDAP.
    The userid in SAP and LDAP are locked automatically if the user is terminated using termination action in HR.

  • Can't create blogs for users created in LDAP directory

    I have an LDAP directory set up on an Open Directory Master and use it for user management. I want to allow users to create blogs off of the main web site. However, when I try to create a blog, it won't authenticate to any of the LDAP users, only the local user (of which the administrator account for the server is the only one).
    LDAP directory users can access their personal websites, though (http://mydomain/~user).
    Does anyone have any ideas how I can get the blog portion of the web site to allow my LDAP users to create a blog?
    Thanks.

    Sorry, I should have mentioned I am using Leopard Server (10.5.5).

  • "The CREATE USER statement must be the only statement in the batch" in SQL Azure - why? what to do?

    I'm getting an error on a line in the middle of a larger sql script, only in SQL Azure.
    IF NOT EXISTS (SELECT * FROM sys.database_principals WHERE name = N'foouser')
    CREATE USER [foouser] FOR LOGIN [foouser] WITH DEFAULT_SCHEMA=[dbo]
    GO
    Error: "The CREATE USER statement must be the only statement in the batch."
    I don't actually understand what 'the only statement in the batch' means.
    What is a batch? Is it a SQL file? Is it related to a 'GO' statement or an 'IF' statement? What is the reason for the error? And how do I avoid it?
    Thanks,
    Tim

    >IF...ELSE imposes conditions on the execution of a Transact-SQL statement
    I understand the general purpose of an If statement. I could let go of our definition of statement counting disagreeing too except that because of the error I'm stuck.
    It's less important for Create User but what I am really puzzled over now is a very similar issue how am I supposed to do a safe version of CREATE LOGIN, when I don't know whether a login has been previously created on the server or whether I
    am setting up the database on a clean server?
    IF NOT EXISTS (SELECT * FROM sys.server_principals WHERE name = N'foouser')
    CREATE LOGIN [foouser] WITH PASSWORD = 'asdfasdf'
    GO
    If I try and execute this script, it throws the same error as above.
    The first unworkable workaround idea is to omit the if statement
    CREATE LOGIN [foouser] WITH PASSWORD = 'asdfasdf'
    GO
    But if the login already exists on the server (because a similar script was already run), then the script throws an error.
    The second unworkable workaround idea is to do
    DROP LOGIN [foouser]
    GO
    CREATE LOGIN [foouser] WITH PASSWORD = 'asdfasdf'
    GO
    Obviously this throws an error in the second block if the login doesn't already exist on the server.
    The third workaround idea I have is to go conditional by putting an IF condition around DROP instead of CREATE:
    Unfortunately that doesn't work for me either!
    "The DROP LOGIN statement must be the only statement in the batch"
    (This is despite the fact that 'drop login' is listed on the
    supported commands page, not the partially supported page..?! Which disagrees with the notes on
    this page.)
    Anyway the real question I am interesting in addressing is: is there actually a way to have a 'Create/Delete login
    if exists' operation which is SQL-Azure compatible and doesn't throw me error messages (which messes with the sql execution tool I am using)?
    If there is no way, I would like to believe it's because it would be a bad idea to do this. But in that case why is it a bad idea?
    Tim

  • Why can't a new folder be created within my user home directory when using 'Save As' in Mountain Lion?

    Hi,
    So I want to create a new folder within my main user home directory (not the root directory) just for my developer-related files? I can do this from Finder, although it does prompt me for my password to do so. However, when using 'Save As' from any app, the 'New Folder' button is greyed out when I select my user home directory. So I have to create the folder in Finder then Save As.
    Is this normal behavior? Is OSX discouraging me from adding things to my user home directory by making it less convenient? Is there a good reason it would be discouraging me from creating new folders there? If not, is there a setting that I can change to allow the creation of new folders from the Save As prompt?
    Thanks for your help,
    B

    You may need to rebuild permissions on your user account. To do this,boot to your Recovery partition (holding down the Command and R keys while booting) and open Terminal from the Utilities menu. In Terminal, type:  ‘resetpassword’ (without the ’s), hit return, and select the admin user. You are not going to reset your password. Click on the icon for your Macs hard drive at the top. From the drop down below it select the user account which is having issues. At the bottom of the window, you'll see an area labeled Restore Home Directory Permissions and ACLs. Click the reset button there. The process takes a few minutes. When complete, restart.   
    Repair User Permissions

  • How to create User in the specific group in Microsoft Active Directory

    Hi,
    I am using Nestcape LDAP, and want to create user in the user defined group. I have created a new user group "TestUsers" in the "Users" container of Active Directory, I want to add the new user to Test Users group But my problem is that whenever I create a new user
    it get added to Domain Users group.
    I tried adding memberOf attribute with value "TestUsers"
    attr = new LDAPAttribute("memberOf", "TestUsers");          
    attrs.add(attr);
    It gives me following error :
    code= 53 Exception 0000209A: SvcErr: DSID-031A0D6F, problem 5003 (WILL_NOT_PERFORM), data 0
    Following is the code I am using.
    public LDAPResult createUserID(
    String userId,
    String pwd,
    String pId,
    boolean resetonLogOn,
    LDAPConnection ldCon) {
    boolean flag = false;
    int code=0;
    try {
    String pwdLastSetVal;
    String desName;
    String desc;
    /* Specify the DN of the new entry. */
    String dn =
    "CN=" + userId + ",CN=" + this.container + "," + this.baseDN; // container = "Users"
    /* Create and add attributes to the attribute set. */
    String objectclass_values[] =
    { "top", "person", "organizationalPerson", "user" };
    // LDAPEntry findEntry=null;
    /* Create a new attribute set for the entry. */
    LDAPAttributeSet attrs = new LDAPAttributeSet();
    /* Attribute sAMAccountName */
    LDAPAttribute attr = new LDAPAttribute(LDAP_SAM_KEY, userId);
    attrs.add(attr);
    /* Attribute unicodePwd */ // LDAP_PASSWORD_KEY = "unicodePwd"
    attr =
    new LDAPAttribute(
    LDAP_PASSWORD_KEY,
    (byte[]) this.encodePassword(pwd));
    attrs.add(attr);
    /* Attribute Display Name */
    desName = userId + ":" + pId;
    //desName = userId ;
    attr = new LDAPAttribute(LDAP_DIS_NAME_KEY, desName);
    attrs.add(attr);
    /** Attribute userAccountControl to enable the userid.
    attr = new LDAPAttribute(LDAP_ACCOUNT_KEY, LDAP_ACCOUNT_EN_VAL); // LDAP_ACCOUNT_EN_VAL= "548"
    attrs.add(attr);
    /* Attribute pwdLastSet to reset the password on first logon*/
    if (resetonLogOn == true) {
    pwdLastSetVal = "0";
    } else {
    pwdLastSetVal = "-1";
    attr = new LDAPAttribute(LDAP_RESET_KEY, pwdLastSetVal);
    attrs.add(attr);
    /* Attribute Description */
    desc = " Account Created by HelpNow App";
    attr = new LDAPAttribute(LDAP_DESC_KEY, desc);
    attrs.add(attr);
    /* Attribute objectclass */
    attr = new LDAPAttribute("objectclass", objectclass_values);
    attrs.add(attr);
    attr = new LDAPAttribute("memberOf", "TestUsers");          
    attrs.add(attr);
    /* Create an entry with this DN and these attributes . */
    LDAPEntry myEntry = new LDAPEntry(dn, attrs);
    /* Add the entry to the directory. */
    ldCon.add(myEntry);
    flag = true;
    }catch (LDAPException e) {
    flag = false;
    code=e.getLDAPResultCode();
    }catch (Exception e) {
    flag = false;
    code=LDAPException.OTHER;
    }finally {
    ldaprs.flag=flag;
    ldaprs.code=code;
    return ldaprs;
    }

    Refer to the post titled "JNDI, Active Directory and Group Memberships" available at http://forum.java.sun.com/thread.jspa?threadID=581444&tstart=150

  • How to create user in specific user group in Microsoft Active Directory ?

    Hi,
    I am using Nestcape LDAP, and want to create user in the user defined group. I have created a new user group "TestUsers" in the "Users" container of Active Directory, I want to add the new user to Test Users group But my problem is that whenever I create a new user
    it get added to Domain Users group.
    Following is the code I am using which adds user to default group Domain Users.
    public LDAPResult createUserID(
    String userId,
    String pwd,
    String pId,
    boolean resetonLogOn,
    LDAPConnection ldCon) {
    boolean flag = false;
    int code=0;
    try {
    String pwdLastSetVal;
    String desName;
    String desc;
    /* Specify the DN of the new entry. */
    String dn =
    "CN=" + userId + ",CN=" + this.container + "," + this.baseDN; // container = "Users"
    /* Create and add attributes to the attribute set. */
    String objectclass_values[] =
    { "top", "person", "organizationalPerson", "user" };
    // LDAPEntry findEntry=null;
    /* Create a new attribute set for the entry. */
    LDAPAttributeSet attrs = new LDAPAttributeSet();
    /* Attribute sAMAccountName */
    LDAPAttribute attr = new LDAPAttribute(LDAP_SAM_KEY, userId);
    attrs.add(attr);
    /* Attribute unicodePwd */ // LDAP_PASSWORD_KEY = "unicodePwd"
    attr =
    new LDAPAttribute(
    LDAP_PASSWORD_KEY,
    (byte[]) this.encodePassword(pwd));
    attrs.add(attr);
    /* Attribute Display Name */
    desName = userId + ":" + pId;
    //desName = userId ;
    attr = new LDAPAttribute(LDAP_DIS_NAME_KEY, desName);
    attrs.add(attr);
    /** Attribute userAccountControl to enable the userid.
    attr = new LDAPAttribute(LDAP_ACCOUNT_KEY, LDAP_ACCOUNT_EN_VAL); // LDAP_ACCOUNT_EN_VAL= "548"
    attrs.add(attr);
    /* Attribute pwdLastSet to reset the password on first logon*/
    if (resetonLogOn == true) {
    pwdLastSetVal = "0";
    } else {
    pwdLastSetVal = "-1";
    attr = new LDAPAttribute(LDAP_RESET_KEY, pwdLastSetVal);
    attrs.add(attr);
    /* Attribute Description */
    desc = " Account Created by HelpNow App";
    attr = new LDAPAttribute(LDAP_DESC_KEY, desc);
    attrs.add(attr);
    /* Attribute objectclass */
    attr = new LDAPAttribute("objectclass", objectclass_values);
    attrs.add(attr);
    /* Create an entry with this DN and these attributes . */
    LDAPEntry myEntry = new LDAPEntry(dn, attrs);
    /* Add the entry to the directory. */
    ldCon.add(myEntry);
    flag = true;
    }catch (LDAPException e) {
    flag = false;
    code=e.getLDAPResultCode();
    }catch (Exception e) {
    flag = false;
    code=LDAPException.OTHER;
    }finally {
    ldaprs.flag=flag;
    ldaprs.code=code;
    return ldaprs;
    }

    Refer to the post titled "JNDI, Active Directory and Group Memberships" available at http://forum.java.sun.com/thread.jspa?threadID=581444&tstart=150

  • Create Read Only User in Oracle 10.2.0.4

    Hi., Friends,
    I want to create an user in Oracle 10.2.0.4 with read only rights of my hole database. I am not having Enterprise Manager Console so i want create from command prompt.Can u please explain me the step for create and assign read only role to user.
    Regards
    Mahendran

    Hi Mahendra,
    I am happy with Surendrajain's reply, but with this sql you will not able to view the data present in SAP Schema,
    The entire sql query with the comments in bracket  is given below
    1) create user PPMTEST identified by program1;    
    2) Create role PPMROLE;                           {  PPMROLE is the role name which will be later assigned to the user PPMTEST}
    3) Grant CONNECT to PPMROLE;                                 { CONNECT role allows the user to connect to oracle database}
    4) Grant SELECT_CATALOG_ROLE to PPMROLE;       { SELECT_CATALOG_ROLE role allows the user to view the oracle data dictionary}
    5) GRANT SELECT ANY TABLE to PPMROLE;             { "SELECT ANY TABLE" privilege allows the user to view the table which is present in the SAP schema}
    6) Grant PPMROLE to PPMTEST;                                         { Assigning the role PPMROLE to the user PPMTEST}
    7) COMMIT; 
    Thanks and Regards
    Debdeep

  • Ldap Sync: User is not able to create in Active Directory through OIM

    Hi ,
    I have enabled the ldap sync between OIM and Active Directory.
    Option 1: with password
    While creating the new user in OIM , I am getting the below error .
    80eeb34d89d5ed80:18bc05bb:1403be9d7e6:-8000-000000000008f710,0] [APP: oim#11.1.2.0.0] Could not modify entry.[[
    javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A120C, problem 5003 (WILL_NOT_PERFORM), data 0
    remaining name 'cn=ADTESTLDAp10F ADTESTLDAp10LL,cn=Users,dc=cgtest,dc=adtest,dc=com'
      at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3140)
      at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013)
      at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820)
      at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1458)
      at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:255)
      at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:172)
      at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:153)
      at oracle.ods.virtualization.engine.backend.jndi.ConnectionHandle.modify(ConnectionHandle.java:301)
      at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.modify(BackendJNDI.java:781)
    [2013-08-04T17:06:58.840-07:00] [oim_server1] [ERROR] [OVD-60600] [oracle.ods.virtualization.engine.util.ADUtilities] [tid: [ACTIVE].ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 80eeb34d89d5ed80:18bc05bb:1403be9d7e6:-8000-000000000008f710,0] [APP: oim#11.1.2.0.0] Cannot set password : LDAP Error 53 : [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A120C, problem 5003 (WILL_NOT_PERFORM), data 0[[
    Looks like password is not able to set properly. But I am able to create the same user in AD using the same password.
    Option 1: without password
    Another testing, I have also tried to create user without password.  There is no error coming to log file. and I am able to see the below message in log file
    oracle.iam.ldapsync.impl.eventhandlers.user.UserCreateLDAPPreProcessHandler] [APP: oim#11.1.2.0.0] [SRC_METHOD: createUser] User created in LDAP with GUID 9dc8f6f4b8564216a5d75d86f7cad0a2
    But user is not created in AD . this is another issue.
    Thanks,
    Amit

    Thanks for your reply.
    I have seen sample xml and my target looks the same
    <wlserver dir="${weblogic.domain.dir}"
                             port="${weblogic.domain.admin.server.port}"
                             servername="${weblogic.domain.admin.server.name}"
                             username="${weblogic.domain.admin.user}"
                             domainname="${weblogic.domain.name}"
                             password="${weblogic.domain.admin.password}"
                             configFile="config.xml"
                             generateConfig="true"
                             action="start"
                             beahome="${env.BEA_HOME}"/>
    my requirement is to use ant task.. otherwise I am able to create through configuration wizard
    Thanks

  • Error creating user home in directory

    Hello All,
    I installed the Jdeveloper with patch p8751878 to work on 11.5.10.2.  This is on a win7 64bit machine.
    My environment and system variables have the following:
    Variable= JDEV_USER_HOME
    value=C:\p8751878_11i_GENERIC\jdevhome\jdev
    When I try to launch the Jdeveloper getting the following message:
    Eror creating user home in directory C:\p8751878_11i_GENERIC\jdevhome\jdev.  Please restart JDeveloper with a new user home specified.
    Error stack shows the following
    java.io.IOException: Error copying file C:\p8751878_11i_GENERIC\jdevhome\jdev\system9.0.3.5.1453\Classic.kdf
    at oracle.ide.MultiCopier.copyDirectory(Ide.java:3356)
    Any suggestions as to what could be causing this (pls. excuse if this has been asked before..)?
    Thanks,
    Monkey

    Does anyone know how Raptor determines where it will create it's user home???
    On our development network I keep getting the noted error message, regardless of Windows 2003, 2000, or XP. So Im starting to think we may have some Windows policy that is preventing the creation of the .raptor folder that Raptor creates when it first starts up.
    On my laptop, which is not tied into the development network, I dont have this problem.

  • Creating users in Microsoft Active Directory 2000/2003 with password.

    Our BSP application is using LDAP_CREATE function module to create users in Microsoft AD 2000 and 2003. But the users are not created along with passwords. without passwords the users are created in disabled mode.
    We tried using the SAP provided function modules under function group SLDAP to create the entries. We are able to create accounts on MSADS but only without the password. We find that MSADS requires the password to be passed/sent as a bytecode array (SAP equivalent Xstring/Rawstring ?) under the attribute unicodePwd, which we did using the fn. module LDAP_CREATE.
    But the server returns an error code LDAPRC053 which translates to "Unable to execute operation on the server".
    We generate the password string and convert the same into an xstring using SCMS_TEXT_TO_XSTRING function module.
    We are not sure what we are missing, but the account does not get created with the password at all. Would appreciate if you can help.
    We do have a backup solution of creating the users offline, but I want persue in above mentioned direction. Anybody has resolved this issue? Please let me know.
    Thanks in advance.

    I'm suspecting it has something to do with calling the function over an open connection versus a secure connection, SSL on port 636.
    Any comments ?

  • How to create users with i18n characters in SunONE directory server?

    Was trying to create users and groups with i18n characters in SunONE directory server
    1. Started LDAP console using -l option
    2. Chaged the Locale to Japanese
    3. Entered few japanese character as username (meaning internationalization user name)
    4. However, I could not able to type the password using the "soft keyboard" that comes with Japanese Locale
    5. to overcome with #4, for now, I typed english chars as the password
    6. Click OK to save the above username/pwd
    7. It says "netscape.ldap.LDAPException: error result (19); value of attribute "uid" contains extended (8-bit) characters"
    Has anyone ever created i18n user names in SunONE Directory Provider? Please help...

    Hi LostLad,
    Soryy for my ignorance...Could you please be elaborate on how to remove "uid attribute from 7-bit ASCII plugin?
    Thanks in advance..

  • Create user with select privilege only one schema

    can someone tell me how i can create user with select priviliges only one schema.
    i don't want the user to have any select privileges with other schema.
    can someone advise me.
    Thansk

    In general, you would do something like
    CREATE ROLE abc_read_only;
    FOR x IN (SELECT * FROM dba_tables WHERE owner='ABC')
    LOOP
      EXECUTE IMMEDIATE 'GRANT SELECT ON abc.' || x.table_name || ' TO abc_read_only';
    END LOOP;
    CREATE USER your_user ...;
    GRANT abc_read_only TO your_userYou create a role, grant the role SELECT access to all the tables in the ABC schema (you can extend this to grant access to views, functions, etc depending on the requirements), and then grant that role to your user.
    Justin

  • Create New gives an error "Could not find the user document directory"

    Fresh installed Adobe Edge Animate CC (2014). When I try to Create New, I get an Error popup "Could not find the user document directory"

    I think this worked!
    I just downloaded an example file and tried opening from outside of the program. At first it gave me some errors but then loaded it up.
    After that I've re-saved it and now I can create new files and open files.
    Before that I also uninstalled old CC programs that were not showing in the Adobe Creative Cloud apps.

Maybe you are looking for

  • Using new Adove Media Encoder with Premiere pro cs4

    I have Premiere Pro Cs4 and Design&Web premium CS6 -  which comes with Adobe Media Encoder cs6. Can I get Premiere Pro CS4 to use the new encoder (and hopefully speed up)?

  • Problem with ATV refresh rates and frame rates

    I live in Australia and as such I am subject to PAL, so when I set my ATV up I set it to 720P 50Hz, when I purchased a TV season the episodes were running at 25fps and played back flawlessly with no dropped or added frames. My problem occurs when I d

  • Trace background image color

    i am working on project for avatar design and would allow user to upload his pic on avatar face. i did this part. Now next thing is user can select 2d design 0f lips to place on face? Here comes the problem. i need to auto blend color of flash lips t

  • JAXB runtime ClassNotFoundException

    I'm trying to set up some really basic build stuff using ant and JAXB to handle the transforming of some XML data, but I'm having some trouble getting it to not throw exceptions at runtime. I've successfully got an XJC task running in ant that is def

  • NEAT configuration issue

    Hi, I´m currently setting a LAB in order to test NEAT feature. The Supplicant switch (sSW) is able to authenticate toward the Authenticator Switch (aSW). sSW#sh cisp summary CISP is running on the following interface(s):   Fa0/8 (supplicant) When I c