File System Permissions Don't Allow "Staff" Group

Similar Messages

• FTP file adapter: file access permissions do not allow the specified action

  Hi,
  I have the File to JDBC scenario. The file is extracted in AL11 folder of the Sending (BW) system.
  The folder is FTP enabled and the Unix admin says he has given full authorization to both the folder and ftp user.
  But in the File CC I get the following error "Could not process due to error: com.sap.aii.adapter.file.ftp.FTPEx: 550 TSMSACAIX5350.tar.gz: The file access permissions do not allow the specified action."
  Can some one advice what is wrong. Im pretty much sure it has to be a problem with the UNIX permission. But the unix admin person says he has given a full permission.
  I need to know what permissions needs to be given??  Is there different permissions for application level and OS level??
  Pls advice
  Thanks
  Prasanna

  >
  Prasanna Shanmugasundaram wrote:
  > Hi,
  > I have the File to JDBC scenario. The file is extracted in AL11 folder of the Sending (BW) system.
  > The folder is FTP enabled and the Unix admin says he has given full authorization to both the folder and ftp user.
  > But in the File CC I get the following error "Could not process due to error: com.sap.aii.adapter.file.ftp.FTPEx: 550 TSMSACAIX5350.tar.gz: The file access permissions do not allow the specified action."
  >
  > Can some one advice what is wrong. Im pretty much sure it has to be a problem with the UNIX permission. But the unix admin person says he has given a full permission.
  > I need to know what permissions needs to be given??  Is there different permissions for application level and OS level??
  >
  > Pls advice
  >
  > Thanks
  > Prasanna
  In CC you set ON the delete mode, after processing file? Maybe, the file have read only permission....

• The file access permissions do not allow the specified action

  I had an issue while transferring file from source to target..i am able successfully transfer the file to target and later i should move the file to another folder using IO operations.
  it failed at invoke.following are the error
  <remoteFault xmlns="http://schemas.oracle.com/bpel/extension">
  -<part name="summary">
  <summary>Exception occured when binding was invoked. Exception occured during invocation of JCA binding: "JCA Binding execute of Reference operation 'SynchRead' failed due to: The IO operation failed. The IO operation failed. The "OPER[NOOP][S->R,T->R]" IO operation for "xxxxxxxxxxxxxxxxxx/  xxxxxx.txt" failed. Check the error stack and fix the cause of the error. Contact oracle support if error is not fixable. ". The invoked JCA adapter raised a resource exception. Please examine the above error message carefully to determine a resolution.
  </summary> 
  </part>
  -<part name="detail">
  <detail>550 xxxxxxxxxxxxxxxxxxxxxxxxx: The file access permissions do not allow the specified action.
  </detail> 
  </part>
  -<part name="code">
  <code>550
  </code> 

  >
  Prasanna Shanmugasundaram wrote:
  > Hi,
  > I have the File to JDBC scenario. The file is extracted in AL11 folder of the Sending (BW) system.
  > The folder is FTP enabled and the Unix admin says he has given full authorization to both the folder and ftp user.
  > But in the File CC I get the following error "Could not process due to error: com.sap.aii.adapter.file.ftp.FTPEx: 550 TSMSACAIX5350.tar.gz: The file access permissions do not allow the specified action."
  >
  > Can some one advice what is wrong. Im pretty much sure it has to be a problem with the UNIX permission. But the unix admin person says he has given a full permission.
  > I need to know what permissions needs to be given??  Is there different permissions for application level and OS level??
  >
  > Pls advice
  >
  > Thanks
  > Prasanna
  In CC you set ON the delete mode, after processing file? Maybe, the file have read only permission....

• SSIS File System Task does not allow entering the destination variable

  In SSIS for SQL Server 2012 (2014) I am not able to change the destination to a variable in the File System Task.  
  I have 2 variables for the source and destination path.  I pull in a File System Task, change the source to a variable, but when I select the destination I cannot enter the destination variable.  When I change destination to a variable
  the dialog disappears when I try to select the variable. 
  http://www.screenr.com/fQKN

  Hi Steve,
  I have tried myself, it is working fine. Its look like something wrong with your visual studio. try to reinstall it or reset the visual studio.(http://msdn.microsoft.com/en-us/library/ms247075(v=vs.100).aspx).
  If you really want to set destination values, you can set them from properties window of the task.(Right click the task and select properties or select the task and press f4).
  There are properties like:
  IsDestinationPathVariable (True/False)
  Destination (VariableName eg: user::target)
  Regards Harsh

• System setting don't allow to modify IDOC ZSTB025

  Hi Guys
  I am creating connection between Prodcution R/3 and BW and when doing that i am getting the error message that
  "system settingdoes not allow changes to be madeto object IDOC ZSTB025".
  Actually for this activity system status has to be modifiable but we don't know what is the particualr component which we need to keep modifiable in SE06....as production is live in R/3, we can't make all the component modifiable.....
  Can somebody please help me to identify that specific component which required to be opened for creating IDOC by the system during connectivity.
  Regards
  Kamal

  Hello,
  In se06 change component  in customer development (HOME) .

• Broken file system permissions

  Sigh. Another day, another borken set of adobe permissions.
  After the fiasco of trying to upgrade Acrobat Reader 709 (and
  all the associated broken registry permissions), I notice that
  Adobe has now broken the flash player permissions.
  Go check out flash9b.ocx or flash9d.ocx. Try and uninstall
  them. Enjoy the fun!
  *WHY ON EARTH HAVE YOU DONE THIS*?
  Total insanity.
  For those that *really* want to remove the product, run
  cacls %systemroot%\system32\macromed\flash\flash9b.ocx /e /p
  everyone:f
  attrib -r %systemroot%\system32\macromed\flash\flash9b.ocx
  The installer will then properly clean up the files.
  Adobe - any chance you could ask your packaging team to stop
  screwing with permissions that they do not understand and more
  importantly do not need to change!
  Mike

  Step 1
  If you want to preserve the contents of the startup drive, and you don't already have at least one current backup, you must try to back up now, before you do anything else. It may or may not be possible. If you don't care about the data that has changed since your last backup, you can skip this step.   
  There are several ways to back up a Mac that is unable to boot. You need an external hard drive to hold the backup data.
       a. Boot into the Recovery partition, or from a local Time Machine backup volume (option key at startup.) When the OS X Utilities screen appears, launch Disk Utility and follow the instructions in this support article, under “Instructions for backing up to an external hard disk via Disk Utility.”
  b. If you have access to a working Mac, and both it and the non-working Mac have FireWire or Thunderbolt ports, boot the non-working Mac in target disk mode. Use the working Mac to copy the data to another drive. This technique won't work with USB, Ethernet, Wi-Fi, or Bluetooth.
  c. If the internal drive of the non-working Mac is user-replaceable, remove it and mount it in an external enclosure or drive dock. Use another Mac to copy the data.
  Step 2
  The easiest way to deal with the problem is to boot from an external drive, or else to use either of the techniques in Steps 1b and 1c to mount the internal drive and delete some files. According to Apple documentation, you need at least 9 GB of available space on the startup volume (as shown in the Finder Info window) for normal operation.

• Difference between ASM Disk Group, ADVM Volume and ACFS File system

  Q1. What is the difference between an ASM Disk Group and an ADVM Volume ?
  To my mind, an ASM Disk Group is effectively a logical volume for Database files ( including FRA files ).
  11gR2 seems to have introduced the concepts of ADVM volumes and ACFS File Systems.
  An 11gR2 ASM Disk Group can contain :
  ASM Disks
  ADVM volumes
  ACFS file systems
  Q2. ADVM volumes appear to be dynamic volumes.
  However is this therefore not effectively layering a logical volume ( the ADVM volume ) beneath an ASM Disk Group ( conceptually a logical volume as well ) ?
  Worse still if you have left ASM Disk Group Redundancy to the hardware RAID / SAN level ( as Oracle recommend ), you could effectively have 3 layers of logical disk ? ( ASM on top of ADVM on top of RAID/SAN ) ?
  Q3. if it is 2 layers of logical disk ( i.e. ASM on top of ADVM ), what makes this better than 2 layers using a 3rd party volume manager ( eg ASM on top of 3rd party LVM ) - something Oracle encourages against ?
  Q4. ACFS File systems, seem to be clustered file systems for non database files including ORACLE_HOMEs, application exe's etc ( but NOT GRID_HOME, OS root, OCR's or Voting disks )
  Can you create / modify ACFS file systems using ASM.
  The oracle toplogy diagram for ASM in the 11gR2 ASM Admin guide, shows ACFS as part of ASM. I am not sure from this if ACFS is part of ASM or ASM sits on top of ACFS ?
  Q5. Connected to Q4. there seems to be a number of different ways, ACFS file systems can be created ? Which of the below are valid methods ?
  through ASM ?
  through native OS file system creation ?
  through OEM ?
  through acfsutil ?
  my head is exploding
  Any help and clarification greatly appreciated
  Jim

  Q1 - ADVM volume is a type of special file created in the ASM DG.  Once created, it creates a block device on the OS itself that can be used just like any other block device.  http://docs.oracle.com/cd/E16655_01/server.121/e17612/asmfilesystem.htm#OSTMG30000
  Q2 - the asm disk group is a disk group, not really a logical volume.  It combines attributes of both when used for database purposes, as the database and certain other applications know how to talk "ASM" protocol.  However, you won't find any general purpose applications that can do so.  In addition, some customers prefer to deal directly with file systems and volume devices, which ADVM is made to do.  In your way of thinking, you could have 3 layers of logical disk, but each of them provides different attributes and characteristics.  This is not a bad thing though, as each has a slightly different focus - os file system\device, database specific, and storage centric.
  Q3 - ADVM is specifically developed to extend the characteristics of ASM for use by general OS applications.  It understands the database performance characteristics and is tuned to work well in that situation.  Because it is developed in house, it takes advantage of the ASM design model.  Additionally, rather than having to contact multiple vendors for support, your support is limited to calling Oracle, a one-stop shop.
  Q4 - You can create and modify ACFS file systems using command line tools and ASMCA.  Creating and modifying logical volumes happens through SQL(ASM), asmcmd, and ASMCA.  EM can also be used for both items.  ACFS sits on top of ADVM, which is a file in an ASM disk group.  ACFS is aware of the characteristics of ASM\ADVM volumes, and tunes it's IO to make best use of those characteristics. 
  Q5 - several ways:
  1) Connect to ASM with SQL, use 'alter diskgroup add volume' as Mihael points out.  This creates an ADVM volume.  Then, format the volume using 'mkfs' (*nix) or acfsformat (windows).
  2) Use ASMCA - A gui to create a volume and format a file system.  Probably the easiest if your head is exploding.
  3) Use 'asmcmd' to create a volume, and 'mkfs' to format the ACFS file system.
  Here is information on ASMCA, with examples:
  http://docs.oracle.com/cd/E16655_01/server.121/e17612/asmca_acfs.htm#OSTMG94348
  Information on command line tools, with examples:
  Basic Steps to Manage Oracle ACFS Systems

• File system error while opening applications in jdeveloper

  I am facing issue while creating new application in jdev. Getting error An error occured creating the application.Check file system permissions. I am admin of my server and I have admin rights for my system.
  I am using 11.1.1.6.0 version of jdev and windows xp os.
  Thanks in advance.

  Hi,
  This is your private PC?
  Can you verify it's not permissions issues?
  Try run the jdev as an admin (right click-run as). Also try to manually create folder in the target location.
  Arik

• What is the minimum file system access needed to run ODI 10.1.3.4.0 client?

  Hi ODI discussion folks,
  I have a couple of questions from an Oracle partner that I'm trying to find a definitive answer for if possible. The partner is setting up ODI 10.1.3.4.0 for a customer who insists that the absolute minimum amount of access to the file system is granted due to corporate security policies.
  I have checked the bundled ODI documentation but couldn't really find anything about file system permissions needed to run the ODI client. I was pointed towards the "Setting Up Security for an Integration Project — What to Consider" document but this does not mention a great deal about how much access to the file system is needed for the ODI client to function.
  What the partner is asking is the following:
  "1. What are the minimum file/folder permissions needed for the ODI client installation? I'm installing at xxxxx
  and their machines have to be locked down as much as possible.
  2. Say you have 3 users all wanting to run integrations etc and the Master and Work
  repositories have been set up. An admin installs the ODI client but doesn't
  create the connection to the Master repository. What are the minimum
  file/folder permissions required on the client machine to:
  a) create the connection to the repository
  b) run any subsequent integrations?"
  If anyone can advise on this then that would be much appreciated.
  Regards
  Craig Huggans
  Oracle Hyperion Support
  Message was edited by:
  user648991

  Hi Craig,
  How are you?
  Let me try to contribute a little....
  1) The minimum requirement is for its own installation directory, there is no reason to have access to other directories unless if it is necessary to read files from some other directory at the client
  2) Again only to its own install directory. The connection setting is recorded at \bin install directory. After that, all information are recorded at repository, there is no client work.
  Be free to contact me by email or phone if you have any new doubt. You can get my email from my profile.
  Does it respond your doubts?
  Cezar Santos

• Help Library on Aix file system

  Dear Experts,
  Users in my company are using SAP GUI  for windows as a front end tool to access the SAP Application
  My Application is runinig on AIX, I was configuerd the Help files on windows machine " i shared directory on this machine for every one , i put the help files there, from SR13 i put the path ,and it was working fine"
  but now i want to move this HELP directory to the AIX file system, i don't know how to make this file system accessed by the SAPGUI
  Could you please help me on how can i use one file system on AIX as shared folder containig the HELP files and can be accessed by the windows SAPGUI?
  Thanks
  Sherif

  Hello Sherif,
  Please go to transaction FILE. There you will file an entry for NETSCAPE_PATH. This is the path you need to give in SR13. Actually this is a logical path which has to be mapped with the physical file path which will be nothing but the location of your online help files. The mapping will be done in FILE itself.
  Next you need to make settings in SR13 and give this path.
  Addtionally check :
  http://www.jt77.com/human2/resources-13782.html
  Also the OSS note 101481
  Regards.
  Ruchit.

• How to control permissions in KM using File System Repository Manager

  Hello everybody
  I have a scenario with 15+ file servers which content needs to be mapped into Portal KM as read-only.
  Windows Authentication is configured on the portal, so the users don't need to supply the portal with username/password.
  Now the users are of course only allowed to see the same content in the portal as they can see on the file servers. I know that the permission mapping can be done using a File System Repository Manager with W2KSecurityManager, but in that case the users will have to maintain the mapping of rights from windows to portal manually. And with ever-changing passwords this is too big an administrative task. So I am looking for another solution.
  My question is therefore:
  How can you configure the File System Repository Manager in a way where it the user does not need to maintain "user mapping" manually, but only need to logon to the portal (through windows authentication) and can see the same files from the portal as he/she can see from the file servers.
  Can this information in some way be taken from the configured Windows Authentication? Or is the only solution to enable WebDav on the file servers and and follow the "Integration of Windows File Servers into the SAP KM platform Using SSO and the WebDAV Repository Manager"-guide?
  Any help will be rewarded.
  Best regards,
  Martin Søgaard

  Hi again Dirk
  I just studied the "Integration of Windows File Servers into the SAP KM platform using SSO and the WebDAV repository manager"-guide in depth and I don't quite understand what rights the cmadmin_service and notificator_service are supposed to be given in the Active Directory. In the guide it says:
  "A number of global services and repository services need to perform operations on resources in various repositories. For example, the index management service must read all resources it is meant to index. When an index is created, the service user index_service is used. Therefore, this user has to have at least read access to all repositories that are to be indexed. Other users that are used by the SAP KM platform are the service users notificator_service and cmadmin_service. When a search is taking place, it is the user that is currently logged on to the portal."
  I dont quite understand what the two service users are doing but more importantly, I need to give the two service users the correct permissions in the Active Directory (or through user mapping). I understand that index_service only needs read_only permissions, but what permissions should the cmadmin_service and notificator_service be given?
  Best regards,
  Martin

• Why doese this message appear"Your current security settings don't allow this file to be downloaded"

  no one helped me in this post, why Adobe Company doesn't have an answer to my question?
  please, i need your help
  "Dear Helpers,
  We used to use adobe reader 6 in our foundation to view pdf files on the internet, and since we had upgraded to the new version of adobe (to adobe 7 and X) the browser (IE 8) couldn't open any pdf file, and always returning this message: "Your current security settings do not allow this file to be downloaded".
  we have a group policy that doesn't allow the users to download files from the internet, but when we were using adobe reader 6, this message have not occurred while opening pdf file online, and everything was fine,"
  Please help me in this issue
  Thanks in advance
  Kind regards

  Hi eleanora27327971,
  I don't think there's a problem with the PDF file that you converted--that sounds more like a browser setting. What browser are you using? Are you able to download files from other websites? Or, are you able to log in to https://cloud.acrobat.com using a different web browser, and download from that browser? (See System requirements | Acrobat.com for a list of supported web browsers.)
  Tell me a bit more about your setup (what operating system, browser and version), and I should be able to point you in the right direction.
  Best,
  Sara

• Permissions repair: SUID file system/library/coreservices/remotemanagement/ARDAgent/contents/MacOS/ARDAgent has been modified and will not be repaired

  I have a mid 2007 iMac running OS Mavericks and the hard drive is failing. When doing a disk permissions verify it shows  SUID file system/library/coreservices/remotemanagement/ARDAgent/contents/MacOS/ARDAgent has been modified and will not be repaired. I do not have a backup of my system due to my external drive I use for backing up my system has stopped working. Can I repair this myself without having to reinstall the OS so I don't loose my any of my files.

  You can safely ignore that.
  Disk Utility's Repair Disk Permissions messages you can safely ignore

• [solved] systemd service files don't allow quotes

  Why is it not possible to use quotes in
  ExecStart=
  section of systemd service files?
  For example, I can't use service file like this
  [Unit]
  Description=Pacman mirrorlist update
  [Service]
  Type=oneshot
  ExecStart=wget -O /etc/pacman.d/mirrorlist.backup "https://www.archlinux.org/mirrorlist/?country=DE&country=NL&country=PL&protocol=http&ip_version=4" && cp /etc/pacman.d/mirrorlist.backup /etc/pacman.d/mirrorlist && reflector --verbose -l 50 -p http --sort rate --save /etc/pacman.d/mirrorlist
  because systemd will not run it because of presence of quotes:
  Feb 26 08:48:36 nanoBox systemd[1]: [/etc/systemd/system/reflector.service:7] Executable path is not absolute, ignoring: wget -O /etc/pacman.d/mirrorlist.backup "URL=http...
  Feb 26 08:48:36 nanoBox systemd[1]: reflector.service lacks both ExecStart= and ExecStop= setting. Refusing.
  I can remove quotes and then the service will run, but the URL parsed to the command will be cut in half, ie it will stop on the first "&" sign and only DE mirrors will be probed.
  Is there some way around it other than creating a separate executable file and calling it from the service? I don't want to multiply unnecessary files if there's way around it.
  Last edited by Lockheed (2015-02-26 09:37:25)

  Lockheed wrote:
  Raynman wrote:"from command line" is you feeding a (command) string to a shell. Your assumption is that systemd will treat whatever you put in ExecStart exactly the same as your shell would.
  Not "is" but "was". Disappearance of that assumption was precisely the reason of starting this thread.
  I had to read this a few times, but I think you mean it as follows. You assumed you could copy from the shell to the service file and it would work the same way. Then you got an error (about the abolute path) so that assumption "disappeared". So far so good. But you didn't exactly figure out what was different, you formed a new assumption and based your thread on that:
  "systemd service files don't allow quotes" (title)
  "Why is it not possible to use quotes in ExecStart= section of systemd service files"
  "because systemd will not run it because of presence of quotes:"
  Like frank604 says, quotes were never the issue (in fact, they are one of the few things with special meaning for both the shell and systemd), yet you still seem to think they were:
  Lockheed wrote wrote:The actual wrong assumption on my part was that this command would run without quotes as service. It does not.
  It is a shame you only quote the first part of my last reply and ignore the questions in the second part. You did almost the same thing with my reply before that and I suspect you also didn't read the man page I mentioned the first time. You basically give me the impression that you think you have it all figured out (even though you come here looking for help) and my follow-up questions aren't worth your time. That usually makes me "move along" pretty quickly, but I'm trying one last time, because even though "The service now works", I'd like to see that you actually understand why it didn't work before.
  The only thing you really answered was "Changing paths to absolute made no difference.", but that shouldn't be, so when you mentioned empirical evidence, I basically repeated the question asking for some of this evidence (as in exact error messages for one or more modified ExecStart lines).
  When I take your service file and give wget an absolute path, systemd happily executes wget, but then wget complains because it gets "&&" and "cp" and "--save" etc. as arguments. Those errors are what I see in systemctl status/journal, no longer anything about an absolute path. This is because "&&" has no special meaning. You can use semicolons (";") to separate commands instead (explained in the man page section on command lines) or multiple ExecStart lines like frank604 used (which is cleaner IMO).

• Maown - file system monitor for shared group directories

  Maown Info Page
  I needed a way to manage ownership and permissions of files in a shared directory. ACLs and "chmod g+s" alone were not enough so I wrote maown.
  Maown is a file system monitor written in C. It uses inotify to recursively watch a directory tree for file creation and attribute modification. It automatically chowns files to user:group and adjusts group permissions to match user permissions.
  The package includes a daemon with a simple configuration file. Each line in the configuration file specifies a user, a group and a list of directories to monitor:
  <user> <group> <directory> [<directory>...]
  Last edited by Xyne (2012-05-21 02:35:24)

  Maown has been replaced with Autochown.