Getting top level permissions?

Similar Messages

• Derived Hierarchy Permissions - cascading top level permissions to all subseuent levels

  I have created a 3-level derived hierarchy in my MDS model.
  Level 1 - divisions, Level 2 - groups, Level 3 - targets per year-month
  We have divisional users that would use this structure. so when I add a user I set the permissions at the division level and would like those permissions cascaded down to levels 2 & 3 without going thru and setting permissions on each node in level
  2 and level 3. Is it possible to do so? If yes, how? If not, then how do I maintain permissions for my users - how can I make sure that if a user enters a new group for a division, then he/she can use it to set targets?
  Thanks,
  Sonal

  The permission will be inherited by the subtree.
  https://msdn.microsoft.com/en-us/library/ee633750.aspx
  On the Hierarchy Members tab, each hierarchy is represented as a tree structure. When you assign permission to a node in the tree, all children inherit that permission unless permission is explicitly assigned at a lower level.

• DFS-R Top level NTFS Permissions

  Hi,
  As part of my setup, I'm trying to implement a new DFS-R share between 2x Windows 2003 R2 and 1x 2008 R2 servers
  I've been experimenting with the DFS-R, and I've found that if I try to change the NTFS partitions of the top-most folder, then these permissions are not replicated to the other duplicates on the other servers. Sub-file and sub-folder Perms are.
  I've also found that if I do modify the top-level folder, than that server stops replicating to the others - with no errors in the event logs !  Disaster !!  In my testing, all I did was add another users read access, and then that stops replication!!
  So - if I need to control the top-level perms, do they all have to be in sync and setup manually ?

  Hi Shaon,
  Sorry I had to actually setup the server on the remote site.  So no - I'm still seeing issues.
  I ran that DFSutil on serv14. I don't know why it doesn't show the ClientApps DFS replication.
  2 entries...
  Entry: \Ubiq-serv1\Users
  ShortEntry: \Ubiq-serv1\Users
  Expires in 24 seconds
  UseCount: 1 Type:0x81 ( REFERRAL_SVC DFS )
     0:[\UBIQ-SERV1\Users] AccessStatus: 0 ( ACTIVE TARGETSET )
  Entry: \ubiquisys.local\sysvol
  ShortEntry: \ubiquisys.local\sysvol
  Expires in 562 seconds
  UseCount: 0 Type:0x1 ( DFS )
     0:[\UBIQ-SERV14.ubiquisys.local\sysvol] AccessStatus: 0 ( ACTIVE TARGETSET )
     1:[\UBIQ-SERV1.ubiquisys.local\sysvol] ( TARGETSET )
     2:[\ubiq-serv9.ubiquisys.local\sysvol]
     3:[\ubiq-serv8.ubiquisys.local\sysvol]
     4:[\UBIQ-SERV10.ubiquisys.local\sysvol] ( TARGETSET )
  DfsUtil command completed successfully.
  I'm also seeing folders/files not replicate between 14 and 9.  Some do, some dont. Seems to be zero byte files causing most of the issues.

• Top Level Navigation Invisible for Administrator in EP6.0

  I have installed SAP NetWeaver 2004s SP16, EP6.0 and Developer Studio 2.0.16.  But When I log on to portal using Administrator user id, I am not getting Top Level Navigation.  I also tried other user id's.  Please provide me solution.  Thanks in advance.

  I suggest you login to Visual Administrator and check if Administrator is part of Administrators Group. You can find this by going into Services > Security Provider > User Management. Search for Administrator and check if he is part of Administrators group.
  If not add it, by default Super Admin Role is assigned to Administrators group. Once you get this role you should see all the navigational Tabs.
  Hope this helps.

• Adding permissions at top level folder

  Let's say your top-level folder is d:\filestore\   You add Domain Admins to it with Full Control.
  If the sub-folders have maintained inheritance of the perms from that folder then you're good. 
  However, if any of the subfolders have broken permissions, either by removing all permission and adding new ones or by copying the permissions and adding additional ones, then you're kinda screwed. Enforcing inheritance of the perms from your top level folder on that mess will almost certainly obliterate the existing permissions.
  If you're semi-lucky you might be get away with finding a number of folders that you can apply the perms to that will then propagate to the rest.
  If you're really unlucky, and it sounds like you are, then you may have to apply the permissions to many individual folders. 

  I have just migrated to a new 2012 R2 server and have my AD and file server on separate VM's.  The previous server had the local Administrators group listed, but now I need to add the Domain Admins group to the top level of the folder tree and have that pass down throughout all other folders.  But I don't want it to overwrite the existing permissions.  Is there any way to do this?
  The folder structure is insane and I want to redo it a better way, but that will take time and the OK from management.  There are so many "individual" users added to many folders that it is currently impossible to keep track of.  
  This topic first appeared in the Spiceworks Community

• Did 10.6.5 alter the permissions of the top level of the startup volume?

  Since applying the 10.6.5 update it seems that non-admin users have read/write access to the top level directory of the startup volume. That means that non-admin users can create items there.
  I am wondeing if this is a normal change for 10.6.5 or if something is weird with my system.
  We updated from 10.6.4 via Software Update. This machine has only ever had Snow Leopard installed on it.
  (Note that top level sub-folders such as Library and System do not appear to be affected by this)

  Are you referring to the ownership and privileges for the drive? If so then if they aren't set at the default it's because of something a user has done because the installer makes no such changes. You can return them to the default as follows;
  1. Select the drive and Press COMMAND-I to open the Get Info window.
  2. In the Ownership and Sharing section at the bottom is a checkbox labeled, "Ignore permissions on this volume." If the box is checked then click on the lock icon and authenticate. Uncheck the box.
  3. Open the Terminal application in the Utilities folder and enter the following command then press RETURN:
  sudo chown root:admin "/Volumes/Macintosh HD"
  You will be asked to enter your admin password which will not be echoed.
  If you now click onto the still open Get Info window you should now see the proper info:
  Owner=system with r/w privileges
  Group=admin with r/w privileges
  Everyone is read-only
  Click on the lock icon to prevent any changes. Close the window then quit the Terminal.

• How do I use CreateBookmarksFromGroupTree and NOT get a "temp_" for my top level?

  I have a report that I have created that uses uses groups and I wanted export a PDF using the CreateBookmarksFromGroupTree option. While that works, I get an ugly top level bookmark name that starts with "temp_" then followed by two GUIDs "temp_13fef8e3-30ec-4bc5-ba77-b55d23c95e8f {87823BCB-7789-407C-8A7F-5096BE07A83E}".
  So, how do I:
  1) Get rid of this top level so it matches the Crystal Viewer (which has multiple top level bookmarks)
  2) Put in a name of my own choosing as the top-level bookmark.
  <!break>
  Any help or suggestions would be appricated.
  Thanks,
  Jim

  I would very much like to know how to avoid this also!!!

• Getting at a top-level XML attribute

  It's Friday afternoon... I'm fried and can't seem to figure
  out how to get at a top-level XML attribute.
  Some specifics...
  My XML doc has a single attribute in the top node followed by
  several "version" nodes
  <projData projectName="Spry Project">
  <version>
  I successfully load and create an xml data set from said XML
  file. Later on, I use the getDocument() method to refer to the XML
  DOM doc used by the original xml data set. I need to extract the
  value of the attribute "projectName" into a javascript variable.
  The xpath query should be "projData/@projectName" but all I
  get returned is an undefined value.
  Any ideas? I'm sure it's something simple that I'm
  overlooking.

  > can you please helo.
  This is impossible.
  Obviously your ABAP mapping is wrong. Fix it.

• Changing permissions on a top level public folder WITHOUT affecting the folders underneath it in Exchange 2007

  Hello everyone,
  We have a pubilc folder we woudl like to lockdown to just the IT techs, but we want eveything below to function as it normally has been.  We have several folders underneath this folder with various permissions for our end users that we dont want changed. 
  How would you change the permissions on a top level folder without affecting (propagating) the folders underneath it?  Also, If I go into the "Administration" tab of the properties of the top level Public Folder I see an option to
  make this folder available to: "All users with access permission" or "Owners only". Would it be as simple to select "Owners only" here or will that restrict the down level folders as well to just the owners?
  Thanks,
  John

  Hi,
  You use PFDAVAdmin to customize your permission level for mailbox and public folder. This is good tool which helped me a lot in most of the permission issue for PF and Mailbox. Follow the below article for more detail of PFDAVAdmin Tool
  http://www.nigelboulton.co.uk/2010/12/delegating-and-propagating-exchange-folder-permissions-using-pfdavadmin/
  Exchange Queries

• Always Get Edit Link When Item Level Permissions Set

  We've enabled item-level permissions in a folder, and all users receive the "edit folder" button, regardless of whether we've given them "manage" access. Turning off item-level permissions removes the edit link.
  Is this a known issue? Any workaround/solution?

  That's just a "feature" of item level security, I don't think Oracle has any plans to fix it in 3.0.9X they probably have resolved the issuse in 9.0.2 ..... If you really need it gone you can click "Edit Defaults" when editing the page, right next to the portlet and uncheck the box that says show "Show Edit Link".. But then you just taken away the easy ability of editing the items through the portlet and you have to go back to the Content Area to update anything.
  brad

• Cannot Create Folder at Top Level of Documents Library

  Operating System:  Windows 7 Enterprise, 32-Bit
  Environment:  Windows 2003 domain
  Security:  Local Machine admin, and domain admin
  Documents Library is redirected via Group Policy to
  \\servername\home\username
  Navigating to Libraries\Documents, there is no "New Folder" button available at that top level of the library.  When using File menu => New => Folder, I get "Unable to create the folder 'New Folder'   File system error (512)."  
  Looked that one up using Google, er, I mean Bing, and found articles about it being an old DOS\Win95 issue with the 512 max limit on the root drive.  Am familiar with that problem, and this ain't it. Less than 30 folders at the root level, and none more
  than 20 characters long. 
  From inside an Application, if I try to save to my Library\Documents folder, I cannot save a file to the root level.  I get "To save here, you must first include a folder in the Library."
  At this point where I am looking to save a file, I also cannot type a folder name for navigation, as I am used to doing with previous OS's.  So in my address area, I have Libraries\Documents, then I have a subfolder called "important."  If I type
  the word "Important," expect the system fo navigate down into that folder.  Instead I get "To save here, you must first include a folder in the Library." If I type "Important\" I still get the same error.
  Navigating to \\servername\home\username, I am able to create a New Folder at the top level from a Windows Explorer window, or from inside an application such as Word. 
  Mapping a drive letter to \\servername\home\username also will allow me to create a New Folder at the top level, from a Windows Explorer Window, or from inside an application.
  From a command prompt, I am able to get to the drive letter and create a new folder. 
  With the drive letter mapped, going back to Libraries\Documents, I am still unable to create a new folder that way.  
  I read these two threads, both of which sort of die off with no real answers.  So I've started my own. 
  http://social.technet.microsoft.com/Forums/en-US/w7itpronetworking/thread/4ea2f28f-8487-40cf-abb0-745916e72b7a
  http://social.technet.microsoft.com/Forums/en/w7itprosecurity/thread/ae2505ce-8a6b-493b-9473-a0dca215fd34
  Any Help? 

  Hi,
  Regarding your problem, it seems that the user didn’t have appropriate permissions to create folders. To get it work, NTFS and Share permissions must be configured
  appropriately.
  Here are the Share and NTFS Permissions needed on the File Server Shares and the steps to do so:
  NOTE: The $ symbol should be used to hide the existence of the share.
  User Home Share Configuration:
  Here are the Share and NTFS Permissions needed for Home Directories:
  a. The Share permissions (Sharing Tab): Share Named: <HOME>$
  Administrators: Full Control
  System: Full Control
  Authenticated Users: Full Control
  b. NTFS Folder Permissions (Security Tab): Turn off inheritance on the Folder named <HOME>, and copy the permissions. (Uncheck "Allow inheritable permissions
  to
  propagate to this object")
  Administrators: Full Control
  System: Full Control
  Creator Owner: Full Control
  Authenticated Users: Read & Execute, List Folder Contents, Read
  c. On the NTFS Folder Permissions Click the Advanced Button. Then highlight Authenticated Users, Select View/Edit
  d. On the Permissions Entry for <HOME>, "the Apply onto" change to: "This folder
  only"
  e. Click OK
  f. Click OK again.
  More reference, please read the following document:
  Windows Server 2008 Share/NTFS permissions on home
  directories/folders
  Redirect the Documents folder to a network share
  Please note: we provide the third party link for technical use
  only. There may be some changes without notice, Microsoft doesn’t guarantee any accuracy on contacting information.
  BTW, as this issue is relevant to Windows Server 2003, please post in
  Windows Server forums for solution as well.
  Hope it helps.
  Best Regards
  Dale
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”

• Unable to find top level site associated with project site

  Hello!
  SP and PS 2013. I faced the problem with one project and its site synchronization.
  When user published this project at 1st time, the site wasn’t created (there were some errors), but user didn’t notice that. So, after few days when he couldn’t open
  the site, he ask me for help.
  I did my usual operations in such cases – I open “Connected sites” and create the site myself.
  Earlier there was not any problem with that. But now this project experiences some troubles with permissions sync for
  it’s site – there is no synchronization.
  I connected this problem with November CU, which has been installed couple of weeks ago.
  I have read about the same problems after upgrade, so I want to emphasize that site was created on the root site collection (Project Web App) and it is not a subsite
  of another project site.
  If there is no solution until next update, maybe there is some way to turn off permission synchronization only for this site?
  Any help will be appriciated!!!
  Kate
  Queue error:
  GeneralQueueJobFailed
  (26000) - PreparePSProjectPermissionSynchronization.PreparePSProjectPermissionSynchronizationMessage.
  Подробные
  сведения: id='26000' name='GeneralQueueJobFailed'
  uid='231b2c2c-fc8b-e411-942d-0050569d3fac' JobUID='79031b2c-fc8b-e411-942d-0050569d3fac' ComputerName='7d8a1473-f6a8-4a8e-b7fb-1bdd868c7e20' GroupType='PreparePSProjectPermissionSynchronization' MessageType='PreparePSProjectPermissionSynchronizationMessage'
  MessageId='1' Stage='' CorrelationUID='a923d99c-8e88-c0e8-c7e2-08a980da8c96'.
  Для получения дополнительных сведений проверьте журналы ULS на компьютере
  7d8a1473-f6a8-4a8e-b7fb-1bdd868c7e20 для записей с JobUID
  79031b2c-fc8b-e411-942d-0050569d3fac
  In logs:
  12/25/2014 12:42:45.85        Microsoft.Office.Project.Server (0x07E4)        0x5E10           
  Project Server                            Sharepoint Integration           
  amed3 Exception        Unable to find top level site associated with project site Site1 System.IO.FileNotFoundException: <nativehr>0x80070002</nativehr><nativestack></nativestack>Нет
  веб-сайта
  с
  именем "/Site1".     at Microsoft.SharePoint.Library.SPRequestInternalClass.OpenWebInternal(String
  bstrUrl, Guid& pguidID, DateTime& pdtTimeCreated, String& pbstrRequestAccessEmail, UInt32& pwebVersion, String& pbstrServerRelativeUrl, UInt32& pnLanguage, UInt32& pnLocale, String& pbstrDefaultTheme, String& pbstrDefaultThemeCSSUrl,
  String& pbstrThemedCssFolderUrl, String& pbstrAlternateCSSUrl, String& pbstrCustomizedCssFileList, String& pbstrCustomJSUrl, String& pbstrAlternateHeaderUrl, String& pbstrMasterUrl, String& pbstrCustomMasterUrl, String& pbstrSiteLogoUrl,
  String& pbstrSi...   2a29d99c-9ecc-c0e8-c7e2-037970debfdf

  Hi Kate_S,
  since you are already aware that its a known issue caused Sep 2014 CU i believe, and an official fix has yet to release.
  but i would like to clarify here that this issue doesn't have anything to do with project site creation, because sync queue job while creating project site fails but does not block other queues activities. so your project site should be created in a normal
  way.
  and until official fix will arrive, 1 of the option is to change your project sites to provision under root site collection instead of PWA site collection. But be aware that this will fix sync issue only for new project sites.
  Go to Central Administratio -> PWA settings -> open site provision settings menu and made changes.
  2nd option is, since Project Owner always get access to Project site, to teach your project owners to include project team members manually to project site permission group to allow them to have access. this option can help you with both new and existing
  project sites, and i personally prefer this and did the same for my affected customers.
  Hope these 2 options will help you. 
  Khurram Jamshed - MBA, PMP, MCTS, MCITP (
  Blog, Twitter, Linkedin )
  If you found this post helpful, please “Vote as Helpful”. If it answered your question, please “Mark as Answer”.

• Numbered folders appearing on top level of HD

  Past few days these folders keep reappearing. They are completely empty, I dump them, and then they show up again. I've been looking through the forums and haven't found any reference. Did the basic troubleshooting/permissions routines and ran Onyx. No dice they keep coming back. Any ideas on what they are or if they are signs of a problem?
  the folders look like this:
  9ffffff8200
  and contain folders like this:
  -05fffffff8ffffff-0000000000
  -05fffffff8ffffff-0000000004
  -05fffffff8ffffff-59e5700100
  -05fffffff8ffffff-0014043c0a
  -05fffffff8ffffff-028802cccc
  etc....

  I HOPE THIS HELPS people to see what I'm getting on the top level only:  Here are 2 images -- a before and after:  I have a very plain empty folder called "Test Folder 1 May 2015" in the first one (along with some other folders) and then in the second one you can see I duplicated that folder -- but it now has a progress bar and and "x" showing!  (Just the "duplicated" file - the one with copy in the name).  This is a screen shot (using "Totalfinder" if anyone is wondering).  Same with my daughter's new MacBook (and she has essentially nothing on it, is not using TotalFinder - but the same problem.  Hey, maybe it's not a problem, maybe it's a "feature" of Yosemite or just the way it treats root level folders now--- but I sure would like to get rid of this weirdness if possible without breaking the system!

• Possible to Have ToC Default to Show Only Top Level (collapse sublevels)?

  Howdy!
  I'll bet I'm not the only one wishing for this.  Let's say you're using Captivate 4's Table of Contents feature with a longish movie of Cp slides, which is chunked into bite-size sections content-wise.  In the ToC, though, you can't mimic that same organization scheme; at least, the learner would first need to collapse all the ToC folders you've created so they see only the top-level listing.
  This can be a critical issue:  keeping the at-first-glance list in the ToC brief enough to be inviting to learners, yet allowing learners to drive which details are currently visible.
  A movie's topical hierarchy could be along these lines, for example ...
  Section 1 - National Brands
  What are National Brands?
  Why Are They Important to Our Business?
  Working with Nat. Brands
  Practice Your Knowledge
  Section 2 - International Brands
  What are International Brands?
  Why Are They Important to Our Business?
  Working with Intl. Brands
  Practice Your Knowledge
  You'd like to organize the ToC to show only the section titles (1st level) and to suppress the 2nd-level detail (slide titles) until the learner chooses to expand the folder to see those details.
  I've tried things like grouping the slides into sections in the Storyboard view and organizing the slides into sections strictly within the ToC -- both to no avail.
  Has anyone solved for this need yet?
  I'm all ears, and you'd be doing learners of the world a huge favor.
  Thanks!

  Hi, Jim.
  Thanks for being 'on the case' and looking into this so quickly.  Your
  findings are encouraging, although my user base is generally working with
  IE 6 and FP8 or 9.
  Since the only thing I may influence is getting  IT to help push out FP10,
  I'm hoping it's more of a player- than a browser-version issue.
  I'll test things out by Monday and let you know the results.  Wish me luck!
  Dave
                                                                                  From:       Jim Leichliter <[email protected]>                                                                               
  To:         Dave Tressler <[email protected]>                                                                               
  Date:       03/26/2010 06:02 PM                                                                               
  Subject:    Possible to Have ToC Default to Show Only Top Level (collapse
                sublevels)?                                                                                
  Dave,
  I just tested this on my local web server and it worked fine.  I created a
  blank project with 8 slides.  Created my TOC with grouping... 2 slides in
  each group.  I turned on self paced learning.  I tried with and without the
  widget and it picked up where I left off in either case.  See
  https://docs.google.com/leaf?id=0B86WuEq6SVwRNWIwMjhjODctMjE2Yy00MWE2LWI5YzEtMGQxYzNjOWQ0Z mI2&hl=en. 
  I published using FP10 and IE8 to view.  Notice any difference between
  your project and this one?
  Thanks,
  Jim Leichliter

• How do I use CreateBookmarksFromGroupTree and NOT guid in the name for my top level?

  Post Author: Barbdcg
  CA Forum: Deployment
  I have a report that I have created that uses uses groups and I wanted export a PDF using the CreateBookmarksFromGroupTree option. While that works, I get an ugly top level bookmark name that starts with the name of my report, then followed by a GUID;
  Report {49E72CC5-7FFD-44F8-831B-EA8F543F7D82}.rpt
  So, how do I Put in a name of my own choosing as the top-level bookmark or at least get rid of the guid?
  Any help or suggestions would be appricated.
  Thanks,
  Barb

  Post Author: Barbdcg
  CA Forum: Deployment
  Still no answer??? I can not figure this one out!!  HELP!!!