Grant Permission for xp_cmdshell

Hi! After google the permission grant for xp_cmdshell, I find only 2 roles could successfully
trigger xp_cmdshell 
(1) DB user with sysadmin permission.(i.e. this is the super user for SQL Server)
(2) Windows user.
(1) and (2) both need to be granted to use xp_cmdshell.
If above understanding is correct, I have difficulty in granting the permission to C# web
project.
My web project triggers SSIS on demand and gets processed results in return.
The current design is caller (C#) execute stored procedure, then sp uses xp_cmdshell to execute
dtexec.
The caller, C#, should have what kind of role to pass the permission check ? 
For (1), that sounds too dangerous to give him such high privilege, 
for (2), it's not allowed in client's environment to have windows local user account or service
account, i.e. every windows user should be a real person and connected to AD.
How do I grant the permission to my C# web project or is there any better design to trigger
SSIS in my case ? 
Need your advice, thank you!

How do I grant the permission to my C# web project or is there any better design to trigger SSIS in my
case ? 
There a couple of other approaches you might consider.  One is to create an on-demand SQL Server Agent job that executes the package, and then use sp_start_job from a user stored procedure to execute the job.  You can use certificates to control
permissions.  See Erland's artice
http://www.sommarskog.se/grantperm.html for details on how you can use cross-database certificates for your user database and msdb.
In SQL 2012 and later, you can use the SSIS catalog procs to run a package without a job.  See
http://technet.microsoft.com/en-us/library/hh479588.aspx.
Another approach is the Service Broker External Activator.  See
http://www.dbdelta.com/service-broker-external-activator-example/ for an example of how to launch an SSIS package using that tool.
All of the above methods run the SSIS package asynchronously.  I'm not sure how your web application processes the results of the package, or if you may have multiple simultaneous executions of the package.  Those points need to be considered in
the design.
Dan Guzman, SQL Server MVP, http://www.dbdelta.com

Similar Messages

  • HT1727 How do you grant permission for home sharing and authorizing?  My mac did home share, but now says, "The required directory was not found or has a permissions error", when I try to authorize.

    How do you grant permission for home sharing and authorizing?  My mac did home share, but now says, "The required directory was not found or has a permissions error", when I try to authorize.

    OK, I just got off of the phone with Apple and still no joy. They had me try a few things that did not work, then told me to Archive and Install, which did not either. Anyway, thanks for the additional help very note worthy, but still no joy. Also an email to iTunes Support took me here
    http://docs.info.apple.com/article.html?artnum=93061
    I have a Users/Shared folder but since the files we are talking about are invisible, I can see how it is structured.
    And by the way I tried this one
    http://discussions.apple.com/message.jspa?messageID=3577004#3577004
    and it did not work. However, when I install a fresh copy of Tiger on the external it did authorize the computer and was able to play the downloads. But coping the invisible file to my boot drive was not successful. But , like I said the music did play when I started up from the external. So I guess that may be my only solution, unless someone can tell what the correct directory is and where it for iTunes downloads.

  • Grant permission for a signed applet

    I have my jar file signed. Now, I hate to have the user to modify their .java.policy file, beside, I did not have my certificate verified by Verisign. Is there any other way to do it? I have read some posts which the user of the signed applet will see a pop up dialog while loading the signed applet, if they click on "grant all access", then the applet will have all the permission. Can anyone tell me how to do that?
    Thanks
    Andy

    nicoleman1 put together a "tutorial" on signing your applet (jar). The instructions will work for all browsers that support the Java Plugin.
    Here is a link to the thread:
    http://forum.java.sun.com/thread.jsp?forum=63&thread=174214
    Pete

  • How toplink grant permission for direct field access

    I know already know that if I need to direct access private or protected field of an instance I must grant supressAccessChecks to ReflectPermission class using policytool or edit java.policy file directly ...
    but how Toplink grant this permission to ReflectPermission class since my java.policy file remain the original.
    Kowit Laison

    In my own experiences, the first release of JDK 1.2 had problems with reflection accessing private attributes. As you mentioned, you had to have a policy file that allowed TopLink access to reflectively access private attributes.
    Since subsequent releases (1.2.x, 1.3, 1.4, etc), it always has "just worked". I.e., it seems to be default behavior of JVM's that you can acess private attributes through reflection. Sometimes some app servers come with startup scripts that have policies that change this default behavior and you have to override it, but in general, a vanilla JVM simply will allow private attribute access through reflection.
    - Don

  • Can I use policy to grant permission for my Applet?

    Hi,
    I want to know if I can use policy files to grant my applet permissions which are loaded from browser , like
    grant codebase "file :http://host/port" {permission java.security.AllPermission;}
    If anyone knows, please let me know. Thanks.
    Michael

    Yes, you can.
    Under Windows NT the policy file is in C:\WINNT\Profiles\USERNAME\.java.policy, in Windows 9x is in c:\windows\.java.policy
    HTH,
    Bruno.

  • Grant permission for pages -- Error when searching for groups

    Hello,
    I open the permissions of a page or iView. Then above I want to find the "Everyone" group, select Group in the drop down box and click on Start. Then I get the following error message:
    java.lang.NullPointerException
         at com.sap.portal.wd.acl.WDAclEditorView.onActionSearchPrincipal(WDAclEditorView.java:230)
         at com.sap.portal.wd.acl.wdp.InternalWDAclEditorView.wdInvokeEventHandler(InternalWDAclEditorView.java:377)
         at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.invokeEventHandler(DelegatingView.java:131)
         at com.sap.tc.webdynpro.progmodel.controller.Action.fire(Action.java:72)
         at com.sap.tc.webdynpro.clientserver.phases.ProcessingEventPhase.doHandleActionEvent(ProcessingEventPhase.java:156)
         at com.sap.tc.webdynpro.clientserver.phases.ProcessingEventPhase.execute(ProcessingEventPhase.java:91)
         at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequestPartly(WindowPhaseModel.java:161)
         at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doProcessRequest(WindowPhaseModel.java:109)
         at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:96)
         at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:469)
         at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:52)
         at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.doExecute(ClientApplication.java:1388)
         at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.doProcessing(ClientApplication.java:1208)
         at com.sap.tc.webdynpro.serverimpl.core.sessionctx.AbstractExecutionContextDispatcher.delegateToApplicationDoProcessing(AbstractExecutionContextDispatcher.java:145)
         at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.DispatchHandlerForAppProcessing.doService(DispatchHandlerForAppProcessing.java:35)
         at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.AbstractDispatchHandler.service(AbstractDispatchHandler.java:116)
         at com.sap.engine.services.servlets_jsp.server.deploy.impl.module.IRequestDispatcherImpl.dispatch(IRequestDispatcherImpl.java:93)
         at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.ExecutionContextDispatcher.dispatchToApplicationDoProcessing(ExecutionContextDispatcher.java:114)
         at com.sap.tc.webdynpro.serverimpl.core.sessionctx.AbstractExecutionContextDispatcher.dispatch(AbstractExecutionContextDispatcher.java:80)
         at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.dispatch(ApplicationSession.java:506)
         at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.dispatch(ApplicationSession.java:526)
         at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doApplicationProcessingPortal(ApplicationSession.java:471)
         at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:250)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:698)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:230)
         at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:228)
         at com.sap.tc.webdynpro.serverimpl.core.sessionctx.AbstractExecutionContextDispatcher.delegateToRequestManager(AbstractExecutionContextDispatcher.java:192)
         at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.DispatchHandlerForRequestManager.doService(DispatchHandlerForRequestManager.java:38)
         at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.AbstractDispatchHandler.service(AbstractDispatchHandler.java:116)
         at com.sap.engine.services.servlets_jsp.server.deploy.impl.module.IRequestDispatcherImpl.dispatch(IRequestDispatcherImpl.java:93)
         at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.ExecutionContextDispatcher.dispatchToRequestManager(ExecutionContextDispatcher.java:140)
         at com.sap.tc.webdynpro.serverimpl.core.sessionctx.AbstractExecutionContextDispatcher.dispatch(AbstractExecutionContextDispatcher.java:92)
         at com.sap.tc.webdynpro.serverimpl.core.sessionctx.AbstractExecutionContextDispatcher.dispatch(AbstractExecutionContextDispatcher.java:104)
         at com.sap.tc.webdynpro.clientserver.session.core.ApplicationHandle.dispatch(ApplicationHandle.java:319)
         at com.sap.tc.webdynpro.clientserver.session.core.ApplicationHandle.doProcessing(ApplicationHandle.java:73)
         at com.sap.tc.webdynpro.portal.pb.impl.LocalApplicationProxy.sendDataAndProcessActionInternal(LocalApplicationProxy.java:1053)
         at com.sap.tc.webdynpro.portal.pb.impl.LocalApplicationProxy.sendDataAndProcessAction(LocalApplicationProxy.java:292)
         at com.sap.portal.pb.PageBuilder.updateApplications(PageBuilder.java:1512)
         at com.sap.portal.pb.PageBuilder.SendDataAndProcessAction(PageBuilder.java:358)
         at com.sap.portal.pb.PageBuilder$PhaseListenerImpl.doPhase(PageBuilder.java:2079)
         at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processPhaseListener(WindowPhaseModel.java:219)
         at com.sap.tc.webdynpro.clientserver.phases.PortalDispatchPhase.execute(PortalDispatchPhase.java:52)
         at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequestPartly(WindowPhaseModel.java:161)
         at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doProcessRequest(WindowPhaseModel.java:109)
         at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:96)
         at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:469)
         at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:52)
         at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.doExecute(ClientApplication.java:1388)
         at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.doProcessing(ClientApplication.java:1208)
         at com.sap.tc.webdynpro.serverimpl.core.sessionctx.AbstractExecutionContextDispatcher.delegateToApplicationDoProcessing(AbstractExecutionContextDispatcher.java:145)
         at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.DispatchHandlerForAppProcessing.doService(DispatchHandlerForAppProcessing.java:35)
         at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.AbstractDispatchHandler.service(AbstractDispatchHandler.java:116)
         at com.sap.engine.services.servlets_jsp.server.deploy.impl.module.IRequestDispatcherImpl.dispatch(IRequestDispatcherImpl.java:93)
         at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.ExecutionContextDispatcher.dispatchToApplicationDoProcessing(ExecutionContextDispatcher.java:114)
         at com.sap.tc.webdynpro.serverimpl.core.sessionctx.AbstractExecutionContextDispatcher.dispatch(AbstractExecutionContextDispatcher.java:80)
         at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.dispatch(ApplicationSession.java:506)
         at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.dispatch(ApplicationSession.java:526)
         at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doApplicationProcessingStandalone(ApplicationSession.java:457)
         at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:248)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:698)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:230)
         at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:228)
         at com.sap.tc.webdynpro.serverimpl.core.sessionctx.AbstractExecutionContextDispatcher.delegateToRequestManager(AbstractExecutionContextDispatcher.java:192)
         at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.DispatchHandlerForRequestManager.doService(DispatchHandlerForRequestManager.java:38)
         at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.AbstractDispatchHandler.service(AbstractDispatchHandler.java:116)
         at com.sap.engine.services.servlets_jsp.server.deploy.impl.module.IRequestDispatcherImpl.dispatch(IRequestDispatcherImpl.java:93)
         at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.ExecutionContextDispatcher.dispatchToRequestManager(ExecutionContextDispatcher.java:140)
         at com.sap.tc.webdynpro.serverimpl.core.sessionctx.AbstractExecutionContextDispatcher.dispatch(AbstractExecutionContextDispatcher.java:92)
         at com.sap.tc.webdynpro.serverimpl.core.sessionctx.AbstractExecutionContextDispatcher.dispatch(AbstractExecutionContextDispatcher.java:104)
         at com.sap.tc.webdynpro.serverimpl.core.AbstractDispatcherServlet.doContent(AbstractDispatcherServlet.java:87)
         at com.sap.tc.webdynpro.serverimpl.core.AbstractDispatcherServlet.doPost(AbstractDispatcherServlet.java:61)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
         at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:66)
         at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:32)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:431)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:289)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:387)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:376)
         at com.sap.engine.services.servlets_jsp.filters.ServletSelector.process(ServletSelector.java:85)
         at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
         at com.sap.engine.services.servlets_jsp.filters.ApplicationSelector.process(ApplicationSelector.java:160)
         at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
         at com.sap.engine.services.httpserver.filters.WebContainerInvoker.process(WebContainerInvoker.java:67)
         at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
         at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
         at com.sap.engine.services.httpserver.filters.ResponseLogWriter.process(ResponseLogWriter.java:60)
         at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
         at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
         at com.sap.engine.services.httpserver.filters.DefineHostFilter.process(DefineHostFilter.java:27)
         at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
         at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
         at com.sap.engine.services.httpserver.filters.MonitoringFilter.process(MonitoringFilter.java:29)
         at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
         at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
         at com.sap.engine.services.httpserver.server.Processor.chainedRequest(Processor.java:309)
         at com.sap.engine.services.httpserver.server.Processor$FCAProcessorThread.run(Processor.java:222)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:152)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:247)
    This error message comes up no matter with which page or iView I try.
    What can I do?

    Hi All,
      Can anyone suggest some ways to rectify the error, as i am not able to  find solution for the error in the
    forum.
    Regards
    Prakash

  • How add grant permission in java.policy

    hi master
    sir serch in my system
    C:\Program Files\j2sdk_nb\j2sdk1.4.2\jre\lib\security
    C:\Program Files\j2sdk_nb\_jvm\lib\security
    C:\Program Files\Java\j2re1.4.1_03\lib\security
    C:\Program Files\Java\jre1.5.0_10\lib\security
    sir i have many java.policy file which one is default java.policy file
    how i add the code
    permission java.util.PropertyPermission "java.version", "read";
    permission java.util.PropertyPermission "java.vendor", "read";
    permission java.util.PropertyPermission "java.vendor.url", "read";
    permission java.util.PropertyPermission "java.class.version", "read";
    permission java.util.PropertyPermission "os.name", "read";
    permission java.util.PropertyPermission "os.version", "read";
    permission java.util.PropertyPermission "os.arch", "read";
    permission java.util.PropertyPermission "file.separator", "read";
    permission java.util.PropertyPermission "path.separator", "read";
    permission java.util.PropertyPermission "line.separator", "read";
    permission java.util.PropertyPermission "java.specification.version", "read";
    permission java.util.PropertyPermission "java.specification.vendor", "read";
    permission java.util.PropertyPermission "java.specification.name", "read";
    permission java.util.PropertyPermission "java.vm.specification.version", "read";
    permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
    permission java.util.PropertyPermission "java.vm.specification.name", "read";
    permission java.util.PropertyPermission "java.vm.version", "read";
    permission java.util.PropertyPermission "java.vm.vendor", "read";
    permission java.util.PropertyPermission "java.vm.name", "read";
    and this code
    grant codeBase "C:\Program Files\j2sdk_nb\j2sdk1.4.2\jre\lib\security
    permission java.security.AllPermission;
    give me idea how i add my code in java.policy file of using the oracle database in applete
    thank
    aamir

    in the control panel see what runtime is used by ur applet, mostly the lastest one u installed.
    C:\Program Files\Java\jre1.5.0_10\lib\security
    in this folder grant permission for the codebase where ur database is located.

  • Grant Permission base on Scheme ?

    Is there any way to grant permission base on scheme ??
    e.g.
    I want to allow user to select all table in another scheme. Beside grant permission for each table one by one, is there any way to do this ??

    There is no single privilege grant for this-- you'll have to grant privileges on individual objects. Of course, you can script these grants using a few lines of PL/SQL, i.e.
    DECLARE
      sqlStmt VARCHAR2(1000);
    BEGIN
      FOR x IN (SELECT * FROM user_tables)
      LOOP
        sqlStmt := 'GRANT SELECT ON ' || x.table_name ||
                   ' TO <<another user>>';
        EXECUTE IMMEDIATE sqlStmt;
      END LOOP;
    END;Justin
    Distributed Database Consulting, Inc.
    http://www.ddbcinc.com/askDDBC

  • Problem in Granting permissions for Signed Applet

    Hi,
    I have signed my applet with my self generated certificate. The client browser has imported this certificate in his cacerts keystore as trustcacerts. When I grant permission for my client(manually,in the client machine), I have peculiar errors.
    Case 1 : grant codeBase "http://***.XXX.***.XX/-" { permission java.security.AllPermission; };
    This permission works fine. But the client is able to download all applets from the granted machine, including unsigned applets.
    Case 2: grant SignedBy "dcard" codeBase "http://***.XXX.***.XX/-" { permission java.security.AllPermission; };
    If I add the signedBy tag, this particular grant section is completely omitted by the system. That is, the browsers does not recognize the signedBy tag( & its entire grant block) and throws SecurityExceptions for accessing the local machine.
    Please help me to grant permission for the applet coming from a particular source AND signed by a particulr person.
    Thanks in advance,
    Rajesh
    Note : Plug-in is java1.3.0_02. The public certificate is imported as trustcacerts in all cacerts files in system.

    This is the complete Error :
    WARNING: Attempting to use HTTP Firewall Proxy Server
    due to security restrictions: org.omg.CORBA.INTERNAL: Can not find GateKeeper: java.security.AccessControlException: access denied (java.net.SocketPermission localhost:15000 connect,resolve) minor code: 0 completed: No
    org.omg.CORBA.INTERNAL: Can not find GateKeeper: java.security.AccessControlException: access denied (java.net.SocketPermission localhost:15000 connect,resolve) minor code: 0 completed: No
         at com.visigenic.vbroker.gatekeeper.BridgeEx.login(BridgeEx.java:102)
         at com.visigenic.vbroker.gatekeeper.BridgeEx.loginHelper(BridgeEx.java:71)
         at com.visigenic.vbroker.gatekeeper.BridgeEx.bind(BridgeEx.java:200)
         at com.visigenic.vbroker.interceptor.ChainBindInterceptorImpl.bind(ChainBindInterceptorImpl.java:42)
         at com.visigenic.vbroker.orb.ORB.bind(ORB.java:1196)
         at com.visigenic.vbroker.orb.ORB.bind(ORB.java:1361)
         at com.visigenic.vbroker.orb.ORB.bind(ORB.java:1171)
         at com.platform7.persona.acceptor.GacHelper.bind(GacHelper.java:299)
         at com.platform7.persona.acceptor.GacHelper.bind(GacHelper.java:295)
         at GenericApplet.init(GenericApplet.java:40)
         at sun.applet.AppletPanel.run(Unknown Source)
         at java.lang.Thread.run(Unknown Source)
    org.omg.CORBA.INTERNAL: Can not find GateKeeper: java.security.AccessControlException: access denied (java.net.SocketPermission localhost:15000 connect,resolve) minor code: 0 completed: No

  • Granting permission to Discussion Board

    Hello Community
        Using Sharepoint 2010 Server and the UI is there a way to
    grant the Discussion Board permission to a group to: Add Discussion, Reply
    to a Discussion and Delete a Discussion without granting Full Control or Contribute permissions?
        Thank you
        Shabeaut

    Hi Shabeaut,
     try below workaround:
    1. Create two user group. One for add discussion and second for add reply. Then add users based on your need in groups
    2. Give contribute permission to first group so that they can add discussion and give read rights to second group so they can only read.
    3. Now as soon a discussion is created you have do break the permission  inheritance to change the permission for both groups. So go to created discussion permission and give read access to first group and contribute to second group.
    This is only OOTB solution for your requirement and this is bit hectic work for admin. I would suggest that create one custom event receiver, which can change the item level permission as soon as discussion is created.
    The thread is http://social.technet.microsoft.com/Forums/office/en-US/89056c2e-352e-4ad1-b9dd-c53e41c8d9ab/custom-grant-permission-for-discussion-board?forum=sharepointadminprevious
    Please remember to click 'Mark as Answer' on the answer if it helps you

  • SSRS How to grant BROWSE permission for reports for all the application users?

    Hello,
    Problem Statement
    I need to allow all of my application users to browse the SSRS reports via logging onto the Report Manager and to some other I even want them to use Report Builder to modify & upload the report.
    How could I achieve this.
    Environment & Current implementation
    We use SQL Server 2012 reporting services.
    Custom authentication has been implemented using IAuthenticationExtension Interface. For more details, please refer
    this msdn link.
    Currently, for each new user created in the application, the admin has to manually give BROWSER role to the username to enable that newly created user to browse the reports.
    Is there any way in which we can give "everyone" the BROWSE permission and get rid of this manual permission granting process?
    Please feel free to ask for any additional information you need to help me on this issue.
    Thanks!
    -Vinay Pugalia
    If a post answers your question, please click "Mark As Answer" on that post or
    "Vote as Helpful".
    Web : Inkey Solutions
    Blog : My Blog
    Email : Vinay Pugalia

    Hi vinaypugalia,
    According to your description, you want to grant permissions for users to access report server in a batch, right?
    In your scenario, you can use
    script files( AddItemSecurity.rss and ConfigureSystemProperties.rss )with the Reporting Services SOAP API to assign permissions. It’s better that you add those users to a user group then run those script.
    Similar thread for your reference:
    SQL script to grant user permissions for SQL Server Reporting Services
    Programmatically adding users to SSRS?
    If you have any question, please feel free to ask.
    Best regards,
    Qiuyun Yu
    Qiuyun Yu
    TechNet Community Support

  • AIA FP installation - ORA-01031: insufficient privileges and JPS-04201: Cannot grant permission(s). Grant already exists for grantee errors

    Hi All,
          We are installing AIA FP 11.1.1.7 on SOA Suite 11.1.1.7(no patch has been applied, after SOA Suite ODI 11.1.1.7 is installed on it) this is for AIA Comms 11.4 PIP. Below error can be seen in oracle inventory logs while installing AIA FP11.1.1.7 -
    BUILD FAILED
    /u02/app/Oracle/Middleware/AIAHOME/Infrastructure/Install/AID/AIAExecuteDriver.xml:223: The following error occurred while executing this line:
    /u02/app/Oracle/Middleware/AIAHOME/Infrastructure/Install/AID/AIAExecuteDriver.xml:65: The following error occurred while executing this line:
    /u02/app/Oracle/Middleware/AIAHOME/aia_instances/DEVAIA/tmp/AIDExecuteDP_temp_2130290318.xml:12: The following error occurred while executing this line:
    /u02/app/Oracle/Middleware/AIAHOME/Infrastructure/Install/AID/lib/AIDConfigurationLibraryTasks.xml:298: java.sql.SQLSyntaxErrorException: ORA-01031: insufficient privileges
    Also before this i can see,
    [exec] Command FAILED, Reason: JPS-04201: Cannot grant permission(s). Grant already exists for grantee [GranteeEntry: codeSource=file:${soa.oracle.home}/soa/modules/oracle.soa.ext_11.1.1/classes/oracle/apps/aia/core/util/- principals=[]].
         [exec]
         [exec] WARNING!!! Grant already exists for grantee.
         [exec] No stack trace available.
         [exec] Disconnected from weblogic server: AdminServer
       [delete] Deleting: /u02/app/Oracle/Middleware/AIAHOME/aia_instances/DEVAIA/tmp/keyFile
       [delete] Deleting: /u02/app/Oracle/Middleware/AIAHOME/aia_instances/DEVAIA/tmp/propFile
    Also,
    In processFieldStringXREF Admin Password
    In processFieldStringJMSDB Temporary Tablespcae
    In processFieldStringInvalid Database Schema name - Is this an error
    In processFieldStringAIA Lifecycle Port
    In processFieldStringAIADB SYS. USER
    In processFieldStringInvalid Database Schema name
    In processFieldStringJMSDB Default Tablespcae
    In processFieldStringXREF SYS. USER
    do anyone had idea on it, we are installing on Solaris SPARC machine.
    Thanks and Warm Regards,
    RR

  • Unexpected error while granting permission in site permission !

    Hello,
    While granting permission to user in site permission it throws unexpected error in IE while in chrome it works perfect !
    Any idea ? 
    Thank you in advance !
    Dipti Chhatrapati

    Hi Dipti,
    I agreed with Scott, please check the log file to find more information based on the correlation ID.
    More information about checking log based on correlation ID, please refer to the link:
    http://mroffice365.com/2011/09/using-correlation-id-to-find-out-sharepoint-problem/
    In addition, whether you used the same account when using the IE and Chrome.
    Which version did you use for IE? Please try to use IE 10 32-bit, compare the result.
    Make sure that account you used in IE have manage permission on the site.
    Please add the site into IE Trusted Site, compare the result.
    Best Regards,
    Wendy
    Forum Support
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
    [email protected]
    Wendy Li
    TechNet Community Support

  • I have downloaded the most recent itunes on my new computer with windows 8        but a message pops up saying "the itunes library.itl file is locked, on a locked disk or you do not have write permission for this file. How do I fix?

    I have downloaded the most recent itunes on my new computer with windows 8 but when I attempt to get in I get this message "The itunes library.itl file is locked, ona locked disk, or you do not have write permission for this file."  How do i fix this?

    Repair iTunes Security Permissions
    Right-click on your main iTunes folder and click Properties, then go to the Securitytab and click Advanced. Use the Change Permissions... button grant to your account (or the Users group) and SYSTEM full control of this folder, subfolders and files, then tick the option to Replace permissions entries... which will repair permissions throughout the library. When complete switch to the General tab, click in the Read-only check box to clear it, then click Apply.
    If you don't have the option to change the permissions then use the Owner tab and Edit... button to take ownership from an account with administrator privileges. Tick the option to Replace owner on subcontainers and objects.
    Repeat with the media folder if it isn't stored inside the main iTunes folder.
    If you've brought over the library from another computer you may also want to remove any "mystery" identities (S<string of dashes & digts>) that have come over from the old computer...
    The images above are from Windows 7. Hopefully the system isn't too different in Windows 8.
    tt2

  • I have a Windows 7 Professional, 64 bits on my computer and have recently installed iTunes 11.1.3.8. but i started having this msg :"The folder iTunes is on a locked disk or you do not have write permission for this folder" issues: how can i solve it?

    I have a Windows 7 Professional, 64 bits on my computer and have recently installed iTunes 11.1.3.8. but i started having this msg :"The folder iTunes is on a locked disk or you do not have write permission for this folder" issues: how can i solve it?

    Right-click on your main iTunes folder and click Properties, then go to the Security tab and click Advanced. If necessary grant your account and SYSTEM full control of this folder, subfolders and files, then tick the option to replace permissions on child objects which will repair permissions throughout the library. This is the XP dialog but Windows 7 shouldn't be too different.
    If it won't let you change the permissions use the Owner tab to take ownneship from an account with administror privileges.
    tt2

Maybe you are looking for

  • I sent my iphone in for replacement how can i figure out the tracking number?

    Also, how many days does it take? It's been three so far.

  • How to listen to Pandora or Sirius Apps on pioneer AVH-P3200BT

    Just bought a Pioneer AV unit. Its AVH-P3200BT and it has the usb and aux in the front. I cant seem to listen to my apps unless it through the aux port. The sound quality stinks. I called Pioneer and they recommended that I try their CD-IU50V. Not su

  • Rediffmail not opening on Safari

    I have a MAC OS 10.5.6 desktop. I am unable to open Rediffmail for the past 10-15 days. The Rediff web page opens with Safari and I am able to browse news, sports and other items; however, when I log in to rediffmail, I get a message saying " session

  • Clearing customer special G/L debit item in EBS

    Dear Experts, In the customer account there is a debit item with Special G/L Indicator. Can this be cleared in the EBS Posting(FF.5) if the reference no. matches in the Bank statement.  What parameters are required in the Posting Rule. Regards, Vikra

  • CR XI and charts -newb question within

    Hi All, Great website and resource!  I'm a CR newbie and need help with charts.  I'll be using CR to develop single page summary sheets that contain only charts and cross-tabs.  The data is identified by dates that range from 2002 to 2008, and certai