Group owner "wheel"

I recently installed an oss app, I was unable to make an alias of it, so I checked its permissions.
Its group owner was "wheel", now I'm just curious why it was set as wheel. btw, the user owner is my main account, who is not in group wheel.
So is there any drawbacks to adding myself to group "wheel"?, any drawbacks to changing group ownership to admin, root, or $Name?

Here are some of my permissions:
mac $ pwd
/Applications
mac $ ls -l
total 480
drwxr-xr-x    3 mac   staff    102 Jan 24  2007 0xED-1.app/
-rwxr-xr-x    1 mac   wheel  13780 Sep 15 15:47 0xED.app*
drwxrwxr-x    4 root  admin    136 Jan 11  1970 Acrobat Reader 5.0/
drwxrwxr-x    3 root  admin    102 Sep 11 17:31 Address Book.app/
drwxrwxr-x    3 mac   admin    102 Aug 15  2007 Adobe Help Viewer 1.0.app/
drwxrwxr-x    6 mac   admin    204 Oct 31  2003 Adobe Reader 6.0/
drwxrwxr-x    5 mac   admin    170 Nov 13 15:50 Adobe Reader 9/
seems like other should be r-x
root # ls -ld  WhatSize*
drwx------   3 mac  admin  102 Apr  7  2006 WhatSize.app/
Used the gui alias command...
root # ls -ld  WhatSize*
drwx------   3 mac  admin  102 Apr  7  2006 WhatSize.app/
-rw-r--r--   1 mac  admin    0 Nov 20 16:31 WhatSize.app alias
root # 
Robert

Similar Messages

  • How to track changes made to a group owner for Distribution/Security Group in FIM 20101 R2?

    We have a requirement where we have to send a consolidated email to the new group owner which lists all the groups that are tagged to him/her.
    This requirement is needed so that the new group owner can be notified of the groups that he/she owns. Group owner information can be updated in AD which would then sync with FIM, Bulk updates for groups in FIM.
    So first we would have to basically track the group owner change in FIM, retrieve the owner information, then list all the groups listed under him, consolidate an email and trigger the notification.
    Can someone help me and let me know how this can be achieved?
    Thanks in advance!!

    Hello,
    you can not do with only OOB functions. You will need a custom activity to enumerate all group a specific persons owns.
    First part is easy, create a MPR which triggers a workflow activity on owner attribute changes.
    The custom activity should then search for all groups new owner owns in addition.
    Pass that information through the WorklowDictionary to a notification activity.
    If your are not familar with developing workflow activities you could use PowerShell Activity for example.
    /Peter
    Peter Stapf - ExpertCircle GmbH - My blog:
    JustIDM.wordpress.com

  • How to create a Set of Group Owners

    Step 1:  Create and bind an attribute called GroupOwner to user objects in the Portal
    Step 2:  Run the following Powershell script as an administrator of FIM.
    Step 3: Create your set based on the updated GroupOwner attribute which will now be true for all your Group Owners
    Step 4:  Make workflows! :)
    The Code:
    $uri
    =
    http://NameofYourServer:5725
    $attributeName
    =
    "GroupOwner"
    # load FIM snapin, ignore errors if already loaded
    Add-PSSnapin
    FIMAutomation
    -ErrorAction
    SilentlyContinue
    # gets the value of a single-valued attribute from an exported object
    function
    GetAttributeValue($exportObject,[string]
    $name) {
    $attribute
    =
    $exportObject.ResourceManagementObject.ResourceManagementAttributes |
    Where-Object {$_.AttributeName
    -eq
    $name}
    if ($attribute
    -ne
    $null
    -and
    $attribute.Value) {
    $attribute.Value
          $users=Export-FIMConfig
    -CustomConfig
    "/Person[ObjectID = /Group/Owner]"
    -OnlyBaseResources
    foreach ($user
    in
    $users) {
    $objectID2=$user.ResourceManagementObject.ResourceManagementAttributes
    | Where-Object {$_.AttributeName
    -eq
    "ObjectID"}
    $objectID2=$objectID2.Value
    $ImportOperation
    = [Microsoft.ResourceManagement.Automation.ObjectModel.ImportOperation]
    $ImportState
    = [Microsoft.ResourceManagement.Automation.ObjectModel.ImportState]
    $importChange
    =
    New-Object
    Microsoft.ResourceManagement.Automation.ObjectModel.ImportChange
    $importChange.Operation
    =
    $ImportOperation::Replace
    $importChange.AttributeName
    =
    ${attributeName}
    $importChange.AttributeValue
    =
    $true
    $importChange.FullyResolved
    = 1
    $importChange.Locale
    =
    "Invariant"
    $importObject
    =
    New-Object
    Microsoft.ResourceManagement.Automation.ObjectModel.ImportObject
    $importObject.ObjectType
    =
    "Person"
    $importObject.TargetObjectIdentifier
    =
    $objectID2
    $importObject.SourceObjectIdentifier
    =
    $objectID2
    $importObject.State
    =
    $ImportState::Put
    $importObject.Changes
    = (,$importChange)
    $importObject |
    Import-FIMConfig
    -uri
    $uri

    Changed the code to allow for skipping values that are already true to reduce FIM level overhead.
    $uri = "http://FQDNofyourServer:5725"
    $attributeName = "GroupOwner"
    # load FIM snapin, ignore errors if already loaded
    Add-PSSnapin FIMAutomation -ErrorAction SilentlyContinue
    # gets the value of a single-valued attribute from an exported object
    function GetAttributeValue($exportObject,[string] $name) {
    $attribute = $exportObject.ResourceManagementObject.ResourceManagementAttributes |
    Where-Object {$_.AttributeName -eq $name}
    if ($attribute -ne $null -and $attribute.Value) {
    $attribute.Value
    $users=Export-FIMConfig -CustomConfig "/Person[ObjectID = /Group/Owner]" -OnlyBaseResources
    foreach ($user in $users) {
    $objectID2=$user.ResourceManagementObject.ResourceManagementAttributes | Where-Object {$_.AttributeName -eq "ObjectID"}
    $objectID2=$objectID2.Value
    $objectID3=$user.ResourceManagementObject.ResourceManagementAttributes | Where-Object {$_.AttributeName -eq "GroupOwner"}
    $objectID3=$objectID3.Value
    if ($objectID3 -ne $true) {
    # write-host $objectID2
    $ImportOperation = [Microsoft.ResourceManagement.Automation.ObjectModel.ImportOperation]
    $ImportState = [Microsoft.ResourceManagement.Automation.ObjectModel.ImportState]
    $importChange = New-Object Microsoft.ResourceManagement.Automation.ObjectModel.ImportChange
    $importChange.Operation = $ImportOperation::Replace
    $importChange.AttributeName = ${attributeName}
    $importChange.AttributeValue = $true
    $importChange.FullyResolved = 1
    $importChange.Locale = "Invariant"
    $importObject = New-Object Microsoft.ResourceManagement.Automation.ObjectModel.ImportObject
    $importObject.ObjectType = "Person"
    $importObject.TargetObjectIdentifier = $objectID2
    $importObject.SourceObjectIdentifier = $objectID2
    $importObject.State = $ImportState::Put
    $importObject.Changes = (,$importChange)
    $importObject | Import-FIMConfig -uri $uri

  • Group Owner unable to see members

    Hello All,
        I posted this question a while back but never got an answer so I thought I'd repost it. I've run into an issue where when a security group owner logs into the FIM portal they see the groups they are managing but are unable to see a list of
    members of the group. However when I log in as an FIM administration and I look at the same group I see all members. How do I allow the group owner to manage his own group by granting him access to read the membership. Is there a specific Search Scope or MPR
    that needs to be enabled besides the following.
    MPR's that are enabled
    Security group management: Owners can read selected attributes of group resources 
    Security group management: Owners can update and delete groups they own 
    Navigation Bar Resources that are enabled as BasicUI
    Security Groups (SG's)
    My SGs
    My SG Memberships
    Home Page Resources that are enabled as BasicUI
    Security Groups (SG's)
    My SGs
    My SG Memberships
    Search Scopes that have BasicUI
    My Security Groups
    My SG Memberships

    Default values here:
    Half-seen attributes are: Manager; MiddleName; Mobile Phone; Time Zone
    Is this user a part of this group as well? If so maybe try to enable MPR named User management: Users can read attributes of their own
    also?
    Another way to check what should be enabled is:
    In Management Policy Rules view, click Explore.
    On Find tab, leave first option selected.
    On Criteria tab, select: Read resource, Only permission granting...; Include disabled ...; Requestor: owner. Target Resource: group
    Check MPRs listed and check which of them are disabled :)
    Security group management: Owners can read selected attributes of group resources
    Security group management: Users can read selected attributes of group resources
    Group management: Group administrators can read attributes of group resources
    If you found my post helpful, please give it a Helpful vote. If it answered your question, remember to mark it as an Answer.

  • Extract group owners from group

    How can you extract group owners from a group? ver. 3.0.9.8.5. I want to do two things; extract all groups that a user is the owner of, and find all the owners of a group.
    The code below will extract out all the users of a group, but how do you get the owners? I can't figure out where the group owner flag is being set. There are two deprecated functions (get_list_members, user_in_group), which I've used and is extra coding than what's necessary, but we're also migrating to version 2 soon.
    Thanks,
    Rick
    SELECT b.name,
    a.user_name,
    a.last_name,
    a.first_name
    FROM portal30.wwsec_person$ a,
    portal30.wwsec_group$ b,
    portal30.wwsec_member$ c
    WHERE a.id = c.member_person_id
    AND b.name = 'my_group'

    Sorry, I got timed out and posted this to the wrong forum accidently. Is there a way to delete your own message?

  • Group owners can't manage own membership

    I want to let group owners manage thier own membership (add and delete users from thier group only). Being assigned as "group owner" doesn't provide any mechanism that I could find to do this. However, assigning the group's "Privilege Assignments, Allow Group Editing" is too powerful, allowing membership management of all groups. We are using portal version 9.0.2.3.0B
    What am i missing?

    Applied patch but it did not help. Nor did the workaround work. I can logout, close the browser and upon logging back in I still cannot manage my group.
    I am both the owner and a member of my group.
    The error I get is:
    Group Management Error!
    No Privilege to Edit Group.

  • Changing group owner disables wiki/blog

    For quite some time now the procedure for creating new groups with a single owner/moderator has worked well. I 1) go in to the directory app on the server, 2)create the group, 3) change the owner to the teacher who will manage the wiki/blog, 4) add the teacher to the list of users allowed to create wikis (in web services). Then everything works like a charm. As of a few weeks ago (and I have not run any updates--still on 10.5.6, etc.), as soon as I change the group owner from Directory Administrator the wiki/blog generates a no group with that name is hosted on this server. Changing the owner back to directory admin fixes this but I need the teachers to be owner/moderators. Any suggestions on what might be causing this problem?
    Thanks,

    Is there any solution to this problem? I am trying to set up the group owner but can't. I am set as the group owner in the group list and set as moderator in the list of users allowed to create wikis but when I go into the wiki site I am unable to change settings.

  • Set group owner using REST API

    I'm trying to use the REST API to set the owner of a SharePoint group. I can successfully create the group using REST, but I can't change the owner. I've tried the following.
    1 - Specifying a group owner while creating the group
    Endpoint: .../_api/web/sitegroups
    Method: POST
    Headers:
    Content-Type: application/json; odata=verbose
    Body:
    { '__metadata': { 'type': 'SP.Group' }, 'Title': '<title>', 'Description': '<description>', 'Owner': { '__metadata': { 'type': 'SP.Principal' }, 'Title': '<owner_title>'}}
    This returns a 500 error: "The specified name is already in use. Please try again with a new name". In other words, the owner title I specified already exists, which is correct - I'm trying to make an existing principal the owner of the new group.
    2 - Merging a new group owner into an existing group
    Endpoint: .../_api/web/sitegroups(<group_id>)
    Method: POST
    Headers:
    Content-Type: application/json; odata=verbose
    X-HTTP-Method: MERGE
    Body:
    { '__metadata': { 'type': 'SP.Group' }, 'Owner': { '__metadata': { 'type': 'SP.Principal' }, 'Title': '<owner_title>'}}
    This returns a 500 error with a Microsoft.SharePoint.SPException: "Exception from HRESULT: 0x80131904". The trace logs don't shed any light on it.
    3 - Using the owner endpoint directly
    Endpoint: .../_api/web/sitegroups(<group_id>)/owner
    Method: POST
    Headers:
    Content-Type: application/json; odata=verbose
    X-HTTP-Method: PUT
    Body:
    { '__metadata': { 'type': 'SP.Principal' }, 'Title': '<owner_title>'}
    This throws various 400 errors. If the current owner of the group is a user, I get the error "The required property 'Email' does not exist in the message" - i.e. it wants SP.User properties. If the current owner of the group is another group, I get
    the error "The required property 'AllowMembersEditMembership' does not exist in the message." - i.e. it wants SP.Group properties.
    I've tried various adaptations of the three approaches above, such as specifying additional SP.Principal properties or passing SP.User or SP.Group objects instead, but with no success. Any ideas?

    As we chatted on email.  There doesn't seem to be any combo that will set the owner.  Only way to do it is to use the CSOM XML method and post to client.svc\ProcessQuery:
    POST
    http://weburl/_vti_bin/client.svc/ProcessQuery HTTP/1.1
    X-RequestDigest: 0xAE382F0A8F11688BA9BE66739F84443892CE5E5452BA3E2622F6013D9D97EA8A8D9476463EDC503F700EB24F45024150D0DEEB2F40B160CD88BA7C7B4769BECD,15 Jan 2014 00:11:02 -0000Content-Type: text/xml
    Host:
    www.sanspug.org
    Cookie: FedAuth=blah
    Content-Length: 612
    Expect: 100-continue
    Accept-Encoding: gzip, deflate
    XML body is:
    <Request AddExpandoFieldTypeSuffix="true" SchemaVersion="15.0.0.0" LibraryVersion="15.0.0.0" ApplicationName=".NET Library" xmlns="http://schemas.microsoft.com/sharepoint/clientquery/2009">
    <Actions>
    <SetProperty Id="45" ObjectPathId="32" Name="Owner">
    <Parameter ObjectPathId="33" />
    </SetProperty>
    <Method Name="Update" Id="46" ObjectPathId="32" />
    </Actions>
    <ObjectPaths>
    <Identity Id="32" Name="740c6a0b-85e2-48a0-a494-e0f1759d4aa7:site:a1452dcc-8fc4-4631-8ada-97cb204810f1:g:9" />
    <Identity Id="33" Name="740c6a0b-85e2-48a0-a494-e0f1759d4aa7:site:a1452dcc-8fc4-4631-8ada-97cb204810f1:g:7" />
    </ObjectPaths></Request>
    The ids are randomly generated and can be anything you want, as long as they correlate (setproperty and method objectpathid is the object you are updating).  The most important part is the
    “Name” parts. The first part is the typeid of the object (in this case is means SPGroup), the second part as you can see if the site guid id.  The response does in fact return json if you tell it too:
    Chris Givens CEO, Architecting Connected Systems
    Blog Twitter

  • Find group owners

    How can you extract group owners from a group? ver. 3.0.9.8.5. I want to do two things; extract all groups that a user is the owner of, and find all the owners of a group.
    The code below will extract out all the users of a group, but how do you get the owners? I can't figure out where the group owner flag is being set. There are two deprecated functions (get_list_members, user_in_group), which I've used and is extra coding than what's necessary, but we're also migrating to version 2 soon.
    Thanks,
    Rick
    SELECT b.name,
    a.user_name,
    a.last_name,
    a.first_name
    FROM portal30.wwsec_person$ a,
    portal30.wwsec_group$ b,
    portal30.wwsec_member$ c
    WHERE a.id = c.member_person_id
    AND b.name = 'my_group'

    Strange thing is this morning the "Other" link is now missing for my account as well. I contacted Microsoft and they said 1 out of 5 of their admins had the "Other" link. One of which had the same version as our domain. So they're doing
    a tenant sync and checking on past and new updates to try and find the issue.
    That direct link that you sent works but I'm hoping that'll be a plan B.

  • Group owners unable to edit groups

    We migrated from portal version 3.0.9.8.5 to 9.0.2.6.18
    using verison4 of the upgrade scripts.
    Now group owners cannot edit groups.
    However when i login as portal30_admin or assign
    edit any group to group owners they can edit groups.
    Any pointers?

    This is a known bug in this version. You need to open a TAR for the solution.

  • Users and Group Owners are unable to see their groups

    Hello all,
         I have an issue where security group owners are unable see/read any groups that they own. I have enabled the following  MPR's but still nothing please help.
    Group management: Group administrators can create and delete group resources
    Group management: Group administrators can read attributes of group resources
    Group management: Group administrators can update group resources
    Security group management: Owners can read selected attributes of group resources
    Security group management: Owners can update and delete groups they own
    Security group management: Users can read selected attributes of group resources
    Also when a user logs into the portal they are unable to see any Security groups listed under MY SG Membership. However when we check the group membership they are indeed part of the group both in FIM portal
    and AD.

    Reason might be that user's don't have access to group objects at all or are not able to read some of attributes of a group. Also make sure that BasicUI keyword was added to the specific elements of UI used in group management - this includes navbars but
    also search scopes which are used for group filtering. 
    On the MPRs side:
    Make sure that your Security group users set was not modified - maybe people are filtered out from these MPRs.
    Use explore function in MPR  part of a portal to check what actual MPRs are being triggered when user tries to access group object. 
    Tomek Onyszko, memberOf Predica FIM Team (http://www.predica.pl), IdAM knowledge provider @ http://blog.predica.pl
    Hi Tomek,
    Which attributes must a user be able to read in order for this to work? If possible can you provide me with a full list so I can verify that they do have rights to read them.
    I have added the keywork BasicUI to the following sections 
    Under Home Page Resource
    Join a SG
    Manage my SGs
    Search Scopes
    Security Groups (SGs)
    See my SG memberships
    Under Navigation Bar Resource
    My SG Memberships
    My SGs
    Security Groups (SGs)
    As for the security group users set, I have modified it to allow all domain users to be part of this set. When I click View Members all users are listed. 
    "Use explore function in MPR  part of a portal to check what actual MPRs are being triggered when user tries to access group object. "  How would somebody go about doing this?

  • Wrong datafile group owner

    I for got to switch the primary group from oinstall to dba after oracle installation. As a consequence, my database (data files) was created with the the group owner as "oinstall" instead of "DBA". Any problem if I shut down the DB, change the ownership or the data files to "DBA"??? I followed the Oracle installation recommendation and the OS oracle user belonged to both oinstall and dba groups.
    Thanks!

    user13118074 wrote:
    Thanks for the quick and helpfull reply!!!
    The reason I want to change some of the data files group ownership to "DBA" because after I created the DB, I change the primary group of the OS iseracle user to "DBA", and as a result, all the new tablespaces have data file group owner as "DBA". This means some data files now have "oinstall" as the group owner while the rest have "DBA" as the group owner. The DB still working OK with 2 different group ownerships, but I want to change for consistency. So, again, my question is if I shut down the DB and change the data file group owner to "DBA", the DB should still be working properly after change???. Thanks!Yes it would be working properly after the change as mentioned by you.
    Regards
    Anurag

  • Group owner distribution list cant add/remove member via outlook but via ecp work fine

    Hi all,
    i user exchange server 2013 sp1 with domain contoler windows server 2008 R2.
    my end user have problem. When group owner want to add/remove member via outlook cant but via ecp work fine ?
    i try to folowing this article http://theucguy.net/group-owners-cannot-manage-distribution/ but not work.
    any ideas? please help
    thanks,

    Hi,
    Please share me the error message which is occurring when the group owner try to add or remove members.
    Note : Group owners cannot be as a group and it should be an individual member.
    Please execute the below mentioned command and let me know the status .
    Get-DistributionGroup –ID “DistributionGroupName”
    | Set-DistributionGroup –ForceUpgrade
    Execute the above mentioned command and check.
    Regards
    S.Nithyanandham
    Thanks & Regards S.Nithyanandham

  • Cluster Group Owner

    Hi Guys,
    I have DAG extended to two sites (Primary and DR).
    I have moved Cluster group owner to DR mailbox server using power shell command.
    Now, when I try to move the cluster group owner back to a mailbox server in the Primary site, It doesn't work.
    It (PAM role of exchange) switches back to DR mailbox node automatically, any idea why is this happening ?
    Platform: Server 2012 with Exchange 2013

    Hi Raghu,
    Please use the below mentioned command on the windows power shell and share me the results.
    Step 1: 
    Import-Module failoverclusters
    Step 2 : 
    Move-ClusterGroup -Node "Any one of the node on production site" -Name "cluster group"
    Step 3 :
    Please run the below mentioned command to check the PAM role and that is the server which is holding the cluster resources.
    Get-DatabaseAvailabilityGroup -Identity "dag name" -Status | fl *pri*
    To confirm that again .Please use the below mentioned command in Exchange management shell.
    Get-ClusterGroup | ft -au
    In addition to that , please share the fail over cluster events which is related the cluster resources move.
    To have deep dig on this case we can do the following.
    From one of the nodes of the cluster, open a Command Prompt with Administrator rights.  The simplest command to create the log is to type “cluster log /g”.  A clusterl.log file will be generated and stored in the %windir%\Cluster\Reports directory
    on each node of the cluster.  Note that with all commands you can use either “cluster … ” or “cluster.exe …” as they have the same functionality.
    Please reply me if you have any queries.
    Thanks & Regards S.Nithyanandham

  • Distribution group owner field in GAL not displaying for configured owner.

    Quick question: for a configured DG owner to show up in the owner field when the properties are selected via Outlook using the GAL, does the owner need to also be a member of the group for the field to display that person? We have a case here where the owner
    is configured in Exchange, but does not display in Outlook. I checked other groups and when the owner does display in Outlook, the owner is always a member of the group in question also. 
    Thanks!

    Thanks for the reply. Yes, I do see her as the MagedBy user:
    [PS] C:\Windows\system32>Get-DistributionGroup .globalpeopleleaders | Ft Managedby
    ManagedBy
    {cds.int/Canada/Users/Laptop Users/Heutzenroeder, Audrey}
    Yet, in Outlook the owner field in the properties of the DG is emtpy. 
    I'm told that she was made manager of the group 18 months ago.

Maybe you are looking for

  • Up grade software on black bt vision box and new b...

    Just had upgrade on bt vision box and states i have no broadband connection. (direct connection to router)  I had to go into router and turn off smart set-up.  now what ever happened to the old plug and play.  your standard job bloggs is going to rip

  • Verizon iPhone 4S stopped being able to receive SMS messages last night.  Any ideas?

    My wife and I have had our iPhone 4S's since they first became available in 2011.  Up until last night we had not had any issues.  All of a sudden a couple of our relvatives called us and said they could not send us text messages, they were getting N

  • Unable to send Fax

    While I was able to send faxes in the past, suddenly I cannot. Now when I click print - send fax and fill in the info to send I get a "error while printing"message. The "modem" field in the fax dialog box reads "no fax selected" When I click "show fa

  • Net price not fetching to new PO thru' existing PO for same vendor

    While creating new PO for a material system is not fetching "net price" data from already existing PO for same material against same vendor. This is happening after attaching OMET settings in User authorisation. How to solve this issue?

  • IPhoto won't let me upgrade to 9.6

    When I try to upgrade to iPhoto 9.6 the upgrade says "Not Responding".  It won't let me upgrade, so now I can't even get to my photos.  Please help!