Group Permissions Not Being Respected

Similar Messages

• In the context of restoring a drive from a backup, i copied /etc/sudoers from my backup. Now it does not work due to the permissions not being correct (even though it was copied via sudo cp -rp)

  In the context of restoring a drive from a backup, i copied /etc/sudoers from my backup. Now it does not work due to the permissions not being correct (even though it was copied via sudo cp -rp)

  Most likely you have Office 2004 which are PPC-only applications and will not work in Lion. Upgrade to Office 2011. Other alternatives are:
  Apple's iWork suite (Pages, Numbers, and Keynote.)
  Open Office (Office 2007-like suite compatible with OS X.)
  NeoOffice (similar to Open Office.)
  LibreOffice (a new direction for the Open Office suite.)

• [svn:osmf:] 14928: Fix bug FM-468: Initial and max indices not being respected for RTMP MBR.

  Revision: 14928
  Revision: 14928
  Author:   [email protected]
  Date:     2010-03-22 17:35:43 -0700 (Mon, 22 Mar 2010)
  Log Message:
  Fix bug FM-468: Initial and max indices not being respected for RTMP MBR.
  Ticket Links:
      http://bugs.adobe.com/jira/browse/FM-468
  Modified Paths:
      osmf/trunk/framework/OSMF/org/osmf/net/NetStreamSwitchManager.as
      osmf/trunk/framework/OSMFTest/org/osmf/net/TestNetStreamSwitchManager.as

• 10.5 portable home sync rules not being respected on the client...

  Portable home syncing is working great for me on my Tiger server and clients, and I'm an old hat at Apple server and OD.... However in my test environment for 10.5, my client machines reuse to respect the rules that I've set in 10.5 Server Workgroup Manager for portable home syncing. I was hoping 10.5.2 would fix this for me, but no luck....
  I can tell that the clients are bound to the OD and are reading the MCX settings from the server, because I can change the sync time interval, and that is being reflected on the client. WGM is set to NOT allow settings to be merged with user's settings, so I can eliminate the client settings as a variable.
  Both Login/Logout and background sync are effected by this problem.
  Is anyone else having this issue?

  Bruce's solution above does indeed work. However, I must have stared at his answer for 20 minutes trying to figure out what he was talking about. Undoubtedly, my inability to initially parse his solution comes from my more basic understanding of OS X Server. Since there are likely others out there with this same Home Sync problem and my same level of experience with OS X Server I wanted to give Bruce's answer again but with more detail.
  The problem, as explained by the original post, is that Home Sync settings for a user or group aren't necessarily respected. For example, if I were to open Workgroup Manager (WGM), select myself as a user (Berylium), click Preferences, select Mobility from the Overview tab, and select the Rules tab I would be in the Home Sync preferences. If I tell the Login & Logout Sync tab to Always do what I select and then I uncheck the Sync at login and logout checkbox one would expect that when I log in or log out I would not see a Home Sync dialog popup and perform a sync operation - but I did.
  The issue as Bruce explains occurs because of another setting I have enabled, Background Sync, and a quirk (bug?) in Leopard Server. I have Background Sync enabled, set to Always, and told to sync in the background my ~/Documents and ~/Desktop folders. Leopard Server, it seems, performs the following operation when I login or logout:
  1. Is Login & Logout Sync enabled? No, ok skip this part.
  2. Is Background Sync enabled? Yes! Ok, sync the background sync items now even though this is a login or log out.
  Clever, Apple. Ok, now that the problem has been explained let's get to the solution.
  1. Open WGM, select your problem user or group, click Preferences, and select the Details tab
  2. Click the +, navigate to /System/Library/CoreServices/, select ManagedClient, and click Add
  - At this point, at least in my installation, several more items appeared in the preference editor list.
  3. Select Home Sync in the preference editor list then click the Edit button (looks like a pencil)
  4. Expand the Always list item
  - Obviously, this is where some people's solution could begin to differ from mine. You may want to edit items in the Once or Often list items.
  5. Click the New Key button, a New Item will be created and selected, click New Item and select Sync Background Set During Login from the list.
  6. Change the Value item for Sync Background Set During Login from automatic to dontSync
  7. Repeat steps 5 and 6 but select Sync Background Set During Logout
  8. Click Apply Now followed by Done
  Now you should be all set. Thank you Bruce for the solution to this problem and I hope someone else finds my more detailed explanation helpful.
  -Berylium

• Group Folders not being created

  Hi folks,
  i think this is a simple question: i got Mac OS X 10.4.4 Server with OD and Mobile Homes configured. I set up some custom Groups but the Group Folders are not being created automatically. I think there is a terminal command to do this. Does anyone know that command?
  Greets

  Is it the CreateGroupFolder command?
  (15297)

• Permissions not being fixed

  i tried to fix permissions on my macbook and it seemed to work fine, but five minutes later, i fixed permissions again "just to check" and i figured out that my permissions are not being fixed. What can i do?

  If you recently installed the iPhoto and Front Row updates, then you are probably seeing messages that are innocuous and can be safely ignored. We all see the same thing. Hopefully this may be fixed in a future update.

• File permissions not being set to files in shared volumes

  I have recently taken over responsibility a small OS 10.5.6 server and several clients. Workstation users log in via user accounts on the server, which also has several shared storages spaces.
  I have recently reinstalled the OS on several of the workstations. They are up to date (10.5.6) and added the directory server using the "Directory Utility".
  My users are able to login and operate using their accounts on the server. However when a file is created on one of these rebuilt workstations, and placed into a common share, they retain the users permissions instead of assuming the group permissions.
  I hope I have stated my problem clearly, thank you in advance for your assistance.

  Hi cdavec007
  I'm having the exact same problem :-/ I've just setup a dual G5 as a server in standard mode, and I've added user permissions (ACL's) as described in the manual via Server Admin App.
  But still when I transfer e.i. a folder containing a bunch of files from my client-Mac to the server HD, it retains ownership and permissions, instead of taking over the permissions set with the ACL.
  This is truely frustrating :-((( I've read the f**** manual, and I think I've done exactly what it says.
  Can anybody help?
  THX - Pinocchio

• ACL group permissions not propagating

  I have a group of designers that are connected to X Server running Snow Leopard.
  I have placed them in a group, "MarComm"
  I have granted everyone full read/write access. ( I can trust them all)
  I have tried to propagate these permissions..I saved the changes and restarted server.
  For some reason there are 2 sets of permissions.
  1) full access (desired configuration)
  2) "custom" access
  This "custom" access does erratic things..for ex:
  Allows the designer to pull off a job folder containing 12 items. He has permission to use 8 items, but not the remaining 4.
  Perhaps I need a step by step tutorial on how to create a proper "group" and to propagate permissions. I understand that the ACL should take precedence over the POSIX. I am not well-versed in using the terminal, but I am a careful person, and willing to try it.
  Thank you in advance

  Setting up groups in WGM is pretty fool proof.  What I would try first is to remove all of the ACL's for the folder in question first.
  Ensure that all of the files and folders within your folder have ACL's that can be removed.  If not, then you'll have to clear the ACL's on each, one at a time.
  The command to clear the ACL's from a folder and it's subfile and folders looks like this:
  sudo chmod -R -N /path/to/folder
  If you want to just remove an ACL from one file or folder, remove the -R from the command.
  To write an ACL and have it apply to all folders within looks like this: (two commands, one to add read and one to add write permissions)
  sudo chmod -R +a "groupname allow read" /path/to/file/
  sudo chmod -R +a "groupname allow write" /path/to/file/
  HTH!
  -Graham

• Global security group permissions not propogating

  I have a single flat domain that has migrated from NT to 2003 to 2008. A number of the global groups go back to the mid ninties.
  I recently purchased a EMC VNXe 3300 for addition storage, joined it to the domain, migrated a bunch of folders with permissions using robocopy no problem. 
  Now I have one shared folder and the global security permission applied to the top level folder but did not decend the tree. I tried applying it from the advanced security tab and choose apply to this folder and all child objects and folder or some such
  verbiage. I could not get that permission on anything below the top level unless I went to the object explictly and applied it.
  I created a new global security group and applied it to the folder and it descended the tree with no problems.
  I have hundreds of folders and hundreds of groups I need to move to this new storage, I have no idea what is wrong here?

  Hi,
  Please help collect the current permission setting of the parent folder and a subfolder (which the original global security group cannot be applied with "inheriting"). 
  Meanwhile have a try with icacls instead of GUI to see if it will work. For example:
  icacls x:\folder /grant <group>:(OI)(CI)F 
  If you have any feedback on our support, please send to [email protected]

• Group Policy not being pushed out

  HI,
  I have a problem with Group Policy updates.  The domain controllers are Server 2008 R2 and the clients are all Windows 7 64bit.  It looks like the clients are not updating their group policies.  We've recently added a certificate for our new
  corporate wifi.  During testing we used gpupdate /force and the computers installed the certificates.  It has been several weeks since the GP was published and we have announced the new wifi.  Users are still being prompted to accept the certificate
  even though they should have received it from the GP.  If I try to do a RSOP, of a users computer, I get "The RPC Server is unavailable"  Any ideas on how to fix this?
  Thanks
  Ron Soulliard
  Ron Soulliard Systems Administrator Polaris Ventures

  Group Policy is always retrieved by the clients. If a client sees a new GPO that is applicable to them, it will grab it and apply it.
  In the GPMC, can you run a GPResult for a computer that hasn't gotten the GPO? You might also want to check out this list of common GP issues:
  http://deployhappiness.com/top-10-ways-to-troubleshoot-group-policy/
  If my answer helped you, check out my blog:
  DeployHappiness. Subscribe by
  RSS or
  email. 

• The correct purchasing group is not being determined in the SC line item

  Dear all,
  I have a problem in that for some reason, when a shopping text line item is added to the shopping cart, the wrong purchasing group is determined. Further more when you look in the basic data section they is a drop down against the purchasing group field listing all pruchasing groups setup in the org plan via PPOMA_BBP.
  This means that the requisitioner can change the purchasing group to any one even the one that is not relevant to his or her Purchasing Organisation. This of cause is not right because if the requisitioner is allowed to change the P/Grp, the wrong buyer may end up recieving the buyer completion work item.
  What is causing this?
  We have uniquely assigned P/Orgs to P/Grps and assigned resposiibility of P/GRPS to one unique ORg unit (company).
  for example, a suppose product Category 1234567 is assigned to P/GRP 100 & P/GRP 100 is assigned to P/ORG 1000 and the P/GRP responsibility is set to Org unit(company) 1000,  The requisition "sits" under an orgunit linked to company 1000.
  If a requisitioner creates a text item and assigns product category 1234567, when the item is added to the shopping cart , I expect to see that the followig:
  1. The Company code(CC)should be 1000 (This is happening)
  2. The P/org should be 1000(This is happending)
  3. The Plant sssignment is correct
  4. The p/grp is worong. It appear that the first P/Grp is assigned plus a drop down listing all p/grps created for all purchasing P/Orgs.
  Regards,
  Grace

  Yann,
  Yes , we have (need to have)set 2 purchasing groups with the responsibility of the same product category. We have to do this because in our organisation, individual company purchasing organisations have same responsibilities to purchase similar products.
  Please note that we have a classic scenario implementation. SRM 4, Server 5.
  The business requirement and settings in the org plan is for example:
  P/Grp 100 has the reponsibility to procure Prod cats LAM001 to LAM010 via its assigned P/org 1000 which is linked to  own company 1000 and P/grp 200 also has the reponsibility to procure Prod cats LAM001 to LAM010  via its assigned P/org 2000 which is linked to own company 2000.
  Please note that thr buyer responsible for p/grp 100 & 200 are the same and will be the same for similar product cats across the organisation as a whole. Its just the SRM does not allow you in the orgplan to assign the same p/grp to multiple p/orgs, we had to double up on the p/grps.
  Also when a requisitioner who sits under company 2000 chooses a product cat 12345 if creating a SC text line, we DO NOT WANT the requisitioner to change the assigned p/grp.We want it defaulted to 200 (based on the org plan setting I have described above) and fixed(greyedout)
  when thr line item viewed in the basic data section.
  Do you think that because we have set the prod cat range LAM001 to LAM010, which is an alphanumeric product cat range, that could also be the reason for the dropdown listing all orplan p/grps even ones that do not have the product cat LAM001 to LAM010 in its responsubility assignments?
  If you are saying that the system does not know which p/grp to pick, why its it displaying all "unrelated" p/rps in the dropdown. I atlest expect to see two p/grps in the dropdown 100 & 200, because only these two p/grps have been set with product cat responsibility for LAM001 to LAM010 in our org plan.
  Also if you are saying that is the way SRM was designed to work (which may be the case!!!) how then can we set the org plan to meet our the purchasing org/purchasing grp /prod cat responsibility requirements I have described above?
  Regards,
  Grace

• When using Panorama, everytime I create a New Group, I am redirected to the Google Calendar App that I created. Tab groups are not being remembered. Any workaround?

  I am trying to use Panorama for the first time. I can successfully create a tab group, but Firefox does not remember it. When I view a new web page and try to use "add to group" I am redirected to the app tab I created for Google Calendar. I am using Windows 7 64x with Firefox as my default browser.
  Are there any know issues with the apps tap and Panorama?

  I have a somewhat related problem running FF7 on WinXP32, specifically concerning your ''I can successfully create a tab group, but Firefox does not remember it.''
  When I reopen FF, I find FF
  * ''sometimes'' does not remember all tab groups.
  * ''often'' seems to move at least 1 tab from one group to another.
  ''kursiver Text''
  I am new to using this tab grouping feature, and I have not identified a specific and consistent misbehavior yet.

• My tab groups are not being saved

  Spend ages setting up groups but they're never there next time I open FireFox. What am I doing wrong??

  App (pinned) tabs and Tab Groups (Panorama) are stored as part of the session data [1] in the file sessionstore.js [2] in the Firefox profile folder [3].
  Make sure that you do not use "Clear Recent History" to clear the "Browsing History" when Firefox is closed because that prevails and prevents Firefox from opening tabs from the previous session.
  * https://support.mozilla.com/kb/Clear+Recent+History
  * [1] http://kb.mozillazine.org/Session_Restore
  * [2] http://kb.mozillazine.org/sessionstore.js
  * [3] http://kb.mozillazine.org/Profile_folder_-_Firefox Firefox
  It is also possible to use the "Show my windows and tabs from last time" setting, that is usually a more reliable way to restore session data.
  * [http://kb.mozillazine.org/Menu_differences Firefox/Tools > Options] > General > Startup: "When Firefox Starts": "Show my windows and tabs from last time"

• Permissions not being inherited to subfolders

  I have recently formatted a 1TB WD drive in Mac OS Extended (Journaled) format. The pemissions are set to read + write for all users on the root of the drive. However when i create a new folder it does not inherit the same permissions! The drive will be used by other devices other than my Mac and they need full write acced to it.
  What settings do i need to change to ensure the new subfolders inherit the root permissions.

  The easiest way to accomplish this on an external drive is to open a Finder  Info window on the drive (Get Info) and at the bottom of the window, below the listing for the permissions is a checkbox, Ignore ownership on this drive (or ignore permissions, can't remember the exact wording)
  Set that and everyone will have full access to the drive
  Message was edited by: Frank Caggiano - You could also accomplish this with ACL's but it can get a bit complicated.
  The trouble I see with using umask for this is that all files will affected not just the ones written to this particular drive. That may not be a problem but it is something to keep in mind.
  The two solutions I mentioned will only affect this drive.

• Permissions not being propagated to files

  Hi.
  Wondering if anyone can help me. Iv recently updated to Mavericks & Server 3.0.2. Iv setup permissions on a shared folder using the server app. Works fine apart from files aren't getting the correct permissions. Instead they get a permission called custom.
  Here's a basic example. I have a lot more users/groups.
  Folder: Office support = Full control (grayed, so its been progated from a higher folder)
  File in the folder above. Office support = Custom
  Anyone know why this is happening?
  Cheers,
  Ben

  No answers for you, just a similar issue. If a single user works on files in a folder and drags that folder to a shared directory, no other users have access to the new folder, even though pretty much everyone in the universe has RW permissions to the enclosing folder.