Help setting up permissions

I don't know where else to put this, so here goes.
Here's the situation... we have a lab of Macs that are going to be used with iMovie '09. Students will be logging in using network accounts but obviously the video can't be captured to their network home directories. Instead it will go to a local partition called "Storage."
I had to create the /Volumes/Storage/iMovie Events.localized and give the student's group write access to it, otherwise iMovie would return a permissions error when you try to capture video (it didn't have permission to create a new event folder.)
The problem now is that each student can see and use the other student's work. This can be fixed by adjusting the permissions on the student's event folder so the only the student (and the teacher group) have read access, but this has to be done after the fact.
I would like to know how to automate this? The standard UNIX method would be to adjust the umask to 027 (which I would like to do anyway) but I understand from Apple's KB articles that messing with umask is generally a no-no in OS X.
How would we do this with ACLs? Please keep in mind that we're talking about assigning ACLs on a local disc (even though we're a network environment with OS X Server etc.)
All of this jumping through hoops would not be needed if Apple would let us specify where we wanted to save files like in pre-'08 versions.... grumble

The third line of the script locks out all but the owner of the folder. Unless you login as the 'root' user or apply an ACL to the top level of the folder your teacher group won't have access to it. You might want to modify it:
#!/bin/bash
mkdir /Volumes/Storage/iMovie\ Events.localized/$1
chown -R $1:teacher /Volumes/Storage/iMovie\ Events.localized/$1
chmod 770 /Volumes/Storage/iMovie\ Events.localized/$1
Also, have you seen this thread:
http://discussions.apple.com/thread.jspa?threadID=2088397&tstart=0
regarding the problem with folder redirection of iMovie '09 when using network home directories not working?

Similar Messages

  • Need help setting up permissions on multiple user accounts

    Hi, here's what I'm trying to accomplish...
    I run a recording studio and would like to have a personal account that I work from and an engineer account that myself and other artists work from. From the second account I created I will open an audio project in cubase (which is possible because the file can be read), then I will try to save it and of course it says I cannot edit the file. I can change the permissions on the file (or all the files in the directory) which will then give me access, however once I create a new file under this user account I am unable to save it back in my main account. I would like an option for a directory to be able to be read and written to by both users automatically regardless of where the file was originally created. I've tried setting up shared folders to work this way, but to no avail, once a file is created the option to read/write the file is automatically set to only the creator not any other accounts. Please let me know what I am missing, I've searched endlessly for this, but came up with no results.
    Thank You!
    Jared

    If you're interested in more suggestions, here's mine. The disk image idea will work, but it makes backup more complicated. Create a new folder in some existing public folder such as /Users/Shared to hold the projects. Decide whether you want to allow read/write access to all users, or just to some. If only some, create a new group in the Accounts preference pane and add the users to it.
    Download the application Sandbox. Launch it in your administrator account. Click the "Inspect folder" button and navigate to the folder you just created. There should be one line in the window representing an entry in the access control list (ACL). Edit the entry by clicking the pencil icon. Make the entry type "Allow access." Make the group "staff" or the group you just created. Enable all the access permissions you want, and make sure everything is inherited. Save the entry and quit Sandbox. Now copy -- don't move -- the projects into the folder.

  • DPM 2012 R2 UR4 - DPM could not set security permissions on the replica or recovery point volume that was created.

    Hi All,
    I am running a fresh install of SCDPM 2012 R2 with a protection group that is backing up the 'C:\', Bare Metal and System State of some VMs. If i add any additional servers to the group since the first creation it returns the following error: 
    Modify protection group: System State & Bare Metal Recovery failed:
    Error 419: DPM could not set security permissions on the replica or recovery point volume that was created.
    Error details: The process cannot access the file because it is being used by another process
    Recommended action: Review the error details, take appropriate action and retry the operation.
    If i re-create the whole protection group it works fine.
    Could any one advise any further diagnostics I can do to try and locate the reason behind not being able to modify the group after the first creation? I can add new servers to other PGs without any issues.
    Thanks in advance,
    Dan

    If you are protecting any of the system state/BMR protection. Can you stop protection by deleting the older recovery points and then recreate the protection group.
    This thread mentions this to be a hardware issue, albeit with less information on what exact hardware issue:
    https://social.technet.microsoft.com/Forums/en-US/480679c2-1079-4847-ab38-5cc8f454ef86/error-419-dpm-could-not-set-security-permissions-on-the-replica-or-recovery-point-volume-that-was?forum=dataprotectionmanager
    Regards, Trinadh [MSFT] This posting is provided AS IS with no warranties, and confers no rights. If you found the reply helpful, please MARK IT AS ANSWER. Looking for source of information for DPM? http://blogs.technet.com/b/dpm/ http://technet.microsoft.com/en-in/library/hh758173.aspx

  • Setting up permissions on iviews

    Hi All,
    Which role do I need to have to set up permissions on iviews? I need to create 2 roles for the same iviews with read only and full access
    Thnks

    Mike,
    In Portal there are Pre-Configured Roles available for Administrator and End Users:
    Check this for more detailed information:
    [Pre-configured Roles|http://help.sap.com/saphelp_nw70/helpdata/EN/8e/f0f7415e639c39e10000000a155106/frameset.htm]
    (Administration Roles & Every User Roles)
    Regards,
    Karthick Eswaran
    *Reward Points for helpful answers

  • Help configuring webdav permissions

    Hopefully an easy one to answer.
    I want to enable access via webdav to a folder on our 10.6 OS X Server.  We use it for wiki, iCal and AB Server services, and host files for general download etc.
    The download files are in a folder within the site and are accessed normally via anonymous web browser download (e.g. https://<url>/folder/file.jpg).
    Currently we manage the files within the folder using FTP connections.  We want to change to using WebDAV to manage the files in the folder.
    I tried enabling WebDAV on the site, and then setting a realm (based either on the Folder, or the Location) that limited read / write access to a specific group of users.  But we found if we did this, any user could get full read / write access to the entire server without authentication at all...  So we added a second realm for the entire site (/) giving no access to anyone who wasn't authenticated.  Then if you try to download a file you have authenticate to get the file...
    Could someone explain how we need to set these permissions so that:
    people can download files from the server anonymously, but otherwise not browse the folders of the site
    nominated users (i.e. a user group) on our server can access the folder containing the files via webdav, but not otherwise browse the site files
    normal web services on the system are not affected by these changes.
    Thanks in advance for your help. 

    Hi everybody!
    I hope you are still following this post in hope to find a solution. Today you will be rewarded. Solution was plain simple as all things Apple. It was on the surface and I was searching in the deep and obviusly failed.
    So lets get to work. You know that SLS comes with SquirrelMail which is piece of crap. Every time you click on mail link in Wiki Server it will take you to SquirrelMail login screen. This screen is login.php file.
    So in order to redirect Wiki Mail to any URL of your choice you just need to edit or substitute login.php file which is located in /usr/share/squirrelmail/ like this
    <?php
    /* Redirect browser */
    header("Location: http://your_preffered_url/");
    exit;
    ?>
    Enjoy!

  • Set windows permissions for folder

    My labview app is being installed to the prog files dir for the app by an installer created by the LV Dev System.  i encounter a problem when trying to store a config file for the app to the directory during user customization of settings after app installation because the file I am trying to update is read only due to win 7 defaults.  I try to set the permissions for the folder programmatically, but it does not change the folder to a NOT read only one.  What is the trick here?  Do I need to put my config files in another directory somewhere or is ther a way to change the folder settings so I can create temp files in that folder?

    Creating temporary config files in Program Files is not very good practice. I would do it in the public user folder.
    How are you setting the parameters?
    Did you use the following?
    http://zone.ni.com/reference/en-XX/help/371361J-01/glang/set_permissions/
    http://zone.ni.com/reference/en-XX/help/371361J-01/glang/setting_permissions/
    Excerpt from the link above:
    You can use permissions to change only write permissions for users (bit 7); the operating system ignores all other changes to the bits.
    Beginner? Try LabVIEW Basics
    Sharing bits of code? Try Snippets or LAVA Code Capture Tool
    Have you tried Quick Drop?, Visit QD Community.

  • My itunes keeps asking me to set my permissions.  they are set to read and write for all accounts, admin, everybody, etc.  don't know why it won't let me download

    my itunes keeps asking me to set my permissions.  they are set to read and write for all accounts, admin, everybody, etc.  don't know why it won't let me download

    Ever find a real solution to this? I just posted something similar - been having the issues ever since I started using the mac.
    I have 5 mac accounts: 2 of those are admins.
    After I installed every program I may possibly want, I redid all my user accounts (as I had been having a lot of permissions issues before that). My (admin) account downloads fine. Another admin account, set up exactly as mine, periodically gets prompted that it doesn't have the right to download.
    To avoid duplication, I have a /common/music directory for all itunes accounts music. We have to periodically do a recursive permissions deal on the 2nd admin account so it can put music there, even though that directory is read/write for everyone. Apple's never been able to help me on this...

  • Exchange Online - Set FOLDER permissions recursively in shared mailbox

    I posted this in the 365 forums. Reposting here see if it gets any traction. Thanks
    I have a shared mailbox that is being used instead of public folders. Having trouble with the folders within the shared mailbox syncing to the various users. Want to move folders out of the shared
    mailbox but continually run into errors regarding permissions and I must manually find the offending subfolder and set permissions.<o:p></o:p>
    So, I have two questions:<o:p></o:p>
    1. How can I configure the shared mailbox so that all folders that are created, regardless of which user creates them, will inherit permissions. Any folder created should automatically have permissions
    set to owner for a specific security group.<o:p></o:p>
    2. How can I set the permissions on these exisiting shared mailbox folders, recursively (all sub folders) ? I have tried the following:<o:p></o:p>
    Get-MailboxFolder –Identity user1:\Folder -Recurse | Add-MailboxFolderPermission -User user2 -AccessRights Owner<o:p></o:p>
    But I get an error that the mailbox is not found. I believe that the command above does not work on shared mailboxes.<o:p></o:p>
    I also found the following, but can not seem to get it to run. I have tried to run as a ps1 file and directly in powershell - I dont get any errors.<o:p></o:p>
    ForEach($f in (Get-MailboxFolderStatistics
    [email protected] | Where { $_.FolderPath.Contains("/") -eq $True } ) )
    $fname = "[email protected]:" + $f.FolderPath.Replace("/","\"); Add-MailboxFolderPermission $fname -User
    [email protected] -AccessRights Owner
    Write-Host $fname
    Start-Sleep -Milliseconds 1000
    }<o:p></o:p>
    Any help is appreciated. Thanks<o:p></o:p>

    First of all, why don't you just give permissions on the mailbox level instead?
    If Office 365, the
    Get-MailboxFolder cmdlet only works for you own mailbox. So you have to use the  Get-MailboxFolderStatistics as shown in the example. You will need to adjust this to give permissions to the Root folder and its best to actually exclude some of the
    folders.
    The example below should work, note that there is practically no error handling there, so test it first. Also, if the access entry already exists, you will get error messages.
    $mailbox = "[email protected]"
    $folders = Get-MailboxFolderStatistics $mailbox | ? {$_.FolderType -ne “Root” -and $_.FolderType -ne “Recoverableitemsroot” -and $_.FolderType -ne “Audits” -and $_.FolderType -ne “CalendarLogging” -and $_.FolderType -ne “RecoverableItemsDeletions” -and $_.FolderType -ne “RecoverableItemspurges” -and $_.FolderType -ne “RecoverableItemsversions”}
    Add-MailboxFolderPermission $mailbox -User [email protected] -AccessRights Reviewer #root permissions
    foreach ($folder in $folders) {
    $FolderPath = $folder.FolderPath.Replace("/","\").Replace([char]63743,"/") #with PowerShell v3 'fix'
    $MailboxFolder = "$mailbox`:$FolderPath"
    Add-MailboxFolderPermission "$MailboxFolder" -User [email protected] -AccessRights Reviewer

  • Help setting up BTinternet email with Apple Mail

    Hello everyone,
    I need help setting up a btinternet email account with Apple's Mail sofware. I am setting it up on behalf of my aunt and uncles new macbook pro so I hope i get some solutions quick because Im leaving their place by the end of the weekend and I would love to have their email setup and teach them how to use it. 
    They have 2 btinternet email accounts, the first one they use alot as its their main email account which is currently setup on MS Outlook on their old computer. The secound one they use rarely and its not setup on MS Outlook. 
    Heres the problem, when I setup their main email account with apple mail, I have no problem creating the account however once created the inbox is empty - it does not load previous emails. It can send emails fine, if i send an email to the account using my personal email it will receive it but when I switch off the computer and switch it back on the mail box is empty. So I checked the email account by going to yahoo.co.uk and signing in - again even on the web page the mail box is empty.
    I then setup the second btinternet  email account on Apple Mail shockingly this works perfectly all the old emails got loaded up in mail. So how do I do this for the main account, I know the difference is Outlook mail but I rather not delete that because if it doesnt work then they would lose all their old emails.
    Please help
    Thanks in advance
    PS: ive setup my hotmail and yahoo accounts and they all work fine by the way

    Please guys give me something or any random ideas u may have. im running out of time.

  • HOW TO?: Need help setting up 3 different iCloud accounts for my kids (so each has own iMessanger)using same Apple ID (mine) ....they don't have their own separate email addresses to work from...how do I do this?

    Need help setting up 3 different iCloud accounts for my kids (so each has own iMessanger)using same Apple ID (mine) ....they don't have their own separate email addresses to work from...how do I do this?

    Any devices connected to the same icloud account can sync all the data on that account.  For this reason an icloud account is really for a single user.
    On a mac, if each user has their own account, then the itunes for that mac account should be set up to connect to that user's icloud account (System preferences>icloud).

  • I have 2 sets of permissions, how do I delete one?

    I have five Macs, one G4 and 4 - G5's. G5s are running Snow Leopard 10.6.8.
    Five graphic designers, who back up their work on a Mac XServer 10.6.6
    Permissions on the designer's Macs are set to read/write for everyone.
    Designer A backs up his job to the XServer, then Designer B needs to edit it, so she attempts to pull it off the XServer.
    Permission denied for only some of the files, not all.
    I guess I need some guidance on the proper way to administer the ACL on the Xserve.
    I have set up an ACL group on the server. The strange thing is, there are 2 sets of permissions showing, one seems normal, but the other is labeled "Custom".
    Is there any way I can log in as something other than the Administrator, and "wipe out" the custom permissions?
    I usually do not mess around in the Terminal.
    Thank you for any insights...

    As Templeton Peck says, the proper way is to use the repartitioning facility, but this will result in loss of data.
    However, SubRosaSoft do make a utility, Volume Works ($10), that will do this resizing on the fly. A complete back up would be prudent in either case.

  • Help setting up my new IPod Touch on iTunes on windows 7 64bit

    Hello there,
    I need help setting up my new IPod Touch to my Itunes 10 application on a PC running windows 7 64bit. I have watched the tutorial on how to do it but what the tutorial says it is supposed to do is not what is happenning for me:
    1. In the tutorial it tells you to connect your ipod to your computer, then, (if it is for the first time) when the ipod appears and is selected, a window will come up allowing you to name your ipod, and begin selecting the options you wish to use.
    I did as instructed but quickly came against some technical issues.
    My issues:
    1-1: When I selected the new iPod Touch for the dirst time I got an error message.
    A) This was quickly fixed once I calld up apple support on the phone (turns out an IE browser setting was blocking it.)
    1-2: With that fixed I selected my iPod Touch again but instead of the window indicated by the tutorial, I instead got an iPod registration form window.
    1-3: I filled out the form and pressed the submit button (thinking everything was fine), then a new window came up that looks like this:
    Free Find My iPhone
    Free Find My iPad
    Free Find My iPod touch
    Set up Find My iPhone for free so you can locate your device if you lose it, remotely lock the screen, or wipe its data. You can also find your iPad or iPod touch.Set up Find My iPad for free so you can locate your device if you lose it, remotely lock the screen, or wipe its data. You can also find your iPhone or iPod touch.Set up Find My iPod touch for free so you can locate your device if you lose it, remotely lock the screen, or wipe its data. You can also find your iPhone or iPad. _Learn More_
    _Set up Find My iPhone_
    _Not Now_ _Set up Find My iPad_
    _Set up Find My iPod touch_
    Find My iPhone (or iPad or iPod touch) enables you to locate your iPad with Wi-Fi or iPod touch only when it is on and connected to a registered Wi-Fi network. Find My iPhone is not available in all countries. "
    The first three lines and the first paragraph are indented as if there should be some type of graphic there, but it is missing. The underlined words indicate that they are supposed to be links, but they don't go anywhere, they are broken!
    Now wheenever I connect my iPod Touch and select it the above window comes up and nomatter what I try it will not move or change.
    Please help!
    MSRankin

    Try setting up the device in a new user account. or visit register.apple.com and verify your device is registered

  • Need Help Setting Up a new Network ..

    Hello 
    Newbie question, I am attempting to setup a small home network, where I want three WLANS
    Main
    Guests
    Kids
    I want to set up different policies for these three networks. 
    I want the Kids to be able to access the Media server and other network devices, but limit the internet access. I want guest network to not be able to see the other two networks. 
    I have an ISA550 Firewall a 2504 Wireless Controller and a SG300-28P Switch. 
    I did manage to setup the Vlans on the ISA550 - Default as 192.168.75.x , Guest as 192.168.25.x and Kids as 192.168.35.x 
    From here on - I would need some help setting it up the right way, Please help. 
    Thanks

    rmunoz274 wrote:
    I had to call Verizon and spend an hour on the phone, my Versalink is about 3 years old and I never updated it. There is a software update which makes it a little more mac friendly. Cables still run through it on the Ethernet port. I was able to turn the wireless feature off on the Versalink (to stop my neighbors and kids from bypassing the APE and just factory reset the APE and set it up with a shared IP adrs instead of bridging it. Also made sure I turned off the guest network on the APE. Once it was set up I clicked on Airport in the Airport Utility then wireless Clinets, jotted down the client I wanted to restrict access to (Kid's Laptop) then go back to Airport screen, last option on right Access then MAC Adrs Access Control change to "Timed Access", then click the + on the bottom of the window, type the MAC adrs you want to restrict and set time limits, when complete click done..... Only took me a week and a half to figure it out...... Good luck, if that doesn't help let me know, but I'm no expert...
    thanks!!
    i think i have the most recent 327w update, because it now shows my modem screen in a red color and it is broken into 3 sections across the screen.
    as far as the AEBS is concerned, you did not use it in bridge mode at all?
    i thought you had to connect 1 cable from it to the 327w? I have about 5 items i will be connecting, so i will probably run any wired from the AESB, but not sure yet?
    thanks, and yaeh last time my network took me a bit of time as well!!
    what kind of encryption are you running?
    thanks

  • Need help setting up TV equiptment

    I have been very ill and I need help setting up my TV, DVR, Receiver, Surround sound systems. I'm afraid if I try to work on all the equiptment, I'll drop my HDTV or other componets because I'm still weak. Can anyone help me? I've called a few places and they want $100.00 to set it up. Give me a break! I know about inputs and outputs and other cables, I just don't have the strength to move the equiptment around. I am willing to pay. Please call me at 813-{edited for privacy}. Thanks, Teresa {edited for privacy}

    blondeinneed wrote:
    I have been very ill and I need help setting up my TV, DVR, Receiver, Surround sound systems. I'm afraid if I try to work on all the equiptment, I'll drop my HDTV or other componets because I'm still weak. Can anyone help me? I've called a few places and they want $100.00 to set it up. Give me a break! I know about inputs and outputs and other cables, I just don't have the strength to move the equiptment around. I am willing to pay. Please call me at 813-{edited for privacy}. Thanks, Teresa {edited for privacy}
    Teresa,
    I think the best way for someone to volunteer to help you would be for them to send you a Private Message (PM) here on the forums. You should see a small envelope in the upper right corner of the screen, when it changes color you will know you have a PM to view.
    I would be happy to help, but since I am in North Texas I don't think that is a viable option Sorry....
    Justin
    FiOS TV, Internet, and phone user
    QIP7232, QIP7100-P2, IMG 1.9A
    Keller, TX 76248

  • Need help setting up and configuring rsync

    Hello
    I need help setting up, or rather configuring rsync to sync data between my brand new iMac and my Macbook Air.
    Here is what I would like to:
    - I want all of the files on both machines to be an exact mirror or copy of each other. Basically I have an iMac for at home, and then a Macbook Air for the road.
    - The main folder on both Macs is called 'Sara' and I want the contents (mainly the 'movies' folder, 'music' folder, 'documents' folder and 'pictures' folder) to immediately sync up with each other when both of them are on my home network.
    - this means if I'm working on a file at home on my Macbook, it will immediately write to the same directory on my iMac and vice versa (if I'm working on file(s) on my iMac, it will immediately save the contents to my Macbook). This way, if I'm working on last minute project my iMac, and then have to head out the door to the airport, the file is immediately saved to my Macbook (no usb for USB transfer).
    - hopefully this makes sense??
    Any help is greatly appreciated!
    Thanks

    It's a lofty but unrealistic goal.  Rsync does not run automatically.  There is no realistic method of instantaneously synching two computers over the internet or even on a LAN.
    I would suggest you might try using Synk Pro which, in theory, can keep two devices in sync when they are both on the same network (and both have shared and mounted drives.)
    If you must do this with rsync then I suggest a Google search for rsync tutorials.

Maybe you are looking for

  • How to get the last day of calweek

    Hi Guys,             Is there any function module to get the last day of the calendarweek. I want to show that last date of calweek in my column heading.

  • Adding time module column using c#

    Hi All,I use NI GUI Example in c# and I need to add time module column to the execution view by code. I use: "axExecutionView.Columns.Insert("_MODULE_TIME",Nat​ionalInstruments.TestStand.Interop.UI.SeqViewColum​nTypes.SeqViewColumnType_Expression,100

  • Domain Logon and Networks

    I am wondering if u would answer my question about Domains for the logon for windows 7. I would like to know the paied options for this .

  • Post-query trigger order for data blocks in master detail relationship

    Using Forms [32 Bit] Version 10.1.2.2.0 (Production) Oracle9i Enterprise Edition Release 9.2.0.8.0 - 64bit Production. I have the following problem with a form I am working on. It has a master data block with multiple detail data blocks. I am trying

  • Problem with ACS 4.1 using certificate

    I have an ACS 4.1 appliance, I have already configured ACS in order to work with certificate. I got the certificate from ACS, I already installed it as the installation guide says . Additionally I configured the card's controller in my PC in order to