How to List User Permissions in CMC XI 3.1?
Hi,
Could anyone please let me know that how can we list all users with what permissons they have in CMC XI3.1?
Regards
Ranjith
Hi Ranjith,
You can get the rights for a particular user by using security query in the CMC
To do that, go in the CMC with Administrator account
Select Query Result
Right click on "Security Queries" and select "Create Security Query"
Select the user for which access to be viewed. It will show the Net Access for that user.
You could document these rights shown for objects present in the sections in CMC.
Important Information : It shows the rights for the objects present in the sections seen in CMC
Regards,
Philippe
Similar Messages
-
How to list users under multiple groups and users sub groups
Hi, I am stump, which is not hard to do. i have a list of groups and i want to list the users in those groups and then in the next column lists all the citrix only groups for each user. hopefully im describing that correctly. Heres what i have but it is
not listing the users groups. I am not sure how to proceed.
$CurrentDate = Get-Date
$CurrentDate = $CurrentDate.ToString('MM-dd-yyyy_hh-mm-ss')
$Groupname = "Distribution Lists"
$excel = New-Object -comobject Excel.Application
$excel.visible = $True
$wbook = $excel.Workbooks.Add()
$wsheet = $wbook.Worksheets.Item(1)
$wsheet.Cells.Item(1,1) = "Groupname"
$wsheet.Cells.Item(1,2) = "Member"
$wsheet.Cells.Item(1,3) = "ACID"
$wsheet.Cells.Item(1,4) = "Department"
$range = $wsheet.UsedRange
$range.Interior.ColorIndex = 19
$range.Font.ColorIndex = 11
$range.Font.Bold = $True
$intRow = 2
$groups = get-adgroup -Filter * -properties * -Searchbase "OU=Citrix,OU=Permission,OU=Groups,OU=Home Office,OU=domain,DC=Domain,DC=com"
$targetFile = "c:\temp\$groupname $CurrentDate.csv"
Add-Content $targetFile "Group;Member;ACID;Department"
foreach ($group in $groups){
$groupMembers = get-adgroupmember $group -Recursive | Get-ADUser -Properties Department, DistinguishedName| Where-Object { $_.Enabled -eq 'True' } | Select-Object Name, samaccountname, department, distinguishedname, @{n='MemberOf';e={$_.MemberOf -replace '^cn=([^,]+).+$','$1' -join '; '}
foreach ($groupMember in $groupMembers){
$groupName = $group.Name
$memberName = $groupMember.Name
$acid = $groupMember.samaccountname
$groups = $usergroups
#$department = $groupMember.department
$department = $groupMember.memberof
#$DistinguishedName = $gropmember.distinguishedname
$line = "($groupName)--------($memberName)-----($acid)-------($department)------($usergroups)"
add-content $targetFile $line
$wsheet.Cells.Item($intRow,1) = $groupName
$wsheet.Cells.Item($intRow,2) = $memberName
$wsheet.Cells.Item($intRow,3) = $acid
$wsheet.Cells.Item($intRow,4) = $groups
$wsheet.Cells.Item($intRow,5) = $DistinguishedName
$intRow++
$WorkBook.EntureColumn.AutoFit()
$excel.SaveAs("DL" + "name.xlsx")
$excel.Close()Hi Glacket,
Below codes should give you headsup.
This command will give you estimate the result count for each group:
PS C:\Users\Administrator> Get-ADGroup -Filter {Name -like "TestGroup*"} | Select Name, @{Expression={get-adgroupmember $_ -recursive | Measure | Select -ExpandProperty Count};Label="Count"}
Name Count
TestGroup1 7
TestGroup2 8
Note that as said earlier we are getting duplicated results(12,13,14) for users belonging to multiple groups. Result is in order as per earlier code's count and order.
Get-ADGroup -Filter {Name -like "TestGroup*"} | get-adgroupmember -recursive | Select Name,@{Expression={Get-ADPrincipalGroupMembership $_ | Select -ExpandProperty Name};Label="GroupMemberOfName"}
Name GroupMemberOfName
User100 {Domain Users, TestGroup1}
User14 {Domain Users, TestGroup1, TestGroup2}
User13 {Domain Users, TestGroup1, TestGroup2}
User12 {Domain Users, TestGroup1, TestGroup2}
User11 {Domain Users, TestGroup1}
User10 {Domain Users, TestGroup1}
User1 {Domain Users, TestGroup1}
User19 {Domain Users, TestGroup2}
User18 {Domain Users, TestGroup2}
User17 {Domain Users, TestGroup2}
User16 {Domain Users, TestGroup2}
User15 {Domain Users, TestGroup2}
User14 {Domain Users, TestGroup1, TestGroup2}
User13 {Domain Users, TestGroup1, TestGroup2}
User12 {Domain Users, TestGroup1, TestGroup2}
Use below to export to CSV:
Get-ADGroup -Filter {Name -like "TestGroup*"} | get-adgroupmember -recursive | Select Name,@{Expression={Get-ADPrincipalGroupMembership $_ | Select -ExpandProperty Name};Label="GroupMemberOfName"} | Export-Csv C:\ListGroups.csv
Regards,
Satyajit
Please “Vote As Helpful”
if you find my contribution useful or “Mark As Answer” if it does answer your question. That will encourage me - and others - to take time out to help you. -
Hi everybody
I have this script:
$out = @()
Get-Content D:\Tools\Reportes_Power_Shell\Contenedor_Power_Shell\Users.txt | ForEach {
$date = (Get-Date).ToString()
$username = $_
$displayName = (Get-QADUser $username -Properties DisplayName).DisplayName
$groups = Get-QADMemberOf $username | Sort-Object Name
ForEach ( $group in $groups ) {
$obj = New-Object -TypeName PSObject
$obj | Add-Member -MemberType NoteProperty -Name Date -Value $date
$obj | Add-Member -MemberType NoteProperty -Name UserName -Value $username
$obj | Add-Member -MemberType NoteProperty -Name DisplayName -Value $displayName
$obj | Add-Member -MemberType NoteProperty -Name GroupName -Value $group.name
$out += $obj
$out | Export-CSV D:\Tools\Reportes_Power_Shell\Reportes_de_Power_Shell_y_AD_Info\Users_Memberships.csv
What I need now is exactly the opposite, I need to put Groups in a container and in the same format list all users within plus the cmdlet "AccountIsDisabled". I need this ASAP, could you help me?
Thanks a lot.Hi,
Based on what I can gather, you're looking to read in an input file of group names, check each group's membership, and then export that information to a CSV file.
I don't have the Quest tools, but here's how I'd do this with the AD module:
Get-Content .\groupList.txt | ForEach {
$groupName = $_
Get-ADGroupMember $_ | ForEach {
$props = @{
'Group Name'=$groupName
UserName=$_.SamAccountName
Name=$_.Name
DisplayName=(Get-ADUser $_.SamAccountName -Properties DisplayName).DisplayName
New-Object PsObject -Property $props
} | Export-Csv .\groupMembers.csv -NoTypeInformation
Don't retire TechNet! -
(Don't give up yet - 12,420+ strong and growing) -
How to add User Permissions to form created in InfoPath 2010 created for SharePoint document Library
Hi,
I created a form in InfoPath 2010 with three views (one for user input, the other two views to be used by supervisors) and published this to a SharePoint 2010 document library. Now the way this form is supposed to work is that when a User goes to the document
library and adds a document, it is supposed to open the Form with the User's input view. When the User submits the document, only him/her should be able to open and possibly edit the the form. When the Immediate Supervisor opens the form, it should open in
the Supervisors view and allow them to fill in only their section and not be able to edit or alter the user's data. When the Immediate Supervisor saves the document, the Over-all Supervisor should be able to open it in their view and not be able to edit or
alter the sections filled out by the User and Immediate Supervisor.
How would i go about completing this? I have the views created but now have the problem of associating these views with their respective users or groups.Hello,
You need to first create user group in sharepoint site then add user in group according to their role. Later you need to call usergroup.asmx web service to get current logged-In user group name so you can switch view and also apply rule for editing or disabling
controls in form.
Follow this link to get group name:
http://social.technet.microsoft.com/wiki/contents/articles/13271.sharepoint-2010-extracting-user-group-of-current-login-user-in-infopath-2010.aspx
http://social.msdn.microsoft.com/Forums/en-US/018f5184-5c83-4a53-b66b-8c376fc800fc/how-to-get-current-users-sharepoint-group-name-sharepoint-2010-infopath-2010
To apply rule on control:
http://office.microsoft.com/en-in/infopath-help/add-rules-for-performing-other-actions-HA101783373.aspx
Hope it could help
Hemendra:Yesterday is just a memory,Tomorrow we may never see
Please remember to mark the replies as answers if they help and unmark them if they provide no help -
Copy Users/Permissions/objects from a database to another database
Can anyone help me how to copy users, permissions, stored procedures, views, functions and all other objects from one database to another database.
I need a SQL Script to get this job done. I cannot use backup restore or SSIS Package.There's also a transfer sqlserver objects task available in SSIS
http://www.mssqltips.com/sqlservertip/2064/transfer-database-task-and-transfer-sql-server-objects-task-in-ssis/
Please Mark This As Answer if it helps to solve the issue Visakh ---------------------------- http://visakhm.blogspot.com/ https://www.facebook.com/VmBlogs -
How to force my Web part to run regardless of users permissions
I have created the following custom permission , which will allow users to Create items without being able to view,edit them:-
$spweb=Get-SPWeb -Identity "http://vstg01";
$spRoleDefinition = New-Object Microsoft.SharePoint.SPRoleDefinition;
$spRoleDefinition.Name = "Submit only";
$spRoleDefinition.Description = "Can submit/add forms/files/items into library or list but cannot view/edit them.";
$spRoleDefinition.BasePermissions = "AddListItems, ViewPages, ViewFormPages, Open";
$spweb.RoleDefinitions.Add($spRoleDefinition);
$spweb.Dispose();
then inside my "Issue Tracking List" i stop inheriting permission from team site , and i define the following permission for all users:-
now users can add items and they can not view them ,, which is perfect :).
But now i wanted to add a custom web part to my Create form which will hide certain fields if the user is not within specific group ,the web part looks as follow:-
protected override void OnInit(EventArgs e)
base.OnInit(e);
InitializeControl();
using (SPSite site = new SPSite(SPContext.Current.Site.Url))
using (SPWeb web = site.OpenWeb())
web.AllowUnsafeUpdates = true;
SPGroup group = web.Groups["Intranet Visitors"];
bool isUser = web.IsCurrentUserMemberOfGroup(group.ID);
if (!isUser)
SPList myList = web.Lists.TryGetList("Issue List");
SPField titleField = myList.Fields.GetField("Category");
titleField.Hidden = true;
titleField.ShowInEditForm = false;
titleField.ShowInNewForm = false;
titleField.ShowInDisplayForm = false;
titleField.Update();
myList.Update();
// web.AllowUnsafeUpdates = false;
else
SPList myList = web.Lists.TryGetList("Issue List");
SPField titleField = myList.Fields.GetField("Title");
titleField.Hidden = false;
titleField.Update();
myList.Update();
// //web.AllowUnsafeUpdates = false;
web.AllowUnsafeUpdates = false;
then i deploy the web part and i add it to the Create form. but after doing so user are not able to create items and they will get the following error:-
Sorry this site has not been shared with you
so can anyone advice how to force my web part to run , without checking the users permissions or with minimal permssions ?in this case, use the elevated privileges to read/add/edit items with elevated privileges with below code.
but make sure the page which you add this web part have at least read access to all user.
SPSecurity.RunWithElevatedPrivileges(delegate()
using (SPSite site = new SPSite(web.Site.ID))
// implementation details omitted
More: http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.spsecurity.runwithelevatedprivileges.aspx
Bistesh
Ok after adding :-
SPSecurity.RunWithElevatedPrivileges(delegate()
users with the following permissions can create items:-
"AddListItems, ViewPages, ViewFormPages, Open";
and they can not edit/read them, which is great. but i am facing a caching problem , because if user is inside the "Intranet visitor" he will be able to see Category field as mentioned in my code, but if i remove him from the "Intranet Visitor"
he still can see the field,, although in the web part i specify not to display the Category column if the user is not inside the "Intranet visitor " group... here is my current code:-
protected override void OnInit(EventArgs e)
base.OnInit(e);
InitializeControl();
SPSecurity.RunWithElevatedPrivileges(delegate()
using (SPSite site = new SPSite(SPContext.Current.Site.Url))
using (SPWeb web = site.OpenWeb())
web.AllowUnsafeUpdates = true;
SPGroup group = web.Groups["Intranet Visitor"];
bool isUser = web.IsCurrentUserMemberOfGroup(group.ID);
if (!isUser)
SPList myList = web.Lists.TryGetList("Risk & Issue Management");
SPField titleField = myList.Fields.GetField("Category");
titleField.Hidden = true;
titleField.ShowInEditForm = false;
titleField.ShowInNewForm = false;
titleField.ShowInDisplayForm = false;
titleField.Update();
myList.Update();
// web.AllowUnsafeUpdates = false;
else
SPList myList = web.Lists.TryGetList("Risk & Issue Management");
SPField titleField = myList.Fields.GetField("Category");
titleField.Hidden = false;
titleField.ShowInEditForm = true;
titleField.ShowInNewForm = true;
titleField.ShowInDisplayForm = true;
titleField.Update();
myList.Update();
web.AllowUnsafeUpdates = false;
so can you advice please ? is this a caching problem, or once the user add at-least single item he will be able to see all columns ? -
In Solaris8 how give to simple user permissions to execute shutdown
In Solaris8 how give to simple user permissions to execute only shutdown (init 5)
Just to save you wasting time:
one approach to avoid in this case
is 'setfacl' (set-file-access-control-list).
If 'bob' is a normal user, then...
# getfacl /usr/sbin/shutdown
# file: /usr/sbin/shutdown
# owner: root
# group: sys
user::rwx
group::r-x #effective:r-x
mask:r-x
other:r-x
# getfacl `which shutdown`
# file: /usr/sbin/shutdown
# owner: root
# group: sys
user::rwx
user:bob:r-x #effective:r-x
group::r-x #effective:r-x
mask:r-x
other:r-x
ssh bob@0
bob@0's password:
$ who am i
bob pts/2 Jan 31 16:30 (localhost)
$ shutdown -i 2 -g 300
/usr/sbin/shutdown: Only root can run /usr/sbin/shutdown -
How to add multiple users permissions to a calendar using powershell?
I have an organization that was recently setup in Exchange Online and they have unique circumstances in that every user in the organization needs "reviewer"
access to every other users calendars. I cannot change the default permission since new users added after this should not be able to see these calendars details. There are a few I will go back to run a Set command on to change an individual permission
here and there for specific needs, but the main need is below.
I have basic experience with powershell commands and have found how to manually add a single users permissions to a calendar using the command below:
Add-MailboxFolderPermission -Identity alias:\calendar -user alias -AccessRights reviewer
Since it's not realistic to run this command thousands of times changing the user aliases each time, I was hoping someone could help me build a command to run on a single mailbox's calendar that would add every current user in the organization with certain
permissions such as "reviewer" or "availabilityonly".
Thanks for the help!Hi,
A possible solution is to do this via Security Groups.
Add-MailboxFolderPermission -Identity [email protected]:\Calendar -User [email protected] -AccessRights Owner
This way, you simply add users that require access to the CalendarOwnerAccessGroup
You still have to run this on every mailbox that should have this feature, but that could be solved using powershell piping.
http://technet.microsoft.com/en-us/library/ee176927.aspx
/Anders Eide -
How to make users to select the date from calendar control only, by my making the date text field read only (don't want to let users type the date) in date time control in external list in sharepoint 2010. I am looking for a solution which can
be done through sharepoint desginer / out of the box.
thanks.Congratulate you got the solution by yourself. I am new to a
WinForms calendar component, I feel so helpless on many problems even I'd read many tutorials. This question on the
calendar date selection did me a great favor. Cheers. -
How to save users added to list using people picker to sharepoint Group
Hi
I have created List with some people picker columns and now when I save a list,the data is saved to list as well as the users in particular column will be added to particular sharepoint
group. Is there any sharepoint out of box solution for this or I need to do it programmatically. Kindly provide me any procedures or solutions as you know.
1) how to bind the particular sharepoint group to the particular column
2) How to add users to the particular sharepoint group
Thanks
Razvi444Hi Razvi444,
There is no out of the box way to achieve this.You need to write a custom event receiver ,inside event receiver
event, you
can check column (people picker value) and add it to desired group if that user not exist already.
Thanks -
How to add users from person or group field in a sharepoint list to sharepoint group
Hi,
How to add users(single or multiple) from person or group field in a sharepoint list to sharepoint group programmatically?
Any suggestions would be appreciated.
Thank you,
AA.Hello,
Use SPGroup.AddUser() method to add user in group. I have just written sample code in notepad so it is not tested:
SPSecurity.RunWithElevatedPrivileges(delegate()
using(SPSite Site = new SPSite(SPContext.Current.Site.Url))
Using(SPWeb Web = Site.OpenWeb())
SPList list = web.Lists["ListName"];
SPQuery query=new SPQuery ();
query.Query = "<Where><Eq><FieldRef Name='Title' /><Value Type='Text'>Test</Value></Eq></Where>";
SPListItemCollection items = list.GetItems(query);
if(items.Count > 0)
foreach(SPListItem item in items)
//Get USers from person or group column
SPFieldUser userField = (SPFieldUser)item.Fields.GetField("Users");
SPFieldUserValueCollection userFieldValueCollection = (SPFieldUserValueCollection)userField.GetFieldValue(item["Users"].ToString());
SPGroup spGroup = spSite.RootWeb.Groups[groupName];//group name
if (users.Count != 0)
bool isUserInGroup = false;
foreach (SPFieldUserValue user in users)
foreach (SPUser item in spGroup.Users)
string itemUserName = item.LoginName;
string UserName = user.User.LoginName;
if (itemUserName == UserName)
isUserInGroup = true;
break;
if (!isUserInGroup)
spGroup.AddUser(user.User);
The above code will query list item and then get users from "Users" column. Now it will check whetehr user is already in group not, if not then add user in group.
http://rajanijilla.blogspot.sg/2012/09/add-users-to-group-programmatically.html
Hope it could help
Hemendra:Yesterday is just a memory,Tomorrow we may never see
Please remember to mark the replies as answers if they help and unmark them if they provide no help -
How to list all users present in Default Autheticator in WebLogic Security Realm
Hi All,
I need to get a list of all the users in my Weblogic server--> security realm--> Default Authenticator
There are more than 1000 users present in my security realm for different different Authentication Providers. So I can not get these details from WebLogic Admin Console.
Can anyone please help me in getting this list of all users in Default Authenticator? Please let me know how can I get these details.
My WebLogic version is 10.3.4.0
Thanks in Advance!You can use JMX to list users
http://weblogic-wonders.com/weblogic/2010/11/10/list-users-and-groups-in-weblogic-using-jmx/ -
How do you give user permissions to access a terminal server?
How do you give user permissions to access a terminal server?
Refer : http://technet.microsoft.com/en-us/library/cc781509(v=ws.10).aspx
Arnav Sharma | http://arnavsharma.net/ Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading
the thread. -
How to create users in SAP BO (in cmc)
Hi All,
How to create users in SAP BO (in cmc) (pls step by step).
Thanks in Adavance,
NitinHi Erika
I need your help
"Account information not recognized.The secLDAP Security Plugin is not enabled.contact your system administrator for details."
I am getting an error page when i am try to access BO reports from Flex UI.
This BO reports should work in the same single sign on session with Flex UI as per the application developed.
Note :The same users when login directly login to BO get access.. -
Sunone Messaging Server 6.1--How to list all mail user's last login time
hi,i want to know how to list all the mail user's last login time.
There are more than 100000 mailbox accounts on our mail server,
i want to know which account is not used for more than 2 or 3 years.
thanks.http://wikis.sun.com/display/CommSuite/imsconnutil
Somchai.
Maybe you are looking for
-
I try to import my cds, and everytime it features another artist it creates a new album for that song... how do I get it to imort the album and show as just the album name...
-
Problems opening up RAW files in the Adobe elements 12 editor
I just installed Elements12 on my Windows Desktop. Operating System Windows XP SP3, Quad Core Processor 2.4GhZ, 3Gb RAM (based on these spec, I should be meeting minimum system requirements) My camera's RAW format (Rebel 4Ti, CR2) is supported by the
-
Query Consuming too much time.
Hi, i am using Release 10.2.0.4.0 version of oracle. I am having a query, its taking too much time(~7 minutes) for indexed read. Please help me to understand the reason and workaround for same. select * FROM a, b WHERE a.xdt_docownerpa
-
Cannot sync my iphone from itunes with app got from apple store
Hello everyone, I wonder if someone can help me... I dwonloaded a free app from the apple store. My computer is authorized to do thisbut it keep on saying that it's not authorized and in order to transfer the app to the iphone I have to authorize it.
-
10.6.8 inconsistent between MacBook Pro and iMac???
This may be a dumb question, but I see inconsistencies between 10.6.8 on my 24" iMac and my 15" MacBook Pro. Is there supposed to be a difference? I wouldn't think so. Here are a couple of examples... 1) Finder - On my iMac, there are buttons alon