How to restrict "sftp only" user into your home dir and subdir

Similar Messages

• AD Users auth Ok but cannot log into AFP Home dirs

  Hello,
  I have a problem that has been driving me nuts for around 6 weeks so wondering if someone can help me out.
  I have an XServe that has been bound to the AD Server. This server holds the users only. The Xserve is connected to an XRAID. I recently rebuilt The XRAID to be a 0+1 (2 stripes, 1 mirroring the 2nd). I then configured the Home Dirs on the Xserve to reside on the XRAID. I created a folder called UserHomes and then shared this using AFP and SMB. I removed guest access for both protocols. I Added the AD users groups to the ACLs to allow them access. I added the AD admin with full control rights to all folders, and the AD Staff group with read only access to that folder only.
  I then used a script that would use dscl to extract the AD users into a list, created a folder for their Home dir, copied the Default template into their home dirs and then chowned the homedir to the AD user and chmodded the homedir 700.
  Now, when i try to log in as an AD user, they get authenticated correctly as would be expected but then the login window disappears and the user is left with the desktop picture and a spinning coloured ball. This stays like this until the machine is hard-reset or the loginwindow is quit remotely.
  I have tried using mobile accounts for the same user and this results in the user logging in, synching and even having full access to their home dir from the doc as well as all shares available to them, showing that kerberos seems to be working. But this started to do the same as full network accounts as well, ie the spinning ball after login.
  I have rebuilt the OD server, the clients and even swapped out the switches and cabling. Same result. I have run tcpdump which seems to suggest things are as they should be (although i don't really know what i am looking for) But AFP logs show the client opening and closing forks but never logging in).
  DNS is resolving successfully also.
  Any ideas on what could be the problem

  I synchronize the clocks of both the OS X Server and OS X Client with the AD Server. The user gets authenticated fine and the login window disappears, but thats as far as it gets the users then starts to load (open and close forks according to the AFP Log) their profile but it never turns up. No dock, no Finder. I can see that it is trying to load though because if i manage the wallpaper setting using WGM, the background of the logging in user changes. Just doesn't do anything else

• How to restrict a normal user

  Please explain how to restrict a normal user from getting connected as sys user in sqlplus.Even though I have revoked the sysdba and sysoper priveleges, I am able to get connected as sysdba in sqlplus. Is there any way to restrict the normal user.
  Regards
  Vijay Kumar

  That are the 2 ways, how to connect as sysdba:
  Password Authentication
  Unless a connection to the instance is considered 'secure' then you MUST use a
  password to connect with SYSDBA privilege.
  Users can be added to a special 'password' file using either the 'ORAPWD'
  utility, or 'GRANT SYSDBA to USER' command.
  Such a user can then connect to the instance for administrative purposes using
  the syntax:
  CONNECT username/password AS SYSDBA
  Operating System Authentication
  If the connection to the instance is local or 'secure' then it is possible to
  use the operating system to determine if a user is allowed SYSDBA access.
  In this case no password is required.
  The syntax to connect using operating system authentication is:
       CONNECT / AS SYSDBA
  Oracle determines if you can connect thus:
  On MS Windows NT/2000/2003/XP:
  On MS Windows the OSDBA groups is a hard coded group thus:
  Group Name Oracle uses this as...
  ~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~
  ORA_DBA OSDBA group for all instances
  When you issue a 'CONNECT / AS SYSDBA' , Oracle checks if your MS Windows logon is a
  member of the 'ORA_DBA' group.
  If you don't want OS authentication, remove the ORA_DBA group from the logon id. But automatic database startup at boot time won't longer work.
  Werner

• How to change read only folders into normal ones...i can't get any filed from my harddrive

  how to change read only folders into normal ones...i can't get any filed from my hard drive..it shows read only

  Which HDD are you referring to, an external one, or the internal SSD?
  If external, which format is it in?

• How to create ready only user ID in Oracle Apps(EBS) 11i

  Hi,
  We have a requirement of creating a ID in Oracle Apps 11i as a ready only user.
  Please suggest how to create read only user in Oracle Apps 11i ?
  Regards,
  chandrasekar s

  Is this for an application user or a database user ?
  See MOS Doc 1290228.1 for application user.
  This topic has been discussed many times in these forums - pl use the search feature
  https://forums.oracle.com/search.jspa?view=content&resultTypes=&dateRange=all&q=read+only&rankBy=relevance&contentType=a…
  HTH
  Srini

• How to restrict the quantity & rate of MIRO with MIGO and PO

  Hi friends,
  Can any body tell me how to restrict the quantity & rate of MIRO with MIGO and PO.
  e.g. if we have done MIGO for quantity 10 and the rate maintained in the PO is Rs.100.Then at the time of MIRO system should not allow to change the quantity and rate.
  How we can do this?
  Regards  
  Purnesh Sharma

  Hi,
  You are misunderstanding the use of MIRO.
  If you change the details in MIRO you are NOT changing anything. You are just entering the price and quantity from the Invoice.
  If this price and or qty is different from the GR aqty and PO price then the system will block the invoice for payment (and it can issue messages toinform the buyer if configured correctly).
  The whole design of MIRO is based on the principle that you enter EXACTLY what the vendor has put on the invoice. By preventing the users from changing anything you will get NO mismatched invoices, but you will not be paying the vendor the amount specified on their invoice. This will surely cause problems.
  If you do want to ensure that ONLY the GR qty and the PO price are used and cannot be changed then why not consider using ERS (Eveluated Receipt Settlement. this is basically self billing.
  Effectively you will be paying the vendor based on what you have received in MIGO multiplied by the price from the PO. (which is what you would be doing if you stop any changes in MIRO)
  Steve B

• HT204088 How on earth did someone hack into my iTunes account and charge my visa/debit card? I didn't know until I got my bank statement with a fake phone # to call iTunes has this happened to anyone else?

  How on earth does someone hack into my iTunes account and charge my visa/debit card? I got no emails from iTunes, so I know it's not them. This has happened twice to me and it's after I take out my credit information. I found out because of a bounced check, plus my bank statement had all the charges on it. They start small with just a few dollars but they do it every day sometimes twice a day. Then next to where they tell you who charged it, it says iTunes with a bogus phone# to call? In total they stole $224 from me. I was lucky my bank refunded the money stollen. Has this happened to anyone else?

  People get their accounts hacked all the time. It's unfortunate, but true. To prevent this in the future, you need to:
  - choose a good password, with a mix of upper and lowercase letter and numbers, that someone wouldn't be able to guess by stalking you on social media sites
  - be aware of surroundings when entering a password, to be sure nobody's looking over your shoulder
  - be cautious of what you do on open wifi networks (ie, networks that do not require a password to join)
  - use a different password on each site
  - use a password manager so you don't have to remember all those different passwords

• How do you Customize the weather on the home page and make it default to that setting? I have Customize several times and it keeps changing back to McLean, VA in English

  How do you Customize the weather on the home page and make it default to that setting? I have Customize several times and it keeps changing back to McLean, VA in English.
  [email protected]

  '''''What''''' webpage do you have set as your homepage? <br />
  Are you saving cookies for that page?

• With Firefox as my default browser for a desktop iMac, a note appears "An attempt to change your home page and default search has been blocked" It won't go away

  With Firefox as my default browser for a desktop iMac, a note appears "An attempt to change your home page and default search has been blocked" It won't go away. It tells me to click on the checkmark to change settings but that doesn't work and the red x in the upper right hand corner doesn't remove the note which is in the upper left corner of my iMac ??? The only thing that removes the note is quitting Firefox but it reappear as soon as I start Firefox back up ???

  If that does not work,
  Start '''[https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-using-safe-mode Firefox in Safe Mode]''' {web Link} by holding down the '''<Shift><br> ''(Mac Options)'' ''' key, and then starting Firefox. Is the problem still there?
  Start your '''Computer''' in safe mode with networking. Then start Firefox. Try '''Safe''' web sites.
  '''[http://encyclopedia2.thefreedictionary.com/Linux+Safe+Mode Starting The Computer In Safe Mode;<br>Free Online Encyclopedia]'''

• How to find out difference between IAS Oracle Home patches and 10.1.2 Oracl

  How to find out difference between IAS Oracle Home patches and 10.1.2 Oracle Home patches.
  I have read me document but i could not able to understand.
  Please help me

  user10721329 wrote:
  How to find out difference between IAS Oracle Home patches and 10.1.2 Oracle Home patches.
  I have read me document but i could not able to understand.
  Please help meWhat docoument you are referring to?
  If you source the application env file APPS<CONTEXT_NAME>.env file under $APPL_TOP directory then this will set ORACLE_HOME to 10.1.2
  If you source the application env file <CONTEXT_NAME>.env file under $INST_TOP/ora/10.1.3 directory then this will set ORACLE_HOME to 10.1.3
  Environment Settings
  http://docs.oracle.com/cd/E18727_01/doc.121/e12841/T120505T120509.htm#F_92659x3Ax20H1x20Head1x3Ax20Environmentx20Settings
  Thanks,
  Hussein

• How to integrate EBS(OracleApps11i)users into Oracle Virtual Directory(OVD)

  Hi Experts,
  We are using Oracle Virtual directory (OVD).
  We have a requirement to integrate EBS (Oracle Application 11i) users into OVD. For this purpose we are using the Database adapter in OVD to do the same.
  (Note: we could able to see the existing tables, but we don’t know how to integrate EBS users into OVD).
  Are we following the correct approach? If not please give us your suggestions.
  Thanks,
  Parker

  Clarify your requirements.
  OVD - as the name suggests is a virtual directory. What is your underlying directory? OID / Database?
  If your integration need is limited to User Identity data level integration i.e provisioning / synch then you can use native services from OID.
  If you are planning to do SSO - eBiz integration with an OVD ... not sure that is supported yet. because SSO - eBiz - OID is certified / supported ...and then you can do 3rd party SSO / Directory integration.
  I would like Oracle to support eBiz - SSO/OVD integration so that we can have underlying directories ... but that may be a tall order --- for now.
  Does this help?
  Regards,
  Rajiv Grover

• HT4796 How do I combine all users into one? iTunes, documents, pictures?

  I just migrated files from my pc, to my new MacBook. I had multiple users on my pc and they transferred to my Mac in that way. Problem is, I don't want multiple users anymore.  Now that the files(itunes, pics, documents) are on my Mac, I want them all on one user. The admin user. One place.  Any idea how to move this stuff? Thank you!

  Depends on how much data there is in total. You could just save all the data into the 'Shared' folder on the hard disk by going into each account and making copies or moving the data you want to keep. When that's done, switch to the account you want to move it to and copy it all in from the 'Shared' folder.
  If there's too much for your HD, copy it all off to an external USB hard disk, delete all user accounts apart fromthe one you're going to use, then copy it from the external back into your admin user.

• Get only user into a group

  can i get only the users into a group?
  I use the search_s function but it returns to me the users and also the groups.
  this is my function:
  my_attrs(1) := 'uniquemember';
  filter :='cn='||nameGroup;
  my_session := DBMS_LDAP.init(ldap_host,ldap_port);
  retval := DBMS_LDAP.simple_bind_s(my_session,ldap_user, ldap_passwd);
  retval := DBMS_LDAP.search_s( my_session,
  ldap_base,
  DBMS_LDAP.SCOPE_SUBTREE,
  filter ,
  my_attrs,
  0,
  my_message);
  my_entry := DBMS_LDAP.first_entry(my_session, my_message);
  ecc..
  the output is:
  cn=gatano_188,cn=users,dc=s,dc=com
  cn=gatano_187,cn=users,dc=society ,dc=com
  cn=gatano_799,cn=users,dc=society ,dc=com
  cn=gatanogruppo_5,cn=groups,dc=society ,dc=com
  I would want only the users.
  how can I filter the users?
  thanks

  Thanks for the reponse. I appreciate that very much. Please do provide a link of any document explaining this mogration procedure or any other relevent document that can help us achieve it.
  Thanks one again.
  kymlaik

• How to Restrict same portal user from other node

  Hi
  In my application, we charge customers for each portal user logins. But, i found that, they can share same user logins amongs number of people.
  I don't want to allow the same portal user login into the application if that user is already logged in and it's session is still active.
  Here is the Scenario :
  User A is logged in to the portal from terminal AA. Now, User A agin tries to logg in to the portal from terminal BB. I don't wnat to allow user A to log in from terminal BB bcuz user A has active session from terminal AA.
  Can anyone know how to implement this??
  thanks in advance.
  Srini

  Hi Srini!
  We have solved this problem with our own login portlet. Before the final login we've got to check (from the certain table) how many logins there are currently with that username.
  But there is a problem. If the user closes the browser without logoff, the session remains active. There is a cleanup job, which removes those session in some hours. Still it is not very elegant.
  Regards,
  Jari

• Question - how do I combine two users into one?

  I have migrated a lot of data to a MacBook Pro using Migration Assistant, in the process two users have been created on the Mac. How do I combine the two users into one?

  You don't. Just log in with one, choose Go to Folder from the Finder's Go menu, provide /Users/ as the path. and drag the folder there; you'll need to provide an administrator password at some point.
  (108352)