Local Network User with Local Only or Services Only Home Folder Setting

Hi all,
According to the OS X Server Advanced Administration Guide, under the "Choose a user’s home folder location" section, "If you choose Local Only, the user won’t have a home folder on the server and can’t log in using the account information stored on the server."  However, when I create a Local Network User account with a "Local Only" home folder, Server.app creates a home folder in that user's name in the User's directory of the Server itself.  According to the documentation that shouldn't happen, right?
The documentation gives no mention to the "None - Services Only" setting for the Home Folder.  I will only be giving users access to DNS, File Sharing, NetInstall, Software Update and Profile Manager.  I believe all I need are "Local Network User" accounts.  However, the documentation confuses me on whether the Home Folder setting should be set to "Local Only" or "None - Services Only".  Can someone clarify this for me?
Many Thanks!

The idea is that a local home folder will get created, but the home folder will not be available to the outside world via services (e.g. Portable Home Directory). I don't believe anything in the services you provided requires a home folder. So, you should be able to get by with "None - Services Only".

Similar Messages

  • Can I have a network user with the same name as a local user?!

    I have just set up Mac OS X 10.8 SErver with Open Directory.  I have about 20 machines that I will be setting up, some which have mainly been used localy and just used to tap into Shared Files, [historically], but am wanting to use network users for better backup and support.
    However some of the legacy accounts were not used on off the server...  What I have is the following :-
    a)    [Person A]  - They are a network user with Password [Password A]
    b)    The computer is [Person A], they have a Password [Password Old] (so it is different)
    I have Network Account Users turned on, with a green dot! (have domain all set up)
    However How do I connect using either a or b.  depending on what i feel like that day!
    ? Help any ideas.
    Ultimately I will have set up all my client machines with a client admin user and standard password... but I am not there yet!

    Moving from local (legacy) users to network users takes a one-time hassle of moving the contents of their local home folder contents up to the server. Using a finder copy never worked for me. What I finally found worked reliably was using rsync to copy the entire users local folder up to the server. Once on the server, move the files into place (if you didn't rsync them there directly. Finally, Chown all the files (on the server) to associate them with the correct userID on the server. If everything looks right on the server, you can test by trying to login as this user from another local Mac (but now as a network account), and hopefully their home folder looks like they expected.
    Note you will need admin access in the local machine and the server to rsync their home folder. You don't want to be logged into their account while trying to copy their files up to the server.
    If rsync is not your bag, a portable hard disk and/or disk image of their home folder is another way to move their stuff.
    Once you've verified that their network account got to the server ok, then REMOVE the local account.

  • Network Users with network homes not really working for me

    I have with great pain setup a OS X Lion server on a Mac Mini that was supposed to be my central server to have 4 network users accounts and all the users data is stored on an external disk array with mounted network homes to the 2 iMacs and 2 Macbooks I have in my home.
    I have gotten it all working and all my Macs are joined to the Open Directory and each User can login as a network users on any of the Macs and get their files via mounted home directory from the server. The home directories on the server are backed up with Time Machine.
    I have found the following items that do not work proberly:
    1) Desktop backgrounds settings are just lost sometimes for whatever reason. Desktop background goes to default and you need to manually set back to the one you have selected. This happen mostly if users have their own desktop pictures.
    2) Keychain get's screwed up. The user often get the "Keychain doesn't exist to store ..." message and need to select to reset the keychain. Anything I have tried from "Keychain First Aid" to removing and have a new one created doesn't fix the problem. It keeps on coming back.
    3) iTunes Storage and AppStore are getting confused about authorized computers. This is because a user logs in from another computer and then iTunes store would tell the user this computer hasn't been authorized to play the purchase music. Same happens with iPhone apps from the AppStore. Apparently those two stores are not setup to hanlde network users proberly.
    4) Permission issues happen sometimes in Application like iPhoto where it would complain not being able to see photos or cannot add new photos to the library. Need to run a permission repair on the Iphoto Library to fix this.
    5) One critical one is that it's not really possible to restore files from Time Machine. The Time Machine backup is done on the server by an administrator account directly backing up the user directories. When you go into Time Machine on the server even the admin can drill down into the user directories so no restore possible. The individual users have no idea that there was ever a Time Machine backup done as Time Machine is not setup in their accounts on the individual Macs. This prevents any possible restore.
    I reckon that many of the problems are related to having only one location for ~/Library as the individual Macs are writing their user related settings into this directory in a central location. So what happens is when something on iMac 1 and then I log in on iMac 2 that might not exactly match this Macs config and it get's confused throwing one of the above erors.
    Trouble is witth central network home directory the way they mounted i can't exclude the ~/Library folder. The only option I can see is mobile account because I have seen in the preferences that when they sync the handle Library items differently.
    Does anybody have any experience out there with this sort of thing and can advise what's the best way forward?
    If i can't resolve this I'll go back to have network users with local home directories on each Mac and just setup for each user a network share to which they copy files if they want them available on other Macs. Not as nice but at least it works!
    As a said note I did this to make things easier but it has up to now cost me trouble then i had before!

    Haven't heard anything from anybody so probably to daunting a topic ...
    I have now moved on to try Portable Home Directories (PHD) and syncing ... what a disaster!
    First it took  me ages to get this right as the way the home directores are mounted on the clients from the server it's just weired which has to do with how AFP mounts are implemented. Since one AFP mount can't be mounted by several users on the same system they use a workaround of mounting it to a temp directory and then linking it back to where it should be. Of course this causes major problems.
    Okay it kind of worked so let's move on to syncing PHD. First of all on initial creation it only sync a small portion of the directory that should be okay but on some of my accounts it never went passed this stage. It said it's all synced but it only had synced the first 10% or so of the data. I wasn't able to make it sync anymore.
    On other accounts it correctly synced all the data down, or so I thought. Apparently a few sync session back and forth and 50-60% of the data was gone. On further investigation it turned out to be iTunes and iPhoto libraries. Turns out does don't sync probably via Home Sync!!!
    Apple product is not able to probably syncing Apple specific library files!!!!
    So here my warning to everybody: DO NOT USE PHD and HOME SYNC to sync your data as you will lose stuff if you have iTunes and/or iPhoto libraries with Lion OS X Server!!!
    The whole Lion Server experience has been a disaster for me. Now I have a server that does file sharing and time machine backup sharing. I can do the same thing with a standard Mac using those services. What's the point of Lion Sever for Home if nothing works proberly?

  • How to create a user with read only access for ESB / BPEL Console

    I need to create a user with read only access to ESB Console & BPEL Console. I have created a user
    (esbreadonly) and assigned ascontrol_monitor role but user is still able to
    delete services from ESB systems (such as DefaultSystem). Is there any way to
    create a user that has strickly read only access to ESB Console & BPEL
    Console
    Thanks
    Dinesh Patel

    Check out this post.. I'm in the process of testing.
    http://chintanblog.blogspot.com/2007/12/i-saw-numerous-people-asking-about-bpel_290.html

  • User with read only access on a schema - How?

    Hi all,
    I want to create a user with ready only access to a particular schema. The user should have only 'SELECT' option on all objects of the schema.
    Thanks !

    Ven wrote:
    Hi all,
    I want to create a user with ready only access to a particular schema. The user should have only 'SELECT' option on all objects of the schema.
    Thanks !There is no single command. You have to grant object privelges by object.
    Use sql to write sql
    connect <schema_owner>
    spool doit.sql
    select 'grant select on ' || table_name || 'to <selected_user>;'
    spool off;Probably best if <selected_use> is a role instead of a specific user, then grant the role to whoever.

  • User with Read-Only permission can write

    Hi,
    I have two Macs on a local network. I am sharing a folder on Mac-A and would like users to have read-only access to it. It is important that users cannot modify the data in this folder.
    On Mac-A:
    Selecting System Preferences->Sharing->File Sharing, I added the folder to "Shared Folders". Next, I added the user account "bob" and assigned Read-Only access. User bob is not an admin and shows up as a "Sharing Only" account under Accounts.
    On Mac-B:
    I connect to Mac-A as user bob and I can see the shared folder. I then am able to create and delete files in the "Read-Only" share. I've verified using File->Get Info that user bob does indeed have only read access.
    What am I doing wrong and what can I do to enforce read-only access?
    Thanks!

    Maybe your Mac-B user account has the same (short) user name
    as your Mac-A user account. Matching user names or short user names
    could make the Mac-B account able to Read & Write to your shared folder.
    Because I think you can log in with short user names to a server
    as well. I guess passwords should be matching as well,
    and perhaps the user ID's (System Preferences -> Accounts
    -> right-click on user) also?
    Cheers,
    Vincent Verheyen.

  • Create a user with read only access in the weblogic server 10.3.5

    Hi Friends,
    I am getting the below exception after creating a user (soa_read_only) with read only access in the logs after logging in with this user credentials:
    [2011-11-28T13:22:32.781+05:30] [AdminServer] [WARNING] [] [oracle.jps.admin] [tid: [ACTIVE].ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: soa_read_only] [ecid: 49233e31d176bb92:78c87a90:133e90b0482:-8000-00000000000005d2,0] Access denied. Required roles: Operator, Admin, executing subject: principals=[soa_read_only, Monitors][[
    java.lang.SecurityException: Access denied. Required roles: Operator, Admin, executing subject: principals=[soa_read_only, Monitors]
         at oracle.as.jmx.framework.wls.spi.security.WLSMBeanSecurityHelper.isInWlsGlobalSecurityRoles(WLSMBeanSecurityHelper.java:245)
         at oracle.as.jmx.framework.wls.spi.security.WLSMBeanSecurityHelper.checkGlobalSecurityRoleBasedAccess(WLSMBeanSecurityHelper.java:139)
         at oracle.as.jmx.framework.wls.spi.security.WLSMBeanAccessControllerSPIImpl.checkLogicGlobalSecurityRoleAccess(WLSMBeanAccessControllerSPIImpl.java:35)
         at oracle.as.jmx.framework.MBeanAccessControllerImpl.checkLogicGlobalSecurityRoleAccess(MBeanAccessControllerImpl.java:52)
         at oracle.security.jps.mas.mgmt.jmx.policy.JpsAdminRoleImpl.checkRole(JpsAdminRoleImpl.java:182)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterMBean.doInvoke(OracleStandardEmitterMBean.java:973)
         at oracle.adf.mbean.share.AdfMBeanInterceptor.internalInvoke(AdfMBeanInterceptor.java:104)
         at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
         at oracle.as.jmx.framework.generic.spi.security.AbstractMBeanSecurityInterceptor.internalInvoke(AbstractMBeanSecurityInterceptor.java:190)
         at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
         at oracle.security.jps.ee.jmx.JpsJmxInterceptor$2.run(JpsJmxInterceptor.java:344)
         at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
         at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
         at oracle.security.jps.ee.jmx.JpsJmxInterceptor.internalInvoke(JpsJmxInterceptor.java:360)
         at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
         at oracle.as.jmx.framework.generic.spi.interceptors.ContextClassLoaderMBeanInterceptor.internalInvoke(ContextClassLoaderMBeanInterceptor.java:103)
         at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
         at oracle.as.jmx.framework.generic.spi.interceptors.MBeanRestartInterceptor.internalInvoke(MBeanRestartInterceptor.java:116)
         at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
         at oracle.as.jmx.framework.generic.spi.interceptors.LoggingMBeanInterceptor.internalInvoke(LoggingMBeanInterceptor.java:524)
         at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
         at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterMBean.invoke(OracleStandardEmitterMBean.java:887)
         at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterConfigMBean.doInvoke(OracleStandardEmitterConfigMBean.java:398)
         at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterConfigMBean.invoke(OracleStandardEmitterConfigMBean.java:365)
         at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:836)
         at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:761)
         at weblogic.management.mbeanservers.domainruntime.internal.FederatedMBeanServerInterceptor.invoke(FederatedMBeanServerInterceptor.java:349)
         at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
         at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
         at weblogic.management.mbeanservers.internal.JMXContextInterceptor.invoke(JMXContextInterceptor.java:263)
         at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
         at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
         at weblogic.management.mbeanservers.internal.SecurityMBeanMgmtOpsInterceptor.invoke(SecurityMBeanMgmtOpsInterceptor.java:65)
         at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
         at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
         at weblogic.management.mbeanservers.internal.SecurityInterceptor.invoke(SecurityInterceptor.java:444)
         at weblogic.management.jmx.mbeanserver.WLSMBeanServer.invoke(WLSMBeanServer.java:323)
         at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11$1.run(JMXConnectorSubjectForwarder.java:663)
         at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11.run(JMXConnectorSubjectForwarder.java:661)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
         at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder.invoke(JMXConnectorSubjectForwarder.java:654)
         at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1427)
         at javax.management.remote.rmi.RMIConnectionImpl.access$200(RMIConnectionImpl.java:72)
         at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1265)
         at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1367)
         at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:788)
         at javax.management.remote.rmi.RMIConnectionImpl_WLSkel.invoke(Unknown Source)
         at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:174)
         at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:222)
         at javax.management.remote.rmi.RMIConnectionImpl_1035_WLStub.invoke(Unknown Source)
         at javax.management.remote.rmi.RMIConnector$RemoteMBeanServerConnection.invoke(RMIConnector.java:993)
         at weblogic.management.remote.wlx.ClientProvider$WLXMBeanServerConnectionWrapper.invoke(ClientProvider.java:291)
         at weblogic.management.remote.wlx.ClientProvider$WLXMBeanServerConnectionWrapper.invoke(ClientProvider.java:291)
         at oracle.sysman.emSDK.sec.targetauth.emas.EMASConnection.checkTargetRole(EMASConnection.java:222)
         at oracle.sysman.emSDK.sec.targetauth.EMTargetAuthService.checkTargetRoleEx(EMTargetAuthService.java:625)
         at oracle.sysman.emSDK.sec.targetauth.EMTargetAuthService.checkTargetRoleEx(EMTargetAuthService.java:595)
         at oracle.sysman.emSDK.sec.targetauth.EMTargetAuthService.checkTargetRole(EMTargetAuthService.java:577)
         at oracle.sysman.emSDK.sec.authz.EMAuthzService.checkPermission(EMAuthzService.java:288)
         at oracle.sysman.emSDK.pagemodel.menu.EMMenuCommand.getMenuItem(EMMenuCommand.java:681)
         at oracle.sysman.core.app.menu.XMLMenuManager.createEMMenuItem(XMLMenuManager.java:1595)
         at oracle.sysman.core.app.menu.XMLMenuManager.createEMMenu(XMLMenuManager.java:1421)
         at oracle.sysman.core.app.menu.XMLMenuManager.getTargetMenu(XMLMenuManager.java:529)
         at oracle.sysman.core.view.menu.MenuBarUIBean.populateTargetMenu(MenuBarUIBean.java:1023)
         at oracle.sysman.core.view.menu.MenuBarUIBean.getFarmMenuComp(MenuBarUIBean.java:696)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at javax.el.BeanELResolver.getValue(BeanELResolver.java:261)
         at com.sun.faces.el.DemuxCompositeELResolver._getValue(DemuxCompositeELResolver.java:173)
         at com.sun.faces.el.DemuxCompositeELResolver.getValue(DemuxCompositeELResolver.java:200)
         at com.sun.el.parser.AstValue.getValue(Unknown Source)
         at com.sun.el.ValueExpressionImpl.getValue(Unknown Source)
         at com.sun.faces.application.ApplicationImpl.createComponent(ApplicationImpl.java:250)
         at javax.faces.webapp.UIComponentELTag.createComponent(UIComponentELTag.java:222)
         at javax.faces.webapp.UIComponentClassicTagBase.createChild(UIComponentClassicTagBase.java:513)
         at javax.faces.webapp.UIComponentClassicTagBase.findComponent(UIComponentClassicTagBase.java:782)
         at javax.faces.webapp.UIComponentClassicTagBase.doStartTag(UIComponentClassicTagBase.java:1354)
         at org.apache.myfaces.trinidad.webapp.UIXComponentELTag.doStartTag(UIXComponentELTag.java:75)
         at oracle.adfinternal.view.faces.unified.taglib.UnifiedMenuTag.doStartTag(UnifiedMenuTag.java:51)
         at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:50)
         at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
         at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
         at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
         at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
         at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
         at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
         at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
         at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
         at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
         at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
         at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
         at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
         at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
         at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
         at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
         at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
         at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
         at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
         at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
         at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
         at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
         at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
         at oracle.jsp.runtime.tree.OracleJspNode.execute(OracleJspNode.java:89)
         at oracle.jsp.runtimev2.ShortCutServlet._jspService(ShortCutServlet.java:89)
         at oracle.jsp.runtime.OracleJspBase.service(OracleJspBase.java:30)
         at oracle.jsp.runtimev2.JspPageTable.compileAndServe(JspPageTable.java:665)
         at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:387)
         at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:802)
         at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:726)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:821)
         at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
         at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
         at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
         at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.sysman.eml.app.JSPFilter.doFilter(JSPFilter.java:93)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:524)
         at weblogic.servlet.internal.RequestDispatcherImpl.include(RequestDispatcherImpl.java:444)
         at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:164)
         at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:185)
         at oracle.jsp.runtime.tree.OracleJspIncludeNode.execute(OracleJspIncludeNode.java:49)
         at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
         at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
         at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
         at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
         at oracle.jsp.runtime.tree.OracleJspIterationTagNode.executeHandler(OracleJspIterationTagNode.java:45)
         at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
         at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
         at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
         at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
         at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
         at oracle.jsp.runtime.tree.OracleJspIterationTagNode.executeHandler(OracleJspIterationTagNode.java:45)
         at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
         at oracle.jsp.runtime.tree.OracleJspNode.execute(OracleJspNode.java:89)
         at oracle.jsp.runtimev2.ShortCutServlet._jspService(ShortCutServlet.java:89)
         at oracle.jsp.runtime.OracleJspBase.service(OracleJspBase.java:30)
         at oracle.jsp.runtimev2.JspPageTable.compileAndServe(JspPageTable.java:665)
         at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:387)
         at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:802)
         at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:726)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:821)
         at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
         at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
         at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
         at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.sysman.eml.app.JSPFilter.doFilter(JSPFilter.java:93)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:524)
         at weblogic.servlet.internal.RequestDispatcherImpl.include(RequestDispatcherImpl.java:444)
         at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:164)
         at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:185)
         at oracle.adfinternal.view.faces.taglib.region.IncludeTag.__include(IncludeTag.java:442)
         at oracle.adfinternal.view.faces.taglib.region.IncludeTag.doEndTag(IncludeTag.java:232)
         at oracle.adfinternal.view.faces.taglib.region.PageTemplateTag.doEndTag(PageTemplateTag.java:162)
         at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:63)
         at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
         at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
         at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
         at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
         at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
         at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
         at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
         at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
         at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
         at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
         at oracle.jsp.runtime.tree.OracleJspNode.execute(OracleJspNode.java:89)
         at oracle.jsp.runtimev2.ShortCutServlet._jspService(ShortCutServlet.java:89)
         at oracle.jsp.runtime.OracleJspBase.service(OracleJspBase.java:30)
         at oracle.jsp.runtimev2.JspPageTable.compileAndServe(JspPageTable.java:665)
         at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:387)
         at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:802)
         at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:726)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:821)
         at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
         at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
         at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
         at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:176)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.sysman.eml.app.JSPFilter.doFilter(JSPFilter.java:93)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.sysman.core.model.targetauth.EMLangPrefFilter.doFilter(EMLangPrefFilter.java:158)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:524)
         at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:253)
         at com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:410)
         at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:45)
         at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:45)
         at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:45)
         at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:45)
         at org.apache.myfaces.trinidadinternal.context.FacesContextFactoryImpl$OverrideDispatch.dispatch(FacesContextFactoryImpl.java:268)
         at com.sun.faces.application.ViewHandlerImpl.executePageToBuildView(ViewHandlerImpl.java:471)
         at com.sun.faces.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:140)
         at javax.faces.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:191)
         at org.apache.myfaces.trinidadinternal.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:193)
         at oracle.sysman.emSDK.adfext.ctlr.EMViewHandlerImpl.renderView(EMViewHandlerImpl.java:150)
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._renderResponse(LifecycleImpl.java:800)
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:294)
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:214)
         at javax.faces.webapp.FacesServlet.service(FacesServlet.java:266)
         at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
         at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
         at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
         at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.help.web.rich.OHWFilter.doFilter(Unknown Source)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.sysman.emSDK.license.LicenseFilter.doFilter(LicenseFilter.java:166)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:205)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:106)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:447)
         at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:447)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:271)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:177)
         at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.sysman.emas.fwk.MASConnectionFilter.doFilter(MASConnectionFilter.java:41)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:176)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.sysman.eml.app.AuditServletFilter.doFilter(AuditServletFilter.java:183)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.sysman.eml.app.EMRepLoginFilter.doFilter(EMRepLoginFilter.java:203)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.sysman.core.model.targetauth.EMLangPrefFilter.doFilter(EMLangPrefFilter.java:158)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.sysman.core.app.perf.PerfFilter.doFilter(PerfFilter.java:141)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.sysman.eml.app.ContextInitFilter.doFilter(ContextInitFilter.java:542)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
         at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
         at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
         at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
         at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
         at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
         at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
         at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
         at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
         at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
    Why this exception is occurring? Kindly help me with this, its a bit urgent!!!!

    Hi
    1. First create a user like readonlyweblogic using some password in Weblogic Console. In Weblogic Console itself, select this new user and go to his Group Memberships and add a Group named Monitors. This means this user has Monitor role for Weblogic Console. Monitor is a Read Only access role to the weblogic console.
    2. NOW, with full admin privileges user, login into EM Console. Select soa_infra, right click mouse -> Security -> Application Roles. On right side, click green arrow and see list of Roles shown. Select the role named SOAMonitors, click on this. And add a User to this that is created above like "readonlyweblogic".
    3. Close all the browsers. Open a new browser and test weblogic console and em console with this new user.
    I have this setup like this in many envs and they all work fine. They are read only access users for admin console and em console.
    Thanks
    Ravi Jegga

  • Sharepoint Permissions Application user with read only permissions

    Friends,
    I am trying to create a separate permission Group for an Executive(Department) Team who can access all the documents and lists in the portal with only read permissions because they need to see all the documents and lists in the libraries.
     I can add them in to  SP_Application_User group but i don't want them to edit the documents.
    If i create a new group and set a separate permission level with read only setting, they cannot access all the documents in the document libraries and lists because some of the document libraries and lists have separate permission which overrided parent permissions.
    Hope i will get help from any of you.
    Thanks in advance,
    Regards,
    Chakri

    Hi,
    For your issue, you could add the users to Central Administration > Application Management > Policy for Web Application and grant Full Read permissions.
    With the configuration, these users have Read permission to the whole web application.
    -lambert
    Sincerely,
    Lambert Qin
    Posting is provided "AS IS" with no warranties, and confers no rights.

  • Lock the table by user with grant only for select

    Hallo.
    It is possible that the user has rights only for SELECT, do not lock the table? Now, where do "SELECT * FROM table FOR UPDATE", does not make the change, but it locks the entire table, and another user to get into it.
    Thanks

    And here is the "evidence" ;)
    SQL> select * from v$version ;
    BANNER
    Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64bi
    PL/SQL Release 10.2.0.4.0 - Production
    CORE    10.2.0.4.0      Production
    TNS for Solaris: Version 10.2.0.4.0 - Production
    NLSRTL Version 10.2.0.4.0 - Production
    SQL> create user u1 identified by u1 ;
    User created.
    SQL> grant connect to u1 ;
    Grant succeeded.
    SQL> connect hr/hr
    Connected.
    SQL> create or replace view v_t1 as select username, user_id, created from t1 group by username, use
    r_id, created with read only ;
    View created.
    SQL> grant select on v_t1 to u1 ;
    Grant succeeded.
    SQL> connect u1/u1
    Connected.
    SQL> select * from hr.v_t1 where rownum = 1 for update ;
    select * from hr.v_t1 where rownum = 1 for update
    ERROR at line 1:
    ORA-02014: cannot select FOR UPDATE from view with DISTINCT, GROUP BY, etc.
    SQL> select * from hr.v_t1 where rownum = 1
      2  ;
    USERNAME                          USER_ID CREATED
    AK                                     36 08-MAY-00

  • User with read-only rights!

    Hello. i need to create user that have read only rights to every table on database, but only read only.
    Could you please provide a statment for that or a link where can i find that kind of information.

    Hi;
    Similar topic mention here many times. Please see:
    Read only user creation
    Read only user creation
    PS:Please dont forget to change thread status to answered if it possible when u belive your thread has been answered, it pretend to lose time of other forums user while they are searching open question which is not answered,thanks for understanding
    Regard
    Helios

  • Users with View Only Privilege

    Hi,
    I currently have an application for a team of 20 people to create, update and delete records in multiple tabs, pages, etc. There is a request from the team to grant 5 outside users a "Read-only" version of the application in order for them to browse and research what type of data the team has gathered.
    Is there an easy way to do this in the 'Manage Application Express Users"? I see there is a pre-existing Group called "Viewers". When I created a new user in the Viewers User Group and I log in, I can still create, edit and delete.
    Thanks in advance,
    Romi

    As far as I know there are no pre-created user groups in Apex. That aside, there are no privileges assigned to an Apex group. The developer still has to make objects (buttons in your case) conditional on the user belonging to the group.
    Sima

  • Can a user with Contribute privileges invoke SPFolder.SubFolders.Add(folder) Sharepoint 2010 API in a Webservice?

    We have a Webservice deployed on a Sharepoint 2010 deployment with a method as follows:
    public static string ensureParentFolder(SPWeb parentSite, string destinationUrl)
    destinationUrl = parentSite.GetFile(destinationUrl).Url;
    int index = destinationUrl.LastIndexOf("/");
    string parentFolderUrl = string.Empty;
    if (index > -1)
    parentFolderUrl = destinationUrl.Substring(0, index);
    SPFolder parentFolder
    = parentSite.GetFolder(parentFolderUrl);
    if (!parentFolder.Exists)
    SPFolder currentFolder = parentSite.RootFolder;
    foreach (string folder in parentFolderUrl.Split('/'))
    try
    currentFolder = currentFolder.SubFolders.Add(folder);
    catch (Exception ex)
    FINEOSLogger.Medium(LoggerCategory.FINEOSToSharePointDMS, "User could not create SP folder so elevating permissions");
    SPSecurity.RunWithElevatedPrivileges(delegate()
    currentFolder = currentFolder.SubFolders.Add(folder);
    return parentFolderUrl;
    When invoked by a User with only Contribute rights the SubFolders.Add( ) call appears to fail and the
    SPSecurity.RunWithElevatedPrivileges
    code is invoked, which also fails.
    1. So the first question is should you be able to invoke SubFolders.Add() with only Contribute?  It works with Design privileges for the Customer.  You can add folders on the Sharepoint website as a Contribute user so why not on the API. 
    Customer raising this as a security concern.
    2. Also why would the
    SPSecurity.RunWithElevatedPrivileges
    part fail, is the syntax incorrect for Sharepoint 2010?  We migrated this code from Sharepoint 2007 project.
    The error I get when I try run the code as a Contribute user is
    com.fineos.ta.dms.external.DMSException: The exception [A SharePoint error occured "An Error occured in SharePoint". For user "FINEOS\bryces" uploading the file "Ru Ext_1501.txt", with title "Ru Ext_1501.txt", to the SharePoint Library "FINEOSDocumentLibrary/2015/02/23/13/18".] was caused by the exception [A SharePoint error occured "An Error occured in SharePoint". For user "FINEOS\bryces" uploading the file "Ru Ext_1501.txt", with title "Ru Ext_1501.txt", to the SharePoint Library "FINEOSDocumentLibrary/2015/02/23/13/18".]., Ta Exception info,Exception Class=class com.fineos.ta.dms.external.DMSException,Root cause ID=10,Root cause host=IEL163,Localized message=A SharePoint error occured "An Error occured in SharePoint". For user "FINEOS\bryces" uploading the file "Ru Ext_1501.txt", with title "Ru Ext_1501.txt", to the SharePoint Library "FINEOSDocumentLibrary/2015/02/23/13/18"
    at com.fineos.integration.dms.internal.thirdparty.GenericDMS.add(GenericDMS.java:149)
    at com.fineos.frontoffice.documentmanager.DocumentManager.saveToThirdPartyDMS(DocumentManager.java:280)
    at com.fineos.frontoffice.documentmanager.fileupload.UploadDocumentWidget.save(UploadDocumentWidget.java:401)
    at org.apache.jsp.sharedpages.documentmanager.fileupload.uploaddocumentpage_jsp._jspService(uploaddocumentpage_jsp.java:77)
    Caused by: com.fineos.integration.dms.external.services.SharePointDmsException: A SharePoint error occured "An Error occured in SharePoint". For user "FINEOS\bryces" uploading the file "Ru Ext_1501.txt", with title "Ru Ext_1501.txt", to the SharePoint Library "FINEOSDocumentLibrary/2015/02/23/13/18".
    at com.fineos.integration.dms.external.services.GenericDMSClient.uploadDocument(GenericDMSClient.java:139)
    at com.fineos.integration.dms.internal.thirdparty.GenericDMS.add(GenericDMS.java:132)
    ... 88 more
    Caused by: org.apache.axis2.AxisFault: Error_occured_sharepoint [Message Details = An Exception occurred in SharePoint; System.UnauthorizedAccessException: <nativehr>0x80070005</nativehr><nativestack></nativestack>Access denied.
    at Microsoft.SharePoint.Library.SPRequest.AddOrDeleteUrl(String bstrUrl, String bstrDirName, Boolean bAdd, UInt32 dwDeleteOp, Int32 iUserId, Guid& pgDeleteTransactionId)
    at Microsoft.SharePoint.SPFolderCollection.AddInternal(String strUrl, Int32 userId)
    at FINEOSIntegration.FINEOSToSharePointDMS.SharePointDMSUtilities.<>c__DisplayClass9.<ensureParentFolder>b__5()
    at Microsoft.SharePoint.SPSecurity.<>c__DisplayClass4.<RunWithElevatedPrivileges>b__2()
    at Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated secureCode)
    at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(WaitCallback secureCode, Object param)
    at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(CodeToRunElevated secureCode)
    at FINEOSIntegration.FINEOSToSharePointDMS.SharePointDMSUtilities.ensureParentFolder(SPWeb parentSite, String destinationUrl)
    at FINEOSIntegration.FINEOSToSharePointDMS.FINEOSToSharePointDMS.uploadDocument(String UserName, String FolderPath, String Filename, Byte[] File, DocumentProperties DocumentProperties, Boolean NotifyFINEOS, Boolean NotifyFINEOSSpecified, Boolean OverwriteIfExists, Boolean OverwriteIfExistsSpecified, String& DMSDocType)]
    at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:512)
    at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:370)
    at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416)
    at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
    at com.fineos.frontoffice.thirdpartydms.operationtypes.ThirdPartyDmsServicesStub.uploadDocument(ThirdPartyDmsServicesStub.java:761)
    at com.fineos.integration.dms.external.services.GenericDMSClient.uploadDocument(GenericDMSClient.java:119)
    ... 89 more
    Note that the user SPWeb being passed into the method is from an impersonated user, don't know if that matters.
    So the webservice payload contains the id of the user who wants to do the Sharepoint work while the webservice is invoked by anonymous or some other service user.  We then impersonate the user specified in the webservice payload like follows and use
    that web SPWeb from then on in the webservice methods:
    userToImpersonate = currentWeb.AllUsers[user];
    site = new SPSite(fileUrl, userToImpersonate.UserToken);
    web = site.OpenWeb();
    Any help appreciated.
    Thanks,
    Ruairi.

    Ideally, a user with Contribute permissions should be able to add folders. Not sure what is the issue there. But I can see that SPSecurity.RunWithElevatedPrivileges is not written properly. You must create a new SPSite object inside the delegate
    because SPSite objects created outside do not have Full Control even when referenced inside the delegate. Use the using keyword to ensure that the object is disposed in the delegate. Example:
    SPSecurity.RunWithElevatedPrivileges(delegate()
    using (SPSite site = new SPSite(web.Site.ID))
    // implementation details omitted
    });See this for more information about SPSecurity.RunWithElevatedPrivilegeshttps://msdn.microsoft.com/en-us/library/microsoft.sharepoint.spsecurity.runwithelevatedprivileges%28v=office.12%29.aspx?f=255&MSPPError=-2147217396
    Blog | SharePoint Learnings CodePlex Tools |
    Export Version History To Excel |
    Autocomplete Lookup Field

  • [SOLVED]User Access To Only One Folder .

    Hello ,
    I want to have a kind of user that have access to only one folder and nothing else ?!
    Last edited by arashroshan (2012-06-26 10:03:03)

    arashroshan wrote:
    Thank you for replying , i think i am going to use jailkit .
    tomk and and thesequel , thank you for correcting me !
    You said thanks to tomk, but you didnt read what he said

  • Network User with Local Admin Privileges?

    I have a small network (around 25 clients total) that was setup prior to my arrival. Each client has its own unique local admin (each machine was setup by the individual user) and it's become somewhat daunting to support them.
    All of the machines are connected (but not specifically bound) to an Open Directory and each is accessible via Remote Desktop, however I cannot push software updates, etc. without local admin privileges.
    I'd rather not create an account on each machine, nor do I want to completely lock down each computer (I'd like them to still have the flexibility to be admins so they can install apps, etc.)
    Is it possible to authenticate against OD and obtain local admin privileges?

    Yes.
    You can wipe all account information and then recreate a common initial admin account. This will make administration far easier as all machines will have the same admin username/password combination. Next, bind all of the systems to the domain and create domain accounts for all users on the server (likely already exist). Log in as the domain accounts and migrate permissions to domain ids. Finally, promote the user to the local admin group through System Preferences > Accounts on the workstation. You must enable the account as a mobile account in Workgroup Manager first. If you do not, the account will not cache to the workstation and you will be unable to add it to the admin group.
    Also, in a workgroup of 25, I would recommend rethinking the decision to grant local admin access to end users. This is asking for trouble as you will have no control over when updates are applied or even if they are. In theory (and probably in practice), you will have 25 completely different machines configurations. This is far harder to manage and troubleshoot than 25 systems with different admin accounts.
    If you must provide some level of autonomy, while not trivial, you might want to consider modifying /etc/authorization and granting limited admin rights to the users.
    Hope this helps - congrats on the opportunity

  • Network security with Oracle Database Cloud Service

    Does the Oracle Database Cloud service support SSL? Or, any form of network encryption/authentication between a client and the service across the Internet?

    Thank you Rick. I'm intending to use Oracle Database Cloud Service as a "Database-as-a-Service", however I have read that it is actually more of a "Platform-as-a-Service" offering.
    What I would like to do is to interact with the Oracle Database Cloud Service via a local JDBC client. However, from further reading, it looks like the only way to interact with the Oracle Database Cloud Service from a non-Oracle-cloud-based client is via its RESTful web services (which, as you said, support SSL).
    That is to say, I cannot simply connect to the Oracle Database Cloud Service from a local client just through JDBC alone. It looks like I would have to configure my client to make the relevant RESTful web service calls instead, and likewise configure my settings on the Oracle Database Cloud Service to make the necessary translations (from REST to SQL).
    Just to finally clarify, is my above understanding correct?

Maybe you are looking for

  • IMac is starting with only 2 cpus

    Hello, Two weeks ago my iMac started restarting by itself. It couldn't start the OSX, but restarting just before the login screen. I was investigating this issue for a whole day until I found that if I set boot arguments to CPU=1 it starts just fine.

  • Dashed lines in Flash CS3

    Hi all, Is there a way to make the end caps of an imported dashed line (say from Illustrator or Canvas) straight? They seem to always come out round. I have tried making them straight lines instead of dashed both before and after importing them to Fl

  • [HR] About message type HRSM_D

    Hi to all As a migration issue I was asked to migrate personnel absence records (infotype 2001) data from an SAP 4.6 legacy system to an ECC5 system. Actually, I have no PT knowledge but I want to use HRSM_D message type to transfer data through LSMW

  • Parsing error pages

    I am having getting my server to parse my error pages. I am talking about the standard 401, 404, and 500 pages. If I try to access the pages directly, http://www.kentlaw.edu/errors/404.html, then the page renders OK. If I type in a phoney URL, http:/

  • Iphone 5 lte only 2 bars

    I have the new iPhone 5, I found out that lte signal has only 2 or 3 bars, but if I turn the lte off, 3G has 5 full bars, in the same spot. I don't know if it's a software issue or I have a bad phone. I'm on verizon network in Chicago. I wonder if ot