Newbie: Admin account issues

Similar Messages

• Trackpad Admin Account Issue

  This morning, I was cleaning my computer, and when I started up my computer later on, I discovered that the trackpad of my MacBook could not click. I could move the pointer around the screen, but then my clicks on the trackpad would not register. I signed on to another account on my computer, and to my surprise, the clicks registered.
  Any idea how to resolve this issue? I've had the same problem before with a guest account, but I'm not so sure how to resolve this with an admin account.

  You may need to use an external mouse to do this but open System Preferences (under the Apple menu) and go to the Trackpad pane. Check the settings there.
  Best of luck.

• ISE password expiration for Admin account issue

  OK .. we have been working on getting ISE up and running for a little while now and I have come across an odd and reoccurring issue with my admin accounts. I cannot figure out if there is something that we have missed in the setup or if there is and actual issue with the password policies. It seems that there is a "user" type password policy and then there is an "admin" type policy and am trying ti figure out if they are stepping on each other or something. I am running version 1.2.0.899 with patch 5,1.
  Here is the issue. I have started receiving password expiration reminders for the two admin accounts I have setup on the cluster. I have my address setup for an admin user named "admin" and an admin user named "wberry" and I receive two different e-mails for both accounts. The issue that I have is the dates listed in the e-mails. This is one e-mail that I get:
  The password for your local admin "wberry" is expiring on Mon Jun 01 09:43:03 CDT 2015. Please update immediately, by going to https://mem7700.spd.mli.corp/admin, signing-in, and clicking on the user name at the upper right corner.
  This is the second email that I get for the same account:
  Your network access password will expire on Thu Dec 03 08:43:03 CST 2015. Please contact your system administrator for assistance .
  As you can see the dates in the two messages are completely different. My admin policy is set with expired 180 days after creation and last change and the reminder is set to 10 days prior to expiration. The user password policy lifetime is also 365 days if password not changed with the reminder after 355 days. 
  Thoughts / recommendations.
  Brent

  Here you go:
  http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/application_networking_manager/4.1/user/guide/UG_over.html#wp1053919
  In fact, to reset the password, you must choose the change password option before you login the GUI.
  Cheers,
  Dom.

• Admin account issues, even root can't resolve!

  Ok, I've experienced the (seemingly common) issue where an administrator on our Macbook has somehow changed to a "standard" account. Since this was the only admin account it left me in a lurch.
  I googled the issue and came up with this: http://support.apple.com/kb/TS1278
  So, off I went and enabled the root account to effect the fix and all seemed to go well in that regard. However, when I actually logged in as root I was still unable to switch any of the accounts to administrator level. Even trying to create a new account with admin level privileges ends up only creating another "standard" account.
  I then noticed that even the root account itself doesn't seem to have administrator privileges but shows up as "standard user" - this is contributing to the issue perhaps?
  I've tried logging in as another "standard" user, going to the account setup screen and then unlocking using the root account credentials and password (which OSX seems to accept and unlocks accordingly) but there STILL doesn't seem to be sufficient rights to actually upgrade a users account level - whenever I check the "Allow user to administrate this computer" checkbox on an account (and I've tried multiple ones including newly created accounts) it immediately unchecks itself when I navigate away from (and back to) the account in question.
  No matter what I've tried I cannot get ANY account (even trying to create a new temporary one) back to administrator privileges.
  Help!

  the directory services entry for your admin group is corrupted and needs to be replaced. see this post by biovizier for a solution.
  http://discussions.apple.com/thread.jspa?messageID=9141393#9141393

• Lion Admin account issues

  What looked like a very smooth change at the beginning is turning into a very tedious affair. Apart from having to deal with no support for PC-software, I am experiencing a problem with my admin account. It was transferred from Snow Leopard to Lion but is only partially recognized. Sometimes, when trying to make changes, I get the admin password prompt, on other occasions it won't allow me to install anything new. I tried to set up a new admin account, but to no avail.  I am still told that I am logged in in a standard account. Rebooting, logging out and in again, etc. does not help. Can anybody help with this, or do I need to revert to 10.6.8 until Apple has fixed this glitch? And how would I do that? Thanks for any suggestions.

  the directory services entry for your admin group is corrupted and needs to be replaced. see this post by biovizier for a solution.
  http://discussions.apple.com/thread.jspa?messageID=9141393#9141393

• A small issue with iCloud, Address Book, and Admin accounts

  Ok, I have a Macbook Pro running Lion/iCloud, and my wife has an iMac running Lion/iCloud. 
  I first noticed this issue when I went to Airdrop a file to her, and her picture in Airdrop turned into my picture that I have as my User account & "Me" in Address Book. 
  So I went to the iMac and noticed that the "Me" in Address Book was no longer my wife, but me.  Not a big deal.  I figure it must be the "new way" of iCloud.  Whatever.
  But I went to change her Admin account back to her normal picture and it worked.  But then it changed back by itself.  Annoying.  I tried it again and it changed itself back again.  So, it must be reading the default picture from Address Book/iCloud. 
  I guess the overall issue is that iCloud wants 1 identity for an entire family of devices.  I understand this for syncing purposes, but it's annoying because my wife and I are not 1 person.  She has her personality on her iMac, and I have mine on my MBP.  That's why we have 2 different computers.  (Steps off soap box). 
  I hope Apple loosens up a bit with iCloud and makes it a little more customizable. 

  I'm having the same frustration.  Ugggh.

• System PATH environment variable issue when user log off and log in or switch from admin to non-admin account

  Hi,
  Problem Description:
  After installing my new product version, when user does log-off and log in again into admin account
  or switch from admin account to non-admin account, PATH environment variable shows incorrect path of my product (previous product version’s path) using command prompt.
  It seems windows refresh issue during session changes (log off and log in / switch from Admin to
  Non-admin account).
  Why PATH environment variable is not refresh immediately after log off and log in again or Switch
  from admin to non-admin mode?. 
  Please see my thread for more details http://social.msdn.microsoft.com/Forums/vstudio/en-US/445ab42c-bdff-405a-8d53-558e1b6c7d34/path-environment-variable-issue-when-user-logoff-and-login-or-switch-from-admin-to-nonadmin?forum=windowsgeneraldevelopmentissues
  Also submitted bug for this in connect.microsoft.com portal.In that it has lots of information
  like problem statement, Reproduction steps and Expected Results.
  Bug ID: 871782
  Could you please any body help me for this?. your support will be appreciated.
  Thanks,
  Marichamy

  Why PATH environment variable is not refresh immediately after log off and log in again or Switch
  from admin to non-admin mode?. 
  I wouldn't have any expectation of what you are doing to work the way you expect.  E.g. why is the %ABC% being replaced at all?  There is some help about this ambiguous scenario in the cmd help...
  /V:ON Enable delayed environment variable expansion using ! as the
  delimiter. For example, /V:ON would allow !var! to expand the
  variable var at execution time. The var syntax expands variables
  at input time, which is quite a different thing when inside of a FOR
  loop.
  /V:OFF Disable delayed environment expansion.
  So, what's the setting for the /V:  switch that your users would be using?  Perhaps you should be using the ! instead of the % for your ABC variable?
  Oh.  There's more below where I found that...
  Delayed environment variable expansion is NOT enabled by default. You
  can enable or disable delayed environment variable expansion for a
  particular invocation of CMD.EXE with the /V:ON or /V:OFF switch. You
  can enable or disable delayed expansion for all invocations of CMD.EXE on a
  machine and/or user logon session by setting either or both of the
  following REG_DWORD values in the registry using REGEDIT.EXE:
  HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\DelayedExpansion
  and/or
  HKEY_CURRENT_USER\Software\Microsoft\Command Processor\DelayedExpansion
  to either 0x1 or 0x0. The user specific setting takes precedence over
  the machine setting. The command line switches take precedence over the
  registry settings.
  In a batch file the SETLOCAL ENABLEDELAYEDEXPANSION or DISABLEDELAYEDEXPANSION
  arguments takes precedence over the /V:ON or /V:OFF switch. See SETLOCAL /?
  for details.
  If delayed environment variable expansion is enabled, then the exclamation
  character can be used to substitute the value of an environment variable
  at execution time.
   So, I guess the essence of your "bug" will boil down to whether you
  need the feature to get the result you want and the
  truth of that first sentence but it certainly looks like a "can of worms" to me.   ; )
  HTH
  Robert Aldwinckle

• Airport issue on admin account but works on other accounts

  I have a Macbook Pro unibody and when I wake from sleep it doesnt find airport network. I have a Time Capsule with latest firmware.
  PLEASE NOTE - this only happens on my admin account but all other accounts on the MBP it finds it perfect upon waking. I am at a lost on what to do since I have moved the service to the top, deleted preference and removed the airport from network and added it back. Please give me help.

  Here are 3 fixes that have worked for others.
  1. Adding a new location has worked for some.
  Go System Preferences > Network > Location.
  Edit location (whatever name you want).
  Click + and then click done.
  2. And, here is another possibility that has worked for others.
  Go Finder > Your HD > Library > Preferences > SystemConfiguration.
  Move the SystemConfiguration folder to your Desktop.
  Restart.
  3. Variation on a theme.
  Go Finder > Your HD > Library > Preferences > SystemConfiguration.
  Move the SystemConfiguration folder to your Desktop.
  Go System Preferences > Network > Delete all locations, and use Automatic.
  Restart.
  You may have to reconnect to your wireless network if applicable. And, you may need to go System Preferences > Sharing and re-enter your computer's name. Check what name is given in sharing before following my instructions. If problems develop, then your can move the original folder back where it started—overwriting any folder recreated.
  8,955

• Sccm admin accounts rename issue

  Hi,
  We have renamed the sccm admin account in the domain controller, however we are not able to change in the console...still its reflect in old user id.
  Could you please advice how to change it or its a bug in SCCM 2012.
  Regards,
  Kannan.CS

  You'll need to re-add them to the console treating them as new accounts.
  Jason | http://blog.configmgrftw.com | @jasonsandys

• Mac Mini Snow Leopard Server - can't login with admin account

  SO....i was having problems setting up network accounts from my mac Mini Server. I took it to the Apple Genius bar one night after work to get some help on why the login screen appears for Other..but could not login into any of the accounts I created.
  They made an appt for me for the next morning since they had a "guy" that could help the next morning.
  When I got there for my second appt..they said they don't support server issues. Only consumer products..I though the server WAS and i WAS a consumer of their products..so..they gave me a number of a consultant..of course..for pay...
  So later that day I was trying some other configurations....the power came out while I was checking a monitor cable..and when I restarted I couldn't login to the master admin account.
  Since mac mini server doesn't have a DVD drive..you have to boot up with their Server DVD from another computer and the Server installs it through airport.
  So I did the boot up via airport from the server install DVD.
  Did the Utility disk repair AND password changed. Got some error about not being to able to login if I don't change the keychains to the account.
  Rebooted the server.
  It didn't work.
  So now stuck with a login window..and NO ACCESS to change anything.
  HELP!!!!

  You can access to system with root account.
  If you didn't enable before, boot from SLS DVD and activate from menu (after choose language).
  After that, reset all the passwords (there is a menu to do that).
  After that exit from installer and reboot.
  At login screen you can try to login with your user and new/blank password.
  If it fails, you have to login with user root and the password you choose before.
  With root user, you can access to all system, be very carefull.
  Now you can create a new user and import all the files (you have to do a little work with permissions)
  I hope i help you!

• My MacBook Pro (mid 2010) won't startup correctly in my admin account, but works fine if I use the guest account...

  My MacBook Pro (mid-2010) suddenly stopped working when I was overseas, but I managed to fix it when I returned back to the States after I reformatted and erased the disk, then installed Yosemite. I lost most of my files but didn't really care, though I noticed that some pictures from iPhoto had survived and were in the Trash folder.
  I thought I could copy/paste them back into iPhoto, but it wouldn't let me since they were still in the trash. I started getting an error message for EACH PICTURE saying it couldn't be copied because it was in the trash, and when I realized that I'd have to click "ok" 644 times (once for each picture), I tried to restart, then shut down, and eventually forced a shut down by holding down the power button. This is where the problem started...
  After trying to startup again, I was able to login to my admin account, and the desktop image would load, but I'd get the spinning rainbow wheel and the computer would remain frozen like that from then on. I tried to repair the disk (there was nothing wrong), and even re-installed the operating system again, but still the problem persists. BUT, if I login with my guest account, everything works fine.
  I'm guessing it has something to do with it somehow being frozen on those error messages for those 600+ pictures, but I have no idea how to fix/unfreeze it. Any tips or suggestions?

  mozak wrote:
  Can the use of SATA3 instead of SATA2 hdd lead to some issues with my macbook?
  I can try to find and buy new SATA2 sdd hdd but they are expensive and I'm not sure it will fix the restarting issue.
  SATA3 is backwards compatible with SATA2.  That is not likely to be your problem.
  Based on what you have done, I suggest a reinstall of the OSX.
  Ciao.

• Access to Resources via Non-admin accounts

  Is there any way to provide access to resources so that they are accessible via
  non-admin accounts. For e.g. to Retrieve my JMSConnectionfactory i do a
  Environment env = new Environment();
  env.setProviderUrl(url);
  env.setSecurityPrincipal(username);
  env.setSecurityCredentials(password);
  Context ctx = env.getInitialContext();
  The username and password here is the admin account. This works fine but if i
  use a non-admin account(member of Operators group), i get exceptions on Domainloghandler
  runtime
  Problem: I need to register a mbean that needs to access JMS Resources. Since
  our deployment team doesnt want to provide us access to admin accounts, we use
  a "operators" group account to register our mbeans. if i do this, i get a
  Access not Allowed for subject:principals=[operator, Operators], on ResourceType:
  DomainLogHandlerRuntime Action: execute Target: registerToMe.
  This happens when my managed resource tries to access a JMS ConnectionFactory.
  Instead if i register my mbeans using the admin account, everything is fine and
  my managed resource works nice.
  This is on weblogic 81 SP1 on Solaris. Please let me know if you need more details.
  Any clues/hints/solutions greatly appreciated. There is not a lot of documentation
  on how to access/register mbeans using non-admin accounts.
  TIA
  Raj

  I have done some more debugging on this and have narrowed down the issue to the
  location where my initialcontext is being obtained.
  so if i register my mbean as a non-admin account and do an operation on the managed
  resource which fetches initial context, i get the below exception. This is how
  i get my initialcontext
  weblogic.jndi.Environment env = new weblogic.jndi.Environment();
  env.setProviderURL("t3://machine:8102,machine:8103");
  env.setSecurityPrincipal("operator");
  env.setSecurityCredentials("operator");
  Context ctx = env.getInitialContext();
  I am doing this from a mbean thats registered on a different managed server(t3://machine:8101)...
  Whats wrong with this?
  TIA
  Raj
  "Raj" <[email protected]> wrote:
  >
  Is there any way to provide access to resources so that they are accessible
  via
  non-admin accounts. For e.g. to Retrieve my JMSConnectionfactory i do
  a
  Environment env = new Environment();
  env.setProviderUrl(url);
  env.setSecurityPrincipal(username);
  env.setSecurityCredentials(password);
  Context ctx = env.getInitialContext();
  The username and password here is the admin account. This works fine
  but if i
  use a non-admin account(member of Operators group), i get exceptions
  on Domainloghandler
  runtime
  Problem: I need to register a mbean that needs to access JMS Resources.
  Since
  our deployment team doesnt want to provide us access to admin accounts,
  we use
  a "operators" group account to register our mbeans. if i do this, i get
  a
  Access not Allowed for subject:principals=[operator, Operators], on ResourceType:
  DomainLogHandlerRuntime Action: execute Target: registerToMe.
  This happens when my managed resource tries to access a JMS ConnectionFactory.
  Instead if i register my mbeans using the admin account, everything is
  fine and
  my managed resource works nice.
  This is on weblogic 81 SP1 on Solaris. Please let me know if you need
  more details.
  Any clues/hints/solutions greatly appreciated. There is not a lot of
  documentation
  on how to access/register mbeans using non-admin accounts.
  TIA
  Raj

• How do I change my admin account to a standard acct without losing anything?

  I'm not sure if that is the best way to phrase the question, but I have been reading a lot about the last trojan that seems to be causing problems.  I am very careful about not downloading or installing things I am not sure of, but even then, I might want to download a picture that seems safe and be surprised.  I have been reading that it is better to do daily internet tasks/surfs/etc from a standard rather than from my admin account.  I am the only one regularly using my mac so I hadn't really thought that it was a problem.  (I have a seperate account with parental controls set for my grandchildren to use).  Can I turn this account into a standard account and then have a different admin account?  And then what if I want to install something for my standard account to use?  Would I still download audiobooks from a website I belong to to the admin account?  If the issue is that I need to provide my admin password, why is it any safer on the standard account?  I hope I'm making myself clear.  I want to understand this so I can make the decision that works best for me, whichever way I chose to go. 
  Thanks,
  Laverne's Mom

  thank you for reminding me about Thomas' Corner.  I read it probably a month after I got my Mac.  I am not going to instll any AV software right now, but will look at ClamXav, which is the most recommended one on this forum, since I fall into the "might need peace of mind" category.  I do think I "surf" very responsibly, don't download or install anything I am not sure of, don't do social networks (I may be the only person who has never been on Facebook) or open unknown emails, and use the WOT add on to alert me to dangerous websites.  thank you for responding to the other post about the issue regarding general and admin accounts.  If I change my mind, I know what options are available to me. 
  Laverne's Mom

• FIM Export Fails - Fault Reason: The endpoint could not dispatch the request. FIM Account Issue?

  Hi,
   I have 3 fim servers:
  fimportal - has fim service & portal running (uses account service.fim & service.sharepoint)
  fimsync - has synchronisation service & synchronisation DB (uses account service.fimsync)
  fimsql - holds portal DB for server fimportal
   I've created an AD MA, FIM MA and an inbound AD sync rule. On my FIM MA I've used account svc-fim (i.e. the account I've used to install FIM). This is not the same account that runs the synchronisation service on fimsync (account svc-fimsync is used
  for this).
   I've ran a FIM MA import and full sync without issue (I can see my built in, admin account and the sync rule brought into the metaverse). When I do an export I receive an error as shown below.
  What I'm not sure about is if it's because I'm using the wrong account for the FIM MA. If so, which account should I use and what's the best way to change my config (without a total reinstall)?
  I've selected domain (as a text value), accountname and objectsid in my attribute flow, but I may have configured something wrong here.
  Thanks
  Fault Reason: The endpoint could not dispatch the request.\r\n\r\nFault Details: <DispatchRequestFailures xmlns="http://schemas.microsoft.com/2006/11/ResourceManagement" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:xsd="http://www.w3.org/2001/XMLSchema"><DispatchRequestAdministratorDetails><FailureMessage>Exception:
  Other 
  Stack Trace: Microsoft.ResourceManagement.WebServices.Exceptions.UnwillingToPerformException: Other ---&gt; System.Data.SqlClient.SqlException: Procedure or function 'GetDomainConfigurationIdentifiersFromDomain' expects parameter '@domainName',
  which was not supplied.
     at Microsoft.ResourceManagement.Utilities.ExceptionManager.ThrowException(Exception exception)
     at Microsoft.ResourceManagement.Data.Exception.DataAccessExceptionManager.ThrowException(SqlException innerException, TransactionAndConnectionScope scope)
     at Microsoft.ResourceManagement.Data.DataAccess.GetDomainConfigurationIdentifiersFromDomain(String domainName)
     at Microsoft.ResourceManagement.ActionProcessor.DomainConfigurationActionProcessor.AddDomainConfigurationFromDomain(CreateRequestParameter domainNameParameter, RequestType request)
     at Microsoft.ResourceManagement.ActionProcessor.DomainConfigurationActionProcessor.DoRequestCreationPreProcessByAttribute(RequestType request)
     at Microsoft.ResourceManagement.ActionProcessor.ActionDispatcher.DoRequestCreationPreProcessByAttribute(RequestType request)
     at Microsoft.ResourceManagement.WebServices.RequestDispatcher.CreateRequest(UniqueIdentifier requestor, UniqueIdentifier targetIdentifier, OperationType operation, String businessJustification, List`1 requestParameters, CultureInfo locale, Boolean
  isChildRequest, Guid cause, Boolean doEvaluation, Nullable`1 serviceId, Nullable`1 servicePartitionId, UniqueId messageIdentifier, UniqueIdentifier requestContextIdentifier, Boolean maintenanceMode)
     at Microsoft.ResourceManagement.WebServices.ResourceManagementService.Put(Message request)
     --- End of inner exception stack trace ---</FailureMessage><DispatchRequestFailureSource>Other</DispatchRequestFailureSource><AdditionalTextDetails>Request could not be dispatched.</AdditionalTextDetails></DispatchRequestAdministratorDetails><CorrelationId>0c7141ca-63a2-42ae-92c3-a0c95de0d940</CorrelationId></DispatchRequestFailures>
  Below shows separate MA account and separate FIM Sync Account
  IT Support/Everything

  Hi Tomek,
   Apologies for the delay, been a busy festive period :-)
  The account in question with the export flow error is my admin account that I used during installation (where prompted I did enter service account credentials).
  Searching the FIM CS on the source object details show all attributes present (including domain), but looking at the export attribute flow shows a final value of deleted! See below.
   I'm following the TechNet guide:
  http://technet.microsoft.com/en-us/library/ff686264(v=ws.10).aspx and hit the error with the FIM MA export run profile when I run the below steps:
  FIM MA - Full import
  FIM MA - Full synchronization
  FIM MA - Export
  FIM MA - Delta import
  AD MA - Fullll import
  AD MA - Full synchronization
  Initially my admin account was not in the selected containers as configured in the AD MA, however I've now ran that and re-ran the sync, which resulted in my test user being provisioned in the portal. My admin account is still not provisioned - I now get
  2 export errors, 1 as before complaining of missing domain and another which complains of my admin account being a duplicate entry.
  Please let me know if anything comes to mind.
  Thanks
  IT Support/Everything

• Single user mode, Lost Admin Account, and Disk Permissions

  Okay, so I have quite a few issues here. I will start from the beginning.
  About a week ago, I tried to install some updates and I could not get the Admin account to work. I went to the users profile and noticed my Admin account was not there. Did a quick search and found Apple's outline of how to fix this via the Operational DVD and the root user. Tried this and it would never work, because as soon as I restarted the computer or changed screens it switched back to a standard account.
  Next up, I went into the terminal to check the Admin User group. As it turns out it is not there. So I find a discussion on there that outlines how to rebuild this in single user mode and the Unix prompt. So, I print it off and try to restart in single user mode. After trying two different keyboards and a sum total of 8 to 10 times, I can't restart in single user mode to get to the Unix prompt.
  One last thing, last night I went into the Disk Utility on the start-up DVD. I wanted to check the Repair Permission log and I got the following:
  ACL found but not expected on "private/var/root/Library/Preferences"
  ACL found but not expected on "private/var/root/Library/"
  ACL found but not expected on "Network"
  Thoughts?
  Thanks for your help!
  tpp

  first, the ACL messages can be ignored. if you can't get to single user mode you can't fix your admin group. the only reasons that I know why you wouldn't be able to do that is
  1. a defective keyboard
  2. you have a firmware password set. have you? you'd have to turn it off before you can get to single user mode.
  lastly when you restart in single user mode make sure you press command+s right after you hear the chime. do not press it too early or too late. lastly, I'm not sure which instructions you've found to fix the admin group but I have them in this thread
  http://discussions.apple.com/thread.jspa?messageID=8011324