NFS write access without local user

Similar Messages

• Remote Event Viewer access without local administrator

  I am trying to give some developers access to read the Application log on our dev W2K8R2 servers. My theory is that they can load their local event viewer and connect to the server remotely. The problem is that they get access denied messages.
  From my research, the only thing I need to do on the remote server is enable Server Manager Remote Management. I have done this and verfied that administrators of the dev server can run Server Manager and Event Viewer against this server remotely.
  (So the firewall rules are in place) 
  When a developer (without admin rights on the dev server) tries to connect their local event viewer to the remote dev server they get this message:
  Event Viewer cannot open the event log or custom view. Verify that Event Log service is running or query is too long. Access denied (5)
  I hope I have missed some simple permission somewhere.
  To test my theory I opened Local Security Policy on the dev server and gave the developer accounts permission to "Manage auditing and security log". This does work, and the developer is able view the Security logs, but it does not give him access to the
  Application log.
  Anyone have any suggestions?
  Thanks
  Joel

  Hi,
  With Windows Server 2008 target and source in the
  same domain, please add the domain user (without admin rights) to the "Event Log Readers" group on the target server. Then, from the source server, you can use the standard user credentials to access and read
  the event logs on the target.
  With Windows Server 2008 target and source in
  workgroup, local user account is used. You need to add the standard local user to the "Event Log Readers" group on the target server. Then,
  add a local user on source with same name and password as that on the target server. After that, from source server, you can use the standard user credentials to access and read the event logs on the target.
  For more information, please refer to the following link:
  Giving Non Administrators permission to read Event Logs Windows 2003 and Windows 2008
  http://blogs.technet.com/b/janelewis/archive/2010/04/30/giving-non-administrators-permission-to-read-event-logs-windows-2003-and-windows-2008.aspx
  Thanks.
  Nina
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

• ISE - Local site admin only has access to local users/devices?

  Hi All,
  I'm trying to configure ISE so that a local site administrator can only edit devices and users in his location, and only view reports/authentications for users at that location. I've tried setting the data access permissions to only view his location in all locations, but he can still view users authenticating on all devices.
  Does anyone have any ideas how we can filter the reports so that he only sees his site users?
  Thanks,
  Joe

  Cisco ISE 1.2 allows you to define role-based access control (RBAC) policies that allow or deny certain system-operation permissions to an administrator. Below is how you can assign roles, based on access to reports ,  to two different admins.
  http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/user_guide/ise_user_guide/ise_man_admin.html

• ADF Mobile: Read-write access to local DB using SQLite

  I am developing an android mobile app using ADF Mobile. To create the .db file i am choosing the location as
              String Dir = AdfmfJavaUtilities.getDirectoryPathRoot(AdfmfJavaUtilities.ApplicationDirectory); 
              String connStr = "jdbc:sqlite:" + Dir + "/CONTRACTS.db";
  The problem is that when i want to access this db from another app, it gives read-only permission. I am unable to perform any write operations.
  Can someone suggest how to change these permissions OR give an alternate path to save the .db file(perhaps, a directory)....that could be common to both the apps?
  -Thanks in advance

  Hi.
  There is no straightforward way to accomplish this even with a standard iOS or Android application. Some hacks exist for each platform, but could result in weaker security in some cases. My recommendation would be to have separate databases for each application, and to implement server-side synchronization mechanisms for data that must be shared between the two. That said, you didn't say much about your use case. Care to provide a bit more detail?
  Best Regards,
  Frédéric Desbiens
  ADF Product Manager
  Twitter: @BlueberryCoder
  blog: http://blogs.oracle.com/blueberry

• Read only access to few users & RW to others for Web Dynpro App in EP

  HI All,
  I am creating few Iviews using custom development and able to display on the EP fine.. Now customers want to have red only to few users and read/write access to few users.. Can any one point me to the right documentation or the steps to be performed to acheinve this.
  Thanks
  Rajeev

  Hi Rajeev,
  Please create role/group for WD applciation which you want to assign read/read & write to the users. Access the role/group in WD application and restrict the access to UI Element properties.
  Refer to below documents for protecting Access to the Web Dynpro Application Using UME Permissions.
  [help.sap.com|http://help.sap.com/saphelp_nw04/helpdata/en/f3/a64d401be96913e10000000a1550b0/content.htm]
  [Exmaple|http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/297f35cf-0201-0010-00b2-fe2f3e23d360?QuickLink=index&overridelayout=true]
  Hope it will helps
  Regards
  Arun

• Photoshop cs6 crashes with "appcrash - module ig75icd64.dll; no problem for a local admin user however. i've tried giving specified user full access to photoshop.exe and set it to Win XP compatibility. how do i fix this without giving user local admin acc

  photoshop cs6 crashes with "appcrash - module ig75icd64.dll; no problem for a local admin user however. i've tried giving specified user full access to photoshop.exe and set it to Win XP compatibility. how do i fix this without giving user local admin access?

  Danny,
  Topic or subject titles should be clear, pertinent and concise so that individual users can tell at a glance if they can help or not.
  That field is not for attempting to fit your entire question in there.
  Please keep this in mind next time you post.  Thank you.

• Execute Teststand as windows-user: which files needed for write-access

  Hello,
  which files/directories do i have to set for write access?
  Normally windows-administrator can access everything.
  But a windows-user has for example no write-acces to teststand\Cfg.
  So sometimes i get the error-message that a file is write protected.
  Is this somewhere explained in the TS-documentation that also a windows-user need write-access? I have this question from a client and i am not sure how exactly it is.
  Thx for info
  Message Edited by OnlyOne on 07-10-2009 05:36 AM

  Hi OnlyOne,
  With TestStand 4.1 and later, we changed the directories for the TestStand Cfg folder and the TestStand Public folder (formerly called the TestStand Users Directory). These changes allow a normal Windows-User to write to the TestStand Cfg and Public folders without having to specifically grant write permissions.
  Manooch H.
  National Instruments

• How do I allow users to create folders in a shared folder where we all then have read/write access to those new folders?

  I have three users who need to access a particular folder on one of our other Macs. The folder resides on the desktop of that particular Mac and it is set as "shared" with all of our accounts set to access the folder. When a user creates a new subfolder in that shared folder, the permissions are instantly set to allow the creator read/write access but the other users are only allowed read-only access. Is there a way to set the permissions so that any new folder created in that shared folder automatically gives read/write access to all accounts who are authorized access to that shared folder?

  You should be able to take the permissions you have set and "apply to enclosed items." I am trying to attach a picture of what this looks like so my apologies if it does not work.
  Highlight your folder you want and go to File>Get Info or command+I and at the bottom where it has Sharing and Permissions, click the lock button to authenticate. Click the gear and click "apply to enclosed items". See if that works.

• Access the local Mac's Time Machine without its external USB HDD?

  Hello.
  Is it possible to access the local Mac's Time Machine without its external USB HDD? Or is the external backup HDD required? This is assuming Mac OS X 10.8.5. I am not sure if the newer versions can do it.
  Thank you in advance.

  Eric Root wrote:
  Those are local snapshots. The best thing to due is backup Time Machine and then access it.
  Local Snapshots on Portable Macs
  How do I access these local (one/1)s without the external HDD connected? I do not get the TM icon option in my top menu bar.

• User has no write access to the selected members of dimension : CATEGORY

  Hello,
  Here is the Scenario:
  I have a script called DAllocate.lgf in an app - Costing. Now I need to run that app from another app called Reporting. I know that Runlogic wont work in my case because in the Dallocate.lgf there are some Runlogic commands being used. and when Runlogic is being used to call a logic that has runlogics in it, it wont work. So what I hae done is in the SSIS package in the reporting app, I have added a logic task to an existing package and specified DAllocate.lgf with the app name costing.
  Here is the issue:
  When I run an SSIS package in costing app called Dallocate(which basically runs dallocate.lgf), it runs successfully. But If I run a package called PtoCA in Reporting that has Dallocate.lgf as a logic task, it gives the following error:
  "user has no write access to the selected members of dimension : CATEGORY "
  Thanks.

  Hi,
  From your explanation it is clear that Dallocate.LGF has been run successfully in one of the logics. This means the issue is not in the Dallocate.LGF. The issue is in some other logic of the same DM package.
  First, check which logic part faces this issue. Based on your explanation, definitely not in Dallocate.LGF.
  Then, check how that particular Catergory dimension member which the user does not have access for, came into the logic calculation. Somewhere in the calculation, it is posting a value in the unauthorized member.
  Karthik AJ

• Create local account with no write access on mass computers?

  I'm running a bunch of iMacs (10.6.8 & 10.8.2) on a network managed by an Xserve (10.6.8) at a small university.  We recently purchased several Adobe suites and they apparently do not work when logged in with a  network account.  So, for at least a short term work-around, how do I easily create a local account on all the computers that does not have write priviledges to the local drives (or at least limited write--there my need to be some system folders that Adobe needs to write to locally, but not sure yet)?  I can use a network drive for saving projects (even though Adobe told me that wouldn't work...), I just don't want students to be able to manage, add/remove programs, or save their projects locally.

  Hello kikkos,
  Please take a look at the following articles about local Users and Groups.
  Local user accounts
  http://technet.microsoft.com/en-us/library/cc753450.aspx
  Default local groups
  http://technet.microsoft.com/en-us/library/cc771990.aspx
  I can’t find account or account group can have full control to the computer but have no permission to edit the local admin account.
  Best regards,
  Fangzhou CHEN
  Fangzhou CHEN
  TechNet Community Support

• Running TestStand without write access to CFG directory?

  We've just set up Windows XP user (i.e. not administrator) accounts on our test system for use by the operators.  Whenever our operator interface opens a sequence, we get the following message:
  Could Not Create Temporary File
  Error writing to file 'C:\Program Files\National Instruments\TestStand 3.5\Cfg\TestExec.ini
  NOTE: This error can occur when writing files in the TestStand configuration directory if you do not have permissions to create or write files in that directory.  To fix the problem, you can either change the settings on the coniguration directory, or change the location of the configuration directors on the Preferences page of the Station Options dialog.
  Unable to save the changes to the TestStand configuration.
  TestStand will not display this message again for errors saving this file during this session.
  Two suggested workarounds are given in the error message itself.  Both of these solutions involve giving the operator write access to the Cfg directory.
  My question is this - should it be necessary to give the operator write access to the cfg directory?  I would instinctively prefer to give them read-only access, as at present.  There shouldn't be any reason for the operators to need to change anything, indeed it is vastly preferable that the configuration never changes.
  Is there some unusual reason why TestStand needs to access this directory in our case, or does it always attempt to write to this file when a sequence is opened?  Execution of our sequences works fine beyond this point, so there obviously isn't any real need to write to these files.
  I would like to know whether there is a way to keep the CFG directory read-only but prevent this dialog from appearing, as it is alarming for the operators.  Is there something I can do to either:
   - Stop TestStand from attempting to write to the CFG directory
  or:
   - Stop it from displaying this dialog when it finds that it has read-only access
  To replicate this problem, just set up a new Windows XP user and start TestStand.  The message will then appear as soon as a sequence is loaded.  Although it sometimes doesn't - I haven't yet been able to work out the logic of when and why it appears.

  That I know of TestStand will try to update at least the last user (I think this is the stationglobals) and the MostRecentlyUsed adapter files & SearchDirectories (In TestExec.ini)...  I guess this answer the first question and I have no idea about the second one so I keep a backup of my CFG folder under revision control. I also have moved the original location of my CFG folder so that it does never conflict with the original content in ..\ProgramFiles\N..I...\T...S...3.5\Cfg

• Could not save "blablablabla" becuse write access was not granted, this users have full permissions.

  We have several MAC OSX 10.9.3 users that use adobe CC and then having trouble save your files on the network the error is Could not save “blablablabla” because write access was not granted, this users have full permissions.

  Some 10.9.3 links
  -next link says After Effects, but check YOUR permissions !!!
  -http://blogs.adobe.com/aftereffects/2014/06/permissions-mac-os-start-adobe-applications.ht ml
  -Mac 10.9.3 workaround https://forums.adobe.com/thread/1489922
  -more Mac 10.9.3 https://forums.adobe.com/thread/1491469
  -Enable Mac Root User https://forums.adobe.com/thread/1156604
  -more Root User http://forums.adobe.com/thread/879931
  -and more root user http://forums.adobe.com/thread/940869?tstart=0

• Deleting local user profile on RDS without reboot

  I need to delete the local profile for a user on our RDS server, because of a problem with this user.
  Since the user was using RDS a few days ago, and RDS wasn’t rebooted since, I can’t delete the local profile. When I go to advanced system settings—user
  profiles. The ‘delete’ option is greyed out.
  I know that I can reboot the server then will be able to delete it, but since this server is serving many users, it means they all have to stop using it.
  Is there a way to delete this user’s profile without rebooting the server?
  I use sever 2008 R2.
  Thanks

  Hi,
  A local user profile is created the first time a user logs on to a computer. The profile is stored on the computer's local hard disk. Changes made to the local user
  profile are specific to the user and to the computer on which the changes are made.
  Windows security requires a user profile for each user account on a computer. The system automatically creates a local user profile for each user when the user logs
  on to the computer for the first time. The system automatically maintains the settings for each user's work environment in a user profile on the local computer.
  Windows Vista and later: User profiles are managed through the
  User Accounts control (UAC) panel item.
  You can open the
  Control Panel and click User Accounts, then click the Change User Account Control setting, dropped to the lowest turn off UAC. Press OK.
  Then you can use administrator account try again to see whether you can delete the local user profile or not.
  More information:
  http://blogs.msdn.com/b/rds/archive/2009/06/02/user-profiles-on-windows-server-2008-r2-remote-desktop-services.aspx
  Technology changes life……

• Server 4: Local user can't access restricted website

  Hello.
  One of our locally hosted websites (LAN-only) is set up to require restricted access via OS X Server's "Access Group" setting. It contains a number of OD-based users and a single local user (the machine's admin user). All OD-based users can access the website (after supplying their credentials), but the single local user can't (keeps rejecting the credentials). This worked fine for this user under 10.9 Server—the issue has only been introduced after the 10.10 upgrade.
  The only thing I'm able to find in the logs is:
  [Thu Oct 23 13:03:23.125136 2014] [apple_digest:error] [pid 1971] [client XXX.XXX.XXX.XXX:XXXXX] Access to / failed, reason: user 'XXX' does not meet 'require'ments for user to be allowed access
  [Thu Oct 23 13:03:23.125276 2014] [authz_core:error] [pid 1971] [client XXX.XXX.XXX.XXX:XXXXX] AH01631: user XXX: authorization failure for "/":
  I've confirmed the correct credentials being used (as it's the same user used to physically access the server itself).
  Anyone have any ideas what might be wrong?
  Thanks,
  Kristin.

  I opted to use ".com.na" in which case the Internal Domain Name and Internet Website
  now has the same name.
  This ends up with a split-DNS stup for internal and external resolution which requires extra administration tasks and attention from the administrators.
  When attempting to open the extarnal website eg. "www.company.com.na" from a client PC within the internal "company.com.na" Domain, I keep getting error "403 - Forbidden: Access is denied. You do not have permission to view
  this directory or page using the credentials that you supplied."
  I should also mention, the website is hosted by an ISP and not locally.
  I added a "www" Host record in the Forward Lookup Zone, I have added the url and ip address to the Hosts file on a client pc (Windows 7) and even tried setting up Split-Brains DNS. Nothing seems to work.
  Running a Tracert takes me to the correct public ip address of the website, but I keep getting this 403 error.
  This means that you are able to reach the Website but it is responding with the access denied error message. That should be checked on the middleware level so if this is IIS running then I would recommend asking them in IIS forum: http://forums.iis.net/
  If this is a Website that is completely managed by your ISP then I would recommend checking with them.
  This posting is provided AS IS with no warranties or guarantees , and confers no rights.
  Ahmed MALEK
  My Website Link
  My Linkedin Profile
  My MVP Profile