Removing the responsbility of user maintenance from the DBA

Similar Messages

• Remove picture/link to 'user accounts' from start menu by GPO

  Hi,
  I'm trying to remove everything from the start menu, users will have desktop short cuts appropriate to their role and nothing else.  The last item I cannot disable or remove is the picture which also functions as a link to 'user accounts'.  I don't
  care if the picture stays just so long as it is completely static.
  Alternatively, a means to completely remove the start menu would be fine.
  Thanks
  Julian

  Am 24.04.2013 18:43, schrieb JulianCox:
  > I don't care if the picture stays just so long as it is completely static.
  Simply block Control Panel - Users and Groups, and nothing will happen...
  http://gpsearch.azurewebsites.net/#4694
  http://gpsearch.azurewebsites.net/#4697
  NO THEY ARE NOT EVIL, if you know what you are doing:
  Good or bad GPOs?
  Wenn meine Antwort hilfreich war, freue ich mich über eine Bewertung! If my answer was helpful, I'm glad about a rating!

• How to remove the option "Set as default background..." from the right-click menu on a picture, for all users.

  Hi! I would like to know if there is any possibility to remove the option "Set as default background..." from the right-click menu on a picture, for all users. I know that's possible to edit userContent.css or userChrome.css, but this concerns only a profile at a time and being in a domain, I would like to set this for all people using Firefox.
  Can it be possible to edit a mozilla.cfg file to get the same result?
  Thank you in advance for help and tips.

  AFAIK then there is no way to do that system wide. You can only do that via userChrome.css or an extension like the Menu Editor per profile .You can install extensions globally, but the user will have to enable them anyway. That is not required for userChrome.css code.

• Vb scripts to remove the user from the member of perticular group (say from domain admin) from windows servers 2003 and 2008

  Hi,
  I need VB script which to checks the perticular user in AD and if it exists;that user needs to be removed from the member of perticular group
  Ex:- Lets say
  I have a user 783562 , I need to search this user in AD to verify user exists or not. If not then I no need to remove the mebership from perticular group
  Second scenario:-
  If user exists then I need to remove the user membership from the perticular group.I want to do it in automation
  Manual Path:-
  1.Type dsa.msc in run command of IT session(we using it to connect remote desktop).
  2. Select the domain & right click (EX:-corp.ds.xxyyzz.com) and select "Find" to find the user form the domain.
  3. Type the user name in the Name field and click on "Find Now" button user name will be displayed in search result.
  4. Double click on this user ID and select "Member Of" tab.
  5. Select any member of group from the Name section then click on "Remove" button.
  6. Finally click on "Apply" and "OK" button.
  Kindly help me out to do this by using vb script.
  Thanks
  Raja

  Usage: CScript NameOfVBS.vbs //NOLOGO /User:Jane.Doe /GroupDN:CN=Group1,DC=Contoso,DC=com
  Option Explicit
  On Error Resume Next
  Dim str_User
  Dim str_GroupDN
  Dim obj_Connection
  Dim obj_Command
  Dim obj_RootDSE
  Dim str_DNSDomain
  Dim str_Base
  Dim str_Filter
  Dim str_Attributes
  Dim str_Query
  Dim obj_RecordSet
  Dim obj_Group
  Dim str_ADsPath
  Dim obj_User
  str_User = WScript.Arguments.Named("User")
  str_GroupDN = WScript.Arguments.Named("GroupDN")
  If Len(Trim(str_User)) > 0 And Len(Trim(str_GroupDN)) > 0 Then
  Set obj_Connection = CreateObject("ADODB.Connection")
  Set obj_Command = CreateObject("ADODB.Command")
  obj_Connection.Provider = "ADsDSOOBject"
  obj_Connection.Open "Active Directory Provider"
  Set obj_Command.ActiveConnection = obj_Connection
  Set obj_RootDSE = GetObject("LDAP://RootDSE")
  str_DNSDomain = obj_RootDSE.Get("defaultNamingContext")
  str_Base = "<LDAP://" & str_DNSDomain & ">"
  str_Filter = "(&(objectCategory=person)(sAMAccountName=" & str_User & "))"
  str_Attributes = "cn,ADsPath"
  str_Query = str_Base & ";" & str_Filter & ";" & str_Attributes & ";subtree"
  obj_Command.CommandText = str_Query
  obj_Command.Properties("Page Size") = 1000
  obj_Command.Properties("Timeout") = 1
  obj_Command.Properties("Cache Results") = False
  Set obj_RecordSet = obj_Command.Execute
  obj_RecordSet.MoveFirst
  If obj_RecordSet.RecordCount = 0 Then
  WScript.Echo str_User & " was not found"
  Else
  Set obj_Group = GetObject("LDAP://" & str_GroupDN)
  str_ADsPath = obj_RecordSet.Fields("ADsPath")
  Set obj_User = GetObject(str_ADsPath)
  obj_Group.Remove(obj_User.AdsPath)
  If Err.Number = 0 Then
  WScript.Echo str_User & " was removed from group " & str_GroupDN
  ElseIf Err.Number = -2147016651 Then
  WScript.Echo str_User & " not a member of group " & str_GroupDN
  Else
  WScript.Echo str_User & " error removing from group " & str_GroupDN
  End If
  End If
  End If

• Cannot view the folder security after removed the default "users" group from folder

  Hi guys
  Due to the domain change, I am doing a windows 2003 server migration to windows 2012 for a file server.
  Tones of data have been copied from the old 2003 server to the new setup 2012 server.
  We need remove the "builtin\users" group from the folder security to maintain correct rights access of user to network folder.
  Once the "builtin\users" group has been removed, the account in domain admin group can no longer read the folder security.
  Has anyone faced the similar situation? 
  Or, is there any change in folder security rights of Windows 2012?
  Thanks in advance
  KC@ITL

  Hi,
  Glad to hear that the issue has been resolved.
  If you need any assistance in the future, please do not hesitate to post in our forum.
  Regards,
  Mandy
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Restrict Standard User from not removing the COM-Addins registered under HKLM with Admin rights.

  Hello,
  I have developed a COM-Addin for word 2013 by VS 2013 and installed it under the HKLM with Admin rights. Now from an non-admin account, ie Standard User I'm able to uncheck that addin from the COM-Addins dialog and remove it also. Previously I have done the
  same thing for word 2007 addins and if a non-admin user tries to uncheck it the warning "The
  connected state of Office Add-ins registered in HKEY_LOCAL_MACHINE cannot be changed" pops
  up. But this is not happening for office 2013 apps(basically word, excel and powerpoint). 
  This is happening for all Add-Ins installed under HKLM.
  How can a Standard User be restricted from unchecking and removing the Office Addins registered under HKEY_LOCAL_MACHINE with same warning "The
  connected state of Office Add-ins registered in HKEY_LOCAL_MACHINE cannot be changed" in
  a pop-up box?
  Regards, Sayan

  Hi,
  The behavior is changed since Office 2010. Office 2010 and Office 2013 allows a standard user to turn a per-machine add-in off by unchecking the add-in in the COM Add-ins dialog.
  To restrict Standard User from not removing the COM Add-ins, we can try to add the add-in to
  the Group Policy option: List of managed add-ins in the Office Group Policy template.
  Word for example, the policy is under:
  User Configuration\Administrative Templates\Microsoft Word 2013\Miscellaneous
  To enable this policy setting, provide the following information for each add-in:
  In "Value name", specify the programmatic identifier (ProgID) for COM add-ins, or specify the file name of Word add-ins.
  To obtain the ProgID for an add-in, use Registry Editor on the client computer where the add-in is installed to locate key names under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins.
  To obtain the file name of an add-in, click the File menu in the application where the add-in is installed. Click Options, click Add-ins, and then use the Location column to determine the file name of the add-in.
  In "Value," specify the value as follows:
  To specify that an add-in is always enabled, type 1.
  Hope this helps.
  Regards,
  Steve Fan
  TechNet Community Support

• How do I stop iTunes (10.7) from automatically launching upon restart?  "Open at Login" is NOT checked in the dock and I have removed the app from Login Items under Users/Groups.  I am using a MacBook version 10.7.5.  Thank you!

  How do I stop iTunes (10.7) from automatically launching upon restart?  "Open at Login" is NOT checked in the dock and I have removed the app from Login Items under Users/Groups.  I am using a MacBook version 10.7.5.  Thank you!

  Thanks for the response gakker, but I've double-checked the camera / iPhoto / Image Capture scenario, and I'm 100% positive it's got nothing to do with that.
  Plugging in my iPhone has no effect on anything related to this.
  The other thing I should have mentioned is that when iTunes on my Mac is NOT running, then nothing happens on my iPhone screen when I plug it in to my Mac. I only get the "Sync in progress" message when iTunes IS running.
  It's interesting though that you say you also get this "Sync in progress" message, albeit only for a second or two though.
  Can I just double-check something with you however... When you say:
  +"at no time was my iTunes playback interrupted"+
  do you mean the iTunes on your Mac? Because the problem I have is that the iPod-playback on my iPhone is interrupted.
  So can you clarify that for me, please? If you have music playing on your iPhone, and you then plug your iPhone into your Mac when iTunes is running on your Mac, does the music playback on the iPhone get interrupted?

• Contact old iPhone user to get them to remove the iPhone from their account.

  I am very frustrated. This isn't a question for say, but venting about my anger towards Apple. I bought by phone from a 3rd party who bought the same phone from another person on eBay. The iPhone was water damaged. I have a background in Radio Repair, so I fix phones on the side. Not really for profit, but as a hobby. I am now stuck with a working phone that has the stupid iCloud activation notice. I don't understand why apple can't either give you the e-mail of the person, or since that might be considered  a security breach for some reason, email the previous user for us requesting they remove the unused phone from their account. Or is it apple trying to make more money, forcing me to buy a new iPhone.
  I have two iPhone 4 that I use, and I wanted an iPhone 5. Well now I have a iPhone 5 that's a paperweight.
  btw. the previous owner never used facetime, so that trick is out !!!!
  It would be cool if an option on the activation help could automaticly have the option to contact the previous owner on our behalf, and give them the instructions to remove the phone from their account. Or given them a chance to respond back if the phone was lost or stolen.

  You are raising a number of issues, all of which limit Apple due to abiding by privacy and security.  We are all fellow users and not Apple employees so cannot speak for Apple, but describe what we understand to be the conditions.
  Release of personal information, inclucing email, simply cannot ever happen for privacy concerns.  Plus uncertainty over just who the current owner of a device might be and how that device has been setup.  You could end up going in bigger circles as you indicate more than one previous owner of the iPhone.
  The Activation Lock is an anti-theft protection that Apple has been praised by law enforcement for implementing.  While it is an inconvenience for reselling some devices when previous owners do not properly cleanse their devices, there have been numerous cases brought up on here that are pretty conclusively dealing with stolen iOS devices.
  All that can be done is somehow contact the previous owner and have that person remove the iPhone from his/her iCloud account so you can use it, as you have acknowledged.  Apple cannot get involved for legal reasons.

• Removing the user from standard task group

  Experts,
  I need to remove the one user from the standard task "Display MC Document (outbound w/o IDoc)". Since it is a standard task I'm not able to make any changes.
  I hope I need to change in the agent which is assigned to this task. But donno how to find the agents assigned to this task.
  Please help me in resolving this.
  Thanks,
  Naveen

  Hi Naveen,
  If that user assigned as the 'Possible agent' of the task then you can remove the user easily.
  In the workflow template, go that activity. Under the Task ID there is a option called 'Agents' and click that icon to open. In the new screen, the possible agents of this task will be displayed.
  Select the desired user and delete it.
  Thanks,
  Viji.

• How do I remove the Master PSN User from PS3?

  Hi - advance apologies if this has been covered elsewhere. I am selling my PS3 500gb charcoal black super slim console (CECH-4003C).
  I have been trying to delete the master user name from the console without success. I tried the HDD reformat process (4 hours long!) which didn't work. I also tried signing into PSN and clicking deactivate under account management. No luck.
  Anyone know the way to do this? Thanks

  The 'Restore system' option in the PS3's settings will delete everything and return the console to the same state it was the very first time you switched it on  http://manuals.playstation.net/document/en/ps3/current/settings/restoreps3.html

• Update showing up in "Compliance 5 - Specific Computer" Report even after removing the update from the Software Update before creating Group and Package

  So I've created a Software Update Group and I did NOT want anything in there dealing with Internet Explorer 11 since the organization is currently stuck at using 10 as the highest. So I made sure that Internet Explorer was NOT in the list and then I deployed
  the package. 
  After running my Overall Compliance report it shows that the systems are compliant, but when I view the "Compliance 5 - Specific Computer" I see that "Internet Explorer 11 for Windows 7 for x64-based Systems" is listed in the report. 
  This is just a testing phase right now and I have not created a WSUS like Domain level GPO. I understand that the SCCM client creates a local policy on the clients for the location of the Software Update Point (Specify
  Intranet Microsoft update service location), but the "Configure Automatic Updates" policy is set to Not Configured, which it looks like when this
  is set, the "Install updates automatically (recommended)" at 3AM is the default. 
  Is the reason why the "Internet Explorer 11 for Windows 7 for x64-based Systems" update is showing up in the list due to the fact that the "Configure
  Automatic Updates" policy is set to Not Configured
  and therefore it is still reaching out to check Windows Update online? 
  So, if I do create a Domain level GPO to Disable the "Configure
  Automatic Updates" policy, then the "Internet Explorer 11 for Windows 7 for x64-based Systems" update would not show up in the "Compliance 5 - Specific Computer" report?
  By the way, I have a Software Update Maintenance Window configured for the hours of 1AM-4AM so the 3AM default time falls within this time frame, therefore, I am assuming the SCCM 2012 client will not allow the Windows Update Agent to install the "Internet
  Explorer 11 for Windows 7 for x64-based Systems" update, even though it has detected it is "Required". 
  Thanks

  But, don't you need a Deployment Package in order to deploy the Software Update Group? The Software Update Group uses the downloaded updates contained in the Deployment Package located in, wherever the Package Source is, right?
  One more quick question that you will know right off hand, because, well, you just will I'm sure.
  No. The software update group really has nothing to do with any update packages. The update group assigns updates to clients and in turn clients use update packages to download assign and applicable updates from. There is no connection between the two though
  as the client can download an update from any available update package. Thus, it's more than possible to updates in an update package that are not in any update groups and it is also possible for an update to be in an update group without being in any update
  package.
  If the "Configure Automatic Updates" policy is set to "Not Configured" and since this keeps the 3AM Automatic Updates default, if I was to remove the Software Update Maintenance Window from being between 1AM-4AM, will the WUA agent install updates
  at 3AM, or no because the SCCM 2012 client still manages and oversees it and basically blocks that from occurring?
  No, ConfigMgr does not in any way block the WUA; however, the WUA can only autonomously install updates it downloads directly from WSUS. Thus, since there are no updates approved or downloaded in your WSUS instance, there's nothing for it to download and
  install. If you happen to actually be going into WSUS and approving updates (which you should not be doing as its unsupported), then yes, it actually would install updates -- this is outside of ConfigMgr's control though. Generally, disabling the WUA via a
  GPO is the recommended to prevent any accidental installations or reboots (as the WUA wil also check for initiate pending reboots outside of ConfigMgr).
  Lots more info in these two blog posts:
  - http://blog.configmgrftw.com/software-update-management-and-group-policy-for-configmgr-what-else/
  - http://blog.configmgrftw.com/software-updates-management-and-group-policy-for-configmgr-cont/
  Jason | http://blog.configmgrftw.com

• How to remove the select button from the alv grid

  Hi,
  I am using the Function modules for alv report,
  My 1st field in the list is checkbox,
  User can select the checkbox for further process.
  My problem is I want to remove the standards select option from alv.
  I have searched in slis_layout_alv for any option, but I could not.
  Please help me.
  Regards
  Rajan

  HI
    Exclude process options from ALV
      PERFORM alv_excl. ( g_r_excl     TYPE  ui_functions  . )
  FORM alv_excl.
    APPEND cl_gui_alv_grid=>mc_mb_sum          TO  g_r_excl.
    APPEND cl_gui_alv_grid=>mc_mb_subtot       TO  g_r_excl.
    APPEND cl_gui_alv_grid=>mc_fc_graph        TO  g_r_excl.
    APPEND cl_gui_alv_grid=>mc_fc_info         TO  g_r_excl.
    APPEND cl_gui_alv_grid=>mc_fc_print_back   TO  g_r_excl.
  ENDFORM.                    " alv_excl
  CALL METHOD g_r_grid->set_table_for_first_display
            EXPORTING
              is_layout                     = g_r_layo
              is_variant                    = g_r_variant
              it_toolbar_excluding       = g_r_excl
              i_save                        = 'X'
            CHANGING
              it_outtab        = g_t_yetprint[]
              it_fieldcatalog  = g_t_fieldcat.
  Options appended in g_r_excl, will be excluded from ALV
  Praveen

• How to remove the automatically recognized hyperlinks in PDF after converting from Word?

  Hi everyone!
  When converting Word to PDF, texts with "http", "www", or email addresses with "@" are automatically hyperlinked.
  The way Adobe Acrobat recognizes URLs is not by the text's underlying hyperlinks rather it is by the actual characters in the text.  If the text contains "http" or "www" it recognizes it as a URL address, if it contains "@", it recognizes it as an email address.
  I am aware that you could choose to disable the hyperlinks by going to Edit - Preferences - General - untick Create links from URLs. However, other users who have this ticked will still be able to click on the hyperlinks.
  In Word, you can specify whether to add a hyperlink or not, or to direct the hyperlink to a different path.  But in Adobe Acrobat, it automatically recognizes the hyperlink by its text.  I know it is possible to manually add a hyperlink to a PDF, but is it possible to remove the automatically recognized hyperlinks?
  Is there also some sort of ADM administrative template for this purpose?
  Thanks.
  .m.u.r.d.o.c.h.

  I was thinking it could be possible with a document-level script that
  removes all links, but then I saw that the link Acrobat adds are not real
  link objects, so a script can't remove them. Therefore I think the answer is
  no, you can't do it. The only way might be to use shorter addresses in order
  to confuse Acrobat into thinking they're just plain text. For example, use "
  google.com" instead of "http://www.google.com/". In my tests it remained as
  plain text.

• How to remove the Option "Only Refer Excise Invoice "from MIGO

  Hello,
  We are using the ECC 6.0. while suppose material is excisable then there are Four options will come in MIGO --Excise Invoice tab
  1)Only Cature Excise Invoice
  2)Only Refer excise Invoice
  3)Only Part1
  4)No excise Entry
  As per my client requirement then only need two options in MIGO.
  1)Only Part1
  2)No excise Entry
  Bcz they want to Capture and Post excise Invoice in J1IEX only...
  I have tried from Tax on goods movementIndia-Basic settings--Excise Grp settings..... Here in MIGO settings  we can remove the Click from "EI Capture"....Then we will not find the Capture excise Invoice in MIGO. Next How to remove the "Only refer Excise Invoice from MIGO..
  Regards
  sapman

  Hi,
  You can capture Excise Invoice w.r.t. PO in J1IEX and then refer it during MIGO (Note: - You are not capturing Excise Invoice again, only referring it) and then Post it in J1IEX.
  And in case of Stock Transport Orders, you need to refer the Excise Invoice No at the time of GR in receiving plant which is posted in the Supplying Plant (via J1IIN) so that system will copy all the duties same as of that invoice and user need not to do any manual intervention.
  Also in case of Imports, first you capture Bill of Entry w.r.t. PO in J1IEX and then refer it during MIGO and finally post it in J1IEX.

• Can we remove the Continue button from Quiz Results?

  Hi Everyone,
  Is there any way to remove the continue button from the Quiz Results page?
  I have a captivate file in which there is a Thank you slide at the end after the Quiz results slide. Now, here's the problem - The user is just finishing the quiz and closing the browser tab - which is not showing the completion status inside LMS. The user must need to view the Thank you slide  -  so that the LMS can respond as "Completed" status.
  Now, I want to remove the Continue button on Quizzes result slide so that user doesnot need to go ahead to next slide to complete the course. And i will put the Thank You message here in Quizzes result slide only.
  Can I remove the continue button from the Quiz Results page so that it can be the last slide?
  Regards
  Vikas Sharma

  Removing the Continue button from the Quiz Results slide is NOT a good idea in my experience.  Clicking the Continue button triggers functions in Captivate to terminate the quiz and commit the score to the LMS.  If this button is not clicked, Captivate may not be sure the person has decided they're done with the quiz and wants their score to be captured by the LMS at that point.  There are often other buttons on the Quiz Results slide to offer the user the option of Retaking or Reviewing the Quiz.  Only the Continue button is designed to take them further beyond the Quiz Result slide.
  Like yourself, I have also found learners often fail to grasp the importance of the Continue button and don't realise they need to do something extra (beyond reaching the Quiz Results slide) in order for their score to be captured.  So what I usually do is rename the Continue button to something more meaningful such as: Register Your Score, or Record Quiz Results Now.  Having a name like this (and making the button nice and large and bold so that it's not easy to miss) clearly tells people that they need to click this button if they want their score to be retained.  It's just a simple change, but it practically eliminated all issues we had with people just closing down their browser when they saw the Quiz Results.