Required AD admin permissions?

Similar Messages

• Can I remove admin permissions from main account then create new one?

  I have heard that it is considered best practice to use an account that does not have administrator permissions for normal use, especially when connected to the internet for safety reasons. I am the only user of my Macbook and only have one account, the one that was created when I first used the computer. I obviously don't want to have to start all over again and so is there a way that I can safely create a new account, give it administrator permissions that I would use just for times when I need to make system changes and remove the admin permissions from my first account so that I don't have to migrate all my files and setting to a new user account?

  Yes it is, for security reasons. When you log in as an administrator, everything you do, every command you run, runs with admin privileges. If you open a trojan or other malware as an administrator, you hand over much of your system to the malware. By running as non-admin, only the contents of your home folder are vulnerable.
  Consider a trojan that modifies Safari, so that next time you make an online purchase, Safari captures your credit card number and sends it to a third party. If you opened that trojan as an administrator, the trojan could install itself without your knowledge. If you were running as non-admin, it would have been stopped in its tracks.
  If you need any more convincing, you can read what Apple has to say about it:
  Each user needing administrator access should have an individual administrator account in addition to a standard or managed account. Administrator users should only use their administrator accounts for administrator purposes. By requiring an administrator to have a personal account for typical use and an administrator account for administrator purposes, you reduce the risk of an administrator inadvertently performing actions like accidentally reconfiguring secure system preferences.
  Unless administrator access is required, you should always log in as a nonadministrator user. You should log out of the administrator account when you are not using the computer as an administrator.
  (from page 42 of this document)

• Make mobile account with admin permissions without administrator INFO...

  How do you bypass the admin permissions with mobile account? How do you make mobile account unlock things? You do you do the secret and rare system administrator login screen, where it says up on the top System Administrator, where nothing would be there? How to force your computer to go to single user mode, not command s or apple s, because that doesn't work for me? How do enable isight -camera without no admin password, no terminal? Is there extension for mac so that it will run and unlock things or open programs without administrator permissions? I need something that will UNLOCK MY macbook, please help. Where can I download password reset.APP for free that comes in the mac os x leopard disc? Thanks for the help...

  Why don't you just use your OS X install disc? It has a password reset utility on it.

• Mac OS X 10.5 destroyed my Admin permissions

  Ok. I had originally installed Mac OS X 10.5 on my Macbook, but the hard drive got screwed due to an impact on the floor while running Windows XP. I decided to install 10.5 on my Mac Mini, and for some reason, my Admin permissions were destroyed. No Admin account is available, and it says my account (which is the only account on there) is a standard account. I tried to reset the password, but that failed. Can anyone help?

  I wouldn't THINK it is private: it is in the User Tips forum, and it would seem rather counter-productive for that to be private. I hope no one, like Michael (whom I think the world of) gets mad at me, but here it is:
  Re: I lost my admin user
  Posted: Nov 1, 2007 12:31 PM
  Revised to incorporate Niel's corrections:
  I lost my admin user (OS X 10.5)
  If you are unfortunate enough to delete your only admin user, or remove his admin capability, then as long as you have another user with login capability, you can give that user admin rights as shown below. You can then re-create the original user or reinstate the admin capability using the Accounts Pane in System Preferences.
  Print this post out in a mono-spaced font, and type carefully, paying attention to spaces and punctuation, since you cannot copy/paste in Single User mode.
  Caution: in single user mode you have root privileges. Be careful! Substitute the name of 'youruser' below.
  Boot into single user mode (Command-S) at startup which will eventually get you a shell prompt (ending in #). Then type the following:
  fsck -fy
  Repeat the above until it says your disk is OK. Then continue with
  mount -uw /
  dscl . -merge /groups/admin users youruser
  If you get a message saying "invalid path", then type these two commands first:
  dscl . -create /groups/admin gid 80
  dscl . -create /groups/admin passwd '*'
  and then repeat the "dscl ... -merge" command. Then:
  reboot
  You will now be able to login as 'youruser' and have administrative privileges.
  Membership of the 'admin' group is the only thing that distinguishes administrative users from ordinary users.
  Michael Conniff

• Domain admin permissions missing

  our domain admin permissions missing and the Active directory user and computers cannot open,
  also have show the error msg.
  please help me.

  Hi,
  Would you please go to Event Viewer to see what error events were logged and keep us posted?
  At this moment, I suggest that we can run Dcdiag/v command to check the health of the DC.
  Regarding Dcdiag, the following article can be referred to as reference.
  Dcdiag
  http://technet.microsoft.com/en-us/library/cc731968.aspx
  Best regards,
  Frank Shen

• Continuous 'Fetching' of User's 'Home' Admin Permissions

  I am trying to Export a .MOV file out of iPhoto to a folder on my Desktop using File➙Export➙ File Export with Kind = Original. However the operation fails giving the message " Exporting....  Unable to create /Users/Username/Desktop/ ".
  Someone suggested checking Permisssions for my HOME folder. 
  Opening the Get Info for my Home folder I notice something odd is going on. At the bottom, the 'Admin' section constantly says it is 'Fetching...' and is greyed out. Also the last modification date was set to several weeks ago, at the end of May 2013.
  https://dl.dropboxusercontent.com/u/11373233/MacDiscussions/Fetching%20Screen%20 Shot%202013-07-15%20at%2017.51.20.png
  I wonder if this is why I get the error when saving the .MOV file to the Desktop?  If so, how can I fix this?
  I have tried repairing permissions, but Disk Utility didn't find anything relevant to my Home folder - just a single Java related item that needed to be repaired.  And only that one item too. Apple must have tidied up the Permissions reports. I have also tried unlocking the Get Info window and changing the Admin Permissions to something else.  They change of course but the "Fetching..." doesn't go away.

  The following is an exception to the rule that you should never make any changes to backup data. I've tested this procedure in OS X 10.8 only. I don't know whether it works in earlier versions of OS X. Use this procedure only for files that were backed up from your home folder, or a folder on another volume created by you, and would normally be writable by you. Do not touch backups of system or application files.
  In the Finder (not in the time-travel view), navigate to the backup volume, then to the folder named "Backups.backupdb", and then to the snapshot you want to restore from. The snapshots are folders labeled with the date when they were created. Inside each of those folders is a file hierarchy like the one on the volume that was backed up. Descend through the hierarchy until you come to a folder named "Users," and inside that, a folder with your user name. The procedure will be different if you're trying to restore files on another volume.
  Select the folder and open the Info dialog (command-I). Click the padlock icon in the lower right corner of the window and authenticate. In the Sharing & Permissions section, give your account Read & Write access. You may have to close the dialog and repeat this step in order for the change to show up. Then click the gear icon and select Apply to Enclosed Items from the popup menu.
  Try the restore operation again, in the time-travel interface.

• AIRHELP application installation requires local admin priviledge

  Hi experts, please help!
  I demoed the RoboHelp 9 with Desktop AIRHELP(we need comments)  to our users and everything looked perfect, except one issue: every change from the editor, she will need to create a new .air application and someone need to go and install that file to each user's computer, and whoever go to install need to have local administrator's priviledge.
  what we want is using the autoupdating function, it will definitely require local admin for each user. I am wondering how you solve this issue? as our IT department would not be happy with this requirement.
  Thanks,
  Frances

  Please see http://www.riaspace.com/2011/08/bundling-air-3-runtime-in-air-desktop- applications/
  Air 3.0 allows installation of the AIR Runtime without admin rights but it requires packaging the AIR runtime inside the AIR application itself. RoboHelp AIR Help is an AIR application but the runtime is not packaged within it. There is thus no change for AIR Help. It will still require the separate installation of the runtime and the help and both will need admin rights if installed by the end user.
  The help can be installed by a local IT Admin who can push the installation rather than installing it manually on each machine. That is described on my site.
  See www.grainge.org for RoboHelp and Authoring tips
  @petergrainge

• RoboSource Control Admin Permissions

  From within RoboSource control, the Admin checkbox in the Admin user account was deselected. RoboSource threw an error when I tried to re-select it, saying I (as admin) didn't have permission. It closed, and now I cannot log into the dbs as Admin (or any other account). How can I reset the Admin account for our database? Is there a file on the server that I can edit to do this outside of the GUI?

  Hi, Efilip, and welcome to the board. Do you recall having made that change to the settings? If not, it's possible that rebooting your server will restore it to sanity. When our server hasn't been rebooted for a while, one of the problems that tends to arise is that account permissions get strange. This clears up with the reboot.
  On the other hand, I remember accidentally removing admin permissions from an account. Had I not had another admin account set up, I would have been in the same position you're in, as RSC Explorer wouldn't let me do anything to remedy the situation.
  There might be a way to change the setting, as you suggest, but I'm not aware of it. Perhaps your SQL administrator can help? Barring that, and if rebooting the server doesn't help (or reverting to an earlier backup of the db isn't practical), then you should probably contact Adobe support to see if they can tell you how to reset the admin rights.
  G

• Acrobat Pro 7 self-heal problem - 10.4.x standard account admin permissions

  Hi,
  Installed Acrobat Pro 7 as part of Adobe CS 2 - one brand-new G5, and one erase-and-new-install of Tiger 10.4.6 and all apps on a G4 eMac. Same problem on both.
  When in a standard user account, repeatedly on launch (apparently during the install/heal step) Acrobat requests administrator password. It fails there without it. And if you give it, it is required again the next time you launch. Permissions repair, etc., and re-install did not help. Nothing came up at the official Adobe support knowledgebase.
  Found http://www.macfixit.com/article.php?story=20060224083356302 which suggested manually editing the Root/Library/Application Support/Adobe/Acrobat/CS2ENUProSelfHeal.xml file (changing instances of "Bib" to "BIB" in some .frameworks).
  The Adobe User-to-User forums at http://www.adobeforums.com/cgi-bin/webx?[email protected]@.3bbede30 discussed editing additional files inside the Acrobat application package (Adobe Acrobat Professional/Contents/MacOS/AcroENUProSelfHeal.xml and /CS2ENUProSelfHeal.xml), as well as others that the Acrobat installer puts inside of Safari - once again for Bib/BIB.
  All this apparently to prevent some sort of cyclical self-break/self-heal that needs admin permission on every launch of the app - the problem appearing to be (with OS X case sensitivity) that app looks for and (re)writes individual files by "different" names in various places (i.e. "AdobeBibUtils.framework" vs "AdobeBIBUtils.framework) in this app.
  These edits didn't work in my case. I wonder if any other files might also need to be changed - in fact I saw Bib/BIB use inside of some other CS2 app related files as well.
  Would rather not permit general admin access to public machines. Would rather not edit application files. Any suggestions are appreciated. Thanks.
    Mac OS X (10.4.6)  

  Hi welcome
  Check out this link, should help
  Also, network issues are involved with 10.4.6
  http://www.adobe.com/support/techdocs/332657.html

• Macbook pro computers Admin permissions usurped by hackers

  My Macbooks have been compromised since May, 8th 2013. Applecare has wiped my newest mac six times. Recently, User pane shows multiple users who controled all apps, screen sharing, printing, etc. Applecare told me to delete the users. I did and was reduced to a "Standard User" on my Macbook pro. My console had repeatedly revealed I was networked and under a VPN (cell phones, home line, computers) . Also, my Icloud account has been hacked multiple times. Can anyone assist me in this security issue?
  Thank you,
  Bobbie Ann

  1. This procedure is a diagnostic test. It changes nothing, for better or worse, and therefore will not, in itself, solve the problem. But with the aid of the test results, the solution may take a few minutes, instead of hours or days.
  2. If you don't already have a current backup, back up all data before doing anything else. The backup is necessary on general principle, not because of anything in the test procedure. Backup is always a must, and when you're having any kind of trouble with the computer, you may be at higher than usual risk of losing data, whether you follow these instructions or not.
  There are ways to back up a computer that isn't fully functional. Ask if you need guidance.
  3. Below are instructions to run a UNIX shell script, a type of program. All it does is to collect information about the state of the computer. That information goes nowhere unless you choose to share it. However, you should be cautious about running any kind of program (not just a shell script) at the behest of a stranger. If you have doubts, search this site for other discussions in which this procedure has been followed without any report of ill effects. If you can't satisfy yourself that the instructions are safe, don't follow them. Ask for other options.
  Here's a summary of what you need to do, if you choose to proceed:
  ☞ Copy a line of text in this window to the Clipboard.
  ☞ Paste into the window of another application.
  ☞ Wait for the test to run. It usually takes a few minutes.
  ☞ Paste the results, which will have been copied automatically, back into a reply on this page.
  The sequence is: copy, paste, wait, paste again. You don't need to copy a second time. Details follow.
  4. You may have started the computer in "safe" mode. Preferably, these steps should be taken in “normal” mode, under the conditions in which the problem is reproduced. If the system is now in safe mode and works well enough in normal mode to run the test, restart as usual. If you can only test in safe mode, do that.
  5. If you have more than one user, and the one affected by the problem is not an administrator, then please run the test twice: once while logged in as the affected user, and once as an administrator. The results may be different. The user that is created automatically on a new computer when you start it for the first time is an administrator. If you can't log in as an administrator, test as the affected user. Most personal Macs have only one user, and in that case this section doesn’t apply. Don't log in as root.
  6. The script is a single long line, all of which must be selected. You can accomplish this easily by triple-clicking anywhere in the line. The whole line will highlight, though you may not see all of it in the browser window, and you can then copy it. If you try to select the line by dragging across the part you can see, you won't get all of it.
  Triple-click anywhere in the line of text below on this page to select it:
  PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/libexec;clear;cd;p=(Software Hardware Memory Diagnostics Power FireWire Thunderbolt USB Fonts 51 4 1000 25 5120 KiB/s 1024 85 \\b%% 20480 1 MB/s 25000 ports 'com.autodesk.AutoCad com.evenflow.dropbox com.google.GoogleDrive' DYLD_INSERT_LIBRARIES\ DYLD_LIBRARY_PATH -86 ` route -n get default|awk '/e:/{print $2}' ` 25 N\\/A down up 102400 25600 recvfrom sendto CFBundleIdentifier 25 25 25 1000 MB );N5=${#p[@]};p[N5]=` networksetup -listnetworkserviceorder|awk ' NR>1 { sub(/^\([0-9]+\) /,"");n=$0;getline;} $NF=="'${p[26]}')" { sub(/.$/,"",$NF);print n;exit;} ' `;f=('\n%s: %s\n' '\n%s\n\n%s\n' '\nRAM details\n%s\n' %s\ %s '%s\n\t(%s)\n' );S0() { echo ' { q=$NF+0;$NF="";u=$(NF-1);$(NF-1)="";gsub(/^ +| +$/,"");if(q>='${p[$1]}') printf("%s (UID %s) is using %s '${p[$2]}'",$0,u,q);} ';};s=(' /^ *$|CSConfigDot/d;s/^ */   /;s/[-0-9A-Fa-f]{22,}/UUID/g;s/(ochat)\.[^.]+(\..+)/\1\2/;/Shared/!s/\/Users\/[^/]+/~/g ' ' s/^ +//;5p;6p;8p;12p;' ' {sub(/^ +/,"")};NR==6;NR==13&&$2<'${p[10]} ' 1s/://;3,6d;/[my].+:/d;s/^ {4}//;H;${ g;s/\n$//;/s: [^EO]|x([^08]|02[^F]|8[^0])/p;} ' ' 5h;6{ H;g;/P/!p;} ' ' ($1~/^Cy/&&$3>'${p[11]}')||($1~/^Cond/&&$2!~/^N/) ' ' /:$/{ N;/:.+:/d;s/ *://;b0'$'\n'' };/^ *(V.+ [0N]|Man).+ /{ s/ 0x.... //;s/[()]//g;s/(.+: )(.+)/ (\2)/;H;};$b0'$'\n'' d;:0'$'\n'' x;s/\n\n//;/Apple[ ,]|Intel|SMSC/d;s/\n.*//;/\)$/p;' ' s/^.*C/C/;H;${ g;/No th|pms/!p;} ' '/= [^GO]/p' '{$1=""};1' ' /Of/!{ s/^.+is |\.//g;p;} ' ' $0&&!/ / { n++;print;} END { if(n<200) print "com.apple.";} ' ' $3~/[0-9]:[0-9]{2}$/ { gsub(/:[0-9:a-f]{14}/,"");} { print|"tail -n'${p[12]}'";} ' ' NR==2&&$4<='${p[13]}' { print $4;} ' ' END { $2/=256;if($2>='${p[15]}') print int($2) } ' ' NR!=13{next};{sub(/[+-]$/,"",$NF)};'"`S0 21 22`" 'NR!=2{next}'"`S0 37 17`" ' NR!=5||$8!~/[RW]/{next};{ $(NF-1)=$1;$NF=int($NF/10000000);for(i=1;i<=3;i++){$i="";$(NF-1-i)="";};};'"`S0 19 20`" 's:^:/:p' '/\.kext\/(Contents\/)?Info\.plist$/p' 's/^.{52}(.+) <.+/\1/p' ' /Launch[AD].+\.plist$/ { n++;print;} END { if(n<200) print "/System/";} ' '/\.xpc\/(Contents\/)?Info\.plist$/p' ' NR>1&&!/0x|\.[0-9]+$|com\.apple\.launchctl\.(Aqua|Background|System)$/ { print $3;} ' ' /\.(framew|lproj)|\):/d;/plist:|:.+(Mach|scrip)/s/:[^:]+//p ' '/root/p' ' !/\/Contents\/.+\/Contents|Applic|Autom|Frameworks/&&/Lib.+\/Info.plist$/ { n++;print;} END { if(n<1000) print "/System/";} ' '/^\/usr\/lib\/.+dylib$/p' ' /Temp|emac/d;/(etc|Preferences)\//s/^\.\/[^/]+//p;' ' /\/(Contents\/.+\/Contents|Frameworks)\/|\.wdgt\/.+\.([bw]|plu)/d;p;' 's/\/(Contents\/)?Info.plist$//;p' ' { gsub("^| ","||kMDItem'${p[35]}'=");sub("^.."," ") };1 ' p '{print $3"\t"$1}' 's/\'$'\t''.+//p' 's/1/On/p' '/Prox.+: [^0]/p' '$2>'${p[9]}'{$2=$2-1;print}' ' BEGIN { i="'${p[26]}'";M1='${p[16]}';M2='${p[18]}';M3='${p[31]}';M4='${p[32]}';} !/^A/ { next;} /%/ { getline;if($5<M1) a="user "$2"%, system "$4"%";} /disk0/&&$4>M2 { b=$3" ops/s, "$4" blocks/s";} $2==i { if(c) { d=$3+$4+$5+$6;next;};if($4>M3||$6>M4) c=int($4/1024)" in, "int($6/1024)" out";} END { if(a) print "CPU: "a;if(b) print "I/O: "b;if(c) print "Net: "c" (KiB/s)";if(d) print "Net errors: "d" packets/s";} ' ' /r\[0\] /&&$NF!~/^1(0|72\.(1[6-9]|2[0-9]|3[0-1])|92\.168)\./ { print $NF;exit;} ' ' !/^T/ { printf "(static)";exit;} ' '/apsd|OpenD/!s/:.+//p' ' (/k:/&&$3!~/(255\.){3}0/ )||(/v6:/&&$2!~/A/ ) ' ' $1~"lR"&&$2<='${p[25]}';$1~"li"&&$3!~"wpa2";' ' BEGIN { FS=":";} { n=split($3,a,".");sub(/_2[01].+/,"",$3);print $2" "$3" "a[n]" "$1;b=b$1;} END { if(b) print("\n\t* Code injection");} ' ' NR!=4{next} {$NF/=10240} '"`S0 27 14`" ' END { if($3~/[0-9]/)print$3;} ' ' BEGIN { L='${p[36]}';} !/^[[:space:]]*(#.*)?$/ { l++;if(l<=L) f=f"\n   "$0;} END { F=FILENAME;if(!F) exit;if(!f) f="\n   [N/A]";"file -b "F|getline T;if(T!~/^(AS.+ (En.+ )?text$|POSIX sh.+ text ex)/) F=F" ("T")";printf("\nContents of %s\n%s\n",F,f);if(l>L) printf("\n   ...and %s more line(s)\n",l-L);} ' ' BEGIN{FS="= "} /Name/{print $2} ' ' /^ +B/{ s/.+= |(-[0-9]+)?\.s.+//g;p;} ' ' END{print NR} ' ' /id: N|te: Y/{i++} END{print i} ' ' / /{$0="'"${p[28]}"'"};1;' '/ en/!s/\.//p' ' NR!=13{next};{sub(/[+-M]$/,"",$NF)};'"`S0 39 40`" ' $10~/\(L/&&$9!~"localhost" { sub(/.+:/,"",$9);print $1": "$9;} ' '/^ +r/s/.+"(.+)".+/\1/p' 's/(.+\.wdgt)\/(Contents\/)?Info\.plist$/\1/p' 's/^.+\/(.+)\.wdgt$/\1/p' 's/0/Off/p' );c1=(system_profiler pmset\ -g nvram fdesetup find syslog df vm_stat sar ps sudo\ crontab sudo\ iotop top pkgutil PlistBuddy whoami cksum kextstat launchctl sudo\ launchctl crontab 'sudo defaults read' stat lsbom mdfind ' for i in ${p[24]};do ${c1[18]} ${c2[27]} $i;done;' defaults\ read scutil sudo\ dtrace sudo\ profiles sed\ -En awk /S*/*/P*/*/*/C*/*/airport networksetup mdutil sudo\ lsof test );c2=(com.apple.loginwindow\ LoginHook '-c Print /L*/P*/loginw*' '-c Print L*/P*/*loginit*' '-c Print L*/Saf*/*/E*.plist' '~ $TMPDIR.. \( -flags +sappnd,schg,uappnd,uchg -o ! -user $UID -o ! -perm -600 \)' '.??* -path .Trash -prune -o -type d -name *.app -print -prune' '-c Print\ :'${p[35]}' 2>&1' '-c Print\ :Label 2>&1' '{/,}L*/{Con,Pref}* -type f ! -size 0 -name *.plist -exec plutil -s {} \;' "-f'%N: %l' Desktop L*/Keyc*" therm sysload boot-args status " -F '\$Time \$Message' -k Sender kernel -k Message Req 'Beac|caug|dead[^bl]|FAIL|fail|GPU |hfs: Ru|inval|jnl:|last value [1-9]|n Cause: -|NVDA\(|pagin|proc: t|Roamed|rror|ssert|Thrott|tim(ed? ?|ing )o|WARN' -k Message Rne 'Goog|ksadm|SMC:' -o -k Sender fseventsd -k Message Req 'SL' " '-du -n DEV -n EDEV 1 10' 'acrx -o comm,ruid,%cpu' '-t1 10 1' '-f -pfc /var/db/r*/com.apple.*.{BS,Bas,Es,OSXU,Rem,up}*.bom' '{/,}L*/Lo*/Diag* -type f -regex .\*[cgh] ! -name *ag \( -exec grep -lq "^Thread c" {} \; -exec printf \* \; -o -true \) -execdir stat -f:%Sc:%N -t%F {} \;|sort -t: -k2 |tail -n'${p[38]} '-L {/{S*/,},}L*/Lau* -type f' '-L /{S*/,}L*/StartupItems -type f -exec file {} +' '-L /S*/L*/{C*/Sec*A,E}* {/,}L*/{A*d,Ca*/*/Ex,Compon,Ex,In,iTu,Keyb,Mail/B,P*P,Qu*T,Scripti,Sec,Servi,Spo,Widg}* -type f -name Info.plist' '/usr/lib -type f -name *.dylib' `awk "${s[31]}"<<<${p[23]}` "/e*/{auto,{cron,fs}tab,hosts,[lps]*.conf,pam.d,ssh{,d}_config,*.local} {,/usr/local}/etc/periodic/*/* /L*/P*{,/*}/com.a*.{Bo,sec*.ap}* .launchd.conf" list getenv /Library/Preferences/com.apple.alf\ globalstate --proxy '-n get default' -I --dns -getdnsservers -getinfo\ "${p[N5]}" -P -m\ / '' -n1 '-R -l1 -n1 -o prt -stats command,uid,prt' '--regexp --only-files --files com.apple.pkg.*|sort|uniq' -kl -l -s\ / '-R -l1 -n1 -o mem -stats command,uid,mem' -i4TCP:0-1023 com.apple.dashboard\ layer-gadgets '-d /L*/Mana*/$USER&&echo On' '-app Safari WebKitDNSPrefetchingEnabled' );N1=${#c2[@]};for j in {0..8};do c2[N1+j]=SP${p[j]}DataType;done;N2=${#c2[@]};for j in 0 1;do c2[N2+j]="-n ' syscall::'${p[33+j]}':return { @out[execname,uid]=sum(arg0) } tick-10sec { trunc(@out,1);exit(0);} '";done;l=(Restricted\ files Hidden\ apps 'Elapsed time (s)' POST Battery Safari\ extensions Bad\ plists 'High file counts' User Heat System\ load boot\ args FileVault Diagnostic\ reports Log 'Free space (MiB)' 'Swap (MiB)' Activity 'CPU per process' Login\ hook 'I/O per process' Mach\ ports kexts Daemons Agents launchd Startup\ items Admin\ access Root\ access Bundles dylibs Apps Font\ issues Inserted\ dylibs Firewall Proxies DNS TCP/IP Wi-Fi Profiles Root\ crontab User\ crontab 'Global login items' 'User login items' Spotlight Memory Listeners Widgets Parental\ Controls Prefetching );N3=${#l[@]};for i in 0 1 2;do l[N3+i]=${p[5+i]};done;N4=${#l[@]};for j in 0 1;do l[N4+j]="Current ${p[29+j]}stream data";done;A0() { id -G|grep -qw 80;v[1]=$?;((v[1]==0))&&sudo true;v[2]=$?;v[3]=`date +%s`;clear >&-;date '+Start time: %T %D%n';};for i in 0 1;do eval ' A'$((1+i))'() { v=` eval "${c1[$1]} ${c2[$2]}"|'${c1[30+i]}' "${s[$3]}" `;[[ "$v" ]];};A'$((3+i))'() { v=` while read i;do [[ "$i" ]]&&eval "${c1[$1]} ${c2[$2]}" \"$i\"|'${c1[30+i]}' "${s[$3]}";done<<<"${v[$4]}" `;[[ "$v" ]];};A'$((5+i))'() { v=` while read i;do '${c1[30+i]}' "${s[$1]}" "$i";done<<<"${v[$2]}" `;[[ "$v" ]];};';done;A7(){ v=$((`date +%s`-v[3]));};B2(){ v[$1]="$v";};for i in 0 1;do eval ' B'$i'() { v=;((v['$((i+1))']==0))||{ v=No;false;};};B'$((3+i))'() { v[$2]=`'${c1[30+i]}' "${s[$3]}"<<<"${v[$1]}"`;} ';done;B5(){ v[$1]="${v[$1]}"$'\n'"${v[$2]}";};B6() { v=` paste -d: <(printf "${v[$1]}") <(printf "${v[$2]}")|awk -F: ' {printf("'"${f[$3]}"'",$1,$2)} ' `;};B7(){ v=`grep -Fv "${v[$1]}"<<<"$v"`;};C0(){ [[ "$v" ]]&&echo "$v";};C1() { [[ "$v" ]]&&printf "${f[$1]}" "${l[$2]}" "$v";};C2() { v=`echo $v`;[[ "$v" != 0 ]]&&C1 0 $1;};C3() { v=`sed -E "$s"<<<"$v"`&&C1 1 $1;};for i in 1 2;do for j in 2 3;do eval D$i$j'(){ A'$i' $1 $2 $3; C'$j' $4;};';done;done;{ A0;A2 0 $((N1+1)) 2;C0;A1 0 $N1 1;C0;B0;C2 27;B0&&! B1&&C2 28;D12 15 37 25 8;A1 0 $((N1+2)) 3;C0;D13 0 $((N1+3)) 4 3;D23 0 $((N1+4)) 5 4;for i in 0 1 2;do D13 0 $((N1+5+i)) 6 $((N3+i));done;D13 1 10 7 9;D13 1 11 8 10;D22 2 12 9 11;D12 3 13 10 12;D23 4 19 44 13;D23 5 14 12 14;D22 6 36 13 15;D22 7 37 14 16;D23 8 15 38 17;D22 9 16 16 18;B1&&{ D22 11 17 17 20;for i in 0 1;do D22 28 $((N2+i)) 45 $((N4+i));done;};D22 12 44 54 45;D22 12 39 15 21;A1 13 40 18;B2 4;B3 4 0 19;A3 14 6 32 0;B4 0 5 11;A1 17 41 20;B7 5;C3 22;B4 4 6 21;A3 14 7 32 6;B4 0 7 11;B3 4 0 22;A3 14 6 32 0;B4 0 8 11;B5 7 8;B1&&{ A2 19 26 23;B7 7;C3 23;};A2 18 26 23;B7 7;C3 24;A2 4 20 21;B7 6;B2 9;A4 14 7 52 9;B2 10;B6 9 10 4;C3 25;D13 4 21 24 26;B4 4 12 26;B3 4 13 27;A1 4 22 29;B7 12;B2 14;A4 14 6 52 14;B2 15;B6 14 15 4;B3 0 0 30;C3 29;A1 4 23 27;B7 13;C3 30;D13 24 24 32 31;D13 25 37 32 33;A1 23 18 28;B2 16;A2 16 25 33;B7 16;B3 0 0 34;B2 21;A6 47 21&&C0;B1&&{ D13 21 0 32 19;D13 10 42 32 40;D22 29 35 46 39;};D23 14 1 48 42;D12 34 43 53 44;D22 0 $((N1+8)) 51 32;D13 4 8 41 6;D12 26 28 35 34;D13 27 29 36 35;A2 27 32 39&&{ B2 19;A2 33 33 40;B2 20;B6 19 20 3;};C2 36;D23 33 34 42 37;B1&&D23 35 45 55 46;D23 32 31 43 38;D12 36 47 32 48;D13 20 42 32 41;D23 14 2 48 43;D13 4 5 32 1;D22 4 4 50 0;D13 14 3 49 5;D12 26 48 59 49;B3 4 22 57;A1 26 46 56;B7 22;B3 0 0 58;C3 47;D23 22 9 37 7;A7;C2 2;} 2>/dev/null|pbcopy;exit 2>&-  
  Copy the selected text to the Clipboard by pressing the key combination command-C.
  7. Launch the built-in Terminal application in any of the following ways:
  ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
  ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
  ☞ Open LaunchPad. Click Utilities, then Terminal in the icon grid.
  Click anywhere in the Terminal window and paste by pressing command-V. The text you pasted should vanish immediately. If it doesn't, press the return key.
  8. If you see an error message in the Terminal window such as "syntax error," enter
  exec bash
  and press return. Then paste the script again.
  9. If you're logged in as an administrator, you'll be prompted for your login password. Nothing will be displayed when you type it. You will not see the usual dots in place of typed characters. Make sure caps lock is off. Type carefully and then press return. You may get a one-time warning to be careful. If you make three failed attempts to enter the password, the test will run anyway, but it will produce less information. In most cases, the difference is not important. If you don't know the password, or if you prefer not to enter it, press the key combination control-C or just press return three times at the password prompt. Again, the script will still run.
  If you're not logged in as an administrator, you won't be prompted for a password. The test will still run. It just won't do anything that requires administrator privileges.
  10. The test may take a few minutes to run, depending on how many files you have and the speed of the computer. A computer that's abnormally slow may take longer to run the test. While it's running, there will be nothing in the Terminal window and no indication of progress. Wait for the line
  [Process completed]
  to appear. If you don't see it within half an hour or so, the test probably won't complete in a reasonable time. In that case, close the Terminal window and report the results. No harm will be done.
  11. When the test is complete, quit Terminal. The results will have been copied to the Clipboard automatically. They are not shown in the Terminal window. Please don't copy anything from there. All you have to do is start a reply to this comment and then paste by pressing command-V again.
  At the top of the results, there will be a line that begins with "Model Identifier." If you don't see that, but instead see a mass of gibberish, you didn't wait for the "Process completed" message to appear in the Terminal window. Please wait for it and try again.
  If any private information, such as your name or email address, appears in the results, anonymize it before posting. Usually that won't be necessary.
  12. When you post the results, you might see the message, "You have included content in your post that is not permitted." It means that the forum software has misidentified something in the post as a violation of the rules. If that happens, please post the test results on Pastebin, then post a link here to the page you created.
  Note: This is a public forum, and others may give you advice based on the results of the test. They speak only for themselves, and I don't necessarily agree with them.
  Copyright © 2014 by Linc Davis. As the sole author of this work, I reserve all rights to it except as provided in the Use Agreement for the Apple Support Communities website ("ASC"). Readers of ASC may copy it for their own personal use. Neither the whole nor any part may be redistributed.

• Help, please!  I've Been Hacked!  Firewall & Admin permissions changed?

  Running on 10.4
  MacBook Pro
  You guys have been great, and I tried to read as many threads as I could to solve the problem on my own, but I'm in way too over my head. Okay, I'm going to struggle through explaining this as best I can and just list the "highlights" of what has been going on. More details are below.
  Several events occurred simultaneously, and I'm not sure which did what damage.
  Scanned my machine with ClamXav. Trojan was found. I deleted the Trojan.
  I downloaded a script (against my better judgement), opened it and my machine started working hard. Activity monitor was going crazy. Immediately shut down Airport. Looked at my Firewall, and EVERYTHING was open. I always keep Firewall on. Looked at logs (and saved a few). Good thing I did because for some reason, I now do not have permission to view sa or security logs. Awesome.
  Here is a more detailed account of what happened. I know it's long, but I'm trying to answer any questions you guys might have.
  Two nights ago, I scanned my machine using Clam. It was the first time I had run the scan, and it found a Trojan in the form of an mp3. I located the file in Finder so that I would know where it was located to delete it, clicked on info, and iTunes opened, which I had not planned on because I had only selected info. I immediately force quit iTunes and deleted the file. I was never prompted for my password, so *was the virus executed*? I have since run Clam several times, and there are no infected files.
  Next thing: I downloaded a script which I'm 99% sure was malicious. I'm not a techie, and I know this was incredibly stupid given my lack of knowledge. After opening it, I saw that it was all in a different language (Portuguese, I think?), and immediately closed and deleted. Then my machine started running hard... I checked activity monitor, and things were going crazy. I immediately disconnected from Airport. I don't remember exactly what the numbers were, but there were a lot of page ins/page outs and data being read/written. (I don't even know what those mean exactly, but I check Activity Monitor fairly frequently to look at memory and see what programs are taking up space.) But I was also doing a scan with Clam and I had about 14 tabs open in Safari, so I'm not certain if the activity was correlated to the scan or to the script or to having so many things open and going at once.
  I checked my firewall, and it was off. I hadn't looked at it in a few months, but I'm fairly certain I had it activated. Remote access, FTP, etc. - basically all sharing options were enabled. I disabled everything and started the Firewall. I looked at the logs (even though I don't really know how to read them) and saved several of them which I would be glad to post here. One I saved was the Secure Log - I tried to look at any new activity today, and I got the message "You do not have permission to read this log file". What's strange is that my Firewall has logs dated for preceding days and months... but the Firewall was not activated when I initially checked it.?? That doesn't make a lot of sense to me.
  I created a Master Password (alphanumeric 17 characters) in File Vault, but I did not turn on Fire Vault... I'm not sure if this changed any settings and has to do with why I can't read certain log files.? To my knowledge, I'm still the admin.? How do I tell if that has been changed? I ran Disk Utility, and it changed a few permissions, fwiw, but I still don't have access to particular logs.
  I have Little Snitch running, and it hasn't shown anything abnormal. I looked at my DNS, and it's the same as what it always has been. I'll be glad to post the logs I have, but I don't know what's pertinent and what isn't. Here's a Big Problem: I don't have my installation disk. I know I will probably be advised to wipe everything and reload, but the disk is 500+ miles away tucked in a storage facility. This is killing me. I've been reading everything I can on this forum (you guys are awesome, btw), and was going to try to muddle through this on my own, but I'm way over my head. How can I reinstall if I don't have the installation disks? Or maybe I'm being paranoid and someone didn't get in to my system? Any help would be appreciated.

  If this helps, this is my Firewall plist. The plist was created on the day and around the time of all this happening. If everything is enabled to be editable, does that mean that they could have rewritten the codes after I locked everything down?
  <plist version="1.0">
  <dict>
  <key>allports</key>
  <array/>
  <key>alludpports</key>
  <array/>
  <key>firewall</key>
  <dict>
  <key>Apple Remote Desktop</key>
  <dict>
  <key>editable</key>
  <integer>0</integer>
  <key>enable</key>
  <integer>0</integer>
  <key>port</key>
  <array>
  <string>3283</string>
  <string>5900</string>
  </array>
  <key>row</key>
  <integer>5</integer>
  <key>udpport</key>
  <array>
  <string>3283</string>
  <string>5900</string>
  </array>
  </dict>
  <key>FTP Access</key>
  <dict>
  <key>editable</key>
  <integer>0</integer>
  <key>enable</key>
  <integer>0</integer>
  <key>port</key>
  <array>
  <string>21</string>
  </array>
  <key>row</key>
  <integer>4</integer>
  </dict>
  <key>Network Time</key>
  <dict>
  <key>editable</key>
  <integer>1</integer>
  <key>enable</key>
  <integer>0</integer>
  <key>row</key>
  <integer>11</integer>
  <key>udpport</key>
  <array>
  <string>123</string>
  </array>
  </dict>
  <key>Personal File Sharing</key>
  <dict>
  <key>editable</key>
  <integer>0</integer>
  <key>enable</key>
  <integer>0</integer>
  <key>port</key>
  <array>
  <string>548</string>
  <string>427</string>
  </array>
  <key>row</key>
  <integer>0</integer>
  </dict>
  <key>Personal Web Sharing</key>
  <dict>
  <key>editable</key>
  <integer>0</integer>
  <key>enable</key>
  <integer>0</integer>
  <key>port</key>
  <array>
  <string>80</string>
  <string>427</string>
  <string>443</string>
  </array>
  <key>row</key>
  <integer>2</integer>
  </dict>
  <key>Printer Sharing</key>
  <dict>
  <key>editable</key>
  <integer>0</integer>
  <key>enable</key>
  <integer>0</integer>
  <key>port</key>
  <array>
  <string>631</string>
  <string>515</string>
  </array>
  <key>row</key>
  <integer>7</integer>
  </dict>
  <key>Remote Apple Events</key>
  <dict>
  <key>editable</key>
  <integer>0</integer>
  <key>enable</key>
  <integer>0</integer>
  <key>port</key>
  <array>
  <string>3031</string>
  </array>
  <key>row</key>
  <integer>6</integer>
  </dict>
  <key>Remote Login - SSH</key>
  <dict>
  <key>editable</key>
  <integer>0</integer>
  <key>enable</key>
  <integer>0</integer>
  <key>port</key>
  <array>
  <string>22</string>
  </array>
  <key>row</key>
  <integer>3</integer>
  </dict>
  <key>Samba Sharing</key>
  <dict>
  <key>editable</key>
  <integer>0</integer>
  <key>enable</key>
  <integer>0</integer>
  <key>port</key>
  <array>
  <string>139</string>
  </array>
  <key>row</key>
  <integer>1</integer>
  <key>udpport</key>
  <array>
  <string>137</string>
  <string>138</string>
  </array>
  </dict>
  <key>iChat Rendezvous</key>
  <dict>
  <key>editable</key>
  <integer>1</integer>
  <key>enable</key>
  <integer>0</integer>
  <key>port</key>
  <array>
  <string>5297</string>
  <string>5298</string>
  </array>
  <key>row</key>
  <integer>8</integer>
  </dict>
  <key>iPhoto Rendezvous Sharing</key>
  <dict>
  <key>editable</key>
  <integer>1</integer>
  <key>enable</key>
  <integer>0</integer>
  <key>port</key>
  <array>
  <string>8770</string>
  </array>
  <key>row</key>
  <integer>10</integer>
  </dict>
  <key>iTunes Music Sharing</key>
  <dict>
  <key>editable</key>
  <integer>1</integer>
  <key>enable</key>
  <integer>0</integer>
  <key>port</key>
  <array>
  <string>3689</string>
  </array>
  <key>row</key>
  <integer>9</integer>
  </dict>
  </dict>
  <key>loggingenabled</key>
  <integer>1</integer>
  <key>state</key>
  <true/>
  <key>stealthenabled</key>
  <integer>1</integer>
  <key>udpenabled</key>
  <integer>1</integer>
  </dict>
  </plist>

• Does refreshing a report that includes Scope and Entity require elevated rights / permissions?

  This relates to the following thread:
  Why does refreshing a report in the EPM Add-In need to edit the Ownership Manager?
  Since I've received no responses on the above thread, I thought I might approach this from a different angle.
  If we have a report that includes both Scope and Entity, in SAP BPC 10 NW (801 SP03) / EPM Add-In 10.0 SP 16 Patch 1, does this require a user to have elevated permissions in order to refresh the report?  I ask because I have users who have rights to view reports, but they error out when they try to refresh a report's data, only where Scope and Entity are used in the report.  The tasks that error are:
  P0081
  Run Consolidation Tasks
  P0082
  View Ownership Manager
  P0083
  Edit Ownership Manager
  I do not understand why any of these should even be called by refreshing the report, as the user is simply "viewing" data that already exists in the environment.
  Can someone please shed some light on this or point me in the direction of how I can go about resolving this issue?
  Your help is greatly appreciated.
  Jeff

  Hi
  I am facing the same issue despiste the elevated app permission as per
  https://msdn.microsoft.com/en-us/library/office/jj822159.aspx?f=255&MSPPError=-2147217396
  I still had the error 401
  the solution for me was
  Under list settings -> advanced settings update the Create and Edit access settings from "Create and edit all items"
  the add the user the right to add only ( no edit , no delete) .
  Eric Caron

• Server Admin permissions

  Hi, where do I change the permissions to allow certain users to edit server settings (e.g. NetBoot settings) in Server Admin?

  A user needs to be in the Administrator group in order to run Server Admin and configure a server.
  Note that this can have other consequences - since it makes the user an admin they can change any element of the server, not just the components exposed by Server Admin.

• Admin permissions won't let me save photoshop files

  I moved my MacBook Pro to my son and made him administrator. That worked fine, but now something must have happened because he now can't save Photoshop files anymore as photoshop says he doesn't have permissions. He's running Snow Leopard as he has to use Canvas X, which won't run in Lion. Anyone have an idea what may be screwing up permissions? He did run Repair Permissions in Disk Utility. He is listed as the administrator in Accounts. He also made sure the file Get Info permissions allowed the Admin. He even changed the Get Info permissions to enable everyone.

  He's just trying to save a tiff file from PhotoShop back over the original tiff on the Mac's internal hard drive.
  He changed the permissions to allow everyone access on the original tiff that he had Opened in PhotoShop.
  A little more history: He had an unrecoverable hard drive crash about 2 months ago. So we installed the backup drive that had a SuperDuper copy of the crashed drive that was about 3 weeks old (from the crashed drive's data).
  This drive worked fine until this week when the clock reset to 2000. That's the same time the permissions problems started.
  I had earlier made him the administrator, but now he had to login with my password and I was shown as the startup admin. Since I was the original owner and admin, I had placed all my applications in the top level Applications folder of the hard drive, not in my Home Applications folder; and now it appeared that he only had access to Applications in the Home folder as a User instead of Admin, thus explaining why he didn't have access to the applications he needed.
  So he reset the PRAM to address the clock and other screwy things.
  Now he is shown as the administrator in System Preferences>Accounts, but without the permissions of an administrator.

• Itunes 7 only runs with Admin permissions

  I have just upgraded itunes to 7.0 on my Win XP professional machine.
  If I am logged in as administrator, iTunes runs without problem.
  But if I try to start it as normal (power) user, I get the error message
  "itunes cannot run because one of its required files are missing. Please reinstall itunes."
  Re-installing (that is repairing) itunes as user, does not help.
  My previous itunes version was 6.0 and I had no problems.
  Any ideas?

  mog67, similar things to that can sometimes happen if the other user accounts don't have the right permissions on the QuickTime keys in your Registry.
  the stejskal family pioneered the treatment for us:
  the trick for me was getting up the nerve to "fiddle" with the registry...the reason why the girls could not get access to iTunes/QT was down to permission...once I got one going I went back in to HKEY-MACHINE\SOFTWARE\apple computer, inc\Quicktime...click to highlight go to edit, permission and added the missing girls to the list of who is allowed...made sure they have full permission..apply, ok and "bobs your uncle" all is now well in stejskal home.
  http://discussions.apple.com/thread.jspa?messageID=810602#810602
  so perhaps check to see if your user account has permissions on those keys.