Script to identify Permissions

Similar Messages

• Command or script to identify and delete the bitlocker partition

  I am looking for some command or script to identify the bitlocker partition and delete it. Please let me know if anybody has any suggestions.

  Hi,
  I just want to know why you want to delete the BitLocker partition? If you mean the system reserved partition, it is not recommended to do like this, this partition contains not only the BitLocker component, but also the boot files. Deleting it would lead
  into system startup failure.
  Alex Zhao
  TechNet Community Support

• A script to identify pictures in the Finder not added to Aperture?

  Does anyone know of a script that can check out the contents of a folder containing a series of nested folders holding files that are being referenced in the Aperture Library and point out the files in that folder which have not been added to the Aperture Library?
  The majority of the files in that folder (thousands) are being actively referenced in my Aperture Library, but for whatever reason that I won't get into, a few hundred pictures that are in that folder somewhere have had their links to Aperture broken and it would be great if I could identify which files those were and hook them back up to Aperture.
  These are all pretty old pictures that I likely won't ever need to be touching ever again, so if the solution is going to be a massive re-doing of my Library, then it won't be worth it, but if it can be done relatively easily then, ya know…it'd be nice to have the Library be "perfect" and free from broken links

  Thanks for your reply.
  What you are suggesting is part of the process that I am using to reconnect these missing files.
  The part that I am needing help with is the "If you direct Aperture to the first of those missing masters" aspect.  There are so many pictures in my reference library location (all nester in folders, so I can't just use Coverflow to skim through them and find the missing file to reconnect) that it would be extremely time consuming for me identify the correct file.
  Even if I do a spotlight search for "DSC_00413" in that folder, I get back ~500 results.
  This is why I feel that the script option to consolidate all of those "unconnected to Aperture" files in one folder, where I can then use Coverflow to identify them would be most effective.
  EDIT: I manged to do it though, by using Aperture's "Relocate Masters" command to move all files linked to Aperture to another location, thus leaving all "unconnected" files in their current location

• PowerShell script to check permissions given to "NT Authority\All Authenticated Users" and..

  Hi there,
  On my SharePoint site - some places (Sites/Lists etc) have given permissions to "NT Authority\All Authenticated Users"
  We need to remove these permissions and instead give permissions to "Forest1\Domain Users" and "Forest1\Domain Users"
  PowerSHell script to do above will be appreciated.
  Thank you so much.

  Hello,
  In order to check whether "NT Authority\All Authenticated Users" are present in your site use this reference - Link
  Remove permission script reference - Link
  Finally grant permission script reference - link
  Kindly mark it as answer if it helps you.
  -Hatim

• Script to identify what all objects are upgrade safe/unsafe

  I remember Oracle Consulting has a script which it runs before any major upgrade( 11i to R12 for example) which lists all the objects and also the status whether it is upgrade safe/unsafe.
  Can anyone give me the script.

  I want to know that there may be some seeded codes and objects on which some customizations/modifications have been done ( say user hooks) for example.
  Now I want to know that during upgrade if i run some script that will highlight that particular objectYou have to revisit all the custom pages you have and test it after the upgrade, there is no way (through a script) to find out if your customizations were upgraded successfully or not.
  https://forums.oracle.com/forums/search.jspa?threadID=&q=Custom+AND+List&objID=c3&dateRange=all&userID=&numResults=15&rankBy=10001
  Thanks,
  Hussein

• Scripts to identify small tables for keep pool

  I'm sorry for the double posting... seems my browser messed up and I didn't realize it posted already.
  Edited by: ji li on Dec 6, 2012 8:40 AM

  Hi
  Please find below script to find segments less than 1GB.
  select sum(bytes)/(1024*1024*1024) SIZE_IN_GB, segment_name from user_segments where bytes <1073741824 group by segment_name order by 1 asc
  Please try yourself !!
  Regards,
  Anand.

• Powershell script for mailbox permissions

  Hello,
  Part of my tasks as an Exchange admin is to give access to shared mailboxes. The access usually are:
  Send AS
  Receive As
  Send on Behalf Of
  Full mailbox
  Is there a powershell script out there that does all of the above?
  thanks,
  Alexis

  Hi,
  Probably not prewritten, but you can check the repository for starters:
  http://gallery.technet.microsoft.com/scriptcenter
  EDIT: I should mention - this isn't too hard to write, so this could be a good opportunity to learn how to get around in the EMS.
  Don't retire TechNet! -
  (Don't give up yet - 12,830+ strong and growing)

• The overnight maintenance scripts and permissions errors

  I know that the weekly script modifies some permissions when it runs and then disk utility finds them and repairs them. I saw this one this time:
  2008-09-20 20:53:44 -0400: Permissions differ on "private/var/log/secure.log", should be -rw------- , they are -rw-r----- .
  2008-09-20 21:00:28 -0400: Permissions differ on "Library", should be drwxrwxr-t , they are drwxrwxr-x .
  2008-09-20 21:00:43 -0400: Group differs on "private/etc/cups", should be 0, group is 26.
  2008-09-20 21:00:43 -0400: Permissions differ on "private/var/spool/cups/cache/rss", should be drwxr-xr-x , they are drwxrwxr-x .
  The Library one I am not use to seeing. I wonder if the 10.5.5 update changed something.
  Note however, I ran the microsoft office 12.1.2 update before running this one two macbook pros (that are exactly the same). Only one macbook pro had this library thing, but, it hasn't run the weekly script yet either..
  anyone "in the know" know about this library thing?

  Well, I did the 10.5.5 update, ran Repair Permissions afterwards, and did not see /Library error. My /Library is drwxrwxr-t, as it is evidently meant to be. I believe the final "x" on directories is replaced with a "t" to mean that only the owner of files in that folder can delete them. I think it quite possible that it was changed to the more usual x by the the MS Updater. If so, the Repair Permissions process put it back to what it is supposed to be.
  Francine
  Francine
  Schwieder

• Identifying Flash Player versions 10a, 10b and 10c using client side scripting

  I need to write a client side script to identify users with 10a, 10b or 10c installed, but I only see version 10 (no letters.) Is there a translation between version keys major/minor/revision, and 10a/10b/10c? I want to use the (IsObject(CreateObject("ShockwaveFlash.ShockwaveFlash"))) method in conjuction with the javascript.GetVariable("$version") method, and I need to know what values to check for.
  Thanks very much!

  For your information
  Flash10.ocx  / FlDbg10.ocx  = 10.0.2.54   Shipped with CS4
  Flash10a.ocx / FlDbg10a.ocx = 10.0.12.36
  Flash10b.ocx / FlDbg10b.ocx = 10.0.22.87
  Flash10c.ocx / FlDbg10c.ocx = 10.0.32.18
  Flash10d.ocx / FlDbg10d.ocx = 10.0.42.34

• Is there a way to identify user accounts that need to be locked?

  Hi,
  I am trying to write a script that will lock user accounts for employees that are being outprocessed (e.g. quit, fired, went to a different project).  The trouble I'm having is that the way I'm notified is by email from security that a person (first and last name provided in the email) is being outprocessed.  However, that individual may have multiple accounts and the account names don't always follow the same format like 'first initial last name'.  For example, I may have a user named John Doe with accounts like jdoe_sensor1, jdoe_sensor2, etc.  Then there could be a user Alice Smith with account like alice_s_sensor1, alice_s_sensor2, etc.  I know I can use OEM to lock users, but there are two main problems with that.  1 -- Finding the users, then clicking on each user and then locking them one by one.  And 2 -- I may not need to lock them right away.  For example, the email from security may say "Lock all accounts for FIRSTNAME LASTNAME at the end of the day on a certain date.  So I was hoping to write a script to identify the accounts, lock the user, and then verify they were locked and run it in cron, so the accounts get locked when they're supposed to.  An example of the SQL statements I'm thinking of are:
  SELECT username, user_id, account_status FROM dba_users WHERE username like upper ('%$user%');
  ALTER user $user ACCOUNT LOCK;
  SELECT username, user_id, account_status FROM dba_users WHERE username like upper ('%$user%');
  So basically, I need a way to find out what the possible combinations are for $user.  Is there a view besides dba_users which has more detailed information like first name and last name?  I'm thinking if there is, then I can query that and find out all the accounts that user has and then plug those into the lock script.    
  Thanks!
  Jon

  There is a very large problem with being given only a person's name and not their user ids.
  For example, if you have two people with same (or similar) name, then what?
  John Doe
  John J. Doe
  This seems to be very common, and even more so with some very common names:
  Smith
  Chin
  etc
  So even if you have a lookup table:
  Name
  Userid
  John Doe
  johndoe
  John Doe
  jdoe
  John J. Doe
  johnd
  J. Doe
  jdoe2
  John D
  john_d
  Jon Doe
  jond
  Jim Doe
  jidoe
  Johnny Doe
  jonydoe
  Really, nowadays, with different policies, practices, etc, I've seen all manner of userids. When you're given somebody to "close down", you should really press them to provide userids, not just first name, last name.
  After all, if they tell you to lock all "John Doe's" accounts, how do you know that the id "johnd" isn't supposed to be locked? or even "jond" ??  You really have no idea. Did security mean "John J. Doe" and didn't provide his initial? What if they both happen to have J middle initial, but once's just registered with the company because the other one existed?
  My thought: If you're not given the specific userid(s), you're running a pretty good risk (at some point in time) that you will lock an id you shouldn't, or not lock an id you should.

• How to identify which trace file is your backup controlfile trace in udump

  I have a 10.2.0.3 database on unix.
  I want to setup a job to run a script every night to backup the controlfile as text format.
  such as "alter database backup controlfile to trace".
  How my script can identify which trace file is the one just created for backup controlfile and copy the file to a backup disk?
  Thanks a lot!

  I thought it's
  alter database backup controlfile to trace as 'absolute path of any file where you want the control file in clear text format ';
  for ex. in Windows..
  alter database backup controlfile to trace as *'c:\temp\create_ORCL_control.sql'*;
  This way you will know where your job is going to backup controlfile to trace

• Setting EX2007 mailbox permissions with Exchange Management Shell not reflected in Exchange Management Console

  Hello,
  I'm trying to use PowerShell to script some mailbox permissions.  The mailbox permissions I set in the shell are not displaying in the EMC.  The command I'm using is:
  add-MailboxPermission -accessrights fullaccess -identity $username -user MYDOMAIN\$supervisor -confirm:$false
  I get confirmation from the shell:
  Identity             User                 AccessRights                                               
  IsInherited Deny
  MyDomain.net/Separa... MYDOMAIN\mysupervisor    {FullAccess}                                               
  False       False
  Afterwards, when I look in the Exchange Management Console for this user (Right click, Manage Full Access), even after allowing time for replication, I don't see this new permission reflected there.  But If I use Get-MailboxPermission
  $username, the permissions show up:
  Identity             User                 AccessRights                                               
  IsInherited Deny
  MyDomain.net/Separa... MYDOMAIN\mysupervisor    {FullAccess}                                               
  False       False
  Why is this addition not being reflected in the shell?

  Hi,
  The cmdlet you use to grant full access permission is right. If your case, please let "mysupervisor" access to this user's mailbox and verify if he/she can access it. Maybe Exchange Management Console has not been updated well.
  Hope this can be helpful to you.
  Best regards,
  Amy Wang
  TechNet Community Support

• SJSWS 7.0U1 - Resets Permissions on Deploy Changes

  I have several web server configurations (single instance of each config, no additional virtual servers), and since each config belongs to a different client/user:group, the permissons on the config directory are set to reflect these ownerships, mostly user-only-accessible.
  For admin purposes, I like to modify (loosen) these permissions to make them group-accessible (to the admin group). Whether or not this is a particularly good idea could be a discussion for another day :-)
  My problem is that each time I make changes to a configuration, the act of deploying the changes to the web server instance (using the GUI/Admin Console) resets the ownerships & permissions in the config directory to be user-accessible to the client user:group, i.e. as it was at creation.
  This means I then have to change ownership/permissions to get back to (my idea of) a correct configuration.
  Is there any way to either:
  1. Prevent SJSWS from doing this in the first place, or
  2. Trigger my script to reset permissions after deployment
  I'm probably onto a loser here, but I figured I ask in case anyone else has tripped over this and discovered a solution!
  Thanks for any input.

  I have several web server configurations (single instance of each config, no additional virtual servers), and since each config belongs to a different client/user:group, the permissons on the config directory are set to reflect these ownerships, mostly user-only-accessible.
  For admin purposes, I like to modify (loosen) these permissions to make them group-accessible (to the admin group). Whether or not this is a particularly good idea could be a discussion for another day :-)
  My problem is that each time I make changes to a configuration, the act of deploying the changes to the web server instance (using the GUI/Admin Console) resets the ownerships & permissions in the config directory to be user-accessible to the client user:group, i.e. as it was at creation.
  This means I then have to change ownership/permissions to get back to (my idea of) a correct configuration.
  Is there any way to either:
  1. Prevent SJSWS from doing this in the first place, or
  2. Trigger my script to reset permissions after deployment
  I'm probably onto a loser here, but I figured I ask in case anyone else has tripped over this and discovered a solution!
  Thanks for any input.

• Call Unix Shell Script From OBIEE

  Hi All,
  Is it possible to do a call to a Unix Shell Script with the Action Framework from OBIEE.
  Thanks in Advance

  I dont think so but we can go for it instead of BI side. Try to port the same functionality on shell script side, so that the script can identify your report using tail of nqquery log and execute the rest of your lines in shell script.
  This can doable and works as expected. If at all you are going with my suggestion you can go for a small key word to identify your report instead of that lengthy logical query.
  Pls mark if helps

• Cron doesn't execute script until restarted

  I wrote a script to change my wallpaper, and placed it in /etc/cron.hourly.  It will not run on the hour, or any time, after starting my computer.  However, if I restart cron, then everything is fine.  run-parts indicates that it *should* run:
  ┌─[pearson@pearson-arch] - [~] - [Wed Apr 15, 06:33]
  └─[$]> sudo run-parts --test /etc/cron.hourly
  Password:
  /etc/cron.hourly/adjtime
  /etc/cron.hourly/rotate_background
  ┌─[pearson@pearson-arch] - [~] - [Wed Apr 15, 06:33]
  └─[$]>
  Just to make sure, cron *is* started on system boot.

  thisllub wrote:What does the cron log say?
  It doesn't mention it.
  thisllub wrote:Arch seems to use run-cron not run parts.
  Run-parts allows you to specify a certain folder to run; it has a --test option, which run-cron doesn't seem to have.
  thisllub wrote:Does the script have executable permissions?
  755, owned by root:root, which is the same as the other script in that folder (adjtime, which I think might be part of ntpd).
  thisllub wrote:If a script runs as root user it may not have access to your desktop variables (not sure about this)
  The odd thing is that it runs fine once I restart cron.  I was using /usr/bin/env in the hash-bang, though, so I've changed that, and I'll see if that changes anything.
  thisllub wrote:Does it work if you install it from you own crontab?
  I... don't really know how to do that yet.  I'll have to look it up and get back to you.