Setting MS Access Permissions

Similar Messages

• Screen size and font size unreadable to set the access permissions for Flash Player.

  I can increase my screen view size to make everything appear larger but the screen on Adobe website to manage the use of the Flash Player has very tiny writing that DOES NOT increase in size when I increase the size of my screen view.  It is not use user friendly nor compliant with common standards of web pages being accessible for people who have visual disablilities.  The font size looks like 6pt.
  What does it take to make this giant company allow the window size of the settings to be enlarged or magnified? 

  They will stay on the screen.  However, Process Monitor is only intended for advanced users.  It is recommended that users try to navigate to the troublesome registry key using regedit, and see if they can access it or not without an error.  This is far easier than trying to use Process Monitor, which is very complicated.
  I used Process Monitor to confirm that it was just that key which was causing the problem, and not others.  Process Monitor is not to be confused with the new Resource Monitor which is accessible via Task Manager in Windows 7 (and possibly Vista).  If you must experiment (and Process Monitor is very useful for diagnosing many deep-level problems if you know what you're looking for) Process Monitor can be downloaded from here:
  http://technet.microsoft.com/en-us/sysinternals/bb896645
  It replaces the older Sysinternals "FileMon" and "RegMon".  For those interested in the technical side, I had to setup a number of filters to be able to get the results display as in the screenshot.  First of all to just show Registry events.  Then to just show events from the manual Flash activeX installer executable.  The I added a filter to show only non-successfull results.  And finally, for the purposes of the screenshot, added a filter to just show those with "Access Denied", since other non-critical errors are also picked up due to missing keys because installation has not yet been fully completed I guess.   When experimenting, most of these filters were applied using the "is not" boolean logic, which will make sense if you experiment with the program.
  Without adding any filters, it picks up so many events (hundreds per second) that it's otherwise unusable.  e.g. 40,000 events within the first few seconds of opening the program. For this reason, I recommend simply using Regedit to diagnose the problem with the particular Flash registry key.

• When I close Photoshop CS6, the following message appears: "Could not save Preferences because the file is locked, you do not have necessary access permissions, or another program is using the file.

  When I quit Photoshop CS6, the following message appears:
  " Could not save Preferences because the file is locked, you do not have necessary access permissions, or another program is using the file. Use the ‘Get Info’ command in the Finder to ensure the file is unlocked and you have permission to access the file. If the problem persists, save the document to a different file or duplicate it in the Finder."
  If I try to change the Workspace in PS6 from Essentials to any other Workspace, the following messsage appears:
  "Could not apply the workspace because the file is locked, you do not have necessary access permissions, or another program is using the file. Use the ‘Get Info’ command in the Finder to ensure the file is unlocked and you have permission to access the file. If the problem persists, save the document to a different file or duplicate it in the Finder."
  I have checked the Sharing and Permissions section of the "Get Info" panel accessed from the Finder and I have set Read and Write Privileges for my user account for Photoshop CS6. System and Admin are also set to Read and Write.
  I have a MacBook Pro with OS X Version 10.9.5 and have all available updates for Photoshop CS6, Lightroom 5 and Bridge CS6.
  I tried uninstalling the program and downloading it again and reinstalling, but nothing changed.
  Can you help?
  Thanks,
  cjpnm

  You may get better help in Photoshop General Discussion
  The Cloud forum is not about using individual programs
  The Cloud forum is about the Cloud as a delivery & install process
  If you will start at the Forums Index https://forums.adobe.com/welcome
  You will be able to select a forum for the specific Adobe product(s) you use
  Click the "down arrow" symbol on the right (where it says All communities) to open the drop down list and scroll
  If FINDER means Mac, read below (and try to give more information when asking a question)
  Mac 10.9.3 workaround https://forums.adobe.com/thread/1489922
  Enable Mac Root User https://forums.adobe.com/thread/1156604
  -more Root User http://forums.adobe.com/thread/879931
  -and more root user http://forums.adobe.com/thread/940869?tstart=0

• Read-only access permissions for new files/folders?

  System:
  Clean Install on new intel Xserve
  10.4.8 Server w/ Open Directory
  Windows clients can read/write completely fine...
  Clients connecting using AFP (whether Standard or Kerberos authentication) can access files, but when new files/folders are created on the server, they register as full permissions for the user who created them, but not for the rest of the group.
  The share(s) in question are set using POSIX from WGM: Full access for owner/group/everyone (changed it to this thinking it would help, but it does not). Of course, no one can make changes to a newly-created/deposited files/folders, which is just plain silly.
  I can chmod the permissions recursively from a script (which fixes the problem, of course) on a regular basis so that its not (as much of) an issue, but there is still a 5-minute lag for the script to kick in, since we don't want to bombard the server with chmod requests every minute....which is unnecessary in the first place!
  I have plenty of other setups which are identical but have no such issue...
  Any reason why POSIX permissions on the share are being ignored from every user account?
  Thanks,
  k

  "That's default posix behaviour no matter what access permissions you set on the sharepoint."
  I'm afraid this is dead wrong. What matters most is how you set permissions on the share, not if you've chosen to inherit vs. using POSIX. POSIX is still used in inherit functions, though you can use ACL's to override them. In this case, ACL's are not being used on those shares (though we tried it).
  After all, why would Apple (let alone anyone else) even offer the ability to change POSIX permissions on a share if it didn't have any effect? That would be somewhat contradictory in nature.
  Like I said before, I have several other installations which are identically setup that have no such issues.
  As for Windows, it is also not set to inherit permissions; we're setting those explicitly. And they work fine.
  Any other ideas?
  Thanks,
  k

• [PX6-300D] Access permissions problem with shares

  Hello,
  Let me explain the problems.
  When i try to connect one share to PC by mapping network device everything is normal - we have access to the storage and so on, but when i try to simply type the \\address\share in explorer i'm receiving "\\address\share is not accessible" popup window.
  Strange here is that i can access the \\storageDevice but i can't access the \\storagedevice\Sharename
  With lot of clicking and editing accounts in px6 i didn't received results, but i tried to increase the security for local network encryption to Always and voila i received access to the share and 15 minutes later i loss it again. (worked one time only)
  My big problem is that i use Acronis backup solution and the software can't find the share where the backups are.
  In last 10 days i have 5 successfull backups and 5 failed due to access problems with the device.
  Can any one help?
  Solved!
  Go to Solution.

  Hello Stimar
  Is the unit connected to a domain controller?  Are you having issues accessing the shares using a domain user or a local user, both?
  If connected to a domain, have you set a preferred server ?  If not, the unit will use the DNS under the Network page to try resolve the AD server.  You will want to make sure you have the correct preferred server or DNS or you may run into permission issues.
  Double check that the user(s) have at least read access permissions from the web interface, if you have the file level encryption option enabled, you may need to adjust permissions from your domain controller as well.
  If you are on a different sub-net than the px6 that can cause share access issues.
  If the above suggestions do not help, LenovoEMC support should be contacted. 
  LenovoEMC Contact Information is region specific. Please select the correct link then access the Contact Us at the top right:
  US and Canada: https://lenovo-na-en.custhelp.com/
  Latin America and Mexico: https://lenovo-la-es.custhelp.com/
  EU: https://lenovo-eu-en.custhelp.com/
  India/Asia Pacific: https://lenovo-ap-en.custhelp.com/
  http://support.lenovoemc.com/

• Exchange 2010 Unable to Assign Full Access Permissions using a Security Group

  I've been running into this issue lately.  I cannot seem to use groups to allow full access to mailboxes.  When I add them from the EMC, it will show up when you go to "Manage Full Access Permission...".  After waiting a day and even restarting
  the Information Store service, the permissions do not take effect.  When I view the msExchDelegateListLink attribute of the mailbox account, the group is not listed.
  When I grant a user full permission, it works and updates the attribute.  However, on occasion when I revoke the full access permission for a user is doesn't always remove that user from the msExchDelegateListLink attribute.  So the mailbox
  will still appear in Outlook, but the user isn't able to see new emails.
  Any ideas on what may be going wrong?
  Environment:
  Exchange Server 2010 SP1 Standard
  Windows Server 2008 R2 Standard
  Outlook 2010 SP1 (tried without SP1 as well)
  I was looking over Add-MailboxPermission on Technet (http://technet.microsoft.com/en-us/library/bb124097.aspx) and I noticed that it doesn't mention adding groups.  Is this not possible?

  I never got a proper fix.
  I worked around it by creating a script which gets the members of an AD Mail Enabled security group, and updates the full access based on the groups members.
  Here's a script I'm running every hour which updates permissions. It's probably not the most efficient script ever, but it works. It has several benefits
  1. Managers of the distribution group can add/remove mailbox members using OWA or through the address list
  2. New members of groups are added to FULL Access Permissions
  3. Members removed from the groups are removed from FULL access permissions
  4. Automapping works :)
  5. Maintains a log of access added / removed / time taken etc.
  Obviously I have had to remove domain related information, replace with whatever your domain requirements are, and PLEASE debug it properly in your environent first, don't complain to me if it wipes out a load of access for you or something like that!
  It takes about 5 minutes to run in my environement. Some formatting seems to have got messed up on here, sorry. I hope it is of use!
  # Mailbox Permissions Setter for Exchange #
  # v1.1 #
  # This script will loop through all mailboxes in Exchange and find any where #
  # the type is 'SHARED'. These should be determined to be a GROUP/SHARED mailbox #
  # and access to these mailboxes are controlled by a single ACL, e.g. 'ACL_Shared_Mailbox'. #
  # This script will add any members of these ACLs directly to the Full Access Permissions #
  # of the mailbox and also remove them if they no longer need the access. #
  # Script created by Jon Read, Technical Administration
  # Recent Changes
  # 15/11/2012
  # 1.1 Added exclusions for ACLs that we don't want automapping to happen for
  # 12/11/2012
  # 1.0 Initial script
  #Do not change these values
  Add-PSSnapin *Ex*
  $starttime = Get-Date
  $logfile = "C:\accesslog.txt"
  $logfile2 = "C:\accesslog2.txt"
  $totaladditionstomailboxes = 0
  $totalremovalsfrommailboxes = 0
  $totalmailboxesprocessed = 0
  $totalmailboxesskipped = 0
  # Exclude any ACLs that shouldn't be processed here if they are used for a non-standard purpose and
  # we don't want FULL access mapping to happen. Seperate array values with commas
  $ExcludedACLArray = "DOMAIN\ACL_ExcludedExample"
  Write-Output " " >> $logfile
  Write-Output " " >> $logfile
  Write-Output "#----------------------------------------------------------------#" >> $logfile
  Write-Output "# Mailbox Permissions Setter for Exchange #" >> $logfile
  Write-Output "# v1.1 #" >> $logfile
  Write-Output "#----------------------------------------------------------------#" >> $logfile
  Write-Output " " >> $logfile
  Write-Output " " >> $logfile
  Write-output "Start time $starttime ">> $logfile
  Write-Output " " >> $logfile
  Write-Output " " >> $logfile
  # Set preferred DCs and GCs
  $preferredDC = "preferredDC.domain"
  $preferredGC = "preferredGC.domain"
  Write-Output " PreferredDC = $preferredDC ">> $logfile
  Write-Output " PreferredGC = $preferredGC " >> $logfile
  Set-ADServerSettings -PreferredGlobalCatalog $preferredGC -SetPreferredDomainControllers $preferredDC
  # The first part of this will ADD permissions to the mailbox, reading from an associated ACL.
  # Check for all mailboxes where the type is SHARED. These are the only ones we would
  # want to apply group mailbox permissions to.
  foreach ($mailbox in get-mailbox -resultsize "unlimited" | where-object {$_.RecipientTypeDetails -eq "SharedMailbox"})
  $totalmailboxesprocessed = $totalmailboxesprocessed + 1
  Write-Output " " >> $logfile
  Write-Output " " >> $logfile
  Write-Output "|-------------------------------------------------------" >> $logfile
  Write-Output "| MAILBOX ADDITIONS: $mailbox " >> $logfile
  Write-Output "|-------------------------------------------------------" >> $logfile
  $mailbox=$mailbox.ExchangeGuid.ToString()
  # For each of them, get the distribution list applied to the mailbox (Starting DOMAIN\ACL_)
  # We then need it to be turned into a string to use later.
  #Declared $changes as 0. if this is set to 0 at the end of the mailbox job, we know no changes were made.
  $changes = 0
  foreach ($distributiongroup in get-mailbox $mailbox | Get-MailboxPermission | Where-Object {$_.User -like "DOMAIN\ACL_*" })
  $skipACL = 0
  #Get the distribution group and put the name in a useable format
  $distributiongroup=$distributiongroup.user.tostring()
  Write-Output "Found ACL $distributiongroup" >> $logfile
  # Check if this distribution group needs to be excluded and if it shouldn't be processed
  # then move onto the next ACL. This will stop FULL access being granted if the mailbox is
  # used for a non-standard purpose. See the start of this script
  # for where these are excluded (ExcludedACLArray)
  foreach ($ACL in $ExcludedACLArray )
  if ($distributiongroup -eq $ACL)
  $skipACL = 1
  Write-Output "ACL $distributiongroup is excluded so skipping mailbox " >> $logfile
  $totalmailboxesskipped = $totalmailboxesskipped + 1
  if ($skipACL -eq 0)
  # Get each user in this group and for each of them, add try to add them to full access permissions.
  foreach ($user in Get-DistributionGroupMember -identity $distributiongroup)
  # Get the user to try, convert to DOMAIN\USER to use shortly
  $user="DOMAIN\" + $user.alias.ToString()
  # Check to see if the user we have chosen from the ACL group already exists in the full access
  # permissions. If they do, set $userexists to 1, if they do not, leave $userexists set to 0.
  # Set $userexists to 0 as the default
  $userexists = 0
  foreach ($fullaccessuser in get-mailbox $mailbox | Get-MailboxPermission)
  # See if the user exists in the mailbox access list.
  # Change $fullaccessuser to a useable string (matching $user)
  $fullaccessuser=$fullaccessuser.user.tostring()
  if ($fullaccessuser -eq $user)
  $userexists=1
  # Break out of foreach if the user exists so we don't unnecessarily loop
  break
  # Now we know if the user needs to be added or not, so run code (if needed) to add
  # the user to full access permissions
  if ($userexists -eq 0)
  Add-MailboxPermission $mailbox –user $user –accessrights "FullAccess"
  Write-Output "Added $user " >> $logfile
  $changes = 1
  $totaladditionstomailboxes = $totaladditionstomailboxes + 1
  #Now repeat for other users in the ACL
  #if changes were 0, then log that no changes were made
  if ($changes -eq 0)
  Write-Output "No changes were made." >> $logfile
  Write-Output " " >> $logfile
  Write-Output " " >> $logfile
  Write-Output "---------------------------------------------------------------------------------" >> $logfile
  Write-Output " FINISHED ADDING PERMISSIONS" >> $logfile
  Write-Output "---------------------------------------------------------------------------------" >> $logfile
  Write-Output " " >> $logfile
  # The second part of this will REMOVE permissions from the mailbox, reading from an associated ACL.
  ## Check for all mailboxes where the type is SHARED. These are the only ones we would
  ## want to apply group mailbox permissions to.
  foreach ($mailbox in get-mailbox -resultsize "unlimited" | where-object {$_.RecipientTypeDetails -eq "SharedMailbox"})
  Write-Output " " >> $logfile
  Write-Output " " >> $logfile
  Write-Output "|-------------------------------------------------------" >> $logfile
  Write-Output "| MAILBOX REMOVALS : $mailbox " >> $logfile
  Write-Output "|-------------------------------------------------------" >> $logfile
  $mailbox=$mailbox.ExchangeGuid.ToString()
  #Declared $changes as 0. if this is set to 0 at the end of the mailbox job, we know no changes were made.
  $changes = 0
  # For the current mailbox, get a list of all users with FULLACCESS, and then for each of them
  # check if they exist in the ACL
  foreach ($fullaccessuser in get-mailbox $mailbox | Get-MailboxPermission | Where-Object {$_.Accessrights -like "FullAccess" })
  # Get the security identifier (SSID) of the FULLACCESS user to store for later.
  $fullaccessuserSSID=$fullaccessuser.user.SecurityIdentifier.ToString()
  $fullaccessuser=$fullaccessuser.User.ToString()
  #If user needs to be excluded then skip this bit
  #Users added or removed will only start with 07 (07$, 07T, so only run if the user starts with this.
  #This stops it trying to remove NT AUTHORITY\SELF and other System entries
  if ($fullaccessuser -like "DOMAIN\07*")
  # Set $userexists to be 0. if we find the use user needs to remain, then change it to 1.
  $userexists=0
  # Check if this user exists in the ACL, if not, remove.
  foreach ($distributiongroup in get-mailbox $mailbox | Get-MailboxPermission | Where-Object {$_.User -like "DOMAIN\ACL_*" })
  $distributiongroup=$distributiongroup.user.tostring()
  #Write-Output "Found associated distribution group $distributiongroup" >> $logfile
  # Get each user in this group and for each of them, See if it matches the user in the mailbox.
  foreach ($user in Get-DistributionGroupMember -identity $distributiongroup)
  # Get the user to try, convert to DOMAIN\USER to use shortly
  $userguid = $user.Guid.ToString()
  $user="DOMAIN\" + $user.alias.ToString()
  if ($fullaccessuser -eq $user)
  $userexists=1
  #we have found the user exists so no need to continue
  break
  # If userexists = 0, then they are NOT in the ACL, and should be removed from
  # the full access permissions. Run the code to remove them from full access.
  #CONVERT FULLACCESSUSER TO GUID AND REMOVE $FULLACCESSUSERGUID NOT $USERGUID
  if ($userexists -eq 0)
  Remove-MailboxPermission -Identity $mailbox –user $fullaccessuserSSID –accessrights "FullAccess" -Confirm:$false
  Write-Output "Removed $fullaccessuser " >> $logfile
  $changes = 1
  $totalremovalsfrommailboxes = $totalremovalsfrommailboxes + 1
  # if changes = 0, no changes were made to this mailbox, so log this fact.
  if ($changes -eq 0)
  Write-Output "No changes were made." >> $logfile
  #Put the time in a displayable format
  $endtime = Get-Date
  $runtime = $endtime - $starttime
  $runtime = $runtime.ToString()
  $runtime1 = $runtime.split(".")
  $totaltime = $runtime1[0]
  Write-Output " " >> $logfile
  Write-Output " " >> $logfile
  Write-Output "|-------------------------------------------------------------------------------------- " >> $logfile
  Write-Output "| SCRIPT COMPLETE : STATS " >> $logfile
  Write-Output "|-------------------------------------------------------------------------------------- " >> $logfile
  Write-Output "| Total Mailboxes Processed : $totalmailboxesprocessed " >> $logfile
  Write-Output "| Total Additions : $totaladditionstomailboxes " >> $logfile
  Write-Output "| Total Removals : $totalremovalsfrommailboxes " >> $logfile
  Write-Output "| Total Mailboxes Skipped due to ACL : $totalmailboxesskipped " >> $logfile
  Write-output "| Start time : $starttime ">> $logfile
  Write-output "| End time : $endtime ">> $logfile
  Write-Output "| **END OF RUN** - Elapsed time : $totaltime " >> $logfile
  Write-Output "|---------------------------------------------------------------------------------------" >> $logfile
  Write-Output " " >> $logfile

• Help - Lion "custom access" permissions mess

  I should start with an apology... I know there are a lot of threads that dance around this very issue, but it's so much I can't make sense of it.
  So I'm asking anew...
  Here's the situation: After months of persuassion, I finally talked my wife into letting me upgrade her Macbook from Snow Leopard to Lion. After installing, I then ran software update and installed everything else recommended. Reboot and everythign seemed to go fine, but then when I tried to delete a few PowerPC apps, the computer kept asking for her password.
  Wanting to find out why on earth I had to retype the password with every toss of a file, I looked online and found someone suggesting I had to log her out as an admin and then log back in. Why that would work, I don't know, but I tried it. Big mistake.
  When I tried to log her back in to make her an admin again, I couldn't get the computer to accept her password. So I then logged out and tried to log back in with my admin account which is set up on the same computer. That worked to get me in, but still wouldn't allow me to upgrade her to an admin in the system prefs.
  So I THEN found this "resetpassword" trick using the Lion Recovery partition and terminal. I did that and was able to restore her password and while there, I also "reset to default ACLs and Permissions" or whatever it says inside this utility, with the logic that repairing permissions has always been a decent failsafe fix.
  Okay... after a reboot and we're back in... and I run into a new problem with not having permission to do much of everything.
  So, I open the "Get Info" on the hard drive to look at the permissions at the bottom of the info window. It says I have "read only" access. I figure this must be an error so, perhaps foolishly (or should I say probably foolishly), I grant Read & Write access across the board, so it reads like this:
  System - Read & Write
  Wheel - Read & Write
  everyone - Read & Write
  And then, don't cringe, I apply to all enclosed items.
  When this is done, I rebooted to the Lion Recovery partition and ran the Disk Utility "repair permissions" there, too.
  Upon reboot...  I remember Keychain First Aid and run that too. It has errors to fix but says it was able to repair them too.
  Right now... it all appears to be working fine, though it says I have "custom access" in the Get Info window for my HD.
  However, I can't shake the nagging feeling that I've just used a flamethrower to clean up the living room.
  For instance, I look now on my own Macbook and see that "wheel" and "everyone" in the Get Info window and see it's Read Only. And yet, I have no permissions problems right now at all.
  (Update: I tried setting hers back to match mine in the same way (via the Get Info window, apply, disk utility, reboot, etc.) and the permissions problems all came back. So I went and made it Read & Write for everyone again. However, this just can't be right.)
  Can anybody tell me (in easy terms, please) what I can do to get it back to what it should be?
  I've seen notes on a program on xnation.com that "fixes ACLs"... and a few posts with Terminal commands... but I'm hesitant to borrow somebody else's solution, just in case it's not so good of a fit or if I don't understand it.
  What do you think?
  P.S. I  promise to rate good solutions offered to up your point totals.

  Something like this?
  System - Read & Write
  Wheel - Read Only
  everyone - Read Only
  Yes.
  ...software from xnation.com that is designed to reset those ACLs?
  I've never heard of it. You already know how to reset user permissions.
  if the system seems to be working fine, does that mean something is still broken/in danger of corrupting or something?
  You set wide-open permissions on all files. That's insecure, and some things won't work at all, maybe not anything you use.

• FTP file adapter: file access permissions do not allow the specified action

  Hi,
  I have the File to JDBC scenario. The file is extracted in AL11 folder of the Sending (BW) system.
  The folder is FTP enabled and the Unix admin says he has given full authorization to both the folder and ftp user.
  But in the File CC I get the following error "Could not process due to error: com.sap.aii.adapter.file.ftp.FTPEx: 550 TSMSACAIX5350.tar.gz: The file access permissions do not allow the specified action."
  Can some one advice what is wrong. Im pretty much sure it has to be a problem with the UNIX permission. But the unix admin person says he has given a full permission.
  I need to know what permissions needs to be given??  Is there different permissions for application level and OS level??
  Pls advice
  Thanks
  Prasanna

  >
  Prasanna Shanmugasundaram wrote:
  > Hi,
  > I have the File to JDBC scenario. The file is extracted in AL11 folder of the Sending (BW) system.
  > The folder is FTP enabled and the Unix admin says he has given full authorization to both the folder and ftp user.
  > But in the File CC I get the following error "Could not process due to error: com.sap.aii.adapter.file.ftp.FTPEx: 550 TSMSACAIX5350.tar.gz: The file access permissions do not allow the specified action."
  >
  > Can some one advice what is wrong. Im pretty much sure it has to be a problem with the UNIX permission. But the unix admin person says he has given a full permission.
  > I need to know what permissions needs to be given??  Is there different permissions for application level and OS level??
  >
  > Pls advice
  >
  > Thanks
  > Prasanna
  In CC you set ON the delete mode, after processing file? Maybe, the file have read only permission....

• The file access permissions do not allow the specified action

  I had an issue while transferring file from source to target..i am able successfully transfer the file to target and later i should move the file to another folder using IO operations.
  it failed at invoke.following are the error
  <remoteFault xmlns="http://schemas.oracle.com/bpel/extension">
  -<part name="summary">
  <summary>Exception occured when binding was invoked. Exception occured during invocation of JCA binding: "JCA Binding execute of Reference operation 'SynchRead' failed due to: The IO operation failed. The IO operation failed. The "OPER[NOOP][S->R,T->R]" IO operation for "xxxxxxxxxxxxxxxxxx/  xxxxxx.txt" failed. Check the error stack and fix the cause of the error. Contact oracle support if error is not fixable. ". The invoked JCA adapter raised a resource exception. Please examine the above error message carefully to determine a resolution.
  </summary> 
  </part>
  -<part name="detail">
  <detail>550 xxxxxxxxxxxxxxxxxxxxxxxxx: The file access permissions do not allow the specified action.
  </detail> 
  </part>
  -<part name="code">
  <code>550
  </code> 

  >
  Prasanna Shanmugasundaram wrote:
  > Hi,
  > I have the File to JDBC scenario. The file is extracted in AL11 folder of the Sending (BW) system.
  > The folder is FTP enabled and the Unix admin says he has given full authorization to both the folder and ftp user.
  > But in the File CC I get the following error "Could not process due to error: com.sap.aii.adapter.file.ftp.FTPEx: 550 TSMSACAIX5350.tar.gz: The file access permissions do not allow the specified action."
  >
  > Can some one advice what is wrong. Im pretty much sure it has to be a problem with the UNIX permission. But the unix admin person says he has given a full permission.
  > I need to know what permissions needs to be given??  Is there different permissions for application level and OS level??
  >
  > Pls advice
  >
  > Thanks
  > Prasanna
  In CC you set ON the delete mode, after processing file? Maybe, the file have read only permission....

• Setting global Negative permissions (restrictions)

  The question: can a column's global permission be NO, instead of YES, and then overridden with explicit grants of permission?
  Situation: If no security permissions are applied on a column, then every user can see that column. This means that for a column like 'Salary', access permissions must be explicitly denied for all users who aren't allowed to see that column.
  Is there any way that you can think of to flip that behavior, to restrict access to a column globally, then explicitly PERMIT certain users to see it? That would make security maintenance much easier when users are members of multiple groups. For example, User A is a member of Groups G, H, and I. If there was a Group P that could see Payroll data, then we would only have to assign User A into Group P in order for him to see the Payroll information. All other users who are NOT members of Group P would not be able to see Payroll data.
  My current method is to create a group containing everyone EXCEPT the Payroll department, and deny that group the permission to access Payroll columns. The big downside there is that if a new hire doesn't get assigned into that Group, then he/she can see the Payroll columns.
  So can a column's default "permission to view" be set to NO, then overridden with explicit group or individual YES permissions?

  I figured it out. I had forgotten that you can apply Permissions to specific columns or tables in the Presentation Layer. I simply marked the Payroll table as NO access for the "Everyone" group, then assigned "Yes" access for the Payroll group.

• Access Permissions for instances of a subform

  Is there any way to set access permissions for an instance of a subform rather than the subform as a whole? Especially for a template that has a certain number of instances saved, where only instances which have been previously saved should be access="nonInteractive" but new instances should be editable.

  Like PeeJay says, a custom window controller seems the way to go. Try creating a subclass of NSWindowController, with header something like this:
  #import <Cocoa/Cocoa.h>
  @interface MyWindowController : NSWindowController
  IBOutlet NSTextField *infoField;
  -(void)setInfoText:(NSString *)str;
  @end
  The implementation of the setInfoText would be something like:
  -(void)setInfoText:(NSString *)str{
  [infoField setStringValue:str];
  Create a nib file with your window in interface builder. Drop the header file for your custom window controller into the interface builder window. Set the custom class of the nib's File's Owner to MyWindowController. You can then hook up the window and infoField outlets from File's Owner to your window.
  In the body of your code where you open a new info window, add something like:
  MyWindowController *windowController=[[MyWindowController alloc] initWithWindowNibName:@"nameOfWindowNibFile"];
  [windowController setInfoText:@"Whatever"];
  [windowController showWindow:self];
  If you are going to have an undetermined amount of these custom window, it might be a good idea to store the window controller instances in a mutable array, rather than retaining instance variables for each one.
  Jim

• Setting CUIC user permissions for all reports at once

  Hi all,
  We are using CUIC 8.0(4) Standard Edition and trying to set CUIC user permissions, such as Read, Exec and Write, for reports.
  If we need to give access to all reports then we should set permissions for each report separately.
  Is there any way to set those permissions for all reports at once?
  We attempted to set Read, Exec and Write premissions for the Reports, Stock and UCCE folders but no luck.
  Thanks.
  Nikolay

  Hi all,
  We are using CUIC 8.0(4) Standard Edition and trying to set CUIC user permissions, such as Read, Exec and Write, for reports.
  If we need to give access to all reports then we should set permissions for each report separately.
  Is there any way to set those permissions for all reports at once?
  We attempted to set Read, Exec and Write premissions for the Reports, Stock and UCCE folders but no luck.
  Thanks.
  Nikolay

• Changed access permissions now machine won't boot. Utilising deep breathing techniques until help appears.

  Maybe a brain snap but I changed the access permissions on the hardrive to everyone-no access, what do I need to do. After  20 minutes of beachballing I pmowered down, and now it won't boot up, gets stuck on the apple boot up screen. There also exists in permissions another access setting  admin-readwrite. Would appreciate some heads up on what I can do (trying not to panic). 

  See this User Tip by Niel: I accidentally set a disk's permissions to No Access ...
  https://discussions.apple.com/docs/DOC-2240

• READWRITE VS WRITE Access Permissions - Dimension/Dataforms

  Hi,
  From what I know there are 3 types of access permissions for dimensions, dataforms etc - READ, WRITE, NONE (none is the default). I wanted to know if there is any difference between READWRITE and WRITE access permission.
  The thing is when I exported the security using the ExportSecurity.cmd utility I observed that dimensions set manually in Planning were showing READWRITE as access permission where as, those dimension/members that were given access permission using a security file were showing WRITE.
  Ofcourse in security file we did mention it as WRITE so it showed up but for dimensions set manually it was showing READWRITE - why is this difference? Is READWRITE the right way of mentioning the access permission?
  Please let me know.
  ~ Adella
  Edited by: Adella on Sep 16, 2011 6:49 AM

  The correct values to use for security import files are READ, READWRITE, or NONE as defined in the documentation - http://download.oracle.com/docs/cd/E17236_01/epm.1112/hp_admin/frameset.htm?ch03s07.html
  Cheers
  John
  http://john-goodwin.blogspot.com/

• Access permissions on HDD connected to Airport

  I have a new Airport Extreme wirelessly connected to my network. I have two HDD connected to the Airport, one for Time Machine, the other for my iTunes library. No problem with the HDD used for Time Machine, but on the other HDD the access permissions keep resetting to 'Everyone' being given no access. When I go in and change the permissions, close the information box and open it up again it has reverted back to no access. If I reboot the laptop it will normally fix this, be fine for a bit and then happen again.
  Any ideas why the access permissions keep changing and what I can do to stop it happening?

  Unfortunately, Apple did not leave much room for setting user permissions for AirPort Disks. As you know, you can choose from one of three methods, but regardless of which method you choose, you cannot set permissions individually for folders/files on a drive, nor set them differently on either a different partition on the same drive or across multiple drives attached to a USB hub.
  What you are experiencing is possibly a shortcoming with the AirPort's file sharing feature. Even with the "With Accounts" option, there is inconsistency between partition vs. accounts. With multiple partitions, formatted with HFS+, you do not have any control on where the user permissions account folder ends up. Also, the location of this folder seems to change arbitrarily so that even something as simply restarting the base station will change which partition has this folder and subsequent permissions ... with the other drive getting the "Everyone" permissions ... like you are experiencing.