Sharing permission issues
i'm a mac newbie.
I have external hardisks that I partitioned into different volumes to act as my backup for different media. For example, there's a volume for music, pictures, etc. Because these are backups, I don't want any user beside me to access these volumes. So I set sharing permission as the following:
Me - Read and Write
Staff - Read only (What does staff mean?)
Others - No Access
However, when I tested and switched to a guest and a temp user I created, they can add, read, delete files from the volume root. They cannot however do anything to folders.
Questions:
1. Is security and sharing/permissions applicable to folders and down and not to the root volume?
2. How do I make it so that only I can access the volume from the root down.
Thanks.
Gizzzo wrote:
2. How do I make it so that only I can access the volume from the root down.
Bottom line: you can't. Oh, you might be able to set the preferences so no users can access the drive when it's connected to your machine. (This isn't something that I have ever needed to do, so I'm not sure enough to answer that part.) But you should be aware that there's really no barrier against someone unplugging the drive from your machine, plugging it in to a different one with different users, and accessing all your data.
So, I guess the question is, how safe do you need this to be? Do you just need to make sure that no other users using your computer have access to those drives? Or do you need to keep those files totally secure? In the latter case, the only sure bet is encryption, which can be achieved using an encrypted disk image created with Disk Utility.
Similar Messages
-
Print Sharing Permission Issue???
I am setting up print sharing with a Lexmark X5400 series printer. Workss fine on the local machine and connectivity to the share seems fine as well. When I print from any other machine (in this case Win XP) there is no error but it does not print.
I have verified all firewall sharing settings. I found the following error in the console log?
kCGErrorRangeCheck : Window Server communications from outside of session allowed for root and console user only
Why would print sharing be restricte to root or console users? Is there a way around this?Ahhh yes! :-O
How much/how far did you get with Sig's suggestion either here...
http://www.ifelix.co.uk/tech/3012.html
Or here...
http://www.ifelix.co.uk/tech/3014.html
??? -
I cannot access any printer plug-ins by going the HD>Library>Printer>Epson>Inkjet route. All the plug-ins are grayed out so I cannot load them. I am attempting to add a printer attached to a windows machine. I followed all the instructions, I can see the correct plug-in, but I cannot load the plug-in.
The second permission issue is moving jpeg files to the DVD or to a windows machine on the network. I am the owner of the files and all the folders are marked read and write. I also have checked windows file sharing.
I have also done the repair permission route.
I am new to Macs, so this is probably a simple ix, it just does not show up in the searches I have made in the Help menu or support topics. Any help is greatly appreciated. Thank you.Thanks for the tip, but I have tried every known fix listed anywhere and still am missing something somewhere. I can access the correct drivers when I connect the epson directly to the laptop and it will work. I can almost access the print drivers if I use IP Print when connecting to the printer across the workgroup. Almost, in that the drivers are no longer grayed-out, but if I select them, I still get generic print driver and it ignores the Epson driver. For some reason, if I try to install the driver for the printer while it is attached to a PC on the windows nworkgroup, using windows print, the print utility will not allow me to use the print driver. It has got to be something silly that I am missing.
-
Domain users files sharing permission problem
Dear Domain Professional,
We have a three domain controllers 192.168.92 .162,167,150 All domain controller working with
Global Catalog servers ( Root forest ) . All domain controller live synchronize with each others like Users , Group policy , ADS, DNS.
lastnight we had a problem with file sharing permission . it had been asked username & password . why this problem was happened ?
Finally we had restated with all domain controller then file sharing perfectly working fine .i had verified all events in domain controller there is no any error issue .
Note:- we are using juniper firewall is there any security issue ?
happended
Regards
SubashHi,
According to the
repadmin results, there isn’t any replication issue.
I was wondering how long did the issue last until reboots of DCs?
If the period is short, then this behavior is normal, because AD replication takes time, this issue could occur before AD replication has completed.
Another possible cause is related to Kerberos authentication and authorization mechanism.
During a logon session, once a user has been authenticated successfully, it gets an
access token containing its SID and group membership and privileges.
The user's access token is subsequently inherited by any application process that the user starts during the logon session.
If we change user’s group membership and privileges
after the access token has been issued, the changes won’t be updated until this user logs off and logs on again.
Here are some related articles below for your references:
How Access Tokens Work
http://technet.microsoft.com/en-us/library/cc783557(v=WS.10).aspx
How the Kerberos Version 5 Authentication Protocol Works
http://technet.microsoft.com/en-us/library/cc772815(v=ws.10).aspx
I hope this helps.
Amy -
Mac OS X Server, File Sharing, Permission
Hi All,
I’m trying to use Mac os X server Maverick in a small team within my
organization. I was able to successfully install and setup the server, which
resides in a local network. I did the following setup:
1 ) Open Directory Setup
2 ) File Sharing , /Users , available for home directory over AFP
3 ) Created Network users with home folder pointing to /Users
4 ) Bound Clients to the server
5 ) XCode Server Setup with git repository
Users now can login using their own account and their home folder
is loaded from the server. Unfortunately there are issues. Clients are having permission issues,
which we have never encountered on local machines before we switched to using XCode Server.
Here is a list of some of the issues so far
Xcode issues on client computer:
a) When creating a XCode project, it reports the error “Couldn’t not find build module Drawin” when clicking create
button.I found online a workaround fix that supposedly works, which is to set "Enable Modules (C and Objective C)"
to No. But we didn’t have to do this before using XCode server.
b ) When committing to git repo , the following error happens “fatal: Repository has been updated ,
but unable to write to new_index. Check the disk is not full or quota is not exceeded ,
and then "git reset HEAD" to recover” Another work around we found online is to do on the client,
cp index backup ; mv backup index
We don’t want to have to do this every time we create a project, what could be wrong with the setup?You need to run Server Admin and click on the File Sharing icon at the top. Then click on Share Points, and Browse. You then browse to the folder you want to set the permissions on.
You will see in the bottom half of the window the current permissions. While in theory you can use just POSIX permissions, Snow Leopard prefers using ACL permissions. So as an example to set a folder to be only accessible by members of a specific group and to deny access to everyone else you would do the following.
Click on the + symbol at the bottom
A window will open listing all your users and groups, click on groups at the top
Find the special 'Everyone' group and drag it to the ACL section
Find the group you want to give access to and also drag that to the ACL section but make sure it is above the Everyone group as higher setting override lower settings
Set the Everyone group to Deny Read permission, this will prevent them being able to access this folder
Set the group you do want to have access to Allow Read or Allow Read/Write, the first would let them only be able to read, the second also allows them to create files or modify files.
Now click on the Save button in the bottom right.
You might also want to click on the gear wheel symbol and choose 'Propagate permissions' if you want to apply these permissions to all the files and folders within this folder. -
AD stopped-server caused by permission-issue ... need help
Dear all, I have an AD problem after upgrading to FIM 2010 R2 SP1 and patching the product to 4.1.3599.0. Currently we cannot export to AD because we got stopped-server with following error message in EventLog:
"BAIL: MMS(10216): d:\bt\37281\private\source\miis\server\sqlstore\csobj.cpp(8254): 0x80230404 (The operation failed because the attribute cannot be found)
BAIL: MMS(10216): d:\bt\37281\private\source\miis\server\sqlstore\csobj.cpp(8254): 0x80230404 (The operation failed because the attribute cannot be found)
BAIL: MMS(10216): d:\bt\37281\private\source\miis\server\sqlstore\csobj.cpp(8254): 0x80230404 (The operation failed because the attribute cannot be found)
BAIL: MMS(10216): d:\bt\37281\private\source\miis\server\sqlstore\csobj.cpp(8254): 0x80230404 (The operation failed because the attribute cannot be found)
BAIL: MMS(10216): d:\bt\37281\private\source\miis\server\sqlstore\csobj.cpp(8254): 0x80230404 (The operation failed because the attribute cannot be found)
BAIL: MMS(10216): d:\bt\37281\private\source\miis\server\sqlstore\csobj.cpp(8254): 0x80230404 (The operation failed because the attribute cannot be found)
BAIL: MMS(10216): d:\bt\37281\private\source\miis\server\sqlstore\csobj.cpp(8254): 0x80230404 (The operation failed because the attribute cannot be found)
BAIL: MMS(10216): d:\bt\37281\private\source\miis\server\sqlstore\csobj.cpp(8254): 0x80230404 (The operation failed because the attribute cannot be found)
BAIL: MMS(10216): d:\bt\37281\private\source\miis\server\sqlstore\csobj.cpp(8254): 0x80230404 (The operation failed because the attribute cannot be found)
BAIL: MMS(10216): d:\bt\37281\private\source\miis\server\sqlstore\csobj.cpp(8254): 0x80230404 (The operation failed because the attribute cannot be found)
BAIL: MMS(10216): d:\bt\37281\private\source\miis\server\sqlstore\csobj.cpp(8254): 0x80230404 (The operation failed because the attribute cannot be found)
BAIL: MMS(10216): d:\bt\37281\private\source\miis\server\sqlstore\csobj.cpp(8254): 0x80230404 (The operation failed because the attribute cannot be found)
BAIL: MMS(10216): d:\bt\37281\private\source\miis\server\sqlstore\csobj.cpp(8254): 0x80230404 (The operation failed because the attribute cannot be found)
BAIL: MMS(10216): d:\bt\37281\private\source\miis\server\sqlstore\csobj.cpp(8254): 0x80230404 (The operation failed because the attribute cannot be found)
BAIL: MMS(10216): d:\bt\37281\private\source\miis\shared\entry\tower.cpp(3989): 0x80004005 (Unspecified error)
BAIL: MMS(10216): d:\bt\37281\private\source\miis\shared\entry\tower.cpp(12133): 0x80004005 (Unspecified error)
BAIL: MMS(10216): d:\bt\37281\private\source\miis\server\sqlstore\csobj.cpp(1833): 0x80004005 (Unspecified error)
BAIL: MMS(10216): d:\bt\37281\private\source\miis\server\sync\expcall.cpp(905): 0x80004005 (Unspecified error)
ERR_: MMS(10216): d:\bt\37281\private\source\miis\server\sync\expbase.cpp(2957): PutAnchorWithDnInternal failed on CS object {249C6AC4-5DCB-4A7C-8AC8-D7F3CF7C437C} with 0x80004005 (pass 1 of 5)
Forefront Identity Manager 4.1.3599.0"
The second error found in EventLog directly after the first one is:
The management agent controller encountered an unexpected error.
"BAIL: MMS(8628): d:\bt\37281\private\source\miis\cntrler\cntrler.cpp(10408): 0x8007007a (The data area passed to a system call is too small.)
BAIL: MMS(8628): d:\bt\37281\private\source\miis\cntrler\cntrler.cpp(5032): 0x8007007a (The data area passed to a system call is too small.)
BAIL: MMS(8628): d:\bt\37281\private\source\miis\cntrler\cntrler.cpp(3722): 0x8007007a (The data area passed to a system call is too small.)
ERR_: MMS(8628): d:\bt\37281\private\source\miis\shared\utils\libutils.cpp(10613): Unusual error code reported 0x8007007a
Forefront Identity Manager 4.1.3599.0"
After searching in the FIM DB we have found the mentioned object_id and this is a group. There is permission issue, so the error message.
But the user have all permissions in AD, so it could not be the problem.
After DIDS and one more Export there is no more stopped-server and the error message is now "dn-attributes-failure".
It is also very strange, that we cannot see import updates by doing FI!
We also found that the problem occurs when adding/removing user in an AD security group(add or remove member in the group object).
Does anybody had same/similar problems and knows any solution?
Thanks a lot!
Kind regards
StoyanSeen this issue with my step up.
Was done in any other environment ? like test ? or this is test ?
For me , test was fine but issues were in prod and AD was major impact. so comparing all Dlls versions (should be updated to latest).
Found that on prod some of the DLL were not updated to latest FIM version. Replace them with test or install source resolved the issue.
AdiKumar -
Webcacheadmin permission issue
hi,
my config :
Linux x86 RHEL 2.4.9
Oracle Application Server 10.1.2.0.2
32-bit
my problem :
opmnctl startproc process-type=WebCacheAdmin fails with a permission error
described here after:
[root@rhas02 bin]# tail /products/oracle/as1012/midportalforms/webcache/logs/event_log
[02/Aug/2007:08:52:10 +0000] [alert 11817] [ecid: -] Unable to allocate or access a shared
memory segment of size 208 bytes. shmget(): Permission
denied
[02/Aug/2007:08:52:10 +0000] [alert 9609] [ecid: -] The server process could not initialize.
[02/Aug/2007:08:52:10 +0000] [alert 9000] [ecid: -] Process 7816 exit(1) at 890:main.c [Build 10.1.2.0.2 050802]
has anyone ever had such problem?
thanks for answersGuessing here, but you may want to double check your kernal parameters and your OS patch levels. I've seen bad kernal parameters as the root cause of a lot of shared memory issues before.
-
I am trying to share folders via the inbuilt samba server configured with the System Preferences sharing panel. The issue I am facing is that permissions for specific users are being ignored after I have navigated beyond the initial shared folder
e.g.
I have three folders Folder1, Folder2 and Folder 3 in a hierarchy Folder 1 -> Folder 2 -> Folder 3
I have created a sharing only account "sharing"
All 3 folders have the permissions, sharing - Read and Write, Everyone - No Access
However when I access the share with the "sharing" account credentials I have read and write access on Folder 1 but no access on the folders inside in e.g. Folder 2 and Folder 3
After some investigation it appears that after the root folder of the share I seem to be getting the "Everyone" permissions applied to me rather than the permissions set for the account I logged into the share as. For example if I set the permissions for everyone on Folder 2 to read and write I can read and write to it.
Is this a know issue and if not does anyone know of a solution?
CheersOkay there is no way to assign ACLs from the finder, if you are comfortable with the I will post instructions. However there is a GUI utility called TinkerToy 1.5, that you might want to look into.. It can be used in DEMO mode for 5 launches per computer.
Please let me know if you want the SHELL commands, or if TinkerToy is helpfull to you, and most importably resolves your permission issue.
Thanks,
Brent -
Migrating "Documents" from one user to another without permission issues
Hi,
I'm facing an issue with permissions on files I have moved from one users "documents" to another users "documents" folder.
To cut a long story short, I have installed a new HD in my iMac and have cleanly installed Snow Leopard. In addition I have created a new user (user1) and have also used time machine to recover my original user files using migration assistant (user2).
I wanted to start off with a fresh user (user1), so wanted to copy specific files across from my old account (user2) but no application files or settings.
I have managed to do this for iPhoto, iMovie, iTunes, Mail, iCal and Address Book, however I'm having issue with my "Documents" folder.
Basically I think I initialy moved the "user2" (old) Documents folder into the "shared user" account, logged into "user1" (new) and copied over the files. I thought it was all good, however when my Wife attempted to duplicate her resume to edit a new version OS X requests the users password, also we are unable to rename an existing file or open the documents then save, as we do not have the correct permissions.
I have looked at the permissions and it shows that
user2(old) has read/write
staff has read
everyone has read
This appears to be the same for all files(except "staff" is replaced with "wheel"). When I add user1(new) read/write to the list and apply to all subfile, it does not update all files. I really don't want to be updating all the files seperatly.
Since doing this I also moved the files back to user2(old) then used "copied" the documents folder in the same way as above. Still the same issue.
Is there a correct way of moving files between users which will remove any permission issues? As I must have done something wrong.
Thanks
ChrisTo move files from Account A to Account B:
1) Log in as A
2) Move all the files to /Users/A/Public (don't move any system-created folders like Documents, Pictures, etc. Just move their contents.)
3) Log in as B
4) Navigate with Finder to /Users/A/Public
5) Drag the files to the Desktop (this will make new copies of them with correct permissions for B)
6) File the new files away in the appropriate places in B's home folder
7) Log in as A and delete the original copies of the files from A's home folder
If you have already moved files from A to B the incorrect way (i.e. by using /Users/Shared) and are running into permissions issues, fix them by logging in to an Admin account and entering these two Terminal commands:
sudo chown -R userb ~userb (this one changes ownership of everything in B's home folder to B)
sudo chmod -R u+rwX ~userb (this one ensures that B can read and write to everything in his home folder) -
Lightroom 4 crashes when trying to open the slideshow module. I spent over three hours with both Adobe and Apple tech support and we know it is a permission issue but have not been able to get it solved. It started with the last upgrade to 10.8
Back up all data.
This procedure will unlock all your user files (not system files) and reset their ownership and access-control lists to the default. If you've set special values for those attributes on any of your files, they will be reverted. In that case, either stop here, or be prepared to recreate the settings if necessary. Do so only after verifying that those settings didn't cause the problem. If none of this is meaningful to you, you don't need to worry about it.
Step 1
If you have more than one user account, and the one in question is not an administrator account, then temporarily promote it to administrator status in the Users & Groups preference pane. To do that, unlock the preference pane using the credentials of an administrator, check the box marked Allow user to administer this computer, then reboot. You can demote the problem account back to standard status when this step has been completed.
Triple-click the following line to select it. Copy the selected text to the Clipboard (command-C):
{ sudo chflags -R nouchg,nouappnd ~ $TMPDIR.. ; sudo chown -Rh $UID:staff ~ $_ ; sudo chmod -R u+rwX ~ $_ ; chmod -R -N ~ $_ ; } 2> /dev/null
Launch the Terminal application in any of the following ways:
☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
☞ Open LaunchPad. Click Utilities, then Terminal in the icon grid.
Paste into the Terminal window (command-V). You'll be prompted for your login password, which won't be displayed when you type it. You may get a one-time warning not to screw up. If you don’t have a login password, you’ll need to set one before you can run the command. If you see a message that your username "is not in the sudoers file," then you're not logged in as an administrator.
The command will take a noticeable amount of time to run. Wait for a new line ending in a dollar sign (“$”) to appear, then quit Terminal.
Step 2 (optional)
The first step should give you usable permissions in your home folder. This step will restore special attributes set by OS X on some user folders to protect them from unintended deletion or renaming. You can skip this step if you don't consider that protection to be necessary.
Boot into Recovery by holding down the key combination command-R at startup. Release the keys when you see a gray screen with a spinning dial.
When the OS X Utilities screen appears, select
Utilities ▹ Terminal
from the menu bar. A Terminal window will open.
In the Terminal window, type this:
resetpassword
That's one word, all lower case, with no spaces. Then press return. A Reset Password window will open. You’re not going to reset a password.
Select your boot volume ("Macintosh HD," unless you gave it a different name) if not already selected.
Select your username from the menu labeled Select the user account if not already selected.
Under Reset Home Directory Permissions and ACLs, click the Reset button.
Select
▹ Restart
from the menu bar. -
Error when reading a RCDC (permission issue)
Hello,
I have created a MPR to grant right for a specific set (set 1) of user to read somes attributes (DisplayName) of a specific set of objects (set 2).
For you information this set contains in fact all objects of a custom type.
I have created a RCDC for viewing this object.
In a first time the XML template of this RCDC contains only a control for the DisplayName attribute.
<my:Control my:Name="DisplayName" my:TypeName="UocLabel" my:Caption="{Binding Source=schema, Path=DisplayName.DisplayName}" my:Description="{Binding Source=schema, Path=DisplayName.Description}" my:RightsLevel="{Binding Source=rights, Path=DisplayName}">
<my:Properties>
<my:Property my:Name="Text" my:Value="{Binding Source=object, Path=DisplayName, Mode=OneWay}" />
</my:Properties>
</my:Control>
When I try to read the object with a user belonging to the set 1, I meet the error below. However if I modify my MPR to grant right on all attributes, I am able to read the RCDC. This is why I think the error is related to a permission issue.
Error page on the FIM web portal:
Unable to process your request.
Please contact your help desk or system administrator.
> Go to Forefront Identity Manager home page
More information on the error in the Windows Event Viewer:
Requestor: urn:uuid:2dabeb0a-e780-447c-9f2b-6f715997f716
Microsoft.ResourceManagement.Service: Microsoft.ResourceManagement.WebServices.Exceptions.PermissionDeniedException: Exception of type 'Microsoft.ResourceManagement.WebServices.Exceptions.PermissionDeniedException' was thrown.
at Microsoft.ResourceManagement.WebServices.RequestDispatcher.ExecuteGetAction(RequestType request)
at Microsoft.ResourceManagement.WebServices.RequestDispatcher.ExecuteAction(RequestType request)
at Microsoft.ResourceManagement.WebServices.RequestDispatcher.ExecuteAction[ResponseBodyType](RequestType request)
at Microsoft.ResourceManagement.WebServices.RequestDispatcher.DispatchRequest[ResponseBodyType](RequestType request, Guid requestIdentifier, Object redispatchSingleInstanceKey, Boolean isRedispatch)
at Microsoft.ResourceManagement.WebServices.RequestDispatcher.DispatchRequest[ResponseBodyType](RequestType request)
at Microsoft.ResourceManagement.WebServices.ResourceManagementService.Get(Message request)
Does anyone have an idea of a way to solve this issue? Thank you ;)
Regards,
SergeFinally, I found the solution. I had to add ObjectID in the list of attributes in the MPR.
If the user can't read the object id, he will not able to read the RCDC. -
Permission Issue with Adobe Bridge
Hello Support,
We are an all mac environment, and we are trying to import and export templates of metadata from Adobe Bridge. The files we are accessing are on a file server on our network. When making changes to metadata using Adobe Bridge we are getting permission denied. The permissions are fine, as we can add, delete, and modify files in the same server directories using finder or other applications. This has happened in the past and the resolution was to create a a whole new profile on the local mac.The new profile then had no issues with importing and exporting metadata. However, this is now the third time we have had to create a new profile on the local mac to resolve this permission issue within Adboe Bridge. We are running Adobe Bridge CS5 version 4.0.0.5.2.9. We are wondering if there is a permanent solution to this, seeing as we do not want to have to re-create a new profile every 3-4 months. Could there be a setting in Adobe that we need to edit or anything else that would avoid us having to re-create the profile? Thanks in advance for all advice to this issue.any help at all would be gladly appreciated. Also, is there a phone number or chat support with Adobe support that anyone can provide?
-
Weird file renaming permission issues
Hi!
We have a file rename permission issue. Here is the background:
We created a 2008 R2 DFS namespace called UserData with Read/write share permissions for Administrators, Everyone and System. UserData has been granted NTFS permissions as follows:
Everyone (This folder only): Traverse folder / Execute files, List folder / Read data, Read attributes, Create folders / Append data
CREATOR OWNER (Subfolders and files only): Full control
SYSTEM (This folder, subfolders and files): Full control
Domain Admins (This folder, subfolders and files)
We then enabled folder redirection for users My documents folder through GPO, setting the following:
Setting: Basic - Redirect everyones folder to the same location
Target folder: Create a folder for each user under the root path
\\domain\UserData
We also unchecked Grant the user exlusive rights to documents.
So, now to the really weird behaviour. We logged on to a Windows 7 (x64) client computer with a user who gets this GPO settings and that is not local administrator on the client. The folder is redirected as expected and we can create, delete and write to
files in anyway we want. We can also rename files if we choose an entirely different name and if we choose a longer or a shorter file name,
but we cannot rename the file to something with the same letters but different casing.
Examples of what will work:
"test" to "testing"
"test" to "cool"
"test" to "COOL"
Examples of what will NOT work:
"test" to "Test"
"test" to "tesT"
"test" to "TEST"
We the get this error: "File Access Denied. You need permission to perform this action. You require permission from S-1-5-21-220..... to make changes to this file."
Eventhough I'm pretty sure the share and NTFS permissions of the share are correctly set we have of course checked all the permissions when logged in and the user has Full NTFS control and Read/Write Share permissions.
We have encountered the same problem on a customer company as well, with a different domain with no links to our domain what so ever. I have also seen similar problems from other people when trying to find the answer on internet. Here is an example:
http://social.technet.microsoft.com/Forums/en/w7itprosecurity/thread/35ced5bb-ab13-4e28-8c48-7c68ce0b775c
Anyone have any thoughts?
/LeyanResent discoveries:
If I log onto a Windows 7 (x86) Enterprise I face the same Issues.
If the same user logs on to one of the DFS servers holding the namespace and accesses his folder we experience
no problems renaming files.
Customer company states that all is working fine when user logs on to a Windows XP with SP3.
/Leyan -
Permission issues with CRM Business packages
Hello
I have imported CRM business packages 5.0 to EP7 Portal.
created System object SAP_CRM.connection is fine.
Assigned predefined CRM roles(Content provided by SAP)to new users.but when I click on the CRM iview,
getting following error.
Portal Runtime Error
An exception occurred while processing a request for :
iView : pcd:portal_content/com.sap.pct/specialist/com.sap.pct.crm/com.sap.pct.crm.roles/com.sap.pct.crm.accountmanager/com.sap.pct.crm.am.acc.accountmgmt/com.sap.pct.crm.am.acc.accounts/com.sap.pct.crm.acc.accounts_s
Component Name : com.sap.portal.appintegrator.sap.BSP
Exception in SAP Application Integrator occured: Cannot retrieve system object for this alias. System Alias: 'SAP_CRM', System ID: 'pcd:portal_content/com.icicipru.systems.SFA_Systems/com.icicipru.systems.SAP_CRM'. User: 'crm_user', Reason: Access denied (Object(s): portal_content/com.icicipru.systems.SFA_Systems/com.icicipru.systems.SAP_CRM).
Exception id: 06:14_10/05/07_0071_303671250
See the details for the exception ID in the log file
but when I add Super admin role to the users.it works fine.
I have addeed end user permission to EVERYONE group and theser CRM users are part of the group.Everyone group is also part of Portal Content folder and System Folder.
please help.
regards
JohnHello John,
It seems to be a permission issue. Just open the permission editor of the system and assign the everyone group to it. Select the checkbox corresponding to end-user. save it.
It will solve ur problem.
Regards
Deb
[Reward Points for helpful answers] -
Permission issues accross schemas to load XMLTYPE column - structured storage
Hi,
We have a table in BIUSER schema this table is object-realtionally stored with XMLs. When we are trying to load receords from ETLUSER schema we are getting the error as
Record 1: Rejected - Error on table "BIUSER"."PWAYWORKFILE_TABLE".
ORA-00604: error occurred at recursive SQL level 1
ORA-01031: insufficient privileges
Heres the oracle installation details
Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit Production
PL/SQL Release 11.2.0.3.0 - Production
"CORE 11.2.0.3.0 Production"
All the records are moving to the bad file, whereas the same load happens normally in its own schema i.e. BIUSER
Suspecting this as permission issues we have already given the permission to the table sysnonym as given below in the registration script.
We googled and found few things about ACLs that we are not sure of , its that is the issue please let us know if this table can be created and loaded from different schema
Heres the table creation and registration script
set echo on
spool regschema.log
set define on
set timing on
set long 100000 pages 0 lines 256 trimspool on timing on
drop table PWAYWORKFILE_TABLE;
drop sequence PWAYWORKFILE_TABLE_SEQ;
begin
dbms_xmlschema.deleteschema('workfile.xsd',dbms_xmlschema.DELETE_CASCADE);
end;
begin
dbms_xmlschema.deleteschema('TotalLoss.xsd',dbms_xmlschema.DELETE_CASCADE);
end;
begin
dbms_xmlschema.deleteschema('Salvage.xsd',dbms_xmlschema.DELETE_CASCADE);
end;
begin
dbms_xmlschema.deleteschema('rate.xsd',dbms_xmlschema.DELETE_CASCADE);
end;
begin
dbms_xmlschema.deleteschema('notes.xsd',dbms_xmlschema.DELETE_CASCADE);
end;
begin
dbms_xmlschema.deleteschema('Image.xsd',dbms_xmlschema.DELETE_CASCADE);
end;
begin
dbms_xmlschema.deleteschema('Event.xsd',dbms_xmlschema.DELETE_CASCADE);
end;
begin
dbms_xmlschema.deleteschema('estimate.xsd',dbms_xmlschema.DELETE_CASCADE);
end;
begin
dbms_xmlschema.deleteschema('CoTotals.xsd',dbms_xmlschema.DELETE_CASCADE);
end;
begin
dbms_xmlschema.deleteschema('corr.xsd',dbms_xmlschema.DELETE_CASCADE);
end;
begin
dbms_xmlschema.deleteschema('Admin.xsd',dbms_xmlschema.DELETE_CASCADE);
end;
begin
dbms_xmlschema.deleteschema('Vins.xsd',dbms_xmlschema.DELETE_CASCADE);
end;
begin
dbms_xmlschema.deleteschema('commonType.xsd',dbms_xmlschema.DELETE_CASCADE);
end;
declare
V_XML_SCHEMA_NAME VARCHAR2(700) := 'commonType.xsd';
V_XML_SCHEMA XMLType := xmlType(BfileName('XSD_DIR',V_XML_SCHEMA_NAME),nls_charset_id('AL32UTF8'));
V_SCHEMA_LOCATION_HINT VARCHAR2(700) := 'commonType.xsd';
BEGIN
DBMS_XMLSCHEMA_ANNOTATE.printWarnings(FALSE);
DBMS_XMLSCHEMA_ANNOTATE.disableDefaultTableCreation(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.SETTIMESTAMPWITHTIMEZONE(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.SETTIMESTAMPWITHTIMEZONE(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.disableMaintainDom(V_XML_SCHEMA,FALSE);
DBMS_XMLSCHEMA.registerSchema(
SCHEMAURL => V_SCHEMA_LOCATION_HINT
,SCHEMADOC => V_XML_SCHEMA
,LOCAL => TRUE
,GENTYPES => TRUE
,GENTABLES => TRUE
,ENABLEHIERARCHY => DBMS_XMLSCHEMA.ENABLE_HIERARCHY_NONE
end;
declare
V_XML_SCHEMA_NAME VARCHAR2(700) := 'Admin.xsd';
V_XML_SCHEMA XMLType := xmlType(BfileName('XSD_DIR',V_XML_SCHEMA_NAME),nls_charset_id('AL32UTF8'));
V_SCHEMA_LOCATION_HINT VARCHAR2(700) := 'Admin.xsd';
begin
DBMS_XMLSCHEMA_ANNOTATE.printWarnings(FALSE);
DBMS_XMLSCHEMA_ANNOTATE.disableDefaultTableCreation(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.SETTIMESTAMPWITHTIMEZONE(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.disableMaintainDom(V_XML_SCHEMA,FALSE);
DBMS_XMLSCHEMA.registerSchema(
SCHEMAURL => V_SCHEMA_LOCATION_HINT
,SCHEMADOC => V_XML_SCHEMA
,LOCAL => TRUE
,GENTYPES => TRUE
,GENTABLES => TRUE
,ENABLEHIERARCHY => DBMS_XMLSCHEMA.ENABLE_HIERARCHY_NONE
end;
declare
V_XML_SCHEMA_NAME VARCHAR2(700) := 'CoTotals.xsd';
V_XML_SCHEMA XMLType := xmlType(BfileName('XSD_DIR',V_XML_SCHEMA_NAME),nls_charset_id('AL32UTF8'));
V_SCHEMA_LOCATION_HINT VARCHAR2(700) := 'CoTotals.xsd';
begin
DBMS_XMLSCHEMA_ANNOTATE.printWarnings(FALSE);
DBMS_XMLSCHEMA_ANNOTATE.disableDefaultTableCreation(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.SETTIMESTAMPWITHTIMEZONE(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.disableMaintainDom(V_XML_SCHEMA,FALSE);
DBMS_XMLSCHEMA.registerSchema(
SCHEMAURL => V_SCHEMA_LOCATION_HINT
,SCHEMADOC => V_XML_SCHEMA
,LOCAL => TRUE
,GENTYPES => TRUE
,GENTABLES => TRUE
,ENABLEHIERARCHY => DBMS_XMLSCHEMA.ENABLE_HIERARCHY_NONE
end;
declare
V_XML_SCHEMA_NAME VARCHAR2(700) := 'Event.xsd';
V_XML_SCHEMA XMLType := xmlType(BfileName('XSD_DIR',V_XML_SCHEMA_NAME),nls_charset_id('AL32UTF8'));
V_SCHEMA_LOCATION_HINT VARCHAR2(700) := 'Event.xsd';
begin
DBMS_XMLSCHEMA_ANNOTATE.printWarnings(FALSE);
DBMS_XMLSCHEMA_ANNOTATE.disableDefaultTableCreation(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.SETTIMESTAMPWITHTIMEZONE(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.disableMaintainDom(V_XML_SCHEMA,FALSE);
DBMS_XMLSCHEMA.registerSchema(
SCHEMAURL => V_SCHEMA_LOCATION_HINT
,SCHEMADOC => V_XML_SCHEMA
,LOCAL => TRUE
,GENTYPES => TRUE
,GENTABLES => TRUE
,ENABLEHIERARCHY => DBMS_XMLSCHEMA.ENABLE_HIERARCHY_NONE
end;
declare
V_XML_SCHEMA_NAME VARCHAR2(700) := 'Image.xsd';
V_XML_SCHEMA XMLType := xmlType(BfileName('XSD_DIR',V_XML_SCHEMA_NAME),nls_charset_id('AL32UTF8'));
V_SCHEMA_LOCATION_HINT VARCHAR2(700) := 'Image.xsd';
begin
DBMS_XMLSCHEMA_ANNOTATE.printWarnings(FALSE);
DBMS_XMLSCHEMA_ANNOTATE.disableDefaultTableCreation(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.SETTIMESTAMPWITHTIMEZONE(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.disableMaintainDom(V_XML_SCHEMA,FALSE);
DBMS_XMLSCHEMA.registerSchema(
SCHEMAURL => V_SCHEMA_LOCATION_HINT
,SCHEMADOC => V_XML_SCHEMA
,LOCAL => TRUE
,GENTYPES => TRUE
,GENTABLES => TRUE
,ENABLEHIERARCHY => DBMS_XMLSCHEMA.ENABLE_HIERARCHY_NONE
end;
declare
V_XML_SCHEMA_NAME VARCHAR2(700) := 'Salvage.xsd';
V_XML_SCHEMA XMLType := xmlType(BfileName('XSD_DIR',V_XML_SCHEMA_NAME),nls_charset_id('AL32UTF8'));
V_SCHEMA_LOCATION_HINT VARCHAR2(700) := 'Salvage.xsd';
begin
DBMS_XMLSCHEMA_ANNOTATE.printWarnings(FALSE);
DBMS_XMLSCHEMA_ANNOTATE.disableDefaultTableCreation(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.SETTIMESTAMPWITHTIMEZONE(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.disableMaintainDom(V_XML_SCHEMA,FALSE);
DBMS_XMLSCHEMA.registerSchema(
SCHEMAURL => V_SCHEMA_LOCATION_HINT
,SCHEMADOC => V_XML_SCHEMA
,LOCAL => TRUE
,GENTYPES => TRUE
,GENTABLES => TRUE
,ENABLEHIERARCHY => DBMS_XMLSCHEMA.ENABLE_HIERARCHY_NONE
end;
declare
V_XML_SCHEMA_NAME VARCHAR2(700) := 'TotalLoss.xsd';
V_XML_SCHEMA XMLType := xmlType(BfileName('XSD_DIR',V_XML_SCHEMA_NAME),nls_charset_id('AL32UTF8'));
V_SCHEMA_LOCATION_HINT VARCHAR2(700) := 'TotalLoss.xsd';
begin
DBMS_XMLSCHEMA_ANNOTATE.printWarnings(FALSE);
DBMS_XMLSCHEMA_ANNOTATE.disableDefaultTableCreation(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.SETTIMESTAMPWITHTIMEZONE(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.disableMaintainDom(V_XML_SCHEMA,FALSE);
DBMS_XMLSCHEMA.registerSchema(
SCHEMAURL => V_SCHEMA_LOCATION_HINT
,SCHEMADOC => V_XML_SCHEMA
,LOCAL => TRUE
,GENTYPES => TRUE
,GENTABLES => TRUE
,ENABLEHIERARCHY => DBMS_XMLSCHEMA.ENABLE_HIERARCHY_NONE
end;
declare
V_XML_SCHEMA_NAME VARCHAR2(700) := 'Vins.xsd';
V_XML_SCHEMA XMLType := xmlType(BfileName('XSD_DIR',V_XML_SCHEMA_NAME),nls_charset_id('AL32UTF8'));
V_SCHEMA_LOCATION_HINT VARCHAR2(700) := 'Vins.xsd';
begin
DBMS_XMLSCHEMA_ANNOTATE.printWarnings(FALSE);
DBMS_XMLSCHEMA_ANNOTATE.disableDefaultTableCreation(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.SETTIMESTAMPWITHTIMEZONE(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.disableMaintainDom(V_XML_SCHEMA,FALSE);
-- DOM Fidelity enabled due to presence of mixed text, substitution group heads, or repeating choice structures in complex type defintion :-
DBMS_XMLSCHEMA_ANNOTATE.enableMaintainDOM(V_XML_SCHEMA,'RefurbMgr',TRUE);
select /*+ NO_XML_QUERY_REWRITE */
XMLQuery(
'declare namespace xdb = "http://xmlns.oracle.com/xdb"; (:
copy $NEWSCH := $SCHEMA modify (
let $MODEL := $NEWSCH/xs:schema/xs:complexType[11]/xs:all
return (
replace value of node $MODEL/xs:element[2]/xs:complexType/@xdb:maintainDOM with "false",
replace value of node $MODEL/xs:element[3]/xs:complexType/@xdb:maintainDOM with "false",
replace value of node $MODEL/xs:element[4]/xs:complexType/@xdb:maintainDOM with "false"
return $NEWSCH'
passing V_XML_SCHEMA as "SCHEMA"
returning content
into V_XML_SCHEMA
from dual;
DBMS_XMLSCHEMA.registerSchema(
SCHEMAURL => V_SCHEMA_LOCATION_HINT
,SCHEMADOC => V_XML_SCHEMA
,LOCAL => TRUE
,GENTYPES => TRUE
,GENTABLES => TRUE
,ENABLEHIERARCHY => DBMS_XMLSCHEMA.ENABLE_HIERARCHY_NONE
end;
declare
V_XML_SCHEMA_NAME VARCHAR2(700) := 'corr.xsd';
V_XML_SCHEMA XMLType := xmlType(BfileName('XSD_DIR',V_XML_SCHEMA_NAME),nls_charset_id('AL32UTF8'));
V_SCHEMA_LOCATION_HINT VARCHAR2(700) := 'corr.xsd';
begin
DBMS_XMLSCHEMA_ANNOTATE.printWarnings(FALSE);
DBMS_XMLSCHEMA_ANNOTATE.disableDefaultTableCreation(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.SETTIMESTAMPWITHTIMEZONE(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.disableMaintainDom(V_XML_SCHEMA,FALSE);
DBMS_XMLSCHEMA.registerSchema(
SCHEMAURL => V_SCHEMA_LOCATION_HINT
,SCHEMADOC => V_XML_SCHEMA
,LOCAL => TRUE
,GENTYPES => TRUE
,GENTABLES => TRUE
,ENABLEHIERARCHY => DBMS_XMLSCHEMA.ENABLE_HIERARCHY_NONE
end;
declare
V_XML_SCHEMA_NAME VARCHAR2(700) := 'estimate.xsd';
V_XML_SCHEMA XMLType := xmlType(BfileName('XSD_DIR',V_XML_SCHEMA_NAME),nls_charset_id('AL32UTF8'));
V_SCHEMA_LOCATION_HINT VARCHAR2(700) := 'estimate.xsd';
begin
DBMS_XMLSCHEMA_ANNOTATE.printWarnings(FALSE);
DBMS_XMLSCHEMA_ANNOTATE.disableDefaultTableCreation(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.SETTIMESTAMPWITHTIMEZONE(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.disableMaintainDom(V_XML_SCHEMA,FALSE);
DBMS_XMLSCHEMA.registerSchema(
SCHEMAURL => V_SCHEMA_LOCATION_HINT
,SCHEMADOC => V_XML_SCHEMA
,LOCAL => TRUE
,GENTYPES => TRUE
,GENTABLES => TRUE
,ENABLEHIERARCHY => DBMS_XMLSCHEMA.ENABLE_HIERARCHY_NONE
end;
declare
V_XML_SCHEMA_NAME VARCHAR2(700) := 'notes.xsd';
V_XML_SCHEMA XMLType := xmlType(BfileName('XSD_DIR',V_XML_SCHEMA_NAME),nls_charset_id('AL32UTF8'));
V_SCHEMA_LOCATION_HINT VARCHAR2(700) := 'notes.xsd';
begin
DBMS_XMLSCHEMA_ANNOTATE.printWarnings(FALSE);
DBMS_XMLSCHEMA_ANNOTATE.disableDefaultTableCreation(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.SETTIMESTAMPWITHTIMEZONE(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.disableMaintainDom(V_XML_SCHEMA,FALSE);
DBMS_XMLSCHEMA.registerSchema(
SCHEMAURL => V_SCHEMA_LOCATION_HINT
,SCHEMADOC => V_XML_SCHEMA
,LOCAL => TRUE
,GENTYPES => TRUE
,GENTABLES => TRUE
,ENABLEHIERARCHY => DBMS_XMLSCHEMA.ENABLE_HIERARCHY_NONE
end;
declare
V_XML_SCHEMA_NAME VARCHAR2(700) := 'rate.xsd';
V_XML_SCHEMA XMLType := xmlType(BfileName('XSD_DIR',V_XML_SCHEMA_NAME),nls_charset_id('AL32UTF8'));
V_SCHEMA_LOCATION_HINT VARCHAR2(700) := 'rate.xsd';
begin
DBMS_XMLSCHEMA_ANNOTATE.printWarnings(FALSE);
DBMS_XMLSCHEMA_ANNOTATE.disableDefaultTableCreation(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.SETTIMESTAMPWITHTIMEZONE(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.disableMaintainDom(V_XML_SCHEMA,FALSE);
DBMS_XMLSCHEMA.registerSchema(
SCHEMAURL => V_SCHEMA_LOCATION_HINT
,SCHEMADOC => V_XML_SCHEMA
,LOCAL => TRUE
,GENTYPES => TRUE
,GENTABLES => TRUE
,ENABLEHIERARCHY => DBMS_XMLSCHEMA.ENABLE_HIERARCHY_NONE
end;
declare
V_XML_SCHEMA_NAME VARCHAR2(700) := 'workfile.xsd';
V_XML_SCHEMA XMLType := xmlType(BfileName('XSD_DIR',V_XML_SCHEMA_NAME),nls_charset_id('AL32UTF8'));
V_SCHEMA_LOCATION_HINT VARCHAR2(700) := 'workfile.xsd';
begin
DBMS_XMLSCHEMA_ANNOTATE.printWarnings(FALSE);
DBMS_XMLSCHEMA_ANNOTATE.disableDefaultTableCreation(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.SETTIMESTAMPWITHTIMEZONE(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.disableMaintainDom(V_XML_SCHEMA,FALSE);
-- Out-of-Line mappings for 1000 Column optimization :-
DBMS_XMLSCHEMA_ANNOTATE.setOutOfLine(V_XML_SCHEMA,DBMS_XDB_CONSTANTS.XSD_COMPLEX_TYPE,'WorkfileType', 'AdminComp','ADMINCOMP_XML');
DBMS_XMLSCHEMA_ANNOTATE.setOutOfLine(V_XML_SCHEMA,DBMS_XDB_CONSTANTS.XSD_COMPLEX_TYPE,'WorkfileType', 'NotesComp','NOTESCOMP_XML');
DBMS_XMLSCHEMA_ANNOTATE.setOutOfLine(V_XML_SCHEMA,DBMS_XDB_CONSTANTS.XSD_COMPLEX_TYPE,'WorkfileType', 'SalvageComp','SALVGCOMP_XML');
DBMS_XMLSCHEMA_ANNOTATE.setOutOfLine(V_XML_SCHEMA,DBMS_XDB_CONSTANTS.XSD_COMPLEX_TYPE,'WorkfileType', 'CorrComp','CORRCOMP_XML');
DBMS_XMLSCHEMA_ANNOTATE.setOutOfLine(V_XML_SCHEMA,DBMS_XDB_CONSTANTS.XSD_COMPLEX_TYPE,'WorkfileType', 'ImageComp','IMAGECOMP_XML');
DBMS_XMLSCHEMA_ANNOTATE.setOutOfLine(V_XML_SCHEMA,DBMS_XDB_CONSTANTS.XSD_COMPLEX_TYPE,'WorkfileType', 'EventInterfaceManagerComp','EVIFCMGRCOMP_XML');
DBMS_XMLSCHEMA_ANNOTATE.setOutOfLine(V_XML_SCHEMA,DBMS_XDB_CONSTANTS.XSD_COMPLEX_TYPE,'WorkfileType', 'TotalLossComp','TOTALLOSSCOMP_XML');
DBMS_XMLSCHEMA.registerSchema(
SCHEMAURL => V_SCHEMA_LOCATION_HINT
,SCHEMADOC => V_XML_SCHEMA
,LOCAL => TRUE
,GENTYPES => TRUE
,GENTABLES => TRUE
,ENABLEHIERARCHY => DBMS_XMLSCHEMA.ENABLE_HIERARCHY_NONE
end;
-- Table creation for namespace "http://www.cccis.com/Pathways/Workfile"
set lines 80
CREATE TABLE "PWAYWORKFILE_TABLE"
SequenceID NUMBER,
DL_CLM_FOLDER_ID VARCHAR2(30),
CUST_CLM_REF_ID VARCHAR(25),
ems_file_nm varchar2(256),
EST_IND VARCHAR2(3),
rec_dt date default sysdate,
filesent_datetime date,
CLM_TYP_CD VARCHAR2(2 CHAR),
WORKFILE XMLTYPE
XMLTYPE COLUMN WORKFILE
STORE AS OBJECT RELATIONAL
XMLSCHEMA "workfile.xsd" ELEMENT "PwayWorkfile"
create sequence PWAYWORKFILE_TABLE_SEQ
start with 1
increment by 1
nomaxvalue
create trigger PWAYWORKFILE_TABLE_TRIGGER
before insert on PWAYWORKFILE_TABLE
for each row
begin
select PWAYWORKFILE_TABLE_SEQ.nextval into :new.SequenceID from dual;
end;
desc PWAYWORKFILE_TABLE
/* create synonym */
create or replace public synonym PWAYWORKFILE_TABLE for PWAYWORKFILE_TABLE;
grant select on PWAYWORKFILE_TABLE to BIUSER_RO;
grant select, insert, update,delete on PWAYWORKFILE_TABLE to biuser_full;
exit;
Regards,
ArghyadipHi MarcoGralike,
I have finally acquired a sample schema and xmls to reproduce the errors that i am getting even after acquiring XDBADMIN privilege and registering my schema as GLOBAL.
Here's the problem i am facing, whenever i intend to store the PublisherList (publisher.xsd) out of line while registration i am running into insufficient privilege issues even if i have the schema registered using (LOCAL => FALSE), whereas it runs smooth in BIUSER and if i dont set it out of line it works in ETLUSER as well.
Here are the 2 XSD files
books.xsd --- this is the root element
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xdb="http://xmlns.oracle.com/xdb" version="1.0" xdb:storeVarrayAsTable="true">
<xs:include schemaLocation="publisher.xsd"/>
<xs:element name="books" type="bookType"/>
<xs:complexType name="bookType" abstract="true">
<xs:sequence>
<xs:element name="author" type="xs:string" minOccurs="0"/>
<xs:element name="title" type="xs:string" minOccurs="0"/>
<xs:element name="genre" type="xs:string" minOccurs="0"/>
<xs:element ref="PublisherList" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
</xs:schema>
publisher.xsd -- this is a child elelment which in my actual scenario is so big that i must keep it out of line during registration
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xdb="http://xmlns.oracle.com/xdb" version="1.0" xdb:storeVarrayAsTable="true">
<xs:element name="PublisherList" type="PublisherListType"/>
<xs:complexType name="PublisherListType">
<xs:sequence>
<xs:element name="Name" type="xs:string" minOccurs="0"/>
<xs:element name="Office" type="xs:string" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
</xs:schema>
Here's the sample XML
<?xml version="1.0"?>
<books xmlns:xs="http://www.w3.org/2001/XMLSchema">
<author>Writer</author>
<title>The First Book</title>
<genre>Fiction</genre>
<PublisherList>
<Name>Penguin</Name>
<Office>London</Office>
</PublisherList>
</books>
Here's how i am registering the Schemas in BIUSER which has XDBADMIN privilege
DROP TABLE BOOKS_TABLE;
begin
dbms_xmlschema.deleteschema('books.xsd',dbms_xmlschema.DELETE_CASCADE);
end;
begin
dbms_xmlschema.deleteschema('publisher.xsd',dbms_xmlschema.DELETE_CASCADE);
end;
declare
V_XML_SCHEMA_NAME VARCHAR2(700) := 'publisher.xsd';
V_XML_SCHEMA XMLType := xmlType(BfileName('XSD_DIR',V_XML_SCHEMA_NAME),nls_charset_id('AL32UTF8'));
V_SCHEMA_LOCATION_HINT VARCHAR2(700) := 'publisher.xsd';
begin
DBMS_XMLSCHEMA_ANNOTATE.printWarnings(FALSE);
DBMS_XMLSCHEMA_ANNOTATE.disableDefaultTableCreation(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.SETTIMESTAMPWITHTIMEZONE(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.disableMaintainDom(V_XML_SCHEMA,FALSE);
DBMS_XMLSCHEMA.registerSchema(
SCHEMAURL => V_SCHEMA_LOCATION_HINT
,SCHEMADOC => V_XML_SCHEMA
,LOCAL => FALSE
,GENTYPES => TRUE
,GENTABLES => TRUE
,ENABLEHIERARCHY => DBMS_XMLSCHEMA.ENABLE_HIERARCHY_NONE
end;
declare
V_XML_SCHEMA_NAME VARCHAR2(700) := 'books.xsd';
V_XML_SCHEMA XMLType := xmlType(BfileName('XSD_DIR',V_XML_SCHEMA_NAME),nls_charset_id('AL32UTF8'));
V_SCHEMA_LOCATION_HINT VARCHAR2(700) := 'books.xsd';
begin
DBMS_XMLSCHEMA_ANNOTATE.printWarnings(FALSE);
DBMS_XMLSCHEMA_ANNOTATE.disableDefaultTableCreation(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.SETTIMESTAMPWITHTIMEZONE(V_XML_SCHEMA);
DBMS_XMLSCHEMA_ANNOTATE.disableMaintainDom(V_XML_SCHEMA,FALSE);
DBMS_XMLSCHEMA_ANNOTATE.setOutOfLine(V_XML_SCHEMA,DBMS_XDB_CONSTANTS.XSD_COMPLEX_TYPE,'bookType', 'PublisherList','PUBLISHERLIST_XML');
DBMS_XMLSCHEMA.registerSchema(
SCHEMAURL => V_SCHEMA_LOCATION_HINT
,SCHEMADOC => V_XML_SCHEMA
,LOCAL => FALSE
,GENTYPES => TRUE
,GENTABLES => TRUE
,ENABLEHIERARCHY => DBMS_XMLSCHEMA.ENABLE_HIERARCHY_NONE
end;
CREATE TABLE BOOKS_TABLE
BOOKS XMLTYPE
XMLTYPE COLUMN BOOKS
STORE AS OBJECT RELATIONAL
XMLSCHEMA "books.xsd" ELEMENT "books"
DROP PUBLIC SYNONYM BOOKS_TABLE;
create or replace public synonym BOOKS_TABLE for BOOKS_TABLE;
grant select, insert, update,delete on BOOKS_TABLE to ETLUSER;
Heres the ctl file that i am using
Load_Books.ctl
OPTIONS (ERRORS=100000, SILENT=(HEADER,FEEDBACK),ROWS=500, BINDSIZE=3072000 , READSIZE=3072000)
load data
infile '/apps/dev/PWXML-10/ctl/load_xml.txt'
BADFILE '/apps/dev/PWXML-10/ctl/load_xml.txt.bad'
DISCARDFILE '/apps/dev/PWXML-10/ctl/load_xml.txt.dsc'
append
into table BOOKS_TABLE
filename filler char(120),
BOOKS lobfile(filename) terminated by eof)
'/apps/dev/PWXML-10/ctl/load_xml.txt' would contain the XML file path that i gave
Heres how i am loading the XML through sqlldr in ETLUSER
sqlldr etluser/etluserpassword@MYXMLDBNAME control=Load_Books.ctl log=Load_Books.ctl.log
Here's the error i am getting
Record 1: Rejected - Error on table "BIUSER"."BOOKS_TABLE".
ORA-00604: error occurred at recursive SQL level 1
ORA-01031: insufficient privileges
Hopefully i have given you all the set up required to pin point the evil error.
Please let me know if i have missed something.
Maybe you are looking for
-
HDMI Option Not Available in Windows 7 (x64) [HP Pavilion DV5 1138-NR Entertainment Notebook PC]
I have just recently upgraded my laptop from Vista Home Premium (x64) to 7 Ultimate (x64). I currently have my laptop connected to an HP w2338h monitor with built-in speakers, and it gave me the option to use it in Vista. When I upgraded, I get the v
-
Could you tell me how to configure my hp photosmart d110 to print in black and white only?
I have a HP Photosmart D110, when I printing a web page how I could configure my printer to print only in black and white? Thanks Pietro1708
-
Windows to Mac - OS or TM Lost File Structure (External HDD)
Damage control please. I have an old Seagate One-Touch 150GB external drive I use to back up my old Windows machines. I have (had) four machines backed up in there - 1 Windows Me and 3 XPs holding business and personal files for the last 8 years. I n
-
Hai SAP gurus Could any one tell me how i can restrict printing cheque only once for a given document, eg: if you print for a given document document in FBZ5, cheques gets printed, gain if you given the print for the same document, it ask " +print on
-
BW Consultants: I have a WAD in nw 2004s. I am jumping from Q1 to Q2. The users want to see the output of Q2 in the same window as the inital results for Q1. I checked help.sap.com and they mentioned this functionality in WAD RRI_OPEN_MODE. Sure, I c