[SOLVED] Weird new access denied error from Samba

This just started when I did a system upgrade last week (from samba 3.4.3-something to 3.5.2-something).
The hardware: Server is arch, of course; workstation 2 feet away is Windows XP connected by ethernet to a cheap Gateway brand switch.
The filesystem: a folder called /pub with owner set to my primary (non-root) login and group set to the household group, perms 775 so both owner and group have full rw perms.  Also /tmp, owned by root:root with perms 777.  /pub has a symbolic link to /tmp so you can use /pub/tmp as a fully writeable junk area on the network.
The shares: /pub is given smb.conf parameters public=yes, writable=yes, create mask=0775
The login: My XP box has a login that makes it a member of the family group
Up until the upgrade, this all worked fine.  The XP could attach the public share (drive P:) and go to P:\tmp when I wanted to save a temp file, knowing that it would be erased when I reboot the server.
Now, the public share still works great in that I can go to drive P: and all the subdirectories within and read/write to my heart's content... EXCEPT the symbolic link to /tmp.  When I try CD P:\tmp
I get
Access is denied.
The same thing happens on my Windows 7 VM (running on the linux box), so it's not XP.  Other than the upgrade from 3.4 to 3.5, nothing else in the above environment has changed.
Yes, I know there are numerous workarounds.  I could create an actual /pub/tmp folder and include that in the reboot purge... but it's the principle of the thing.  I shouldn't HAVE to do that.
Any thoughts on what's broken and how to fix it, or do I need to take this to the Samba folks?  I always try here first in case it's an arch-specific problem...
Last edited by WyoPBS (2010-04-29 20:12:38)

Thanks!  That wasn't the answer, but it prompted me to do some more hunting.  Turns out the latest upgrade fixes a security hole: Enabling UNIX extensions automatically disables wide links.  Since I did not define UNIX extensions, it defaults to yes, so even explicitly adding wide links = yes to smb.conf did not fix the problem.
http://www.linuxquestions.org/questions … ks-801633/
Looks like I can have one or the other, but not both.  So I have to decide which is more important to me.  Or create the folder /pub/tmp and symlink /tmp to it rather than the other way around.

Similar Messages

  • Weird "relay access denied" error when using "%" in email address

    Hi, I've written a solution that allows emails to be processed and redirected through my mail server. First, we receive mail at user%[email protected]. Then, we do some checks to make sure its legit, alter its content and re-send it to [email protected]. I posted another topic in this forum getting some advice as to how to build it, but it's all built and working well... or so I thought...
    I initially had trouble with using the % symbol as the delimiter because of a default postfix behavior (postfix by default treats the % as my custom application is, which of course can be dangerous). However, I added "allowpercenthack = no" to main.cf and that seemed to allow postfix to not attempt to process it itself and let my application do the work.
    However, if I now send mail now to my server (from another server) destined to user%[email protected], I (and my log) gets:
    <user%[email protected]>: Relay access denied (in reply to RCPT TO command)
    However, if I send to an address WITHOUT the %, like something [email protected], the whole thing works correctly.
    HOWEVER, if I send messages WITH and WITHOUT the % from the command line while ON the server, I don't get these errors.
    My main.cf has the following restrictions(s):
    <pre>smtpdrecipientrestrictions = rejectnon_fqdnrecipient, checkrecipientaccess hash:/etc/postfix/access,
    permit_mynetworks, rejectunauthdestination, rejectnon_fqdnsender,
    rejectnon_fqdnhostname, rejectinvalidhostname, checkheloaccess hash:/etc/postfix/helo_access,
    rejectrblclient zen.spamhaus.org, rejectrblclient bl.spamcop.net, rejectrblclient relays.ordb.org,
    permit</pre>
    I'm assuming that permit_mynetworks is allowing this to work from my server's command line, and therefore I'm suspecting rejectunauthdestination is what's killing my ability to use the % symbol. As a test, I removed rejectunauthdestination temporarily and reload postix. The next mail received triggered this error in the log:
    Mar 16 12:24:28 server postfix/smtpd[1368]: fatal: parameter "smtpdrecipientrestrictions": specify at least one working instance of: checkrelaydomains, rejectunauthdestination, reject, defer or deferifpermit
    Of course. I needed one of those directives. I didn't want reject, defer or deferifpermit, and documentation on checkrelaydomains was not available at http://www.postfix.org/postconf.5.html. However, I tried checkrelaydomains, and it seemed to work as expected permitting my % emails and rejecting stuff it should, but of course the 'gotcha' was that postfix's log now reflected:
    Mar 16 12:33:08 server postfix/smtpd[1579]: warning: support for restriction "checkrelaydomains" will be removed from Postfix; use "rejectunauthdestination" instead
    Mar 16 12:33:08 server postfix/smtpd[1579]: warning: restriction `rejectnon_fqdnsender' after `checkrelaydomains' is ignored
    So, can anyone recommend a way I can polish up my restrictions to allow these % addresses without opening myself up for anything dangerous?
    Side question: I placed `rejectnon_fqdnsender' after rejectunauthdestination destination because I didn't want to bother checking the sender unless I confirmed the recipient was at my server. Does that comment that it doesn't work after checkrelaydomains, mean that it also doesn't get processed after rejectunauthdestination?
    MacBook   Mac OS X (10.4.8)  

    However, I added "allowpercenthack = no" to main.cf
    and that seemed to allow postfix to not attempt to
    process it itself and let my application do the
    work.
    However, if I now send mail now to my server (from
    another server) destined to
    user%[email protected], I (and my
    log) gets:
    Hardly ever had a need for this, but if I remember correctly you will need to set:
    allowuntrustedrouting = yes
    in main.cf
    (No need for allowpercenthack (I think))
    or you could create a hash table before rejectunauthdestination to return OK based on your needed patterns.
    I think the first method will work though.
    Side question: I placed `rejectnon_fqdnsender'
    after rejectunauthdestination destination because I
    didn't want to bother checking the sender unless I
    confirmed the recipient was at my server. Does that
    comment that it doesn't work after
    checkrelaydomains, mean that it also doesn't get
    processed after
    checkrelaydomains is deprecated
    You can place rejectnon_fqdnsender anywhere you like or even omit it, but I don't see why you would have to.

  • "access denied" error from Java Web Start

    I can successfully download the jar file, but always have error message "access denied" when the java application tries to open a local file in C:\temp\poc1.xml.
    I can successfully execute the java application from DOS,but failed when using Java Web Start. The error message is as follows:
    Java Web Start Console, started Wed Nov 28 16:30:31 PST 2001Java 2 Runtime Environment: Version
    1.3.1 by Sun Microsystems Inc.java.security.AccessControlException: access denied
    (java.io.FilePermission C:\temp\poc1.xml read)     at
    org.apache.xerces.framework.XMLParser.parse(Unknown Source)     at
    org.apache.xerces.framework.XMLParser.parse(Unknown Source)     at
    com.hotlocker.client.HLSessionParser.parse(Unknown Source)     at
    com.hotlocker.client.UploadDownloadClient.uploadFiles(Unknown Source)     at
    com.hotlocker.client.UploadDownload.main(Unknown Source)     at
    java.lang.reflect.Method.invoke(Native Method)     at
    com.sun.javaws.Launcher.executeApplication(Unknown Source)     at
    com.sun.javaws.Launcher.executeMainClass(Unknown Source)     at
    com.sun.javaws.Launcher.continueLaunch(Unknown Source)     at
    com.sun.javaws.Launcher.handleApplicationDesc(Unknown Source)     at
    com.sun.javaws.Launcher.handleLaunchFile(Unknown Source)     at
    com.sun.javaws.Launcher.run(Unknown Source)     at java.lang.Thread.run(Unknown Source)

    Hi,
    you can't get a file like in a "normal" app
    because a JWS-app runs in the restricted
    sandbox environment by default.
    So you either sign your app with a digital certificate
    or you use a special FileOpenService (JNLP-API).
    You could also put the file into the app-jar and
    load it by a classloader.
    Regards,
    Mathias

  • Access denied error when starting DIAdem from LabVIEW

    We are using the DIAdem Connectivity Toolkit in our application.  Our application starts a DIAdem session to handle querying and datasheet creation.  On a recent installation at a customer, our application was not able to communicate with DIAdem, i.e. we get an Access Denied error when our application tries to start up DIAdem.
    The location of the error is in the DIAdem Open Connection.vi.  I believe it is when the Automation Open is run.
    Is there some system setting that could be blocking communication between the two, i.e. ActiveX setting, etc?  If so, where could we control these settings from?

    Hello Derrick,
    While cBauer is away from the office, I will be working with this case on his behalf.  I will try to answer your questions as best I can to determine what might be causing this failure.
    1. The error which we encounter is an "Access Denied" error (as stated above).  I am currently investigating the error code, and will update this post accordingly when I have it.
    2. Our application is a built (.exe) application using LabVIEW 8.5 and DIAdem 10.2
    3. We do not install the toolkit directly on the customers machine as this is a built application.  We install the FULL LabVIEW 8.5 Runtime engine, as well as a licensed copy of the DIAdem 10.2 Basic edition.
    4. The error occurs in run-time environment at a customer site.  We have been unable to duplicate the error in development.
    5. We're using the "DIAdem Open Connection.vi" from the DIAdem.dll library to initialize the connection (this is the VI which appears to be producing the error via the "Automation Open" node), and we're using the "DIAdem Close Reference.vi" from the same library to close the reference.
    6. I will instrument a simple application which performs these tasks and post the results when we have tried this operation.
    7. I am unsure whether the repair operation has been attempted.  I will verify this behavior and again post the results to this forum.
    Thank you for your help.  Please let me know if you require additional information.  Hopefully we can discover a solution to our problem.
    Ken

  • Access denied error while trying to install graphics drivers

    Hello,
    I have a new toshiba laptop P70-A. I have installed windows 7 and the pc was working excellent up until now. Noticed yesterday that the nvidia automated system failed to install the new update. When I tried to install the new driver manually, even from the
    device manager, I got the access denied message. 
    A day now wasted reading all the possible causes and solutions but with no luck. Read all the forums and all the posts, tried almost everything. Below youll find everything I tried as a solution and failed.
    1.Disabled UAC
    2.Enabled the administrator account and trying to take control from there
    3.Run the subinacl and the reset.cmd
    4.Tried manually to take control the folder windows (and access denied while changing the rights)
    5. Scanned the system with everything there is available ( Kaspersky, MalwareBytes, RegCurePro, Tuneup Utilities, CCleaner) The system came out clean.
    6. Tried restoring the system to an earlier time (got again access denied error code 0x80070005)
    7. Checked all the group policies (all seem to be fine)
    8. Run a script to take immediate ownership over all of C:
    TAKEOWN /A /F C:
    then the next one
    TAKEOWN /F C: 
    9. With subinacl I run all the above scripts... (still nothing changed)
    @echo off
    title Resetting ACLs...
    echo.
    echo Determine whether we are on an 32 or 64 bit machine
    echo.
    if "%PROCESSOR_ARCHITECTURE%"=="x86" if "%PROCESSOR_ARCHITEW6432%"=="" goto x86
    set ProgramFilesPath=%ProgramFiles(x86)%
    goto startResetting
    :x86
    set ProgramFilesPath=%ProgramFiles%
    :startResetting
    echo.
    cd /d "%ProgramFilesPath%\Windows Resource Kits\Tools"
    echo. 
    echo Resetting ACLs...
    echo (this may take several minutes to complete)
    echo. 
    echo IMPORTANT NOTE: For this script to run correctly, you must change
    echo the values named Athena to be the Windows user account that
    echo you are logged in with.
    echo.
    echo ==========================================================================
    echo. 
    echo. 
    subinacl /subkeyreg HKEY_CURRENT_USER /grant=administrators=f /grant=system=f /grant=restricted=r /grant=Athena=f /setowner=administrators > %temp%\subinacl_output.txt
    echo. 
    echo. 
    subinacl /keyreg HKEY_CURRENT_USER /grant=administrators=f /grant=system=f /grant=restricted=r /grant=Athena=f /setowner=administrators >> %temp%\subinacl_output.txt
    echo. 
    echo. 
    subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=administrators=f /grant=system=f /grant=users=r /grant=everyone=r /grant=restricted=r /setowner=administrators >> %temp%\subinacl_output.txt
    echo. 
    echo. 
    subinacl /keyreg HKEY_LOCAL_MACHINE /grant=administrators=f /grant=system=f /grant=users=r /grant=everyone=r /grant=restricted=r /setowner=administrators >> %temp%\subinacl_output.txt
    echo. 
    echo. 
    subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=administrators=f /grant=system=f /grant=users=r /setowner=administrators >> %temp%\subinacl_output.txt
    echo. 
    echo. 
    subinacl /keyreg HKEY_CLASSES_ROOT /grant=administrators=f /grant=system=f /grant=users=r /setowner=administrators >> %temp%\subinacl_output.txt
    echo. 
    echo. 
    echo System Drive...
    subinacl /subdirectories %ProgramFilesPath%\ /grant=administrators=f /grant=system=f /grant=users=e >> %temp%\subinacl_output.txt
    echo. 
    echo. 
    echo Windows Directory...
    subinacl /subdirectories %windir%\ /grant=administrators=f /grant=system=f /grant=users=e >> %temp%\subinacl_output.txt
    echo. 
    echo. 
    echo ==========================================================================
    echo. 
    echo FINISHED.
    echo. 
    echo Press any key to exit . . .
    pause >NUL
    Im frustrated really... ANY help at all would be really appreciated.
    Thanks in Advance and sorry for the long post
    Athena 

    Hello,
    Thanks for the replies, i much appreciate it. I tried all of the above with no luck again. Safe mode allows me though to install drivers but thats reverting the moment im entering windows. Im always running commands and programs as a administrator or in
    the Admin enabled account.
    It seems the problem is solved today. Via tune up utilities I disabled most of the startup programs and services and it seems that 1 service is causing this issue. Although I havent played much with the disabled services but 3 remain to be checked. One of
    the three is causing this.
    Thanks again guys and Ill keep you posted about the soft. conflict.
    Athena

  • EFS Encrypted Files over home workgroup network via WebDAV avoiding Active Directory fixing Access Denied errors

    This is for information to help others
    KEYWORDS:
      - Sharing EFS encrypted files over a personal lan wlan wifi ap network
      - Access denied on create new file / new fold on encrypted EFS network file share remote mapped folder
      - transfer encryption keys / certificates
      - set trusted delegation for user + computer for EFS encrypted files via
    Kerberos
      - Windows Active Directory vs network file share
      - Setting up WinDAV server on Windows 7 Pro / Ultimate
    It has been a long painful road to discover this information.
    I hope sharing it helps you.
    Using EFS on Windows 7 pro / ultimate is easy and works great. See
    here and
    here
    So too is opening + editing encrypted files over a peer-to-peer Windows 7 network.
    HOWEVER, creating a new file / new folder over a peer-to-peer Windows 7 network
    won't work (unless you follow below steps).
    Typically, it is only discovered as an issue when a home user wants to use synchronisation software between their home computers which happens to have a few folders encrypted using windows EFS. I had this issue trying to use GoodSync.
    Typically an "Access Denied" error messages is thrown when a \\clientpc tries to create new folder / new file in an encrypted folder on a remote file share \\fileserver.
    Why such a EFS drama when a network is involved?
    Assume a home peer-to-peer network with 2pc:  \\fileserver  and  \\clientpc
    When a \\clientpc tries to create a new file or new folder on a \\fileserver (remote computer) it fails. In a terribly simplified explanation it is because the process on \\fileserver that is answering the network requests is a process working for a user on
    another machine (\\clientpc) and that \\fileserver process doesn't have access to an encryption certificate (as it isn't a user). Active Directory gets around this by using kerberos so the process can impersonate a \\fileserver user and then use their certificate
    (on behalf of the clienpc's data request).
    This behaviour is confusing, as a \\clientpc can open or edit an existing efs encrypted file or folder, just can't create a new file or folder. The reason editing + opening an encrypted file over a network file share is possible is because the encrypted
    file / folder already has an encryption certificate, so it is clear which certificate is required to open/edit the file. Creating a new file/folder requires a certificate to be assigned and a process doesn't have a profile or certificates assigned.
    Solutions
    There are two main approaches to solve this:
         1) SOLVE by setting up an Active Directory (efs files accessed through file shares)
              EFS operations occur on the computer storing the files.
              EFS files are decrypted then transmitted in plaintext to the client's computer
              This makes use of kerberos to impersonate a local user (and use their certificate for encrypt + decrypt)
         2) SOLVE by setting up WebDAV (efs files accessed through web folders)
               EFS operations occur on the client's local computer
               EFS files remain encrypted during transmission to the client's local computer where it is decrypted
               This avoids active directory domains, roaming or remote user profiles and having to be trusted for delegation.
               BUT it is a pain to set up, and most online WebDAV server setup sources are not for home peer-to-peer networks or contain details on how to setup WebDAV for EFS file provision
             READ BELOW as this does
    Create new encrypted file / folder on a network file share - via Active Directory
    It is easily possible to sort this out on a domain based (corporate) active directory network. It is well documented. See
    here. However, the problem is on a normal Windows 7 install (ie home peer-to-peer) to set up the server as part of an active directory domain is complicated, it is time consuming it is bulky, adds burden to operation of \\fileserver computer
    and adds network complexity, and is generally a pain for a home user. Don't. Use a WebDAV.
    Although this info is NOT for setting up EFS on an active directory domain [server],
    for those interested here is the gist:
    Use the Active Directory Users and Computers snap-in to configure delegation options for both users and computers. To trust a computer for delegation, open the computer’s Properties sheet and select Trusted for delegation. To allow a user
    account to be delegated, open the user’s Properties sheet. On the Account tab, under Account Options, clear the The account is sensitive and cannot be delegated check box. Do not select The account is trusted for delegation. This property is not used with
    EFS.
    NB: decrypted data is transmitted over the network in plaintext so reduce risk by enabling IP Security to use Encapsulating Security Payload (ESP)—which will encrypt transmitted data,
    Create new encrypted file / folder on a network file share - via WebDAV
    For home users it is possible to make it all work.
    Even better, the functionality is built into windows (pro + ultimate) so you don't need any external software and it doesn't cost anything. However, there are a few hotfixes you have to apply to make it work (see below).
    Setting up a wifi AP (for those less technical):
       a) START ... CMD
       b) type (no quotes): "netsh  wlan set hostednetwork mode=allow ssid=MyPersonalWifi key=12345 keyUsage=persistent"
       c) type (no quotes): "netsh  wlan start hostednetwork"
    Set up a WebDAV server on Windows 7 Pro / Ultimate
    -----ON THE FILESERVER------
       1  click START and type "Turn Windows Features On or Off" and open the link
           a) scroll down to "Internet Information Services" and expand it.
           b) put a tick in: "Web Management Tools" \ "IIS Management Console"
           c) put a tick in: "World Wide Web Services" \ "Common HTTP Features" \ "WebDAV Publishing"
           d) put a tick in: "World Wide Web Services" \ "Security" \ "Basic Authentication"
           e) put a tick in: "World Wide Web Services" \ "Security" \ "Windows Authentication"
           f) click ok
           g) run HOTFIX - ONLY if NOT running Windows 7 / windows 8
    KB892211 here ONLY for XP + Server 2003 (made in 2005)
    KB907306 here ONLY for Vista, XP, Server 2008, Server 2003 (made in 2007)
      2 Click START and type "Internet Information Services (IIS) Manager"
      3 in IIS, on the left under "connections" click your computer, then click "WebDAV Authoring Rules", then click "Open Feature"
           a) on the right side, under Actions, click "Enable WebDAV"
      4 in IIS, on the left under "connections" click your computer, then click "Authentication", then click "Open Feature"
           a) on the "Anonymous Authentication" and click "Disable"
           b) on the "Windows Authentication" and click "Enable"
          NB: Some Win 7 will not connect to a webDAV user using Basic Authentication.
            It can be by changing registry key:
               [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WebClient\Parameters]
               BasicAuthLevel=2
           c) on the "Windows Authentication" click "Advanced Settings"
               set Extended Protection to "Required"
           NB: Extended protection enhances the windows authentication with 2 security mechanisms to reduce "man in the middle" attacks
      5 in IIS, on the left under "connections" click your computer, then click "Authorization Rules", then click "Open Feature"
           a) on the right side, under Actions, click "Add Allow Rule"
           b) set this to "all users". This will control who can view the "Default Site" through a web browser
           NB: It is possible to specify a group (eg Administrators is popular) or a user account. However, if not set to "all users" this will require the specified group/user account to be used for logged in with on the
    clientpc.
           NB: Any user account specified here has to exist on the server. It has a bug in that it usernames specified here are not validated on input.
      6 in IIS, on the left under "connections" click your computer, then click "Directory Browsing", then click "Open Feature"
           a) on the right side, under Actions, click "Enable"
    HOTFIX - double escaping
      7 in IIS, on the left under "connections" click your computer, then click "Request Filtering", then click "Open Feature"
           a) on the right side, under Actions, click "Edit Feature Settings"
           b) tick the box "Allow double escaping"
         *THIS IS VERY IMPORTANT* if your filenames or foldernames contain characters like "+" or "&"
         These folders will appears blank with no subdirectories, or these files will not be readable unless this is ticked
         This is safe btw. Unchecked (default) it filters out requests that might possibly be misinterpreted by buggy code (eg double decode or build url's via string-concat without proper encoding). But any bug would need to be in IIS basic
    file serving and this has been rigorously tested by microsoft, so very unlikely. Its safe to "Allow double escaping".
      8 in IIS, on the left under "connections" right click "Default Web Site", then click "Add Virtual Directory"
           a) set the Alias to something sensible eg "D_Drive", set the physical path
           b) it is essential you click "connect as" and set
    this to a local user (on fileserver),
           if left as "pass through authentication" a client won't be able to create a new file or folder in an encrypted efs folder (on fileserver)
                 NB: the user account selected here must have the required EFS certificates installed.
                            See
    here and
    here
            NB: Sharing the root of a drive as an active directory (eg D:\ as "D_Drive") often can't be opened on clientpcs.
          This is due to windows setting all drive roots as hidden "administrative shares". Grrr.
           The work around is on the \\fileserver create an NTFS symbollic link
              e.g. to share the entire contents of "D:\",
                    on fileserver browse to site path (iis default this to c:\inetpub\wwwroot)
                    in cmd in this folder create an NTFS symbolic link to "D:\"
                    so in cmd type "cd c:\inetpub\wwwroot"
                    then in cmd type "mklink /D D_Drive D:\"
            NB: WebDAV will open this using a \\fileserver local user account, so double check local NTFS permissions for the local account (clients will login using)
             NB: If clientpc can see files but gets error on opening them, on clientpc click START, type "Manage Network Passwords", delete any "windows credentials" for the fileserver being used, restart
    clientpc
      9 in IIS, on the left under "connections" click on "WebDAV Authoring Rules", then click "Open Feature"
           a) click "Add authoring rules". Control access to this folder by selecting "all users" or "specified groups" or "specified users", then control whether they can read/write/source
           b) if some exist review existing allow or deny.
               Take care to not only review the "allow access to" settings
               but also review "permissions" (read/write/source)
           NB: this can be set here for all added virtual directories, or can be set under each virtual directory
      10 Open your firewall software and/or your router. Make an exception for port 80 and 443
           a) In Windows Firewall with Advanced Security click Inbound Rules, click New Rule
                 choose Port, enter "80, 443" (no speech marks), follow through to completion. Repeat for outbound.
              NB: take care over your choice to untick "Public", this can cause issues if no gateway is specified on the network (ie computer-to-computer with no router). See "Other problems+fixes"
    below, specifically "Cant find server due to network location"
           b) Repeat firewall exceptions on each client computer you expect to access the webDAV web folders on
    HOTFIX - MAJOR ISSUE - fix KB959439
      11 To fully understand this read "WebDAV HOTFIX: RAW DATA TRANSFERS" below
          a) On Windows 7 you need only change one tiny registry value:
               - click START, type "regedit", open link
               -browse to [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MRxDAV\Parameters]
               -on the EDIT menu click NEW, then click DWORD Value
               -Type "DisableEFSOnWebDav" to name it (no speech marks)
               -on the EDIT menu, click MODIFY, type 1, then click OK 
               -You MUST now restart this computer for the registry change to take effect.
          b) On Windows Server 2008 / Vista / XP you'll FIRST need to
    download Windows6.0-KB959439 here. Then do the above step.
             NB microsoft will ask for your email. They don't care about licence key legality, it is more to keep you updated if they modify that hotfix
      12 To test on local machine (eg \\fileserver) and deliberately bypass the firewall.
            a) make sure WebClient Service is running
                (click START, type "services" and open, scroll down to WebClient and check its status)
            b) Open your internet software. Go to address "http://localhost:80" or "http://localhost:80"
                It should show the default "IIS7" image.
                If not, as firewall and port blocking are bypassed (using localhost) it must be a webDAV server setting. Check "Authorization Rules" are set to "Allow All Users"           
            c) for one of the "virtual directories" you added (8), add its "alias" onto "http://localhost/"
                    e.g. http://localhost/D_drive
                If nothing is listed, check "Directory Browsing" is enabled
      13 To test on local machine or a networked client and deliberately try and access through the firewall or port opening of your router.
            a) make sure WebClient Service is running
                (click START, type "services" and open, scroll down to WebClient and check its status)
            b) open your internet software. Go to address "http://<computer>:80" or "http://<computer>:80".
                  eg if your server's computer name is "fileserver" go to "http://fileserver:80"
                  It should show the default "IIS7" image. If not, check firewall and port blocking. 
                  Any issue ie if (12) works but (13) doesn't,  will indicate a possible firewall issue or router port blocking issue.
           c) for one of the "virtual directories" you added (8), add its "alias" onto "http://<computername>:80/"
                   eg if alias is "C_driver" and your server's computer name is "fileserver" go to "http://fileserver:80/C_drive"
                   A directory listing of files should appear.
    --- ON EACH CLIENT ----
    HOTFIX - improve upload + download speeds
      14 Click START and type "Internet Options" and open the link
            a) click the "Connections" tab at the top
            b) click the "LAN Settings" button at the bottom right
            c) untick "Automatically detect settings"
    HOTFIX - remove 50mb file limit
      15 On Windows 7 you need only change one tiny registry value:
          a) click START, type "regedit", open link
          b) browse to [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WebClient\Parameters]
           c) click on "FileSizeLimitInBytes"
           d) on the EDIT menu, click MODIFY, type "ffffffff", then click OK (no quotes)
    HOTFIX - remove prompt for user+pass on opening an office or pdf document via WebDAV
     16 On each clientpc click START, type "Internet Options" and open it
             a) click on "Security" (top) and then "Custom level" (bottom)
             b) scroll right to the bottom and under "User Authentication" select "Automatic logon with current username and password"
             SUCH an easy fix. SUCH an annoying problem on a clientpc
       NB: this is only an issue if the file is opened through windows explorer. If opened through the "open" dialogue of the software itself, it doesn't happen. This is as a WebDAV mapped drive is consdered a "web folder" by windows
    explorer.
    TEST SETUP
      17 On the client use the normal "map network drive"
                e.g. server= "http://fileserver:80/C_drive", tick reconnect at logon
                e.g. CMD: net use * "http://fileserver:80/C_drive"
             If it doens't work check "WebDAV Authoring Rules" and check NTFS permissions for these folders. Check that on the filserver the elected impersonation user that the client is logging in with (clientpc
    "manage network passwords") has NTFS permissions.
      18 Test that EFS is now working over the network
           a) On a clientpc, map network drive to http://fileserver/
           b) navigate to a folder you know on the \\flieserver is encrypted with EFS
           c) create a new folder, create a new file.
               IF it throws an error, check carefully you mapped to the WebDAV and not file share
                  i.e. mapped to "http://fileserver" not "\\fileserver"
               Check that on clientpc the required efs certificate is installed. Then check carefully on clientpc what user account you specified during the map drive process. Then check on the \\fileserver this
    account exists and has the required EFS certificate installed for use. If necessary, on clientpc click START, type "Manage Network Passwords" and delete the windows credentials currently in the vault.
           d) on clientpc (through a webDAV mapped folder) open an encrypted file, edit it, save it, close it. On the \\fileserver now check that file is readable and not gobble-de-goup
           e) on clientpc copy an encrypted efs file into a folder (a webDAV mapped folder) you know is not encrypted on \\fileserver. Now check on the \\fileserver computer that the file is readable and not gobble-de-goup (ie the
    clientpc decrypted it then copied it).
            If this fails, it is likely one in IIS setting on fileserver one of the shared virtual directories is set to: "pass through authentication" when it should be set to "connect as"
            If this is not readable check step (11) and that you restarted the \\fileserver computer.
      19 Test that clients don't get the VERY annoying prompt when opening an Office or PDF doc
          a) on clientpc in windows explorer browse to a mapped folder you know is encrypted and open an office file and then PDF.
                If a prompt for user+pass then check hotfix (16)
      20 Consider setting up a recycling bin for this mapped drive, so files are sent to recycling bin not permanently deleted
          a) see the last comment at the very bottom of
    this page: 
    Points to consider:
       - NB: WebDAV runs on \\fileserver under a local user account, so double check local NTFS permissions for that local account and adjust file permissions accordingly. If the local account doesn't have permission, the webDAV / web folder share won't
    either.
      - CONSIDER: IP Security (IPSec) or Secure Sockets Layer (SSL) to protect files during transport.
    MORE INFO: HOTFIX: RAW DATA TRANSFERS
    More info on step (11) above.
    Because files remain encrypted during the file transfer and are decrypted by EFS locally, both uploads to and downloads from Web folders are raw data transfers. This is an advantage as if data is intercepted it is useless. This is a massive disadvantage as
    it can cause unexpected results. IT MUST BE FIXED or you could be in deep deep water!
    Consider using \\clientpc to access a webfolder on \\fileserver and copying an encrypted EFS file (over the network) to a web folder on \\fileserver that is not encrypted.
    Doing this locally would automatically decrypt the file first then copy the decrypted file to the non-encrypted folder.
    Doing this over the network to a web folder will copy the raw data, ie skip the decryption stage and result in the encrypted EFS file being raw copied to the non-encrypted folder. When viewed locally this file will not be recognised as encrypted (no encryption
    file flag, not green in windows explorer) but it will be un-readable as its contents are still encrypted. It is now not possible to locally read this file. It can only be viewed on the \\clientpc
    There is a fix:
          It is implimented above, see (11) above
          Microsoft's support page on this is excellent and short. Read "problem description" of "this microsoft webpage"
    Other problems + fixes
      PROBLEM: Can't find server due to network location.
         This one took me a long time to track down to "network location".
         Win 7 uses network locations "Home" / "Work" / "Public".
         If no gateway is specified in the IP address, the network is set to '"unidentified" and so receives "Public" settings.
         This is a disaster for remote file share access as typically "network discovery" and "file sharing" are disabled under "Public"
         FIX = either set IP address manually and specify a gateway
         FIX = or  force "unidentified" network locations to assume "home" or "work" settings -
    read here or
    here
         FIX = or  change the "Public" "advanced network settings" to turn on "network discovery" and "file sharing" and "Password Protected Sharing". This is safe as it will require a windows
    login to gain file access.
      PROBLEM: Deleting files on network drive permanently deletes them, there is no recycling bin
           By changing the location of "My Contacts" or similar to the root directory of your mapped drive, it will be added to recycling bin locations
          Read
    here (i've posted a batch script to automatically make the required reg files)
    I really hope this helps people. I hope the keywords + long title give it the best chance of being picked up in web searches.

    What probably happens is that processes are using those mounts. And that those processes are not killed before the mounts are unmounted. Is there anything that uses those mounts?

  • "Access Denied" error when attempting to update HP w2207h monitor drivers

    CPU Product Name and Number:  HP Pavillion a6700y
    Monitor: HP w2207h 
    Operating system: Windows Vista 64-bit. SP2
    Error Message:  I receive an "Access Denied" error screen when attempting to update drivers for my HP w2207h monitor.  HP solution of deleting monitor(s) from Device Driver and reloading did not work.  Patch file called DRVFix download can not be opened by WINZIP.  I have tried reloading from the original w2207h monitor disk but receive the same error.  Attempting to download from Windows Update results in the same error.  Any suggestions?   ; 
    Recent Changes: Installed new hard drive to replace an "imminent failure" drive; used system recovery disks and am now reloading all software.  All works week except fro this driver issue with the monitor.  All Microsoft and Windows security and hotfix updates have been installed.  System is wireless.

    Hi,
    I solved the issue of Access Denied by installing the driver (inf file) manually. 
    Go to Device Manager and locate the Monitor
    Right mouse click and select update driver software
    Browse my computer
    Select let me pick from a list
    Select have Disk
    Browse to C:\swsetup\monitors\HP_2159_2.0\files\
    Select HP_2159.inf
    Click to install from disk
    Next
    You might even be able to just navigate directly to the HP folder, locate the .inf file, right mouse click on it and select install.
    HP DV9700, t9300, Nvidia 8600, 4GB, Crucial C300 128GB SSD
    HP Photosmart Premium C309G, HP Photosmart 6520
    HP Touchpad, HP Chromebook 11
    Custom i7-4770k,Z-87, 8GB, Vertex 3 SSD, Samsung EVO SSD, Corsair HX650,GTX 760
    Custom i7-4790k,Z-97, 16GB, Vertex 3 SSD, Plextor M.2 SSD, Samsung EVO SSD, Corsair HX650, GTX 660TI
    Windows 7/8 UEFI/Legacy mode, MBR/GPT

  • Access denied error while writing a file to the file system - myfileupload.saveas() throws system.unauthorizedexception

    hi,
    as part of my requirement , i have to perform read and  write  operations of  few files [ using the file upload control in my custom visual web part] and on submit button click.
    but while writing these files - with the help of  fileupload control - and when i use  myfileupload.saveas(mylocation);
    - i am saving these files into my D:\ drive of my server , where i am executing my code -, am getting access denied error.
    it throws system.unauthorizedexception.
    i have given full control on that folder where i was trying to store my attached files. and also  after following asp.net forums,
    i have added  iusr group added and performed all those steps such that, the file is saved in my D:\ drive.
    but unfortunately  that didnt happen.
    also
    a) i am trying the code with runwithelevatedprivileges(delegate() )  code
    b) shared the drive within the  d :drive where i want o save the files.
    c) given the full privieleges for the app pool identity- in my case , its
    network service.
    the  other strange thing is that, the same code works perfectly in  other machine, where the same sp, vs 2012  etc were installed .
    would like to know, any other changes/ steps i need to make it on this  server, where i am getting the  error.
    help is  appreciated!

    vishnuS1984 wrote:
    Hi Friends,
    I have gone through scores of examples and i am failing to understand the right thing to be done to copy a file from one directory to another. Here is my class...So let's see... C:\GetMe1 is a directory on your machine, right? And this is what you are doing with that directory:
    public static void copyFiles(File src, File dest) throws IOException
    // dest is a 'File' object but represents the C:\GetMe1 directory, right?
    fout = new FileOutputStream (dest);If it's a directory, where in your code are you appending the source file name to the path, before trying to open an output stream on it? You're not.
    BTW, this is awful:
    catch (IOException e)
    IOException wrapper = new IOException("copyFiles: Unable to copy file: " +
    src.getAbsolutePath() + "to" + dest.getAbsolutePath()+".");
    wrapper.initCause(e);
    wrapper.setStackTrace(e.getStackTrace());
    throw wrapper;
    }1) You're hiding the original IOException and replacing it with your own? For what good purpose?
    2) Even if you had a good reason to do that, this would be simpler and better:
    throw new IOException("your custom message goes here", e);
    rather than explicitly invokign initCause and setStackTrace. Yuck!

  • Timerjob Access denied error while opening web object

    Hi Team,
    I have created a timer job to get list information on the site. Everything is fine in the development(Stand alone server) . Got access denied error while running same timer job in QA server(one app and one WFE).
    Note: This timer job is globally deployed.
    Code snippet : 
    SPSite site1 = webApp.Sites[0];
    SPWeb web = site1.RootWeb;
    SPSecurity.RunWithElevatedPrivileges(delegate()
    using (SPSite site = new SPSite(site1.ID))
    using (SPWeb currWeb = site.OpenWeb(web.ID))                  // Got access denied error here.
    Additional information:
    Sharepoint timer service account : Domain\SP_Farm
    Site app pool account : Domain\SP_App.
    Both accounts have site collection administrative access on the site. Do i need to check access permissions on DB level also  this error ?
    Waiting for urgent reply..

    Hi,
    1. Please check the link below:
    Fixing Access Denied Errors With SharePoint 2010 Timer Jobs
    http://www.sharepointsecurity.com/sharepoint/sharepoint-security/fixing-access-denied-errors-with-sharepoint-2010-timer-jobs/
    2. Try to set RemoteAdministratorAccessDenied  to false using PowerShell
    Access denied when deploying a timer Job or activating a feature from SharePoint 2010 content web application
    https://support.microsoft.com/kb/2564009?wa=wsignin1.0
    3. Check your ULS log for detail error message.
    Best Regards
    Dennis Guo
    TechNet Community Support

  • Access denied error on updating list through custom webpart

    hi
    I have created one webpart having multiple view option.
    On selection of items from one view user is clicking on next button to get 2nd view (THis is causing postback) and on selection of 2nd view items user is clicking on next buton for 3rd view.
    On third view he can see the submit button. On click on submit button the selected items are updateing in one list and also updating data in other lists.
    The list in which we are updating data have limited access to all users. But previously user were able to upate the list.
    But after implimenting this multiple view with next button which  postbacks on click user are getting access denied error while updating the list. If i provide contribute access to that list then they able to submit the changes properly. But even after
    that they got the error at first time.
    Any body got this type of issue?
    Is the post back on custom webpart cause access denied error?
    i have written my code like this to updat list,
    protected void btnUpdate_Click(object sender, EventArgs e)
    try
    SPSite site = new SPSite(SPContext.Current.Site.ID);
    SPWeb myWeb = site.OpenWeb(SPContext.Current.Web.ID);
    SPSecurity.RunWithElevatedPrivileges(delegate()
    using (SPSite ElevatedSite = new SPSite(site.ID))
    using (SPWeb ElevatedWeb = ElevatedSite.OpenWeb(myWeb.ID))
    ElevatedSite.AllowUnsafeUpdates = true;
    ElevatedWeb.AllowUnsafeUpdates = true;
    //code to update multiple lists
    catch (Exception ex)
    Please suggest any solution for this.

    Yes I checked with ULS log viewer.
    Its very helpfull as reading that text log file is very difficuelt.
    I found that if user spend more time on that webpart then session veriables on that webpart gets expired and at the time of redirection of user to newly created list using below code currentNewList becomes empty and its redirection to wrong list(_abc) which
    is dummy list and user dont have any access.
    currentNewList = NewListName+ "_abc"
    SPUtility.Redirect(currentNewList.DefaultViewUrl, SPRedirectFlags.Default, HttpContext.Current);
    So I modified the code to reload the session data when user clisk on submit button.

  • Subsites Access denied error

    Hi
    I am trying to access subsites in a sitecolllection.
    Although I am able to access the maintenance page with ?contents=1
    I am not able to access other existing pages nor when I create new page from pages library and click on save I get access denied error.
    Here is the error I see in Logs
    The SPPersistedObject, FarmSettingStore Name=_pnpFarmConfig_, could not be updated because the current user is not a Farm Administrator.
    And error on the page
    Security Exception             
    Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust
    level in the configuration file.            
    Exception Details: System.Security.SecurityException: Access denied.
    Source Error:
    [No relevant source lines]
    Source File: c:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\root\5abc8088\6a71a990\App_Web_homepage.aspx_-1099170352.ltihcxjv.0.cs    Line:
    0            
    Stack Trace:
    [SecurityException: Access denied.]
    Microsoft.SharePoint.Administration.SPPersistedObject.BaseUpdate() +27672523
    Microsoft.Practices.SharePoint.Common.Configuration.FarmSettingStore.Load(SPFarm farm) +341
    Microsoft.Practices.SharePoint.Common.Configuration.SPFarmPropertyBag.get_SettingStore() +258
    Microsoft.Practices.SharePoint.Common.Configuration.SPFarmPropertyBag.Contains(String key) +51
    Microsoft.Practices.SharePoint.Common.Configuration.SPFarmPropertyBag.get_Item(String key) +65
    Microsoft.Practices.SharePoint.Common.Configuration.ConfigManager.GetProperty(Type settingType, String key, IPropertyBag propertyBag) +148
    Microsoft.Practices.SharePoint.Common.Configuration.ConfigManager.GetFromPropertyBag(String key, IPropertyBag propertyBag) +220
    Microsoft.Practices.SharePoint.Common.ServiceLocation.ServiceLocatorConfig.GetConfigData() +311
    Microsoft.Practices.SharePoint.Common.ServiceLocation.ServiceLocatorConfig.GetTypeMappings() +50
    Microsoft.Practices.SharePoint.Common.ServiceLocation.SharePointServiceLocator.CreateServiceLocatorInstance(SPSite site) +160
    Microsoft.Practices.SharePoint.Common.ServiceLocation.SharePointServiceLocator.DoGetCurrent(SPSite site) +957
    Microsoft.Practices.SharePoint.Common.ServiceLocation.SharePointServiceLocator.DoGetCurrent() +150
    Microsoft.Practices.SharePoint.Common.ServiceLocation.SharePointServiceLocator.GetCurrent() +63
    ABC..PropertyBag.Config.ConfigManager.ReadProperty(String propertyName, SPWeb web) +49
    ABC.Common.ControlTemplates.ABC.Framework.Common.GlobalSearchBox.SetSearchResultPageUrl() +228
    ABC.Common.ControlTemplates.ABC.Framework.Common.GlobalSearchBox.Page_Load(Object sender, EventArgs e) +644
    System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
    System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +42
    System.Web.UI.Control.OnLoad(EventArgs e) +132
    System.Web.UI.Control.LoadRecursive() +66
    System.Web.UI.Control.LoadRecursive() +191
    System.Web.UI.Control.LoadRecursive() +191
    System.Web.UI.Control.LoadRecursive() +191
    System.Web.UI.Control.LoadRecursive() +191
    System.Web.UI.Control.LoadRecursive() +191
    System.Web.UI.Control.LoadRecursive() +191
    System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +11154599
    System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +11154138
    System.Web.UI.Page.ProcessRequest() +91
    System.Web.UI.Page.ProcessRequest(HttpContext context) +240
    ASP.HOMEPAGE_ASPX__1099170352.ProcessRequest(HttpContext context) in c:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\root\5abc8088\6a71a990\App_Web_homepage.aspx_-1099170352.ltihcxjv.0.cs:0
    Microsoft.SharePoint.Publishing.TemplateRedirectionPage.ProcessRequest(HttpContext context) +175
    System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +599
    System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +171
     This error is in staging environment.
    Please help.
    Thank you,
    Vinay

    Hmm. This is not the normal access denied message that you would receive when you don't have permission to a site. Have you customized the page layouts to include something in it?
    Andy Wessendorf SharePoint Developer II | Rackspace [email protected]

  • "general access denied error" while implementing out-of-process COM Server Implementation in Windows Phone 8.1

    I have a Service (.exe) where I was registering for my COM Component like below
    CoInitializeEx(NULL, COINIT_MULTITHREADED);
    HRESULT hres = CoInitializeSecurity(NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_NONE, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE, 0);
    if (hres != S_OK)
    OutputDebugStringA("Security Descriptor not initialized");
    ITypeLib* pTypeLib;
    HRESULT hr_1 = LoadTypeLibEx(L"ServiceIdl.tlb", REGKIND_REGISTER, &pTypeLib);
    if (pTypeLib != NULL)
    pTypeLib->Release();
    RegisterServer(L"Service.exe", CLSID_classAImpl, L"ClassAImpl Sample", L"Component.ClassAImpl", L"Component.ClassAImpl.1", 0);
    g_hEvent = CreateEvent(NULL, FALSE, FALSE, NULL);
    DWORD reg = 0;
    IClassFactory *pIFactory = new classAFactory;
    HRESULT hr0 = CoRegisterClassObject(CLSID_classAImpl, pIFactory, CLSCTX_LOCAL_SERVER, REGCLS_MULTIPLEUSE, &reg);
    if (FAILED(hr0))
    OutputDebugStringA("classAImpl is not registered");
    CoUninitialize();
    exit(1);
    HRESULT hr1 = CoResumeClassObjects();
    if (hr1 == S_OK)
    OutputDebugStringA("classAImpl is Resumed Registering");
    WaitForSingleObject(g_hEvent, INFINITE);
    CloseHandle(g_hEvent);
    CoRevokeClassObject(reg);
    pIFactory->Release();
    CoUninitialize();
    From Client Code I am CreatingInstance  Like Below
    COSERVERINFO si;
    MULTI_QI qi;
    COAUTHINFO cai = { RPC_C_AUTHN_NONE, RPC_C_AUTHZ_NONE, 0, RPC_C_AUTHN_LEVEL_NONE, RPC_C_IMP_LEVEL_IMPERSONATE, 0, EOAC_NONE };
    si.dwReserved1 = 0;
    si.pwszName = L"\\\\localhost";
    si.pAuthInfo = &cai;
    si.dwReserved2 = 0;
    qi.pIID = &IID_classA;
    qi.pItf = NULL;
    qi.hr = 1;
    CoInitializeEx(NULL, COINIT_MULTITHREADED);
    HRESULT hr = CoCreateInstanceEx(CLSID_classAImpl, 0, CLSCTX_LOCAL_SERVER, &si, 1, &qi);
    hr returning error "general access denied error";

    I think we may run into the limitations mentioned in the remarks of CoCreateInstanceFromApp doc(show as below). If you can provide a repro project, I
    can give you more details about what happens.
    The CoCreateInstanceFromApp function reads class registrations only from Fusion contexts and manifests, and from the HKLM\SOFTWARE\Classes\CLSID registry hive.
    Only built-in classes that are supported in the app container are supplied. Attempts to activate unsupported classes, including all classes installed by 3rd-party code as well as many Windows classes, result in error code
    REGDB_E_CLASSNOTREG.
    The CoCreateInstanceFromApp function is available to Windows Store apps. Desktop applications can call this function, but they have the same restrictions as Windows Store apps.
    If you are trying to call some windows classes in your library, I will suggest you check how to create windows runtime out of process component by viewing
    this sample. This is what I usually do.
    To be honest, I did not try to implement the out of process COM component using the method you tried as we previsouly do on desktop. I will suggest you try to register a very simple library(like a signle class and single interface which returns an integer),
    and see if it will work.
    <THE CONTENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS OR IMPLIED>
    Thanks
    Alan Yao
    MSDN Community Support
    Please remember to "Mark as Answer" the responses that resolved your issue. It is a common way to recognize those who have helped you, and makes it easier for other visitors to find the resolution later.

  • Error "creating file: 1008:5, -5000 Access Denied Error"

    I'm unable to install Flash Player 9 in OS X (10.4.8). I
    followed the following tech note:
    http://www.adobe.com/go/4aa64290
    * I uninstalled Flash Player using the uninstaller
    * I repaired disk permissions
    * I tried re-installing Flash Player
    I still get the error message saying I don't have the
    appropriate permissions.
    Some background: I'm upgrading from a G5 tower to a new Mac
    Pro. I ran the migration utility to copy over my user settings,
    apps, etc. I noticed that pages with Flash were crashing the
    browser(s) instantly. Of course, that's because the PowerPC version
    was previously installed. I uninstalled and tried to re-install.
    When I got the above error, searched the support area and found the
    tech note saying to uninstall (done), repair permissions (done),
    then re-install (fails.)
    I'm stumped.
    Any suggestions?

    I have the same problem, after trying more than a few times
    to install the
    player, uninstall it, uninstall the Firefox 2, reinstall
    Firefox... with the
    same result : it says that I need a plugin, and put me to the
    page of the Flash
    player installer...
    I had this new error message after erasing, as it was
    proposed on a forum, the
    Internet plug-ins directory... "creating file: 1008:5, -5000
    Access Denied
    Error"
    I never had this message before. I have all the rights and
    have installed lots
    of softwares. I tried to use the terminal way... but this is
    a long way for me
    on a Mac... I would be able on a PC but I can't even
    "navigate to this
    directory"...
    Do I have to say that this Flash player is now quite
    important for lots of web
    sites... This is really the first time I have a problem with
    Flash. Is it the
    Intel Mac ?? No, it seems Windows have also its probs. Thanks
    for a reply... or
    a solution !

  • Access denied error in feature receiver code when deploying-activating custom timer job feature

    hi,
    am creating a sp timer job for a updating a list.when i write this code in a  the event receiver featureactivated  method, and when i activate this feature , am getting access denied error.
    but, when i deploy this timer job [ without feature receiver] through powershell, it works.
    i didnt run  this feature receiver with runwithelevatedprivileges delegate - i think this wlll NOT solve the issue.
    from one of the posts i seen that, current logedin user needs to be part of config database roles. i didnt understand this point. how can i add my current loge din user into the sp_config database roles? is it through SSMS 2012?
    or
    is there any way to achieve without feature event receiver?
    otherwise i will be forced to write my business logic in a console appln and add this exe in a windows scheduler.!  
    help is appreciated! 

    hi Waqas,
    i have ran that powershell script you have pointed to me.
    function Set-RemoteAdministratorAccessDenied-False()
        [System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint") > $null
        [System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint.Administration") > $null
        # get content web service
        $contentService = [Microsoft.SharePoint.Administration.SPWebService]::ContentService
        # turn off remote administration security
        $contentService.RemoteAdministratorAccessDenied = $false
       $contentService.Update()         
    now i need to test the functionality from the event receiver after Activate feature button click.
    BTW, i have written a console appln for my business  logic and created  an exe.
    also, should i test it with a web application levels coped feature instead of  site collection level feature? this  thread talks abt the same:
    http://social.technet.microsoft.com/Forums/en-US/f41810ec-2348-436d-a574-c29656f3a567/access-denied-error-when-running-timer-job-from-feature-activated-event?forum=sharepointgeneralprevious
    thx

  • Getting access denied error while importing file using input type="file"

    Hi All,
    I am using struts application wherein I need to import file for some purpose.I have used input type="file" for the same which goes like:
    <input type="file" id="uploadFile" name="uploadFile" size="50">
    I have the import button on which I have used onClick event to call javascript function submitValues() used to validate all the fields from the page which goes like:
    <input type="button" name="select" value="Import" class="CSSButton" onClick="javascript:submitValues();">
    The JS function then in turn submits the form and calls the action.The problem is sometimes even when the correct path is specified for the file to be imported results in access denied error.This error comes sometimes and other times it works fine.But when this error comes,I need to relogin into the application and then it works fine.I am using IE7 for this.
    Any idea why I am getting access denied error while importing? Has it got something to do with IE7 version or with the input type="file" which is being used here?
    Thanks for any help if anyone can provide.
    Edited by: passionateforjava on Mar 4, 2009 2:18 AM

    vishnuS1984 wrote:
    Hi Friends,
    I have gone through scores of examples and i am failing to understand the right thing to be done to copy a file from one directory to another. Here is my class...So let's see... C:\GetMe1 is a directory on your machine, right? And this is what you are doing with that directory:
    public static void copyFiles(File src, File dest) throws IOException
    // dest is a 'File' object but represents the C:\GetMe1 directory, right?
    fout = new FileOutputStream (dest);If it's a directory, where in your code are you appending the source file name to the path, before trying to open an output stream on it? You're not.
    BTW, this is awful:
    catch (IOException e)
    IOException wrapper = new IOException("copyFiles: Unable to copy file: " +
    src.getAbsolutePath() + "to" + dest.getAbsolutePath()+".");
    wrapper.initCause(e);
    wrapper.setStackTrace(e.getStackTrace());
    throw wrapper;
    }1) You're hiding the original IOException and replacing it with your own? For what good purpose?
    2) Even if you had a good reason to do that, this would be simpler and better:
    throw new IOException("your custom message goes here", e);
    rather than explicitly invokign initCause and setStackTrace. Yuck!

Maybe you are looking for

  • Nokia 5310 Is it possible to send a sms message fr...

    Hi Guys I am using a Nokia 5310 and was wondering if it was possible to send a sms message from my phone to my computer via Bluetooth? I can't seem to find an option to do this and don't know whether I am missing it or if it's just not possible. Any

  • Putting a mark in my parameter report

    Hi everyone, I have Oracle Reports Developer Suite 6i and I want to add a mark in my parameter report with 2 options (Active, Inactive) to manage a layout format trigger in a particular field, so when the user chooses the option active it will displa

  • Different scales of pricing

    Hi All i need help setting up a table of various pricing structures and would appreciate all the assistance I can get. Help with this scenario I need to buy tyres from one supplier Quantity 1 - 1000 at unit price of R10 Quantity 1001 - 10000 at unit

  • Hi it's urgent

    hi genius i need a help in hr madule ,i am developing a report based on the tcode pa20, actually when u are go to the tcode pa20,in that give one personnel number and choose organizational assignment excecute it,you can find a screen consist of datas

  • Saving with serializing

    so im starting java. but i have had some and i mean some work in C++ and Visual Basic (1 year combined in highschool) and before anyone asks yes i am a highschool student. So dont jump on my case, im just trying to learn. Ok so here's my problem. I n