Users accessing sites they do not have permissions to

Similar Messages

• HT1338 What do iPad users use if they do not have the apple icon??

  Hi,
  I'm trying to get Java onto my iPad, on looking at the following site, it suggests clicking the apple icon at the top of a mac? But I don't have a mac I have an iPad, so how do I do it?
  http://support.apple.com/kb/HT1338?viewlocale=en_US
  Thank you, in anticipation
  Martin

  Welcome to Apple Support Communities.
  Java is not directly available to install on iOS, the operating system for the iPad.
  I'm not sure just what you're looking for.
  Do you need Java enabled to use a specific website, such as an education site?
  This browser app claims to have Java capability built-in.
  I've not used it, so I cannot vouch for whether it works at all or how well it works.
  http://itunes.apple.com/app/office-flash-java-w-chrome/id380204369?mt=8
  For future reference, you've posted in the Mac OS X forums. (Yes, Mac does support Java in OS X, but the iPad uses iOS, completely different operating system.)
  You'll likely get a faster reply by posting your questions in the iPad forums:
  https://discussions.apple.com/community/ipad/using_ipad?view=discussions

• The item referred to by this shortcut cannot be accessed. You may not have the appropriate permissions

  Hi
  I originally posted this in the Windows 7 Networking forum and they advised to post it here.
  We use Windows 7 SP1 clients with Roaming Profile and Folder Redirection and they are connected to a Windows 2008 SP2 server.  We are getting issues when someone tries to open files on their redirected Desktop and they get the message "'The item
  referred to by this shortcut cannot be accessed. You may not have the appropriate permissions" if you click browse it then defaults to a different users profile.  If you click through the errors the file eventually loads.  If you open Word from
  the Start menu and then browse to the file it opens fine.  We have found that deleteting the Normal.DOTM file sometimes fixes the error, but only seems effective 50% of the time.  This doesn't happen for all users, and seems to occur in small
  groups and not all the time.  We have also had the same message come up with someone trying to open Word files an online learning resource we have created.
  There are a couple of events showing for about the time the error occured they are:
  Type Error Source Application Error Category Name 100 Event 1000
  Faulting application name: WINWORD.EXE, version: 14.0.4762.1000, time stamp: 0x4bae25b7
  Faulting module name: wwlib.dll, version: 14.0.4762.1000, time stamp: 0x4bae2623
  Exception code: 0xc0000005
  Fault offset: 0x00034b81
  Faulting process id: 0x1734
  Faulting application start time: 0x01d0234ef75c42aa
  Faulting application path: C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
  Faulting module path: C:\Program Files (x86)\Microsoft Office\Office14\wwlib.dll
  Report Id: 6f74438b-8f42-11e4-9e45-00c2c6506cb5
  Type information Source Office Software Protection Platform Service Category Name 0 Event 1003The Software Protection service has completed licensing status check.
  Application Id=59a52881-a989-479d-af46-f275c6370663
  Licensing Status=
  1: 1f76e346-e0be-49bc-9954-70ec53a4fcfe, 1, 1 [(0 [0x00000000, 1, 0], [(?)(?)( 1 0x00000000 30 0 msft:rm/algorithm/hwid/4.0 0x00000000 0)(?)(?)(?)])(1 )(2 )]
  2: 9da2a678-fb6b-4e67-ab84-60dd6a9c819a, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
  3: dd457678-5c3e-48e4-bc67-a89b7a3e3b44, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
  The software protection message we get in clusters of about 6 or more multiple times through the day

  Hi
  An update.  We have approx 400 people with roaming profile/folder redirection on Windows 7/2008 and this only seems to have occurred to about 15 people, and then seems to clear up for a period and then happens again.  We also have a similar number
  of people with roaming profile/folder redirection on Windows 7/2003 system and we haven't had a report of this issue happening on this setup.
  So far we haven't been able to replicate the issue using a test account, so are struggling to find out what is causing it and why it is so random.
  Regrds
  Dave

• A form template .xsn file cannot be accessed. You may not have the required permissions to open the file

  Hi there,
  When a workflow task is assigned to a user, he cannot open a particular task. and
  sees this error in browser:
  A form template .xsn file cannot be accessed. You may not have the required permissions to open the file
  The ULS Log for Correlation ID has these errors:
  The XSN is null and its not a cross server issue. Most likely a permission issue
  The XSN is null after attempting to get it from SiteAndWebCache
  Please note:
  - This user can open all other forms in the same location.
  - If I increase his permission to Site Owner, he can open this form - but we cannot allow this.
  - He was able to open it earlier - I made minor changes in the form and republished the workflow - since then he is having the trouble. 
  Any help will be appreciated!
  Thanks.

  Hi ran009,
  Please check if that user has contributor permission on the list that the workflow associated and have Edit item permission on related task list/item.
  Also check if the workflow form or other workflow files has been checked out or not. If yes, check it in and test it again. Check Wayne Fan’s post in this thread if you have trouble to check the check-out/in status of the task form.
  http://social.technet.microsoft.com/forums/en-US/sharepointcustomizationprevious/thread/cc8dc07b-b73d-424a-a3d4-2a2d7ad84504
  Thanks & Regards,
  Emir
  Emir Liu
  TechNet Community Support

• You do not have permissions to access a database that contains data required for this form to function correctly.

  I have dropdown on infopath form , and it receives data from sql server table ,  it works fine when i am running in preview mode , but when i am publishing form to sharepoint server and loading that form
  i am getting this
  You do not have permissions to access a database that contains data required for this form to function correctly.
  Can you please help?
  Thanks,

  try this one, if not yet
  Convert the data connection to UDC (store it in a Data Connection Library within the same site collection as the form library).  See if this works without any other changes, but if not, then...
  Manually edit your UDC file in Notepad (or your preferred editor) so that the authentication line is not commented out and so that it references the name of the SSO target app you created. 
  For Type, use NTLM.
  Ensure the user has rights to access the database
  Also ensure the connection file has been approved - A sharepoint admin can access a non approved Ucdx file. Go to the connection library and approve the file
  Also check this post having the similar issue:
  http://social.technet.microsoft.com/Forums/en-US/3196bafd-4bc3-40ab-ac2b-d149d1c3e0fa/sharepoint-2010-error-you-do-not-have-permissions-to-access-a-database?forum=sharepointdevelopmentprevious
  Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog

• How can I notify staff of updated data if they do not have access to the remote data?

  We have a shortcoming on one of our major programs that will not be fixed for at least one year. I want to create a notice for staff when there are pending requests for local offices. I am using a remote view to check if there are new requests from
  local offices:
  SELECT xxx_yyyyy_request_queue.COMMENTS;
  FROM xxx_yyyyy_REQUEST_QUEUE xxx_yyyyy_request_queue;
  WHERE xxx_yyyyy_request_queue.MODIFIED_BY IS NULL
  I use the remote view as the data source for a table and have a small window that stays on top that I can see if there is an order. I trigger the remote view using a timer event.
  This is fine as a stop-gap. However, I cannot run this on the machines of the staff that need the notice: they do not have the correct version of Oracle, they do not have access to that remote data, we do not want multiple machines triggering the same query
  every 15 seconds, etc.
  Is there a way that I can notify other users of the change in the data fro the remote view. My original thought was to update a local table with the view reults and have a companion routine notify them of changes to that table. However, I do not see how
  the SQL used by VFP accomodates the "INTO" clause.
  Your help is appreciated.

  data.
  At least your query seems to get data where MODIFIED_BY IS NULL, doesn't it?
  So if the reccount is>0 there is a reason to inform your employees.
  Bye, Olaf.
  Olaf Doschke - TMN Systemberatung GmbH
  http://www.tmn-systemberatung.de

• New-MsolUser : Access Denied. You do not have permissions to call this cmdlet.

  I am trying to create new user in Azure Active Directoy, 
  New-MsolUser -UserPrincipalName [email protected] -DisplayName "username" -FirstName "fname"  -LastName "lname"
  I am getting this error,
  New-MsolUser : Access Denied. You do not have permissions to call this cmdlet.
  Can anyone suggest what could be the problem?

  Hi Shankar,
  The error "New-MsolUser : Access Denied. You do not have permissions to call this cmdlet" when trying to use the cmdlet indicates you might have to check if you have the appropriate admin role.
  You could refer the following link for details on various types of Admin Roles in Windows Azure Active Directory.
  https://support.office.com/en-US/Article/Assigning-admin-roles-eac4d046-1afd-4f1a-85fc-8219c79e1504?ui=en-US&rs=en-US&ad=US
  Also, you could refer the following link for assistance with using PowerShell to create bulk users for Office365.
  http://blogs.technet.com/b/heyscriptingguy/archive/2014/08/04/use-powershell-to-create-bulk-users-for-office-365.aspx
  Regards,Malar.

• The logged in user does not have permissions to perform this operation

  OIM 11.1.2.0.4
  Connector: Microsoft Active Directory User Management 11.1.1.5.0
  Action: revoke a provisioned AD account (logged in user is XELSYSADM member of SYSTEM ADMINISTRATIONS role)
  Error message: IAM-2050243 : Orchestration process with id 5756, failed with error message IAM-4065011 : An error occurred in oracle.iam.provisioning.spi.DOBProvisioningMechanism/revoke(Account) while revoking account with id 1 for the user with key 43 and the cause of error is The logged in user does not have permissions to perform this operation..

  The problem is missing entries into table AAD, Provisioning API uses table AAD to check administrator's scope on the user's organization.
  TEST: following SQL statement should return at least a value
  select aad_write, aad_delete
  from aad aad
  , usr usr
  where aad.act_key = usr.act_key
  and usr.usr_key = <user_key_of_user_you_wanto_to_revoke>
  and aad.ugp_key in (
  select ugp.ugp_key
  from ugp ugp
  , usg usg
  where ugp.ugp_key = usg.ugp_key
  and usg.usr_key = <user_key_of_xelsysadm>
  BUG (in my case): if you create an Organization using a OIM user that does not have any Role (except default ALL USERS Role) the system does NOT add right entries into AAD table, so you can revoke account of users that are members of this Organization
  WORKAROUND: manually insert entries for all Organizations (ACT_KEYs) for the user XELSYSADM into AAD table
  FIX: always create an Organization using a OIM users with at least one Role except ALL USERS role

• GPO to push HKCU regkeys to users that do not have permissions to write to the registry?

  We run a 2008r2 domain and mostly Win7 clients, but some are still XP.  I need to apply some application settings in an admin template(user), and also need to push a regkey to HkeyCurrentUser for those users.  I would like to use GPP for the
  regkey, if possible, but the end-users do not have permissions to edit the registry on their computers.  Is this something that would have to be scripted? or can I do this through group policy?
  I was thinking that the computer side of Group Policy ran under the System account, but that user side ran under the user's security context?  This is probably an easy one, but any ideas would be appreciated.
  Thanks,
  Dan
  Dan Heim

  Even though users are not admins, some parts of the registry are open for editing. The easiest way to determine if thats the case, is to actually try changing the value when you're logged on to a client as non-admin.
  Note that according to: http://support.microsoft.com/kb/2252421, a possibility would also be to change the value as following (that can sometimes help when using both policies and GPP's)
  How to deploy the junk email list trigger to the non-policy location in the registry
  You can also configure the junk email list trigger in the following non-policy location in the registry:
  Key: HKEY_CURRENT_USER\Software\Microsoft\Office\1x.0\Outlook\Options\Mail
  DWORD: JunkMailImportLists
  Value: 1
  Note The 1x.0 placeholder represents your version of Outlook (11.0 = Outlook 2003, 12.0 = Outlook 2007, 14.0 = Outlook 2010, and 15.0 = Outlook 2013)."
  Microsoft Certified Trainer
  MCSE: Desktop, Server, Private Cloud, Messaging
  Blog: http://365lab.net

• I uninstalled Firefox and not it will not install for me. I get a error that says, The item referred to by this shortcut cannot be accessed. You may not have the appropriate permissions. What can I do?

  I uninstalled Firefox and not it will not install for me. I get a error that says, The item referred to by this shortcut cannot be accessed. You may not have the appropriate permissions. What can I do?

  Here is a pic.

• 5.7.1 Client does not have permissions to send as this sender - NLB

  Hi there- we have an application which sends out email notifications to a third party vendor. The vendor was previously using Exchange Server 2010 and they have recently migrated to Exchange Server 2013. They have also implemented NLB and have two Client
  Access Servers configured. 
  Our application has been spitting out "SMTP 5.7.1 Client does not have permissions to send as this sender" errors ever since the vendor has implemented NLB. As our application uses the IP address of the Exchange Server, we have tried specifying
  the IP address of both the Client Access Servers but that did not help. We then tried specifying the IP address of the NLB which did not make any difference either. The vendor has confirmed that anonymous relay has been enabled on the receive connectors of
  both the Client Access Servers. I must add that our application sits on the vendor's server and the application and exchange servers are in the same domain. The "Send From" email address is an existing mailbox configured by the vendor. 
  Telnet from the App server to the NLB on port 25 has gone through without any dramas.
  Is there anything else we would need to check to get this working?
  Cheers

  Hi 
  Ensure that an dedicated relay connector is created in new exchaneg 2013 server  
  assign the correct subnets and the ip address of the app server into the relay connector
  Run the below command to grant anonymous permission on the relay connector
  Get-ReceiveConnector "Anonymous Relay" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"
  Specify the ip address of the mailbox server in your app server since the transport core services resides on mailbox server and cas server acts as stateless proxy
  Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you Check out my latest blog posts on http://exchangequery.com

• You do not have permissions to open the dashboard

  On a clean install of 2012 R2, I joined an existing domain and added the Essentials role.  After that, I configured it which took about 5 minutes.  At the end, it placed an icon on the desktop called "Dashboard".  It will not allow
  me to open this no matter what I try.  I get this error:
  Cannot open the Dashboard
  You do not have permissions to open the dashboard.  Please log on as a network administrator and try to open the dashboard again.
  I am using a domain admin account.  For laughs, I tried a couple accounts, but had no luck.
  The log at "C:\ProgramData\Microsoft\Windows Server\Logs\dashboard.log" shows "Dashboard.Forms: Dashboard: Non domain admin cannot access dashboard."
  Server Manager shows a green up arrow by Manageability for WSEE.
  BPA shows only one error about Windows Server Backup and unsupported partition, which from what I gather is to be ignored as a false alarm.
  Not sure what to do here.  Nothing seems to work.  Ideas?  Suggestions?

  Hi everyone!
  I went in and tried all of your solutions, but none worked.
  I have found the REAL solution to why this isn't working, and it should be corrected by Microsoft. 
  In the users profile, you can see the member of and primary group. 
  With my admin account, on Primary Group, I had "Domain Admins" as the group. It didn't work. I tried setting that to Enterprise Admins, and it worked and was able to get into dashboard. I set it back to Domain Admins, and it didn't work.
  I set it as Domain Users, and it worked. 
  As long as you have the user in Domain Admins group, and primary group set to either "Domain Users" or "Enterprise Admins" -- it will always work. The account does NOT need to be in the Enterprise Admins group, just be sure to keep the
  primary group on "Domain Users", and make sure it is in the "Domain Admins" group. 
  When the member above Lynn said they created a new account, it worked because ALL new user accounts are set to primary group of "Domain Users".
  When the other user Brian Hoyt had to remove ALL administrator groups, it removed the primary role from "Domain Admins" to "Domain Users" which then worked. Then he added ALL admin groups (you do NOT need Enterprise Admins group) but
  probably forgot to set the primary group, which is good and that is why it worked. When he copied the Admin account, the primary group always rolls over to the new account and is copied with it. When he removed all groups, he forgot to set back the primary
  group. 
  When Robert Pearman tried, he probably had the primary group set to something other than "Domain Admins" as well. 
  You don't want a Domain Admin (primary group) configuring your server. You want a domain user in Admin group (such as an employee to reset passwords), OR the Enterprise Admin (primary group)  to configure server applications, NOT a domain admin. So
  I do see why Microsoft had this set the way it is. 
  So basically, you can NOT have the primary group to "Domain Admins". It needs to be either "Domain Users" OR "Enterprise Admins". The account MUST be in the "Domain Admins" group. 
  I do believe Microsoft should fix this issue, because it could be a bug, but also could be so that Domain Admins (primary group) can't screw applications that should be maintained and configured by Enterprise Admins (primary group). 
  I have made a video showing the problem was fixed, and this is the solution!
  youtube.com\watch?v=bZoNc3RkBSw
  Thanks guys!

• You do not have permissions to open this file on Excel Services.

  Hi all,
  I am recieving this error:
  I have setup a trusted location to the document library where the Excel spreadsheet resides, and I still recieved the error.  I changed the location to the entire site and I still recieve the error.  I am the Sharepoint Admin, so I have full
  rights to all.
  I am on SharePoint 2007.
   I set the location as Http://sitename/document Library name
  Location type = Windows SP Services
  Checked trust Children
  there are no extrernal connections so I took the defaults for all other options.
  Any help would be greatly appreciated.
  TIA,
  Joe

  Hi,
  I understand that when you try to open an excel file in browser, you received Access Denied error.  You can check the excel service settings in Central Administration like this :
  Open Central Administration -> go to Operations tab. Ensure that the Excel Service is running
  Open Central Administration -> go to your configured Shared Service -> click Excel Service Settings. Set  File Access Method:  ensure that it is not using Impersonation, instead the Option Process Account should be enabled.
  Open Central Administration -> go to your configured Shared Service -> click add new trusted file location.
  field URL: here you can specify a report library or the whole portal
  Location Type: should be Windows SharePoint Services
  Children trusted: defines whether the children should also be trusted or only the defined path
  For more information, please refer to this site:
  MOSS Excel Services you do not have permissions to open this file:
  http://developers.de/blogs/nadine_storandt/archive/2007/09/06/moss-excel-services-you-do-not-have-permissions-to-view-this-workbook.aspx
  Thanks,
  Entan Ming
  TechNet Subscriber Support in forum
  If you have any feedback on our support, please [email protected]
  Entan Ming
  TechNet Community Support

• PPS Error in "IBIMonitoringAuthoring " You do not have permissions to create a data source in this document library.

  Hi,
  I am trying to use "IBIMonitoringAuthoring" in my local web site.
  But i am getting error like "Server was unable to process request. ---> You do not have permissions to create a data source in this document library.  Additional details have been logged for your administrator."
  My code is below,
   string url = ServerName + webServiceUrl;
          IBIMonitoringAuthoring biService = BIMonitoringAuthoringServiceProxy.CreateInstance(url);
          //Create data source object
          DataSource dataCube = new DataSource("AW_Data_Cube");
          dataCube.Name.Text = "AW_Data_Cube";
          dataCube.ServerName = "SQL2008dev";
          dataCube.DatabaseName = "Analysis Services Project1";
          dataCube.CubeName = "TestCube";
          dataCube.ConnectionContext = ConnectionContext.ConnectAsSharedUser;
          dataCube.FormattingDimensionName = "Measures";
          dataCube.MinutesToCache = 10;
          dataCube.CustomTimeIntelligenceSettings = "";
          biService.CreateDataSource(connectionListUrl, dataCube);
  How could i authenticate the Service. Is there any way to pass credentials for this method?
  Thanks & Regards
  Poomani Sankaran

  I suffered similar issue in Infopath, and i finally solved the issue by changing the data connection URL, it should the same as the Infopath publish location.
  for example: SP server iP 192.168.1.1 have two name, hostname is mySP, alternate assces mapping name is companySP, and you can access the websit by both
  http://mySP and
  http://companySP
  hope it can help someone..

• Participant 'weblogic' does not have permissions to execute the operation ?

  Hello,
  We have modelize our Business process, this process can start with
  An Automtaic task based on an event recevied from a web services or via a start event with an iniator task.
  The deployment of this process was ok.
  But when we try to run this process in the "Business Process Workspace" we get the folowing message : "Participant 'weblogic' does not have permissions to execute the operation. "
  The users has the corresponding role of the lane so it should be right ?
  Thanks
  Grégoire.

  Hi Heidi,
  The Application list does contain the process link.
  However, in the admin role association's page, the roles of the process are not present, and as such cannot be assigned. I've tried adding a role according to the naming convention but I assume they must be associated explicitly to the process by the deployment process...
  We have loads of roles related to processses that have since been undeployed.
  So what do you advise? Should we try to undeploy and redeploy the process? This was already been done and, as far as I know, with the same result.
  Thanks
  Miguel