WebDAV: diffrerent users with ro and rw permissions?

Similar Messages

• Send Email for manager of the user with Login and Password the user.

  Hello everyone,
  I need to send an email to the manager of the user with login and password when it is created in AD.
  I already have a mail server configured in the IT Resource. It has some component of the IDM that solve this issue?
  Anyone you help me with the next steps?
  Thank you.

  Thank you for your attention.
  It did not work, I did another test to send email notifying you when the User change password.
  The following error message appears in oim_server1-diagnostic.log:
  [2011-08-08T19:21:30.865-03:00] [oim_server1] [NOTIFICATION] [] [oracle.iam.passwordmgmt.impl] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 88a924181f586e03:-25ab9c82:131aa884464:-8000-0000000000008862,0] [APP: oim#11.1.1.3.0] Resetting password
  [2011-08-08T19:21:30.936-03:00] [oim_server1] [NOTIFICATION] [IAM-0080013] [oracle.iam.platform.kernel.impl] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 88a924181f586e03:-25ab9c82:131aa884464:-8000-0000000000008862,0] [APP: oim#11.1.1.3.0] Kernel executing default validation with process id, event id, entity and operation 59,612.0.User.RESET_PASSWORD
  [2011-08-08T19:21:31.155-03:00] [oim_server1] [NOTIFICATION] [IAM-3050013] [oracle.iam.identity.usermgmt.impl] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 88a924181f586e03:-25ab9c82:131aa884464:-8000-0000000000008862,0] [APP: oim#11.1.1.3.0] Searching for users with the specified criteria.
  [2011-08-08T19:21:32.018-03:00] [oim_server1] [WARNING] [] [oracle.iam.passwordmgmt.impl] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 88a924181f586e03:-25ab9c82:131aa884464:-8000-0000000000008862,0] [APP: oim#11.1.1.3.0] Sending Reset Password Notification is not successful
  [2011-08-08T19:21:32.639-03:00] [oim_server1] [NOTIFICATION] [IAM-0080046] [oracle.iam.platform.kernel.impl] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 88a924181f586e03:-25ab9c82:131aa884464:-8000-0000000000008862,0] [APP: oim#11.1.1.3.0] Completed orchestration with action result - oracle.iam.platform.kernel.vo.EventResult@4fe0d018
  [2011-08-08T19:21:32.642-03:00] [oim_server1] [NOTIFICATION] [IAM-0080011] [oracle.iam.platform.kernel.impl] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: oiminternal] [ecid: 88a924181f586e03:-25ab9c82:131aa884464:-8000-0000000000008862,0] [APP: oim#11.1.1.3.0] Orchestration process with id 59,612 started running in a new thread.
  Edited by: Piza on 08/08/2011 15:24
  Edited by: Piza on 08/08/2011 15:26

• Need help with ACLs and propagating permissions

  I'm currently setting up our new server, for which we're moving away from Windows entirely (both on the server and user workstation ends), and I'm currently having some questions about permissions. I've been scouring the OS X Server Advanced Admin pdf, but there are numerous holes in the exposition of permissions from the ACLs down to the proper way to propagate permissions when a manual touch is required. What I'm trying to do is allow one group to have read access only until they get to a certain subdirectory, at which point they can then write to that level; then for the second group, they only need read access for a specific folder down the line from the starting directory. I'll include some example images with a test folder I've created so that it may be a little easier to understand what my goals are with the Server app's permissions. Thank you in advance for all your help.

  You need the advanced permissions editor.  You are trying to convert inherited permissions to explicit.  If I understand what you want, you would go about it like this.
  You have two groups; GroupA and GroupB.  GroupA is the limited group.  You want them to be able to read everything and write to limited locations.  GroupB can read and write everywhere.  So based on your example, you would do this to start:
  At the parent folder level, you are defining GroupA to be able to read and GroupB to read and write.
  Now to drill down.  In Server.app select your server.  This is the first item in the side bar.  On the right, choose Storage.  Drill down to where your shared folder is located and select it.  From the Gear menu, chose Edit Permissions as shown here:
  You will note that GroupA and GroupB are both gray.  This denotes that they are inherited entries at this level.  You must break the inheritance and start over.  To do this, press the small gear icon on the edit permissions sheet and choose "Make Inherited Entries Explicit."  GroupA and GroupB will turn black, allowing you to edit them.  Change GroupA from Read to Read Write.  Press OK to close the sheet.
  Now, if you already have data inside the folder, you can use the large gear menu and choose Propagate Permissions.  This will ensure that your data will reset with the new ACL.
  Reid
  Apple Consultants Network
  Author "Mavericks Server – Foundation Services" :: Exclusively available in Apple's iBooks Store
  Author "Mavericks Server – Control and Collaboration" :: Exclusively available in Apple's iBooks Store

• Adding phones and users with bat and LDAP sync

  What are the various ways of importing users with phones when the Communications Manager 9.0 is sync'd with LDAP.  Also, what method is the easiest and fastest?
  For example, I could do the following steps:
  Sync CUCM with LDAP to import new users, add phones using bat files, manually update users to associate devices etc
  I believe I should also be able to do the above method and use a bat file to update the users to associate devices etc.  This method still involves 2 steps and the creation of 2 seperate bat files.
  In CUCM version 9 it is possible to have local and LDAP users, so is it possible to add the phones and users using the phones/users tab of the bat file and have them beocme LDAP users?
  Thank you,
  Danny

  #1 Remove this embedded CSS code from your HTML document(s).  You don't need it.
  body {
      background-color: #CCC;
  body,td,th {
      color: #FFF;
      font-size: 14px;
  #2 Open  PW.css file and add this to the top:
  body {
  font-family: Arial, Helvetica, sans-serif;
  font-size: 14px;
  background-color: #CADFEB;
  /**or insert a background-image using the CSS editor**/
  #3 Remove font-family and font-size from all your other CSS selectors.  You don't need to duplicate styles on every element. 
  #4 Replace this:
  #content {
      position:absolute;
      left:199px;
      top:10px;
      width:860px;
      z-index:1;
      right: auto;
      background-color: #FFF;
      text-align: center;
      color: #000;
      height: auto;
  with this:
  #content {
       width:860px;
       margin: 20px auto;
       border: 4px solid silver;
       background-color: #FFF;
       text-align: center;
       color: #000;
       -moz-box-shadow: 5px 5px 5px #888;
       -webkit-box-shadow: 5px 5px 5px #888;
       box-shadow: 5px 5px 5px #888;
  #5 Save your PW.css file and upload to server.
  Nancy O.
  Alt-Web Design & Publishing
  Web | Graphics | Print | Media  Specialists 
  http://alt-web.com/
  http://twitter.com/altweb

• Virtual global user with vsftpd and pam?

  I followed the ArchWiki for setting up vsftpd with xinetd and pam.  It works great for our clients to be able to upload/download from their own directory and have some privacy.  Now I need to setup a couple of 'global' ftp user accounts that can be used by the production staff to browse the 'private' folders.  Anyone know how this can be done?  From what I've read so far, if guest_enable=YES, then local users cannot login even if local_enable=YES is set.
  Here's my vsftpd.conf:
  anonymous_enable=NO
  local_enable=YES
  write_enable=YES
  dirmessage_enable=YES
  tcp_wrappers=YES
  pam_service_name=ftp
  xferlog_enable=YES
  local_umask=022
  listen=NO
  connect_from_port_20=YES
  chroot_local_user=YES
  guest_enable=YES
  guest_username=virtual
  virtual_use_local_privs=YES
  local_root=/pub/ftp/$USER
  user_sub_token=$USER
  hide_ids=YES

  LOL, fail.  Here's the site:
  ftp://vsftpd.beasts.org/users/cevans/un … S_2/README

• WebDAV only available to users with Homefolders and Admin rights?

  Dear Community,
  I am having trouble to setup WebDAV on the lion Server. I am able to login as an Administrator as well as an OD user who has admin rights as well as a home folder. If a user is missing one of those two things then s/he is not able to login to WebDAV. Does anyone know how to give access to OD users who don't have a homefolder or at least don't have admin rights?
  Thanks already

  Got it to go for about 300 student accounts and works for a no-home user if I define the sharepoints access for that user both in file sharing and in file permissions in Finder.
  You should be able to set up a normal file share like a dropbox with the proper permissions, engage the webdav with the "share with iOS devices" and then be able to access it.
  So for example, I created a folder on the server called Dropbox and gave it permissions for a certain group to access either in Finder or via CLI (you could use individual users also).  Then go into Server App, create a file share of Dropbox and enable "share with iOS devices". Ensure that the user has access on the file share too.
  If you enter https://yourserver.com/webdav/ via your device (or your computer via finder / go / connect to server) and authenticate with the non-admin user, you should be presented with the shares that they have access to. I can also go https://yourserver.com/webdav/Dropbox/ to mount the dropbox directly.
  I have found that sometimes you need to restart web on Server app (or sometimes the whole server) on the server to show the new "share" in its current configuration.  You should also see your shares listed at /etc/apache2/httpd_webdavsharing_sharepoints.conf or /etc/apache2/webdav_sharepoints.conf.
  Hope this helps

• Script Add bulk user with CSV, and set expiration date

  After importing the AD module, the line:
  Set-ADAccountExpiration -identity JohnDoe -timespan "365"
  Works just fine, but how would you automate this with a script that would read a csv-file. The -identity cmd dosen't seem to like my $SAM setup. Perhaps it's a better way to get-aduser and pipe it to set-accountexpiration. Is there a swift way to add the
  expire date to the user I just created with my CSV-file?
  Thanks!

  Thank You!
  You're very welcome.
  -AccountExpirationDate parameter of New-ADUser only seem to work with -DateTime, a specific date, while -TimeSpan is optimal for this solution.
  You can use Get-Date's AddDays method to generate a datetime object for use in this situation, see the code I'm posting below for an example.
  Now on to the next challange to warn me when they reach "32" days before expiration. Was thinking of running a Task Scheduled bath file that could collect number of days left and report it if below the mentioned days.
  Here's one method you can use for finding these users:
  $cutoffDate = (Get-Date).AddDays(32)
  Get-ADUser -Filter * -SearchBase 'OU=Users - TEST,DC=domain,DC=com' -Properties AccountExpirationDate |
  Where { $_.AccountExpirationDate -and $_.AccountExpirationDate -lt $cutoffDate }
  Just so you're aware, we generally try to keep threads to a single question.
  Don't retire TechNet! -
  (Don't give up yet - 13,085+ strong and growing)

• Problems with UAC and NTFS File Permissions on a File Server.

  LarryG. wrote:
  It looks to me like your account doesn't have the proper permissions on all of the sub folders.  Can you verify that?  Once you have the proper permissions this issue should go away.
  This is a feature, not a bug.  You do not have permissions.

  Hello Everyone,I'm curious about your experience with UAC and NTFS permissions--in particular on a file server. In my case, I'm running Server 2012 R2.I have a very large company shared folder. I right click on it and go to properties to check the size. The size is only 5GB or so and should be over 300GB. How is this possible? I'm finding that some of its subfolders are tied into UAC and some folders are not. UAC-related subfolder:Non-UAC related subfolder:In the pictures above, both folders are department-related folders. They are not system folders. The folders have the same owner. The folders are located on the same folder level. When I try to view the permissions of the UAC-related folder, I get this:I'm a domain admin, so when I go through the prompts, I can see the permissions.But this is a total pain because I now require third...
  This topic first appeared in the Spiceworks Community

• Regarding user provision with disable and locked status

  Hi All,
  what i need to do if i want to provision a user with disabled and locked status for first time.
  i am using OIM 11g
  Can any one please help me out in this.
  Regards
  Prasad

  You can provision a user into EBS.
  Call "*Disable User*" task on SUCCESS of Create User task in EBS process defn.
  Let me know if you see any challenges in this approach.
  If target application supports Lock Status then you can add a task and attach adapter to lock that account and call in the same way.

• New Mac Mini and Repairing Permissions

  I've been having trouble with my Mail program and thought I would repair permissions to see if that would help. I ran disk utility from my internal hard drive and ran repair permissions. Apparently it found several permissions to repair, so I thought I would run repair permissions again and the same list appeared. Running a third time and the same list appeared again.Do these permissions ever get repaired? What do I do from here? Should I repair permissions after booting up off of my original system disk? This Mini is only a couple of weeks old and I'm already having problems with Mail and repairing permissions.
  rskover

  Thank you Tim but the computer is packed back waiting for TNT to take it back to Apple. I don't have time to play with permissions, the permissions are OK in the old computer.
  This is what may have been your problem. The permissions on your old computer may not have matched the new computer. I think you gave up before the penny dropped.
  They sell the computers very expensive and I think they would have to improve quality.
  I am unsure how that can be one of your gripes as when the cube came out it was way overpriced in comparison to their other desktops. That did not stop your or I getting one then.
  Your issue was a software problem not a hardware problem so no matter what kind of mac you had it would have needed troubleshooting.
  The quality of the new mac mini far exceeds that of the cube. Try playing 1080P high definition media on your cube, or even 480P for that matter. Try outputting 5.1 surround sound from your cube without the addition of a firewire audio interface.
  I know how frustrating it can be when something just does not seem to work. I have encountered this a few times in my work. However sometimes I just have leave it come back with fresh eyes and try other approaches and I succeed.
  What you need to appreciate installing an upgrade should be planned for any eventuality. In business upgrades are scheduled to have the minimum impact on the workplace. That being said I have worked 48 hrs solid over a weekend getting systems up for a monday morning. They are not always straightforward.

• Urgent: Search for user with 'ß' character failed.

  Hi all,
  I have problem for searching the user with 'ß' character included in the name of user in Identity Management.
  When nothing is specified in the search criteria, then the user is displayed.
  When the name of user without 'ß' is given in the search criteria, then also the user is displayed.
  But when the name is given with 'ß'  in search criteria, the user is not recognized and cannot be displayed.
  'ß'  is the German Character.
  Please help me out, why the user is not recognized with the character 'ß'  in the search criteria.
  Thanks in Advance.
  Regards,
  Yogita.

  Hi,
  You can ofcourse use ß and all other chars in your search.
  It makes no sence that you can create users with these chars, but cannot search using them.
  I tried to create user with char ß and also could search with this char. So it is only a local problem on your server.
  Is your UME connected with LDAP or DB? My UME where I tested is DB.
  So dont give up, open an OSS message with SAP for a solution and also update this thread if you find an answer.
  Regards,
  Praveen Gudapati

• Default User with IDES 4.7 EE not found

  hello every one,
  I am an ABAPER.
  I have an installation of IDES 4.7 EE. with the login of a user with
  SAP_ALL and SAP_NEW objects when I am Trying to create a Program
  From SE38 i found system Prompts for an OSS Access Key.
      Previously I had the Installation of Plane IDES 4.7 which was having SAPUSER as a default USER For Development but in this 4.7EE i didn't found SAPUSER from tx:SU01D.
    I cannot Proceed furthur for any development of reports or any program from Module pool.
    PLease try to resolve my issue at earliest.
    Thanks

  If you want to do coding, you need to get developer key from SAP, which can be done at service.sap.com after registering your system.
  Regards,
  Ravi

• Creating user with -S mail also gives him cal

  Hi,
  Using J ES 2005Q4 unpatched.
  Creating a user with commadmin and flags -S mail also gives him access to the Calendar Tab in UWC !
  1. Is their a default for commadmin command that enables -S cal even when it is not on the command line ?
  2. How to modify a user to remove his calendar capability with commadmin or modifying directly ldap or DA or ?
  Thanks
  Fran�ois

  Hello,
  Actually looking at the bug in more detail, can I confirm that UWC doesn't actually log the user into the calendar server. In other words, clicking on the Calendar tab in Comms Express fails for a user that has never been provisioned with the calendar service?
  If this is the case and they can never access the calendar via UWC, then the calendar server should not have auto provisioned that calendar. FYI: Auto provisioning is enable by default in ics.conf:
  local.autoprovision = "yes"
  If enable, when a user logs into the calendar server for the first time, a calendar will be created in the calendar servers database and they will also be added the calendar associated attributes in LDAP. You may wantt to disable autoprovisioning if you want to strictly control who can access the calendar server.
  To correct the UWC problem. You should:
  1. First apply patch 118540-24 or above.
  2. Any users that can still see the calendar tab after applying the patch have probably been autoprovisioned and you will need to remove the calendar and calendar ldap attributes from such users.
  Hope this makes sense, please let me know if you have any further questions.

• What Are The Minimum Permissions In Order An User To Be Able To Access User Profile Data With JavaScript And REST API

  The question says it all:
  What Are The Minimum Permissions In Order An User To Be Able To Access User Profile Data With JavaScript And REST API.?
  In the User Profile -> Permissions there is only the option for "Full Control".

  Hi Nikolay,
  Thanks for posting your issue, you need to set permissions on User Profiles = Read. Kindly find the below mentioned URLs to get the code and more details on this.
  http://www.vrdmn.com/2013/02/sharepoint-2013-working-with-user.html
  http://www.vrdmn.com/2013/07/sharepoint-2013-get-userprofile.html
  http://sharepoint.stackexchange.com/questions/61714/sharepoint-2013-call-the-rest-api-from-sharepoint-hosted-app
  http://www.dotnetmafia.com/blogs/dotnettipoftheday/archive/2013/04/09/how-to-query-sharepoint-2013-using-rest-and-javascript.aspx
  I hope this is helpful to you, mark it as Helpful.
  If this works, Please mark it as Answered.
  Regards,
  Dharmendra Singh (MCPD-EA | MCTS)
  Blog : http://sharepoint-community.net/profile/DharmendraSingh

• User with 2 permissions assigned via groups, not able to utilize the higher privilege

  User has been assigned Publishing Editor, this was assigned by being a member of a group, where group's permission is publishing editor. 
  In addition, the user has been assigned Reviewer, this also was assigned by being a member of a group, where group's permission is Reviewer. 
  The issue: The user can only perform functions related to the Reviewer role, and can't perform functions available via the Publishing Editor.
  Any Ideas what is going on? 
  *Removing the user from the Reviewer group is not an option. 

  Hi,
  The easiest way is to grant the single user Publishing Editor permission of that folder directly, check if the issue persists.
  Right click on the folder, Properties -> Permissions -> Add the user with Publishing Editor permission.
  Regards,
  Melon Chen
  TechNet Community Support
  It's recommended to download and install
  Configuration Analyzer Tool (OffCAT), which is developed by Microsoft Support teams. Once the tool is installed, you can run it at any time to scan for hundreds of known issues in Office
  programs.