Worklist taskExecute Permission AccessException

Similar Messages

• Manual Task Two Roles

  Hi everyone
  I have in one of my processes a manual task, which wanted the could see one of the roles in the worklist view but in read-only mode, and other roles in edit mode and you can select the output path of the same task.
  Is this possible?
  Regards,

  Hi Andres,
  I'm not clear on your requirement and use case from the description, but here are my thoughts.
  If the use case is one of a user working on the task and another user in another role reviewing the work performed in that task, then I would consider these two separate tasks as they are performing separate functions, and the view of the data (read-only vs read-write, what's displayed, etc.) can be determined for each task's data.
  If the use case is that some users are workers for instances of a particular task while other users are not workers but monitoring instances of those tasks, then you could accomplish this by:
  -giving role A the Worklist Viewer permission, while giving role B the Search View permission (but not Worklist Viewer permission)
  -give role A and role B permission to the task in question
  This would allow users in role A to work on those tasks while users in role B can see the tasks but not perform work on them. This would not work if the users in role B are also expected to perform (do work on) other tasks, however, given they would not have the worklist viewer permission.
  If neither of the above is what you were looking for, could you please provide more details for your use case?
  Thanks,
  Marc

• Universal Worklist Configuration

  Hey guys
  Please can someone tell me where I can find a universal wordlist config guide for EP7.0?
  Many thanks in advance
  Jo-lize

  Hi
  This are the steps need to be followed.please do give full points
  The Universal Worklist (UWL) gives users unified and centralized way to access their work and the relevant information in the Enterprise Portal. It collects tasks and notifications from multiple provider systems – SAP Business Workflow, Collaboration Task, Alert Framework and Knowledge Management Recent Notifications - in one list for one-stop access.
  Administration and configuration for the Universal Worklist (UWL) is described.
  General Prerequisites
  1.     As an administrator, you have full administration rights for the Portal and the required business workflow rights in back end system (reference roles such as SAP_BC_BMT_WFM_UWL_ADMIN and SAP_BC_UWL_ADMIN_USER). Refer to SAP note 941589.
  Summary
  Symptom
  UWL administrative and/or end users are not allowed to perform or look up business workflow functions or data in the backend system.
  Reason and Prerequisites
  Corresponding adminsitrative and end users in the backend systems are created from scratch and have zero initial authorization.
  These roles are provided as an option to enable UWL administrative and end user authorization to readily utitlize the APIs of the SAP Business Workflow and relevant basis components remotely.
  (Note: Usually these roles are not needed as backend user is already assigned with roles that have sufficient authorization.)
  Also refer to BWF note 938717 for the corresponding roles required by business workflow.
  SAP_BC_UWL_ADMIN_USER
  For UWL administrative user who mainly deals with business workflow system registration.
  SAP_BC_UWL_END_USER
  For UWL end user to carry out all business workflow actions currently supported in UWL.
  Solution
  The roles can only be imported with a support package
  Header Data
  Release Status:     Released for Customer
  Released on:     25.04.2006  04:57:52
  Priority:     Recommendations/additional info
  Category:     Advance development
  Primary Component:     EP-BC-UWL Universal Worklist
  Releases
  SoftwareComponent     Release     FromRelease     ToRelease     AndsubsequentSAP_BASIS     60     640     640      SAP_BASIS     70     700     700     
  Highest Implemented Support Package
  SupportPackages     Release     PackageNameSAP_BASIS     640     SAPKB64017SAP_BASIS     640     SAPKB64019SAP_BASIS     700     SAPKB70008SAP_BASIS          
  Summary
  Symptom
  This note delivers two roles (PFCG) with the authorizations required to display and edit Business Workflow work items in the universal worklist.
  SAP_BC_BMT_WFM_UWL_ADMIN
  This role has the workflow authorizations required to perform the configuration for the Business Workflow connection in the universal worklist. These are authorizations for Business Workflow interfaces on the back-end system. The role does not have any authorizations for the portal or other interfaces used by the universal worklist.
  SAP_BC_BMT_WFM_UWL_END_USER
  This role has all workflow authorizations required by end users to be able to edit Business Workflow work items with the universal worklist. The role does not have any authorizations for the portal or other interfaces used by the universal worklist.
  You can either use the two roles directly or as templates for your own roles.
  Note 941589 contains more information about roles with authorizations for the universal worklist.
  Other terms
  Universal worklist
  Solution
  The roles can only be imported with the relevant Support Package.
  Header Data
  Release Status:     Released for Customer
  Released on:     20.04.2006  07:43:26
  Priority:     Recommendations/additional info
  Category:     Advance development
  Primary Component:     BC-BMT-WFM Business Workflow
  Secondary Components:     EP-BC-UWL Universal Worklist
  Releases
  SoftwareComponent     Release     FromRelease     ToRelease     AndsubsequentSAP_BASIS     60     640     640      SAP_BASIS     70     700     700     
  Highest Implemented Support Package
  SupportPackages     Release     PackageNameSAP_BASIS     640     SAPKB64017SAP_BASIS     700     SAPKB70008
  Related Notes
  941589 - UWL: administrative and end user roles
  Attributes
  1.     Make sure that each user is known to all connected SAP systems as per role requirement (make sure that there is one-to-one mapping between the portal user and the backend user)
  If an iView is based on a system object defined in your system landscape, you must assign user permission for the relevant user, group, or role to the system object, as well. User permissions assigned to a system permits the iView to retrieve data from the respective back end application through the system object at runtime.
  2.      Each connected SAP system for back end system (below release 7.0, WP-PI plug-in 6.0) has the connection to its respective SAP Internet Transaction Server (ITS)
  Authorizations needed for working with Business Workflow
  Normally, when the corresponding back end system user already has the correct authorization to work on the Business Workflow directly, no additional setup is required when working in UWL. However, manual configuration to assign RFC access authorization to the following function groups may be needed (Note: this is not common):
  1.     ●      Function group and transaction SWK1 (for back end systems using WP-PI plug-in)
  2.     ●      Function group SWN_UWL_WL (for back end system on release 6.40 and above, without the need of WP-PI plug-in)
  3.     ●      Function group SWRC, SSCV (for all cases)
  4.     ●      Authorization rights for SDTX
  User Mapping:
  1.      Navigate to User Administration ®identity Managementà User Mapping.
         2.      There are three scenarios:
  ○     Portal user ID is different than the back end SAP user ID and back end SAP user IDs are different in all back end SAP systems connected to the portal (UIDPW)
  1.      Maintain the user mapping for each portal user corresponding to all the respective back end systems
  2.      Portal user ID is different than the back end SAP user ID and backend SAP user ids are the same in all back end SAP systems connected to the portal (logon ticket)
    Maintain the user mapping for each portal user to the reference system
  3.     Portal user ID is the same as the back end SAP user and back end SAP user IDs are the same in all back end SAP systems connected to the portal (logon ticket)
  1.       No user mapping is necessary
  User Permissions
  According to the prerequisites, if an iView is based on a system object defined in your system landscape, you must assign user permission for the relevant user, group, or role to the system object, as well.
  User permissions assigned to a system permits the iView to retrieve data from the respective back end application through the system object at runtime.
       Procedure
         1.      Navigate to System Administration  ® System Configuration  ® Portal Content. Open the folder where the existing systems were created.
         2.      From the available system list, click with the secondary mouse button on the system name and choose Open  ® Permissions.
         3.      Assign permissions. Make sure that under the Administrator column you assign Read permissions for the assigned role (for example for role eu_role). Also mark the check box End User.
         4.      Choose Save.
       Registering the Provider Systems
  Each UWL iView can retrieve work items from multiple Business Workflow back end systems. Register each back-end connection to be used with the following procedure:
  On the port...
         1.      On the portal, choose System Administration ® System Configuration ® Universal Worklist and Workflow ® Universal Worklist Administration.
  The Universal Worklist Systems list appears. Here you can define connectors and systems as item providers for the Universal Worklist.
         2.      To add a new entry, choose New. To edit existing information, select (highlight) the row and choose Edit.
         3.      To save the current system registration, choose Ok.
         4.      Multiple system connections are defined by repeating the above steps 1 to 3.
  Table describing the parameters
  Parameter     Description and Use
  Connector     This is the identifier with which the connector is registered. It indicates the type of items retrieved through the connection. For example: WebFlowConnector.For connector types WebFlowConnector or Alert Connector item types have to be registered with the UWL service after defining a new system connection.
  Configuration Groups     Leave this blank, when working with the default UWL iView. You can add a number of configuration groups separated by commas but only one configuration group per iView. first installed, one UWL iView is defined.  The System Configuration Group property for that iView is empty (blank). This means that no System Configuration Group is named, but in effect there is only a single group. The default behavior for the blank setting is this: when any user logs onto the UWL iView, UWL tries to log that user onto all registered back end systems. There is a limitation with the blank setting. When a large number of systems are accessed during log on, the overall portal load is increased. Also, the user receives error messages from those back end systems that have no user account for the particular UWL user. For large system landscapes do the following:...       1.      Partition back end systems into groups. This is accomplished by creating additional UWL iView instances, each of which refers to a specific group of backend systems. The group is defined, using the System Configuration Group iView property.       2.      Then use the value of the System Configuration Group property when registering back end systems by placing it in parameter Configuration Group, when you register the SAP system.
  System alias     The name of the alias for the back end system, as defined in the system landscape. The length cannot exceed 25 characters.If Web Dynpro applications are configured on a SAP NetWeaver Application Server which is different from the SAP NetWeaver Application Server of the system alias, then specify that system alias as a Web Dynpro system
  Web Dynpro Launch System     Enter the Web Dynpro system name if the SAP NetWeaver Application Server for the system is not the same as that running the Web Dynpro.Leave empty otherwise
  User Roles     Restricts who can get work items via the user role. For example, you can assign a portal role here, such as buyer. Only users with the role buyer will see items from the provider system in UWL.You can have multiple user roles separated by semi-colon. By specifying user roles for the portal users, it can be restricted as to who gets the work items in UWL.  For example, you can assign a portal role to a user, such as buyer.  Only users with the role buyer will see items from a system, for example, B7QCLNT000 in UWL.
  Pull Channel Delta Refresh Period (in Seconds)     Delta Pull mechanism of UWL enables new items to be fetched from the back end SAP systems every minute by default every 60 seconds, and every 30 seconds for alerts. However, this can be configured. The user does not need to use the refresh function to update the inbox. Once items are retrieved, timestamps are updated for the users whose items are successfully retrieved. These retrieved items are updated in the UWL cache. Setup necessary from Business Workflow to enable Delta Pull MechanismSome configuration settings are required if you use the UWL and the Extended Notifications for SAP Business Workflow. Define the following two batch jobs:...●      Background job (for example UWL_DELTA_PULL_1), consisting of a single step of ABAP report RSWNUWLSEL in FULL mode, using a report variant.Run the job once a day.1.     ●      A background job (for example UWL_DELTA_PULL_2), consisting of a single step of ABAP report RSWNUWLSEL in DELTA mode (default mode is delta, so report variant is optional).Run the job every one to three minutes (depending on the performance of the back end SAP system).Setup necessary from UWL to enable Delta Pull Mechanism The UWL service user in portal, with user id uwl_service, has to be granted access to the corresponding back end systems. This is a predefined service user provided by UWL. When the back end system is configured in the UWL administration page, an automated process is triggered to create a corresponding UWL service user in the back end system.Check role assignments and profiles status of this automated generated UWL service user and perform user comparison if necessary.●      If SAPLogon ticket is used (without using user mapping), you first create the system entry. A message about uwl_service user appears. Then in the back-end system give the uwl_service user an initial password. Now edit the system entry.●      If user mapping is used, you can first configure the back end system in the UWL administration page. Then access the respective back end system to initialize the password for the user uwl_service. Then, do user mapping in the portal as usual for service user uwl_service.In case uwl_service fails to be created in the back end and does not exist, you can manually create a back end user with the id uwl_service and assign the role SAP_BC_UWL_SERVICE and the rights as other end users.ORMap uwl_service to an existing back end user. Make sure that there is no multiple user mapping (there must not be two portal users mapped to the same back end user). This back end user must have the role SAP_BC_UWL_SERVICE.
  Snapshot Refresh Period (in minutes)     All items at the current time are fetched from the backend (for example from the SAP Business Workflow). The cache is synchronized thereafter. New / modified / deleted / updated items are fetched every session (every log on) if you leave the field value empty or enter a negative number.To specify a particular time frame for which the refresh occurs, enter the number of minutes
  The above registration procedure is usually sufficient to use a UWL iView. Item type retrieval and registration requires a connection to the systems and may take a couple of minutes.
  For each system, they are generated as the configuration named uwl.webflow..
  In Manager Self-Service (MSS), the Universal Worklist groups together in Workset: Work
  Overview the various workflow tasks and alerts that are relevant for a manager.
  The standard MSS delivery includes the configuration file com.sap.pct.erp.mss.001.xml for the universal worklist.
  1. In the portal, choose System Administration →System Configuration →Universal
  Worklist and Workflow →Universal Worklist →UWL Systems Configuration.
  2. Create the following system connections:
  If you have already registered a suitable connector to the system connected to
  the system alias, the existing connector is sufficient and you do not have to
  register an additional one.
  ○ System alias: SAP_ECC_Financials
  Connection types:
  ■ WebFlowConnector
  ■ AlertConnector
  ○ System alias: SAP_ECC_HumanResources
  Connection type WebFlowConnector
  ○ System alias: SAP_SRM
  Connection type WebFlowConnector
  Leave the Web Dynpro Launch System field blank for all system connections.
  With regards
  subrato kundu

• URL of Worklist  throwing error not authorised to access Page.

  Hi
  I have created a approval workflow for changing Home and mailing address .On saving a worklist is generated in approver worklist but when I click on the URL it throws an error .:
  You are not authorized to access this component. (40,20)
  You have not been granted security authorization for the component you are attempting to access. You may have access to the designated component and page, but not in the specified action mode (such as Correction or Update/Display). Contact your system administrator.
  While this page is getting open through Menu navigation and user can approve the request but it is not getting open through worklist.
  What can be Problem ?User is having permission to open and update page.
  Peoplesoft Version :9.1
  Peopletool 8.51
  Thanks in advance
  Abhishek

  Are you using Approval Framework or Activities for workflow?

• Java.lang.RuntimeException: Caller doesn't have enough permission to call this method

  Hi,
  I am trying to abort a composite instance from SOA BPM Worklist.
  I was able to do the same using weblogic 10.3.6 and SOA 11.1.1.6
  Now, I am using weblogic 10.3.6 (same server) and SOA 11.1.1.7 . I have done the complete FacadeFinderBean and SOATestBean JNDI setup on my servers.
  I am getting the below error now.
  Caused by:  An error occurred while aborting or purging composite instance.
  Caused by: java.rmi.RemoteException: EJB Exception: ; nested exception is:
    java.lang.RuntimeException: Caller doesn't have enough permission to call this method.
    at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:237)
    at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:223)
    at oracle.soa.management.internal.ejb.impl.FacadeFinderBean_4vacyo_FacadeFinderBeanImpl_1036_WLStub.getCompositeInstances(Unknown Source)
    at oracle.soa.management.internal.ejb.EJBLocatorImpl.getCompositeInstances(EJBLocatorImpl.java:401)
  Caused by: java.lang.RuntimeException: Caller doesn't have enough permission to call this method.
    at oracle.soa.management.internal.ejb.impl.BaseSOABeanImpl.checkSecurityRole(BaseSOABeanImpl.java:55)
    at oracle.soa.management.internal.ejb.impl.FacadeFinderBeanImpl.getCompositeInstances(FacadeFinderBeanImpl.java:913)
    at oracle.soa.management.internal.ejb.impl.FacadeFinderBeanImpl.getCompositeInstances(FacadeFinderBeanImpl.java:905)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
  Please provide your valuable inputs to solve the issue.
  Thanks and Regards,
  Vijay

  Hi,
  I was able to solve the issue by a workaround >>>
  Set the facade.security.check system property to false in setDomainEnv.sh on SOA domain under java_options
  -Dfacade.security.check=false
  Regards,
  Vijay

• How to give Remote Login permission for hw_services in BPEL

  Hi,
  We are using the Oracle SOA suite 10.1.3.1. May I know how to give the Remote login permission for hw_services which is deployed in BPEL manager. After changing to OID we are unable to call the remote worklist api using REMOTE_CLIENT. It throws the error Not Authorised to login .
  Thanks,
  -

  Hi Fresh,
  You have design the solution using Data replication functionality with WFSC. Probable solution could be as seen below
  Refer below link for information on the solution
  http://download.microsoft.com/download/3/6/1/36117F2E-499F-42D7-9ADD-A838E9E0C197/SiteRecoveryWhitepaper_final_120309.pdf
  Regards,
  Deepak Kori.

• Strange JpsAuth permission check messages

  We migrated an ADF Faces application built with JDeveloper 11g (11.1.1.0.1) to JDeveloper 11gR1 (11.1.1.1.0). The application is configured to use ADF Security (Aithentication and Authorization). The application seems to work correctly (regarding the security), but when we access pages including any search regions (<af:query> or rich tables with filter columns) then the framework logs messages about authorization check failures like this one below:
  [JpsAuth] Check Permission
            PolicyContext:        [NSI_ISBS#V2.0]
            Resource/Target:      [sessiondef.nsi_isbs_pagedefs_resp_ResponsesPageDef_ResponsesQuery2_VCTree_Root_internal_vcival_def_203_DynamicRegion]
            Action:               [view]
            Permission Class:     [oracle.adf.share.security.authorization.RegionPermission]
            Result:               [FAILED]
            For more information on this failure, please set -Djps.auth.debug.enable=trueObviously, the resource/target name "sessiondef.nsi_isbs_pagedefs_resp_ResponsesPageDef..." has been generated dynamically and it is related to the corresponding search region in the pagedef. We had no such problem with the previous JDeveloper release. Is this a bug or we are missing something? The application works correctly despite these console messages.

  Implementing Worklist using JDEVELOPER11g task flow in webcenter 11g applicationframework.
  was geeting the same error
  So tried workaroung of seeting set EXTRA_JAVA_PROPERTIES=-Djps.auth.debug=true -Djps.auth.debug.verbose=true %EXTRA_JAVA_PROPERTIES% in C:\MYJDEV8Oracle\Middleware\jdeveloper\system11.1.1.1.33.54.07\DefaultDomain\bin\setdoaminEnv.cmd……
  i get mnay of my java.security ....cals... methos suceeded but only..
  [JpsAuth] Check Permission
  PolicyContext: [Worklist#V2.0]
  Resource/Target: [view.pageDefs.worklistPageDef]
  Action: [view]
  Permission Class: [oracle.adf.share.security.authorization.RegionPermission]
  Result: [FAILED]
  Evaluator: [ACC]
  Failed ProtectionDomain:[null]
  Call Stack: java.security.AccessControlException: access denied oracle.adf.share.security.authorization.RegionPermission/view.pageDefs.worklistPageDef/view
  java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
  java.security.AccessController.checkPermission(AccessController.java:546)
  oracle.security.jps.util.JpsAuth$AuthorizationMechanism$3.checkPermission(JpsAuth.java:350)
  oracle.security.jps.util.JpsAuth$Diagnostic.checkPermission(JpsAuth.java:270)
  oracle.security.jps.util.JpsAuth$AuthorizationMechanism$6.checkPermission(JpsAuth.java:374)
  oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:410)
  oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:432)
  oracle.adf.share.security.providers.jps.JpsSecurityContext.doJpsCheckPermission(JpsSecurityContext.java:273)
  oracle.adf.share.security.providers.jps.JpsSecurityContext.hasPermission(JpsSecurityContext.java:201)
  oracle.adf.share.security.binding.BindingPermission.hasPermission(BindingPermission.java:121)
  oracle.adf.share.security.binding.BindingPermission.hasPermission(BindingPermission.java:97)
  oracle.adf.model.binding.DCBindingContainerDef.internalHasPermission(DCBindingContainerDef.java:1930)
  oracle.adf.model.binding.DCBindingContainerDef.isViewAuthorized(DCBindingContainerDef.java:1889)
  oracle.adf.model.BindingRequestHandler......
  42 of them....
  i think its an bug ..... for using SAML Token.........u need time same time configurations....at both server sides
  so u need to configure ur date/time/timezone with server.(mine case BPEL BPM Server......)..

• Universal Worklist Iview

  Hi Guys,
              I have BI 7.0 Portal on Web AS 7.0 SP4, I getting error "Unable to perform the request. Try again and if the problem persists, inform your system administrator", when I try to check the "Universal Worklist" under "com.sap.ip.bi.business_explorer_showcase".
  When Trace the iview location and  iview from it's location it show me the results,  but under above given role it does not work. Can any one tell me what could be reason I have even assigned the user to Iview permission as well with full control.
  Thanks
  Regards
  Yasir Noman

  Hi Santosh,
  Have you installed CM onto the portal? UWL is installed with the CM components. If you would like to use UWL without then take a look at sap note 702255.
  UWL should be in PCD in
  pcd:portal_content/com.sap.pct/every_user/general/iViews/com.sap.netweaver.bc.uwl.iviews/com.sap.netweaver.bc.uwl.uwl_iview
  Cheers

• Universal Worklist iView not visible///

  Hi All,
  We have installed EP & I have done the required configuration from SAP HCM module side & everything is working on fine except that I'm not able to see the My Organizer iView (Universal Worklist iView) in the ESS. I can see the other iViews like Employee Search, Working Time, Travel & Expenses etc. My workflows are also working properly just that the iView is not appearing on ESS. Please suggest what configuration is missing & how to do this config.
  System Details:
  EP version: 7.0
  BP ESS/MSS: 11
  EHR & SAP HCM package level: 24
  Regards,
  VJ

  have you assigned the standard roles ie for portal and ess role
  check in UWL administration
  Does the same issue occur when you go to Content Administration and
  preview the iview with the following PCD address (Standard UWL iview
  provided by SAP)?
  Portal Content/Content Provided by SAP/End User Content/Standard
  Portal Users/iViews/com.sap.netweaver.bc.uwl.iviews/Universal
  Worklist
  check the roles and permission assigned to this user again
  Please see the UWL Wiki @
  http://wiki.sdn.sap.com/wiki/display/BPX/UWL%20FAQ  *

• When I login to my bank, I get the message: 403 - Forbidden: Access is denied. You do not have permission to view this directory or page using the credentials that you supplied. Have new MacBook Air with Yosemite. How to solve this problem?

  When I try to login to the website of my bank, I get the following error message:
  403 - Forbidden: Access is denied.
  You do not have permission to view this directory or page using the credentials that you supplied.
  I have a new MacBook Air with OS Yosemite installed.
  What is the problem and how can I solve it?

  Some websites require a special client certficate for access. If you don't have that certficate, you'll have to contact the site operator to find out how to get one.
  Sometimes the problem is caused by a web server that is configured to request an optional client certificate. Safari treats the request as mandatory. In that case, other browsers such as Firefox and Chrome may be able to connect to the site, because they ignore the request.
  The first time you were prompted for a certificate, you may have clicked through a dialog that requested access to the Apple certificate in your keychain that is used to secure the iMessage service. In that case, you may be able to regain access to the site in Safari by doing as follows.
  Back up all data.
  Double-click anywhere in the line below on this page to select it:
  com.apple.idms.appleid.prd
  Copy the selected text to the Clipboard by pressing the key combination command-C.
  Launch the Keychain Access application in any of the following ways:
  ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
  ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
  ☞ Open LaunchPad. Click Utilities, then Keychain Access in the icon grid.
  Paste into the search field in the Keychain Access window by clicking in it and pressing the key combination command-V. An item may appear in the list of keychain items. The Name will begin with string you searched for, and the Kind will be "certificate."
  Delete the item by selecting it and pressing the delete key. It will be recreated automatically the next time you launch the Messages or FaceTime application.
  The next time you visit a site that prompts for an optional client certificate, cancel out of the prompt. You may have to do this several times before the server stops asking.
  Credit for this idea to Christian Braukmueller of SAP.

• Web-Disk on OSX 10.9 Give me this error: "Finder got an error: Network file permission error."

  Previously I was using OSX 10.8 and Web Disk was working great.
  Since I upgraded to OSX 10.9 Web Disk Dont Attach to my compputer and give me this ERROR:
  FInder got an error: Network file permission error.
  When I got this ERROR first time I searched GOOGLE and found this link: http://cammodude.blogspot.no/
  And I did:
  To force all connections to be SMB1:
  Open A terminal window
  paste in the following line followed by the return key(should be all on one line): 
  echo "[default]" >> ~/Library/Preferences/nsmb.conf; echo "smb_neg=smb1_only" >> ~/Library/Preferences/nsmb.conf
  What the command does:
  Creates a file called nsmb.conf  in your  home directory at the path ~/Library/Preferences/nsmb.conf.
  Adds directives to force SMB connections to use the SMB1 protocol.  This is slower but stable.
  Then I could use Web Disk on OSX 10.9 after executing this command in Terminal.
  But now I restarted my Macbook and now Im NOT able to connect to Web Disk and get the same ERROR.
  FInder got an error: Network file permission error
  After trying 100 times it attaches 1 time but then show this ERROR:
  Can't get <<class cdis>> "my.server.com/2078" of application "Finder".
  If this happen then I can see the files in Finder and see the Contents and Size of files but if I open a PHP file in BBEdit then it shows BLANK.. But actually it is NOT blank.
  Now Im stuck How can I solve this? All help is highly appericated..
  Thank you so much...

  Hi,
  Make sure to chmod the app, something like this :
  chmod -Rf 777  secure_site_WebDisk.app
  (in my case the CPanel provided the app for my OSx version.)

• Multiple users under my name, can I transfer files/data onto just one user account if I have an external H.D.  when I tried to delete info off one of the accounts it said I did not have permission? I assume I was in an account that was not admin.

  I noticed I have set up 4 Admin user accounts under my own name with diff. variations as seen in the attchment.  Some have a diff. password to log on to which I am able to do.  This computer is used for my business and I need info that is scattered on the other 3 accounts to be in/on ONE admin account. 
    I don't know how i ended up with multiple accounts.  Maybe due to having two 24" iMacs and multiple iPhones & iPad2 for me and family.   
  I use this computer for business and personal. 
  Due to multiple Admin user accounts I have important info scattered on the other accounts resulting in some accounts have some of the info to others having much more  but not ALL.   Some accounts have from a couple hundred songs, podcasts, etc. etc.  to a few 1,000 on another Admin account.   
  I want to consolidate ALL of my info, files. songs, podcasts, pictures & email etc. into one Admin account and delete the other accounts to reduce confusion. 
  I was told by my local Apple authorized service shop that it is not easy but moving most of the info is possible.  Their caveat was email would probably not be able to be moved other than forwarding each email I wanted out of each account and opening in the account I wanted to consolidate into. 
  As a side note,  I get an error message at times saying that I do not permission/authority to delete / move files?  What might be the issue when I encounter this type message?
  Thanks for any help.
  Bob

  Have a read here Transferring files from one User Account to another
  Stefan

• How can I use family sharing, but allow my daughter to purchase with her iTunes allowance without asking permission?

  I love the idea of iTunes family sharing, but I don't think it currently supports my situation.
  My daughter's iTunes account gets a monthly allowance (plus occasional gift cards), and does not have a credit card tied to it. That way, she can buy whatever she wants, but only with her existing account balance.
  I'd like to tie her account to mine via family sharing, but want to keep her spending limited to just her allowance balance. Also, I don't need to grant permission each time she wants to buy something when using her balance. Ideally, she would be permitted to buy exactly as she does now (no permission necessary, no credit card on the account, and only using allowance funds), but also be tied my family account to listen to music I've already bought.
  It appears that my 3 options are:
  Do not do family sharing and keep the accounts separate.
  Tie the accounts together, put "ask to buy" on her account, and then get bugged for permission each time she wants to get something (as well as keep track myself of her going over her allowance and dipping into my credit card).
  Tie the accounts together, don't use "ask to buy", and keep my fingers crossed that she doesn't spend more than her allowance amount (because iTunes would permit spending more than that and charge my card).
  Options 2 and 3 don't work for me, and option 1 doesn't take advantage of family sharing.
  Can I have a family sharing account that *doesn't* charge to my credit card?

  Hello jeffchr,
  Thanks for the question. Based on what you stated, it seems like you don't want to be billed for a family members purchases. I would recommend that you read these articles, they explain the features options. 
  Family Sharing
  All new iTunes, iBooks, and App Store purchases initiated by family members will be billed to the family organizer’s account.
  Family purchases and payments
  Making purchases
  After you set up your family, any time a family member initiates a new purchase it will be billed directly to your account unless that family member has gift or store credit. First, their store credit will be used to pay the partial or total bill. The remainder will bill to the family organizer's card.
  How iTunes Store purchases are billed
  Which payment methods will be used first?
  When you make a purchase, content credits are used first, followed by Gift Certificate, iTunes Card, or Allowance Account credits. Your credit card or PayPal account is then charged for any remaining balance.
  Thanks for using Apple Support Communities.
  Cheers,
  Mario

• How can I get permission to use Apple's Airplay Technology for new and innovative Speaker System?

  Hi there!
  I want to integrate Airplay technology in a new and innovative Speaker System.
  I've searched the internet, but couldn't find anything.
  Does anybody know how to get the permission to use it?

  Apple
  1 Infinite Loop
  Cupertino, CA 95014
  408.996.1010
  ...ask to speak to someone about licen$ing.

• HT201328 I have been given permission for unlocking my iphone 3 GS from Orange. I want to set up the phone for my wife to use with a new number and carrier. Do I unlock under my itunes account first or set one up for her and then unlock the phone.

  I have been given permission for unlocking my iphone 3 GS from Orange. I want to set up the phone for my wife to use with a new number and carrier. Do I unlock under my itunes account first ( I now have a new iphone on this account) or set one up for her and then unlock the phone. I am worried about upsetting the new phone.

  I would complete unlocking as is and then
  restore as new once you know the iPhone is unlocked
  Be aware Orange will process the request at their speed
  one of the reasons they usually reside at bottom of User Sat surveys
  will likely take weeks
  This may also help
  http://support.apple.com/kb/HT5014