Search Results

Search found 4775 results on 191 pages for 'permissions'.

Page 10/191 | < Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >

  • Permissions required to look up a domain user's group memberships

    - by adrianbanks
    I am writing some code to look up the members of particular domain groups. Does the user that this application runs as need any particular permissions on the domain to get this information? Background: I have already determined that the application needs to be run as a domain user to be able to query information from the domain. I have a list of group names and for each group, I need to look up the members of that group on the domain and get their names/usernames.

    Read the article

  • Old Permissions from other users

    - by George
    Hello guys. I just formatted my system and I'm having some problems in cleaning up stuff. I had 2 partitions, formated C: and left with D: Installed Win7 and I want to delete some of these folders in D:, but it's denying me permission, altought I'm the admin. How can I clear these old permissions? Thanks!

    Read the article

  • Permission denied but group permissions look good on redhat

    - by Tony
    I have a user ftpadmin: -bash-3.2$ id ftpadmin uid=10001(ftpadmin) gid=2525(fsg) groups=2525(fsg),10005(git) The important group to note is "git" Then I have my git repository: ls -al drwxrwxr-x 7 git git 4096 Apr 20 14:17 fsg So ftpadmin is a member of git, and git has given all permissions to people in the group. Why do I see this when I login as ftpadmin: -bash-3.2$ ls -al /home/git/ ls: /home/git/fsg: Permission denied ... Seems like I should have permission...

    Read the article

  • FTP permissions problem

    - by John Isaacks
    I have vsftpd installed on ubuntu. I added a new created a new user and set the users home path to /var/www so I can ftp with that user directly to that location. And that all works, I can now FTP with the user I created directly to that location. However I whenever I ftp, I have no permissions to change anything. How can I change that? Thanks!!

    Read the article

  • How is it possible to list all folders that a particular user/group has permissions on?

    - by Lord Torgamus
    Is it possible to list all folders/files that a given group has explicit permissions on, for a machine running Windows Server 2003? If so, how? It would be nice to see inherited permissions as well, but I could do with just explicit permissions. A little background: I'm trying to update groups/permissions on a test server. One of the groups, Devs, wasn't implemented correctly when it was created, and my goal is to remove it from the system. It has been replaced by LeadDevelopers, which has permissions on many — but naturally not all — of the same folders. I want to make sure that I don't accidentally orphan any folders or cause any other issues when I remove Devs. It did have some admin-level permissions. EDIT: The answers so far — at least *cacls and AccessEnum — provide a way to find out which groups/users have permissions on known directories/files. I actually want the reverse of this behavior: I know the group, and I'm looking for the directories/files for which the group has permissions. Also, as I noted in a comment, the Devs group is not itself a member of any other group.

    Read the article

  • How to get full control of umask/PAM/permissions?

    - by plua
    OUR SITUATION Several people from our company log in to a server and upload files. They all need to be able to upload and overwrite the same files. They have different usernames, but are all part of the same group. However, this is an internet server, so the "other" users should have (in general) just read-only access. So what I want to have is these standard permissions: files: 664 directories: 771 My goal is that all users do not need to worry about permissions. The server should be configured in such a way that these permissions apply to all files and directories, newly created, copied, or over-written. Only when we need some special permissions we'd manually change this. We upload files to the server by SFTP-ing in Nautilus, by mounting the server using sshfs and accessing it in Nautilus as if it were a local folder, and by SCP-ing in the command line. That basically covers our situation and what we aim to do. Now, I have read many things about the beautiful umask functionality. From what I understand umask (together with PAM) should allow me to do exactly what I want: set standard permissions for new files and directories. However, after many many hours of reading and trial-and-error, I still do not get this to work. I get many unexpected results. I really like to get a solid grasp of umask and have many question unanswered. I will post these questions below, together with my findings and an explanation of my trials that led to these questions. Given that many things appear to go wrong, I think that I am doing several things wrong. So therefore, there are many questions. NOTE: I am using Ubuntu 9.10 and therefore can not change the sshd_config to set the umask for the SFTP server. Installed SSH OpenSSH_5.1p1 Debian-6ubuntu2 < required OpenSSH 5.4p1. So here go the questions. 1. DO I NEED TO RESTART FOR PAM CHANGS TO TAKE EFFECT? Let's start with this. There were so many files involved and I was unable to figure out what does and what does not affect things, also because I did not know whether or not I have to restart the whole system for PAM changes to take effect. I did do so after not seeing the expected results, but is this really necessary? Or can I just log out from the server and log back in, and should new PAM policies be effective? Or is there some 'PAM' program to reload? 2. IS THERE ONE SINGLE FILE TO CHANGE THAT AFFECTS ALL USERS FOR ALL SESSIONS? So I ended up changing MANY files, as I read MANY different things. I ended up setting the umask in the following files: ~/.profile -> umask=0002 ~/.bashrc -> umask=0002 /etc/profile -> umask=0002 /etc/pam.d/common-session -> umask=0002 /etc/pam.d/sshd -> umask=0002 /etc/pam.d/login -> umask=0002 I want this change to apply to all users, so some sort of system-wide change would be best. Can it be achieved? 3. AFTER ALL, THIS UMASK THING, DOES IT WORK? So after changing umask to 0002 at every possible place, I run tests. ------------SCP----------- TEST 1: scp testfile (which has 777 permissions for testing purposes) server:/home/ testfile 100% 4 0.0KB/s 00:00 Let's check permissions: user@server:/home$ ls -l total 4 -rwx--x--x 1 user uploaders 4 2011-02-05 17:59 testfile (711) ---------SSH------------ TEST 2: ssh server user@server:/home$ touch anotherfile user@server:/home$ ls -l total 4 -rw-rw-r-- 1 user uploaders 0 2011-02-05 18:03 anotherfile (664) --------SFTP----------- Nautilus: sftp://server/home/ Copy and paste newfile from client to server (777 on client) TEST 3: user@server:/home$ ls -l total 4 -rwxrwxrwx 1 user uploaders 3 2011-02-05 18:05 newfile (777) Create a new file through Nautilus. Check file permissions in terminal: TEST 4: user@server:/home$ ls -l total 4 -rw------- 1 user uploaders 0 2011-02-05 18:06 newfile (600) I mean... WHAT just happened here?! We should get 644 every single time. Instead I get 711, 777, 600, and then once 644. And the 644 is only achieved when creating a new, blank file through SSH, which is the least probable scenario. So I am asking, does umask/pam work after all? 4. SO WHAT DOES IT MEAN TO UMASK SSHFS? Sometimes we mount a server locally, using sshfs. Very useful. But again, we have permissions issues. Here is how we mount: sshfs -o idmap=user -o umask=0113 user@server:/home/ /mnt NOTE: we use umask = 113 because apparently, sshfs starts from 777 instead of 666, so with 113 we get 664 which is the desired file permission. But what now happens is that we see all files and directories as if they are 664. We browse in Nautilus to /mnt and: Right click - New File (newfile) --- TEST 5 Right click - New Folder (newfolder) --- TEST 6 Copy and paste a 777 file from our local client --- TEST 7 So let's check on the command line: user@client:/mnt$ ls -l total 8 -rw-rw-r-- 1 user 1007 3 Feb 5 18:05 copyfile (664) -rw-rw-r-- 1 user 1007 0 Feb 5 18:15 newfile (664) drw-rw-r-- 1 user 1007 4096 Feb 5 18:15 newfolder (664) But hey, let's check this same folder on the server-side: user@server:/home$ ls -l total 8 -rwxrwxrwx 1 user uploaders 3 2011-02-05 18:05 copyfile (777) -rw------- 1 user uploaders 0 2011-02-05 18:15 newfile (600) drwx--x--x 2 user uploaders 4096 2011-02-05 18:15 newfolder (711) What?! The REAL file permissions are very different from what we see in Nautilus. So does this umask on sshfs just create a 'filter' that shows unreal file permissions? And I tried to open a file from another user but the same group that had real 600 permissions but 644 'fake' permissions, and I could still not read this, so what good is this filter?? 5. UMASK IS ALL ABOUT FILES. BUT WHAT ABOUT DIRECTORIES? From my tests I can see that the umask that is being applied also somehow influences the directory permissions. However, I want my files to be 664 (002) and my directories to be 771 (006). So is it possible to have a different umask for directories? 6. PERHAPS UMASK/PAM IS REALLY COOL, BUT UBUNTU IS JUST BUGGY? On the one hand, I have read topics of people that have had success with PAM/UMASK and Ubuntu. On the other hand, I have found many older and newer bugs regarding umask/PAM/fuse on Ubuntu: https://bugs.launchpad.net/ubuntu/+source/gdm/+bug/241198 https://bugs.launchpad.net/ubuntu/+source/fuse/+bug/239792 https://bugs.launchpad.net/ubuntu/+source/pam/+bug/253096 https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/549172 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314796 So I do not know what to believe anymore. Should I just give up? Would ACL solve all my problems? Or do I have again problems using Ubuntu? One word of caution with backups using tar. Red Hat /Centos distributions support acls in the tar program but Ubuntu does not support acls when backing up. This means that all acls will be lost when you create a backup. I am very willing to upgrade to Ubuntu 10.04 if that would solve my problems too, but first I want to understand what is happening.

    Read the article

  • OpenSUSE Yast permissions for user

    - by pajton
    I have an OpenSUSE 11.4 box with Kde 4.6. I am currently working to create a sandbox environment for the user, let's call hime bob. Bob isn't allowed to do much in the system, but I'd like to let him configure certain things in yast. I have dektop shortcuts for particular yast modules, e.g. the shortcut executes xdg-su -c "/sbin/yast2 lan" to launch yast lan configuration. Now, I do not want Bob to have to enter password to launch this configuration (just please don't tell me it's insecure - I know this, in this particular setting it is going to be OK). I wanted to do this with setuid, but obiously setting it on *.desktop shortcut doesn't work. There is sudo approach, but I would have to allow Bob to use all yast modules. So, is there anything more fine-grained to set the permissions for exact yast modules? Thanks in advance!

    Read the article

  • Backup Permissions for an Active Directory Profile Directory

    - by Earls
    I have Folder Redirection turned on so the profiles are on a Windows shared folder on a File and Print Server... \folders\Profiles I want to back up the entire Profiles directory, but as Domain Admin I don't seem to have the privileges to "select all and copy" the entire directory structure. The user profile subfolders (Appdata, Documents, Desktop, Pictures, etc.) throw access denied errors... I tried to grant Domain Admins full privileges to the Profiles directory and thought the subfolders would inherit the privileges, but I get access denied errors just trying to set the permissions... How can I assign a user to the Profiles directory so that I can copy the entire directory tree to back it up?

    Read the article

  • DB2 UDF Permissions

    - by WernerCD
    I have a custom function that I'm working on... the problem I'm having is simple: Permssions. example function: drop function circle_area go CREATE FUNCTION circle_area (radius FLOAT) RETURNS FLOAT LANGUAGE SQL BEGIN DECLARE pi FLOAT DEFAULT 3.14; DECLARE area FLOAT; SET area = pi * radius * radius; RETURN area; END GO if I then log out of my "admin" account... and log into test account I get a "Not authorized" error when I try to run something "Select circle_area(foo) from library.bar". I can log into iSeries Navigator, navigate to schema functions permissions and change the permission for public from Exclude to All. bam it works. How do I grant permission to all, either in the CREATE FUNCTION or after?

    Read the article

  • Windows 7 external 2.5 hard drive read write permissions format

    - by user76918
    Working with Windows 7 professional. While trying to format western digital 250GB sata laptop drive; receiving error not initialized. Went to elevated command line to diskpart to clean all; received error message write protected. Went to Disk Management & Virtual disk drive shows as disk 2 not initialized. No format options available greyed out. Went back to command line tried to see attributes disk is read only. How do I take owner ship to change the permissions & format.

    Read the article

  • built in "Offer Remote Assistance" not working because of permissions

    - by Caleb_S
    I'm trying to enable permissions for a user on a Windows7 machine to use the built in feature called "Offer Remote Assistance" or "Windows Remote Assistance". This feature works fine if the user is added to the "domain admins" security group, but for security reasons, I cannot leave him in that group. This is within a SBS2003 Domain. I have added the user and also a group that he is apart of to the Small Business Server Remote Assistance Policy, after following some documentation I was able to find, but this has not worked. Can you tell me how to enable this feature for this user and or a user group? http://content.screencast.com/users/CASEIT/folders/Forum%20Pictures/media/2a518bc9-4184-4520-8b76-cdf46555f568/2011-08-18_1330.png

    Read the article

  • IIS7 folder permissions

    - by Eanna
    I build a basic WCF service that I now want to host in IIS7 under Windows Server 2008 R2. I added the service as an application under the default web site but whenever i try to run the application I get the following error: HTTP Error 500.19 - Internal Server Error The requested page cannot be accessed because the related configuration data for the page is invalid. Config Error - Cannot read configuration file due to insufficient permissions The only way I can get this service working is if i choose to "connect as" the server Administrator when adding the service. the "application user (pass-through authentication)" option does not seem to work. Could anyone help me out, I've just started using IIS7 and have no idea what to do... Thanks

    Read the article

  • Trouble with cross network permissions for an image through iis7 in an asp.net virtual directory

    - by EdenMachine
    I have load balanced web servers My web application has a function that allows the user to upload their company logo to display in the application header obviously, when they upload the logo image file, it needs to be in a central location or otherwise, the file will not be accessible to the other server on the load balancer. in order to be able to upload the image through the application other on one of either servers and then display it on both servers I need a virtual directory in IIS on both servers that point to a third "file server" (this is the "AcctData" directory shown below with a sub folder "images") the problem is that no matter what I do, I run into a permissioning issue If I use pass-through authentication I get a 401 error. If I use a specific user that's set up on both boxes, I get a 500 error. The "Default" application under "CP" (shown in the image below) uses an AppPool that is a Domain Account that has admin permissions on all the servers. I've also tried sticking a Web.config file in the "AcctData" directory allowing anonymous access. Nothing is working though.

    Read the article

  • Mac OS X Snow Leopard: permissions changed on /var results in dns lookup issues

    - by Ivan
    I was attempting to solve an issue ("/var/log/msmtp.log: permissions denied" error when attempting to send mail using msmtp) when I did this: > chmod -R 770 /var After that, my machine would not resolve domain names via cURL. (ping also fails) But, oddly, I can enter domain names into Safari and visit any web pages w/o a problem... I'm actually not sure if the chmod command is the cause of the problem, but I suspect it is. Also, if I ls -l on /var (or /private/var) it doesn't seem that any of the subdirectories or files there actually changed permission, but there are many, so I can't say that conclusively... Incidentally, I fixed the original error (msmtp.log permission denied) by setting TMPDIR=/tmp in my local environment (bash). Now the error goes away, but I get this error: msmtp: cannot locate host domainname.org: nodename nor servname provided, or not known Any ideas about how to go about getting DNS working again?

    Read the article

  • IIS6 Permissions

    - by Gordon Carpenter-Thompson
    We have a set of IIS6 Jakarta/ASP.NET applications (implemented as virtual directories) on a machine without a domain. The directories all exist under the default website. We need to setup the permissions so that certain users can access only specific applications yet others users can access several of the applications. The way it's been setup previously has been to explicitly deny access to the users for every application except the ones that they are allowed to see. The problem is that the list of applications changes fairly often (for demos etc) and it's been known for the developers to forget to deny the old users access to the new applications which leads to security problems. This is all quite unmaintainable. Does anybody have any advice on this? Surely I can't be the only person to find this all a bit of a mess? Thanks

    Read the article

  • ubuntu 9.04 /var/www permissions

    - by luca
    ubuntu 9.04, user luca wants to access the /var/www directory. the directory is owned by user root, group root I changed the group ownership to www-data (sudo chgrp -R www-data /var/www/) and added write privileges to that group (sudo chmod -R g+r /var/www), and added luca to that group (sudo adduser luca www-data). Now, why can't luca still write to /var/www? It should be able to, right? in /etc/group we have: "www-data:x:33:luca" permissions for /var/www are: "drwxrwxr-x 2 root www-data 4096 Feb 26 15:35 www"

    Read the article

  • Syslog permissions

    - by Niels Kristian
    I'm using the $InputFile facility in rsyslog to monitor various log files scattered around my ubuntu 12.04 server. E.g. nginx, unicorn, rails, postgres, cron etc. Now my problem is, that some of these log files are created with -rw-r----- right, so rsyslog doesn't have read rights. Since I install most of the programs using apt-get, and therefore didn't change anything from default. So, in other words, I would like not to modify every singe log file / daemon to have the right permissions, if I instead could give syslog read access to all of them at once. But the question is - can I do that, and is it the "right thing to do"?

    Read the article

  • SharePoint site access request denied permissions

    - by Nat
    Here is a good catch-22. When a user without any permissions on a site requests access from the _layouts/AccessDenied.aspx page it takes them to the Request Access page (_layouts/ecm_reqacc.aspx). When the user fills out the form with a simple message it is supposed to send an email to the address specified in the site collection and take them to _layouts/confirmation.aspx. Unfortunately the users are getting another access denied error instead. I have tried going to _layouts/accessdenied.aspx on a site I am the administrator of and the email is sent fine, so it is not a problem with sending the emails. What should I check and/or give access to in order for authenticated, but not permissioned users the ability to send access requests?

    Read the article

  • How to setup Database Permissions on SqlServer Express 2008

    - by Timo Willemsen
    I'm using a code-first approach of using the Entity Framework. When I first run the application it will try to create the database matching my MVC models. However, it doesn't have permission to create it I think. I get the following error: CREATE DATABASE permission denied in database 'master'. What user is trying to access the SqlServer and how can I add it's permissions to let it work? This is the connectionstring I'm using (which should be right...) <add name="ContextDb" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;initial catalog=ContextDb" providerName="System.Data.SqlClient"/> Cheers

    Read the article

  • Windows Server 2008 R2 permissions: Users can't write despite being administrators

    - by Matias Nino
    We just set up a new R2 server and created a bunch of local user accounts on it that are part of the administrator's group. We then set permissions on some shares and folders to allow FULL CONTROL to anyone from the administrator's group. However, the users cannot write to these folders when logged on. On some folders on the C:\ they are prompted for consent in order to gain permission to read them. Any ideas? Are there any tools that would help me troubleshoot this? Thanks in advance for any tips.

    Read the article

  • Good set of web hosting permissions?

    - by Jorge Israel Peña
    Hey guys, I just got a linode and I'm in the process of configuring it. It's running nginx with php-fpm and passenger. nginx was compiled and is running as user nginx. php-fpm (php with fastcgi process manager) is running as www-data (in group www-data). My sites are currently in /var/www, so for example /var/www/test.com I'm just wondering what the general 'flow' of things is. So for example, /var/www is owned by root, should I chown of /var/www/test.com to nginx or www-data? Or should I put nginx in the www-data group? How should site uploading work, I just transfer files to the /var/www/test.com directory as root (sudo) and then chown -R www-data:www-data .? Thanks. I'm capable of figuring things out on my own, I'm just wondering what the typical/general way of handling users/groups/permissions/site-files is on linux with a webserver.

    Read the article

  • lamp server permissions on development server

    - by user101289
    I run a LAMP server on a ubuntu laptop I use only for development. I am not greatly concerned with security, since the server is never accessible outside the local network, and it's turned off when I'm not using it. My question is what is the simplest and 'best' way to set permissions/users/groups so that when my myself user creates, edits or writes files in the webroot, I won't need to go through and CHMOD / CHOWN everything back to the www-data user? Should I add myself to the www-data group? Or chown the webroot to www-data:myself? Or is there a best practice for this situation so I don't have to keep re-setting the ownership of these files? Thanks

    Read the article

  • Locked out by changing file permissions

    - by Valeriy
    I just locked my root account (and all other accounts if it matters) completely out of the RHEL 5.4 by changing permissions on every file to 400. Now I have "Permission denied" on any command that I try to run, including chmod itself. Any idea on how to recover? The only access I have to the server is via terminal or SSH. (If anyone cares how it happened, I was running a hardening script and one of the lines was supposed to change permission on some config files in /etc directory. It has couple of variables that had not been set, so the command essentially evaluated to chmod -R 0400 /* Ouch! This is sure a great lesson on checking the scripts even more carefully in the future but what can I do now?

    Read the article

< Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >