I'm trying to make a shortcut in windows Server 2016 DC Server. The frequent work is finding users and resetting their passwords. And I want to do it quickly and simply with a shortcut.
I've found a run command that triggers the search window. But there are not all settings in the context menu (right click menu).
The command is:
rundll32 dsquery.dll openquerywindow
It has no "reset password" option in the context menu.(only/ Open Home Page, Send Mail, Properties).
Is there a better way to do this?
Unfortunately, there's no a keyboard shortcut in AD Users and Computers app. Or i'm missing something?
Related
I have a report set up for a department. The data is accessed on a replicated server on the backend with a fixed password.
What I normally do is add a new role for the user accessing the report as a browser, then they can see the report and work from there.
However, the machine that is being used to access a new report is logged on under a general user account and neets to remain this way, the report that is being accessed is confidential and can only be accessed by certain staff members.
I have played around with the security settings to see if windows authentication would work but i struggled.
What I was hopping to achieve was the following:
let a user access the report on the machine via a password to run the report (preferably their user log on detais even though the machine will be logged on under a different user).
If this is not possible, would it be possible to create a password protected report using parameters?
apologies If i am not clear, I am happy to explain further if needed.
As far as I know it is only possible to protect a report using AD credentials. This works fine, but is not useable if there are non-AD users who have to access the report.
What you can do is generate an SSRS report as a password protected PDF using SQL-RD and send it on a schedule.
You could try setting the access to the report itself at the report level. In Reporting Services you navigate to the report and click the down arrow to the right of the report name.
On the next screen you make sure the Security tab is highlighted. You can then add groups or users (Domain\User) and their roles for that report. Even though this is not password protecting the report it is limiting access to only authorized individuals.
I have come up with a work around.
I have added the users I wanted to have access to the Security tab.
Using powershell I have created a script to ask for credentials to open "internet explorer" as the user I want to have access.
Start-Process -FilePath "C:\Program Files\internet explorer\iexplore.exe" http://PATHTOMYREPORT -Credential (Get-Credential)
From here I then created a batch file that would execute this powershell script for me
#ECHO OFF
PowerShell.exe -NoProfile -ExecutionPolicy Bypass -Command "& 'C:\powershellscript.ps1'"
I then created a shortcut to the batch file on the desktop, in the shortcut options I set it to run as minimized so the batch file output wouldnt appear, i renamed the shorcut after my report. Gave it an inconspicuos icon.
So what happens when someone double clicks the icon?
they get asked for their organisation log on details in a neat window.
when they enter their details the report should open successfully in internet explorer provided they have been added as a report browser to the security element of the report as outlined by #B.Serbele.
If a non intended user opens it, enters their details, it just crashes out.
No doubt you may find issues with this, i.e. someone can access the C drive and delete the powershell script or shortcut etc etc.
But its the best I could do with the set up we have at the moment.
Hope it may help someone.
I wanna do some testing regarding the acception of user permissions.
I am testing via Genymotion and made a Kik Account for my testing purposes. The only problem is that I already gave my app permission to my userdata and I cant find a way to reset this. I don`t want to make a new account everytime I am testing this function.
Is there a way to reset the permission so that I will have to accept again?
Yes, there is functionality for this
Open Kik and go to settings (the cog icon in the top bar)
Click on Help -> Developers
Turn on "Developer mode"
Open the webapp you're trying to debug
In the sidebar, long press the entry and select "Enable debug mode"
From here on out you can longpress the entry and choose "reset" which will reset the permissions
I have simple one-line batch script that loads a wlan profile (xml) to make it easier for our users to connect to our secure wireless network. I still need the users to login, so the profile does not contain user credentials. When the profile is loaded, a Windows notification balloon pops up from the task bar (lower right corner) that says "Additional Information is needed to connect..." as expected. When you click on the balloon, you're given the login credentials pop-up. The title bar of the window is "Windows Security" and the inner title is "Network Authentication. Please enter user credentials". I have seemingly looked everywhere for a way to just open this credentials box instead of the user having to click the balloon. I've run process monitor and I can't find where it adds that balloon to the notification bar. I also cannot find what happens when I click on the balloon and the login prompt comes up. I figured I would be able to add a line to my script that will just skip the click on the notification balloon and bring up the login pop-up. Is it possible to trigger this box? I know I could create my own login box and pass the variables, but I would rather use the native feature if possible. Thank you.
I'm unable to create database using DB2 Command Line Processor (DB2 Express C). I wrote a simple operation to create a database :
db2=> create database wiki
It's showing me an error :
SQL1092N The requested command or operation failed because the user
ID does not have the authority to perform the requested command or
operation. User ID: "VINAYAKP".
I've never worked on DB2 before. Also, from First Steps; it is just opening a prompt and it displays nothing. I'm using a thin client. Kindly tell me about this error and how to resolve it. Also, need to know any alternate way other than using the command line processor.
Note: I'm using Windows OS
Thanks
As the above answer didn't seem to work for me, I'm adding my solution. (command line only) [windows]
I simply launched db2cmd as the db2admin user (default).
To achieve this, execute the following command in command prompt:
runas /noprofile /user:db2admin db2cmd
This will launch a new cmd window logged in as the admin user. You can now execute any db2 commands from this window.
To resolve this issue you need to have the DB2 services started as Domain account, not a local account. In order to change the DB2 services to a Domain account do the following:
1.) Go to Start->Control Panel->Administration Tools->Services.
2.) Find the DB2-0 process right click on it and pick "Properties".
3.) Pick the "Log On" tab.
4.) Then choose "This account" radial button, then "Browse".
5.) A window will pop up called Select User click the Advanced button, then click "Find Now".
6.) A list of all users on the machine will be shown, choose the domain user and select "OK".
7.) To save the change click "Apply" then "OK".
8.) Restart the service/instance.
Using InstallShield 2012 Professional to install a ASP.NET website, and a custom app pool running in securitry context of a network service account. When I test the website, I encounter a permissions issue (file permissions), and the website fails with the message "Error: Access is Denied.".
Using InstallShield, I set permissions to each file for read access to the user "Authenticated Users". I set the permissions within the InstallShield ISM file by navigating to "Application Data" -> "Files and Folders"
Select each folder in the "Destination computer's folders"
Right-click each folder in the "Destination computer's folders"
Select context menu "Properties"
Click button "Permissions"
Add entry in "Name(s):" section for user "Authenticated Users", and domain is blank (select "Read & Execute", "List Folder Contents", "Read")
... then perform this action over and over again for each folder, then for each file.
Once I test, I find I have the problem. If I navigate to the actual files installed on the server and review, they appear correct, but do not function correctly. Infact, I - as a Authenticated User - do not have permissions to navigate the folder structure, but because I am an admin I can tweak the permissions and get in. If I manually reset these permissions on each of these files (and related folders) the website functions correctly. This means the app pool setup, the file copy, and the network service account are all functioning correctly, and the problem is strictly related to the permissions on the files IIS is trying to access.
Has anyone had this problem, and overcome it? If so, how? (I would prefer to avoid using InstallScript to set permissions.)
Notes:.
when considering settings in the "General Information" area, specifically the "Locked-Down Permissions" property - the behavior of file level permissions settings in InstallShield will differ. When selecting "Traditional Windows Installer handling", I was never successful adding explicit permissions. I noticed when doing so, all inherited permissions on the folder would dissappear. Additionally, while it appears the permissions are set in Windows, they behave like they are not set. Manual manipulation tests would show they were not correctly set.
When setting the "Locked-Down Permissions" property to "Custom InstallShield handling", I was able to add a permission and all inherited permissions remained intact. With this, I was able to apply the desired permissions to the root installation directory in the "Application Data"->"Files and Folders" area, and because I elected "Custom InstallShield handling" I am able to select the check box "Apply these permissions to child objects" in the advanced area of the permissions area of a folder property.
Steps to finalize and fix my problem:
In InstallShield (ISM file)...
Navigate to "General Information" (Lefthand pane)
Set Locked-Down Permissions to "Custom InstallShield handling"
Navigate to "Application Data"
Right-click the root folder where program is to be installed
Click "Properties"
Click button "Permissions"
Right-click top half of screen in white box area labeled "Name(s)"
Select context menu item "New"
Remove domain user leaving this field blank
Added user "Authenticated User"
Select check boxes in lower area ("Read & execute", "List Folder Contents", "Read")
Click button "Advanced"
Check checkbox "Apply these permissions to child objects"
Click button "OK"
Click button "OK"
Click button "OK"
Recompile installation program and install. Now works.