I have a server running Windows Server 2019 with a lot of OS running. For one of these machines I need that every time a domain user first logs in, the "Documents" folder contains a copy of an Administrator folder and the desktop contains a shortcut for an application.
Is the correct way to do this create an user profile?
I tried creating an user profile but I could only foresee a situation where all users would share the same files. What I need is that each user has a separate copy of the files.
Related
I am trying to give IIS full control permissions to a folder located on the C: drive of the machine that is hosting the website. It contains database files that are necessary for my application. Is there some way to give explicit permissions for IIS?
Someone posted that I could give NETWORK SERVICE full control over the directory, so I've already granted The NETWORK SERVICE account full permissions and I'm still not able to access the database files. Everything works fine when I store a copy of the database files inside of \inetpub\wwwroot folder.
IIS Version 8.5.9600.16384
Look at the Application Pool and grant the permissions to the App Pool identity, or set the identity to a user who has the necessary permissions.
Are you using a local database? if it is local, open port 1433. SQL Connection String
choose the one that suits you
I built an Access DB and placed it in a shared folder where users are to copy and paste directly to their desktops. There are some that are accessing the database directly from the folder; hence locking the database up for any updates to be made.
There are no log in or user credentials used when accessing the database so I can't place any kind of audit trail on it to determine the users that continue to open the database directly from the folder.
Is it possible to close the database; knocking out these individuals that continue to lock it up? Or is it possible to place some sort of an audit trail in the database to capture user data that would identify the individual; i.e. computer address, computer name, etc.
You should leave that setup and arrange for each user to always have their own copy of the frontend - having tables linked from one backend, if they need that.
A script and a shortcut is used for that. It is described in detail in my article:
Deploy and update a Microsoft Access application with one click
(if you don't have an account, browse for the link: Read the full article)
I have a (S:\) drive with permissions for only myself and the SYSTEM user.
I just downloaded SQL SERVER EXPRESS 2017, and when I go to create a new database, it cannot see that drive as a place to create the database.
I tried giving the Everyone group full permissions on the drive, and then it showed up as a place to make the new database.
I am wondering what user I need to actually give permissions too, as it is clearly not running under my user, since my user has full control on the drive, and it's not running as SYSTEM, since that user has full control of the drive. I don't want to give "Everyone" permissions to the drive.
Note: Doing a bit more experiments, after removing the Everyone permissions, I went looking through my users list (in the Security tab of the Drive properties), and the only user that looks to have anything to do with SQL is SQLServer2005SQLBrowserUser${myUserName}, but giving this user full control did not allow SSMS to see the drive again.
Run this query:
SELECT * FROM sys.dm_server_services
And you will see current available services on your SQL Server instance and the account mapped to each one. Add permissions to the one that's below the servicename: SQL Server (MSSQLSERVER), it will be most likely NT Service\MSSQLSERVER.
If you use Jobs on the Agent, you will need to give permissions to that account also.
I've recently taken over a script from someone who's left the company and it recently started failing. The code looks up a specific user and sends them an e-mail.
I've nailed the culprit line that fails to be (user and passwords is set to my personal account):
my $dbh = DBI->connect('dbi:ODBC:IDM', $idm_user, $idm_passwd)
from this database the script selects the E-mail from a specified user login name.
I can't seem to find any documentation on the database IDM and was wondering if anyone knows of it?
Is it a built in Microsoft Exchange DB or Windows domain DB?
Thanks!
That line is connecting to an ODBC data source called IDM defined in the ODBC data source administrator in that system.
Ewww...
I have a feeling that the guy wrote his own database to do this particular task, and maintained that database.
I had to do something like this and used Net::LDAP to read the user's email address from the Windows Active Directory, then used Net::SMTP to write the email. Of course, your Windows Active Directory must be configured to allow for LDAP access, and your Outlook email must be configured to allow for SMTP based mail.
You can try something like Win32::AD::User to fetch the user's email address directly from Active Directory, but I have a feeling that you won't have read/write access to it.
If you can figure out how to fetch the user's information, you can try Mail::Outlook to write the actual email.
I never used either of these modules. I guess I've been lucky that my Window sites allow LDAP access and SMTP.
I am wanting to add a user access control system to one of my MS Access applications using the DAO system built into MS Jet database engine. I am working with accdb database on Access 2007.
I understand how to manage DAO users & groups.
I have discovered that, to "turn on" security control, I have to change the password on admin from blank to some non-blank value. This forces the user to login when opening the access database. What I have discovered, however, is that this also forces a user login in every Access database on the system.
My question:
Is there someway to turn on the user login for some accdb's and leave it off for all others?
Access uses a workgroup information file to store the user and group account information. The default name is System.mdw
You can find out the name of your current workgroup information file and where it is located by examining the SystemDb property. For example, from within your Access session, switch to the Immediate Window and run this line:
? SystemDB
However, you can have another workgroup information file and start up Access with a shortcut which includes the /WRKGRP switch followed by the full path to your alternate workgroup information file.
The shortcut pattern includes 4 elements.
"Path2EXE" "Path2Db" /WRKGRP "Path2MDW"
Here is a working shortcut from my Access 2003 system. (It should be all on a single line; I split it here so you won't need to scroll to see it all.)
"C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE" "P:\Access\wip\sandie\NewDB.mdb"
/WRKGRP "P:\Access\wip\sandie\Security.mdw"
So the point is you can have two (or more) workgroup information files: the default without an admin password which you use for your unsecured databases; and another with an admin password which you use for your secured databases and reference with the /WRKGRP switch when you open them.
That leaves the question of how to create your alternate workgroup information file. Use the User-Level Security Wizard and choose the option "Create a new workgroup information file".
Another point that puzzles me is that you said Access 2007 and ACCDB. My understanding was that Access 2007 and 2010 still support user-level security, but only in the older MDB database format, not with the ACCDB format.
One final note: If you need bullet-proof security, ULS is not sufficient. It can be defeated with an Access password cracker. Supposedly they are easy to find, but I've never looked for one myself.