I can't find how to see permissions grants in DataGrip
there is nothing on sql generator and don't see any option on table menu
is there such function at all ?
As of version 2021.1 they seem to have now added this functionality.
Manual - Section: "Configure GRANT privileges for objects"
You can show Grants of your cluster's users by opening the Server Objects database, Users table, right click on the User you want to see, Modify user. It'll open a new window, if you scroll down you'll see the Grants section.
Related
A colleague of mine suggested that I could fix this error in the GPO. It is a windows 2016 server.
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
I’m not sure if this issue affects the functionality of your app, and as the documentation says, you don't need to fix this issue if it has no effect on function.
These events can be safely ignored because they do not adversely affect functionality and are by design. This is the recommend action for these events.
If it has effect on your application, you can follow these steps to fix it:
Open the registry editor as an administrator and nagvigate to HKEY_CLASSES_ROOT\CLSID{D63B10C5-BB46-4990-A94F-E40B9D520160}. If you are in the right location, you also see the APPID as a value. Remember the application name, you can see in the Data column, the corresponding Name column shows (Default).
Right click the {D63B10C5-BB46-4990-A94F-E40B9D520160} and click Permissions, then choose Advanced.
In the advance security setting window, click Change and type your administrator account. Then click OK.
In the "Permissions for..." windows, select the Administrators and activate the Full Permissions checkbox.
Repeat step 1 to 4 to add permissions for APPID{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}.
Open Component Services as administrator. Navigate to Component Services-Computers-My Computer-DCOM Config. Find the application by application name remembered in step 1 and right click the Properties.
Go to the Secutiry tab, choose the appropriate action. You can choose Launch and Activation Permissions, set to Customize, and Edit.
Click the name that applies to you and click the appropriate permission.
If permissions can't be changed, you may need to take ownership first.
See also https://www.kapilarya.com/fix-event-10016-error-the-application-specific-permission-settings-do-not-grant-local-activation-permission-in-windows-10
I'm testing Pimcore right now, to see if it's a good fit for our company.
I was wondering if there is a way to give a user specific rights, like an author only being able to make content and edit his own content?
Yes you can provide user or role based permission to documents, assets or objects. Click here to see the screenshot of the user screen
Steps are as follows -
Go to settings -> User
Click on the specific user on which you want add some permissions.
On the right screen part go to the workflow tab.
Click on the add button present near Document title if you want to add permissions on documents. Same can be done on Assets and on Objects
Drag and drop documents on which you want to allow permissions.
Check the boxes if you want to allow user to publish, unpublish, delete etc.
Save
Same can be done on roles as well. If you want same set of permissions on couple of users then you can make a specific role, assign the desired permissions and then assign that role to multiple users.
I have a new Azure account. I am able to log into the 'manage' page as admin, but I forgot the password to one of my databases. I would like to reset the password on that one DB. How do I do that? Microsoft doesn't seem to have a KB on that - at least not one I could find. Thx.
If you're referring to the administrative password for a specific Windows Azure SQL Database server, you can do this from the new portal. Select the Database choice on the left, then select Servers:
Then, after selecting the server of choice, you'll see the option on the right for resetting admin password:
Using the new azure portal:
https://portal.azure.com
Click browse (to view all resources)
Select SQL databases
Choose a database that's in the server you want to change creds for.
Select the server name url for that selected database. This should open up the server configuration blade.
Reset password is the second button from left.
Another variation on new Azure portal (bypassing the database), #1 go to SQL servers directly; #2 click on the DB Server you want to update the password for, #3 click the pencil, #4 update the password, confirm and save.
To reset the administrator password for a SQL Database server, use the following steps:
Go to the Windows Azure Management Portal at http://manage.windowsazure.com and click SQL Databases in the left-hand navigation pane.
Click the Servers tab at the top of the SQL Databases workspace. This will launch the Server List View.
In the Server List View, click the name of the server to update. This will launch the Server Dashboard.
On the Server Dashboard, click Reset Administrator Password under quick glance tasks on the right-hand side of the workspace.
On the Reset Password dialogue, specify a new password and then confirm the new password.
To complete the operation, click the Check mark button at bottom right. You will be returned to the Server Dashboard for the server.
If you reset the SQL Database server password during a time when there are active connections to databases on the server, you may want to use the KILL statement to terminate user sessions. This will force client connections to refresh their sessions with the database and the host server. For more information, see KILL (Windows Azure SQL Database).
With the current iteration of the interface, the process is similar to what is described above with an additional step:
Get to the Overview as described above.
New: Click on the server name (I just had to stumble into it. Horrible UI design.)
Now there is an option to reset the password.
You can use the following command with the Azure CLI 2.0 to change / reset the password for Azure SQL Database:
az sql server update -n {database server name}
-g {resource group name}
-p {password}
Source: https://buildazure.com/2017/05/18/azure-cli-2-0-reset-azure-sql-database-password/
You can actually reset your admin password to your SQL database using the old/previous Silverlight portal.
Log into https://windows.azure.com/ or into the current one and select "Previous portal" from your login
In the previous portal click the "Database" menu item on the bottom left
Select the database from the subscription
click the "reset password"
Update for new portal:
Go to the SQL server that's hosting your SQL DB and click on "Reset password".
If someone had forgotten his password for DB, First of all, look at the connection string(appsettings.json).
You will find it there.
Is there a way to force sharepoint 2010 to popup the dialog to ask the user for a username and password and not use the computers logged in user, if that user doesn't have access.
We need an internal sharepoint website to not use the windows credentials, since these are computers used by many people. The windows user doesn't have access to the site, so currently it shows an access denied, click here to log in as another user. We would prefer if it just asked for credentials in a more graceful manner.
There is a way to configure Internet Explorer to do this. In Internet Explorer(IE),
Go to Tools
Click Internet Options
Click on the Security tab
Click on the button labeled Custom Level.
Scroll to the very bottom of the list
Select the option labeled Prompt for user name and password.
The default option Automatic logon only in Intranet zone' is what is causing IE to send the credentials to SharePoint. This of course would force everyone to log in on that computer.
Forms Based Authentication is the answer. You can modify the Login page and even where the users credentials (username/password) are stored (e.g. a SQL database rather then AD).
Use browser other than IE to access the SharePoint site from the community computers.
I am guessing you work in a corporate environment, which would mean your computers are probably managed by your IT department and part of your domain. Because they are part of your company's AD (Active Directory), your systadmins Should be able to modify the existing policy (i say existing, because in IE, the defaults for the settings relating to logging on are by default set so that you WOULD have gotten a logon prompt, i am guessing a group policy is already in effect). If it does not exist, have your admins create one.
The setting Jeremy mentions is one option. It could also be that the site is in included in your IE's "Local Intranet Zone". If it is, or, more probable, there is a wildcard *.yourdomainname.yourdomainextension).
Use the setting mentioned by jeremy to override the default logon behavior (automatic logon) associated with sites listed in the intranet zone.
A group policy can be applied to a group of computers or all the computers in the domain. If the policy should be applied to a small group of computers only, put those computers in a separate OU (Organisation Unit) in AD and apply the policy to that OU.
What about creating a new zone, secured with FBA, for those community computers? As long as the users of the community computers are given only URL for the new zone, you should be OK.
You can create 2 registry files to turn this behavior on and off for the Internet Explorer. Use Notepad to paste the values below, ensure that Windows Registry Editor Version 5.00is the first line, and that you're appending 2 blank lines at the end of the file (press 2x Enter).
To turn it on (i.e. always ask for credentials): AlwaysAsk.reg
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\1] "1A00"=dword:00010000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\1] "1A00"=dword:00010000
To turn it off (automatically use credentials, only ask if necessary): AutomaticLogon.reg
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\1] "1A00"=dword:00020000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\1] "1A00"=dword:00020000
This is useful for testing, espcecially if you're a developer in a corporate environment where you can't easily change the policy settings on your PC (but you need elevated rights, i.e. you have to run it as Administrator).
Note that the 1st key is for the local machine, the 2nd key is for the current user (currently logged in), which is needed to activate it immediately.
If you need more details about the values, check out this link:
Internet Explorer security zones registry entries for advanced users
Every morning when i fire up my VM and IE (in my host OS) and go to my SP site it always logs me on automatically as DOMAIN\george which is a user I created for testing permissions.
So every morning after that I click "sign in as a different user" to sign in as my sys admin user instead and most days that is the only user I use. Any idea why george's credentials are being cached?
Part of "firing up my VM" is running a script that starts IIS as well as some services. I'm not entirely sure SharePoint is responsible for this, could very well be ASP.Net.
EDIT: I've already tried clearing my cookies.
Had a very similar problem! To solve it, go to 'User Accounts' under the Windows Control panel.
Navigate to 'Manage your network passwords'. Select the domain you wish to clear and select 'Remove'.
You should now have a clean login dialogue box and when you check the 'remember me' box, this will be stored as the login default for that domain.
I was able to remove the test login credentials using the User Account control panel applet in Windows 7
Open the Manage Credentials link.
Find the Sharepoint Login in the Windows Vault.
Expand the address for the site
Remove the test login for this site.
After doing this I am no longer prompted for the login and login as different user prompt.
Have you checked that there are no logins and passwords being stored by the browser? Assuming you are using IE, see this article on how to clear them.
If DOMAIN\george is same user ID you are logging in to the VM ? If that is the case try changing the Setting in IE that dictates what user name is send to the Server. Just go to Tools - > Settings - > Security and Click on Custom Level, scroll down to bottom and you will find User Authentication option Select the Prompt for User name and Password.
It could also be that you are using IE8, that caches my credentials as well it seems.
IE8 stores credentials for favourites it seems, don't ask me why. What you should do is log in as the needed user, then save a new favourite (or add it to the favourites bar by dragging it). Then use that link to go to your site.