I'm writing a trouble ticketing system. I want to be able to make a button, and when I click on it, it automatically unlocks a user's windows account in Active Directory.
Is this something that can be easily done using a CFLDAP query?
I'm running Coldfusion 8.
You need to set userAccountControl=0
<cfldap
action="modify"
attributes="userAccountControl=0"
server="yourserver"
dn="your DN information">
Related
I am trying to load NTUSER.DAT of logged-in local user in registry hive to read their keys from my program running as admin (it has got SeDebugPrivilege, SeBackupPrivilege, etc).
It works when the user is logged-out, and doesn't work when they are logged-in.
The error is:
Error: (32) The process cannot access the file because it is being used by another process
So, is there any Win32 API, or another way, I can copy NTUSER.DAT or read it without relying on a third-party library? I need to do this when they are logged-in.
Shadow Volume Copy copies the whole drive, hence it isn't feasible. Maybe it is possible to unmount their registry hive and then load it using RegLoadKeyA() or something?
I found a workaround,
when the user is logged-off you can load NTUSER.DAT of that user in registry, then read key.
if the user is logged-in, you can read their keys from HKU/user-sid
I have several applications in an Oracle APEX 19.2 workspace that use shared authentication. In order to access enduser metadata, I want to use an application item defined as global in the master application. It seems to be configered correctly: In a slave application, I can see the correct session value in the debugger windows (Session State, View: Application Items).
But the usual replacement syntaxes do not work: I can not access the value with any of those methods:
:VARIABLE
&VARIABLE.
apex_util.get_session_state('variable')
The only method that is working is apex_util.fetch_app_item('variable',[application id]) - this is cumbersome, as I would like to work with application aliases and I would need to translate the alias using the view apex_applications.
Is this working as intended or did I do something wrong?
Have you created the same application item in the slave application as well? You will also have to set it to Scope = Global. This will expose the value in the current application.
I have got this issue :
WRT_8004
Writer initialization failed [Error opening session output file [/*/diff_zipcode1.out] [error=Permission denied]].
Writer terminating.
The user for informatica has the right to write in this specific folder (I tried a touch it directly and it worked) but I still get this error.
The only way for this workflow to work is to set the writing permission to everyone...
So I was wondering if informatica uses another user than the one who launchs the informatica server like my user on informatica ? And if this is the case how can I set the properties right to write on my folder.
Answer to my situation : I change the settings of the user of informatica after I launched the informatica server so the modification wasn't really done for informatica point of view. To fix this problem, I only had to reboot the informatica server.
Informatica will use whichever user has logged in to Power Center to create the file.
If you do not want to set full permissions to your folder, it would be best if you add the user into a group and provide write permissions to groups only.
I am trying to programmatically delete windows accounts along with their corresponding folders under c:\Users in windows 2008R2.
I call net user [user name] /delete command in the program but it does not delete the folder "user name" under c:\users. The DelectFile function does not work: error code is 5.
Is there a way to solve it?
You can't just DeleteFile a directory. You have to explicitly iterate through the contents of the directory, deleting each file and removing each subdirectory.
Also, be warned that the name of the user profile folder is not always identical to the username. The mapping is stored in the registry somewhere.
Error code 5 means "access denied". To fix it, check that the local system account has permission to delete that folder. You can do it from the command line using "cacls". LocalSystem should have access by default, as a member of the Administrators group, but that may have been removed. If it is missing, take ownership of the folder first.
Another problem might be that the folder is "in use", that is a handle is open with deny delete set for sharing. This is harder to solve. You may need to log the user off first or wait then retry.
I am using vc++. I am trying to create a "front end" which will create a task and put that in " Window's native Scheduler". The task's action is invoking a backup app. Every task needs some privileges to execute the given program. I need to assign administrator privileges to this task. I can assure that the front end can be run by admin only. Now I want to use assign the current user's(admin) privileges to the task. Upto the dig I did in internet/msdn , the api provides below two options( 3rd option is my assumption)
1) Provide account name,password for that task.
2) Use flag "TASK_FLAG_RUN_ONLY_IF_LOGGED_ON", and give the administrator "account name", and password as NULL.
3)Single Sign on
Now the constraints:
1->It is not a good idea to make the client to type the admin account name and password frequently
2->Admin Account name is not always the same(in XP it is possible to change it). So I can't provide a default admin account name.
3-> I don't know how to achieve it. The "single sign on" is something like once you logged in as admin, then the applications can get the current(logged in) user's privileges.
Searching MSDN for this is like "searching a needle in hay stack". Somebody, please shed a light on the solution.
Maybe LocalSystem Account
http://msdn.microsoft.com/en-us/library/ms684190(VS.85).aspx