BorlandTalk.com Borland discussion newsgroups   Archives   FAQ   Search   Memberlist   Usergroups   Register   Profile   Log in to check your private messages   Log in  User Permissions on Windows Server 2003 Goto page 1, 2  Next          BorlandTalk.com Forum Index -> Delphi Databases (SQL Servers) View previous topic :: View next topic   Author Message Gary Mrenak Guest Posted: Mon Oct 02, 2006 5:22 am    Post subject: User Permissions on Windows Server 2003 I'm trying to set the lowest user permissions necessary to run a Delphi application interacting with Firebird on a Win 2003 server. Administrator's privileges work fine, of course, but I can't quite figure out how to do it with less. Gary Back to top Bill Todd Guest Posted: Mon Oct 02, 2006 6:16 am    Post subject: Re: User Permissions on Windows Server 2003 Gary Mrenak wrote: Quote: I'm trying to set the lowest user permissions necessary to run a Delphi application interacting with Firebird on a Win 2003 server. Administrator's privileges work fine, of course, but I can't quite figure out how to do it with less. Gary Are you running both the application and the Firebird server on the same Win2003 machine? What set of permissions do not work and what error do you get? When does the error occur? In which folder is the application EXE installed? Which version of Firebird are you using? -- Bill Todd (TeamB) Back to top Gary Mrenak Guest Posted: Mon Oct 02, 2006 4:21 pm    Post subject: Re: User Permissions on Windows Server 2003 Firebird 1.5 is on the server, the application is "served" from the same server to run on multiple network workstations. Db and app reside in different directories within a "share", about five levels down from the share root. The user is a member of Domain Users and Remote Web Workplace Users. The "User Template" was used to create the user and its settings have not been changed from original installed values. These error messages occur when starting the app: "Cannot attach to password database" ...I get this occasionally, not always (the app is supposed to check the db to authenticate the user's username and password), but is seems to disrupt the db sometimes requiring a db re-start; after restarting Firebird, then attempting to run the app I get .. "operating system directive CreateFile failed. Access is denied" This problem does not occur if I make the user a member of Admins. Gary Bill Todd wrote: Quote: Gary Mrenak wrote: I'm trying to set the lowest user permissions necessary to run a Delphi application interacting with Firebird on a Win 2003 server. Administrator's privileges work fine, of course, but I can't quite figure out how to do it with less. Gary Are you running both the application and the Firebird server on the same Win2003 machine? What set of permissions do not work and what error do you get? When does the error occur? In which folder is the application EXE installed? Which version of Firebird are you using? Back to top Gary Mrenak Guest Posted: Mon Oct 02, 2006 4:24 pm    Post subject: Re: User Permissions on Windows Server 2003 Forgot to mention: the user is attempting to run the app on a Win XP network workstation. G Gary Mrenak wrote: Quote: Firebird 1.5 is on the server, the application is "served" from the same server to run on multiple network workstations. Db and app reside in different directories within a "share", about five levels down from the share root. The user is a member of Domain Users and Remote Web Workplace Users. The "User Template" was used to create the user and its settings have not been changed from original installed values. These error messages occur when starting the app: "Cannot attach to password database" ..I get this occasionally, not always (the app is supposed to check the db to authenticate the user's username and password), but is seems to disrupt the db sometimes requiring a db re-start; after restarting Firebird, then attempting to run the app I get .. "operating system directive CreateFile failed. Access is denied" This problem does not occur if I make the user a member of Admins. Gary Bill Todd wrote: Gary Mrenak wrote: I'm trying to set the lowest user permissions necessary to run a Delphi application interacting with Firebird on a Win 2003 server. Administrator's privileges work fine, of course, but I can't quite figure out how to do it with less. Gary Are you running both the application and the Firebird server on the same Win2003 machine? What set of permissions do not work and what error do you get? When does the error occur? In which folder is the application EXE installed? Which version of Firebird are you using? Back to top Gary Mrenak Guest Posted: Mon Oct 02, 2006 5:27 pm    Post subject: Re: User Permissions on Windows Server 2003 I think I found the answer to my particular problem: setting the user's permissions for the Firebird install directory to Read & Execute, List Folder Contents, Read, and Write. G Gary Mrenak wrote: Quote: I'm trying to set the lowest user permissions necessary to run a Delphi application interacting with Firebird on a Win 2003 server. Administrator's privileges work fine, of course, but I can't quite figure out how to do it with less. Gary Back to top Bill Todd Guest Posted: Mon Oct 02, 2006 5:38 pm    Post subject: Re: User Permissions on Windows Server 2003 The connection to the Firebird server is via TCP/IP so the user does not require any rights on the server for this. The user does not even need a login account on the server. To run the app the user needs read access to the EXE. I cannot help you with the "cannot connect to password database" error but if it happens intermittently it is not a rights issue. You might try posting that question on the Firebird support list. -- Bill Todd (TeamB) Back to top Gary Mrenak Guest Posted: Mon Oct 02, 2006 7:47 pm    Post subject: Re: User Permissions on Windows Server 2003 Interesting. The user I'm testing with does have an account on the server and it seems that (per my earlier reply to my original message) giving "Authenticated Users" Write access (they already had the others listed in my reply) to the Firebird intall directory solved the problem. So you're saying that a local workstation user (no server account) can expect the app to interact with Firebird without permission limitations. I will try that on my system. Thanks. Bill Todd wrote: Quote: The connection to the Firebird server is via TCP/IP so the user does not require any rights on the server for this. The user does not even need a login account on the server. To run the app the user needs read access to the EXE. I cannot help you with the "cannot connect to password database" error but if it happens intermittently it is not a rights issue. You might try posting that question on the Firebird support list. Back to top Dan Palley Guest Posted: Mon Oct 02, 2006 9:23 pm    Post subject: Re: User Permissions on Windows Server 2003 Are you connecting to the database via a shared drive? That's a no-no. The client shouldn't need any permissions on the server. Dan "Gary Mrenak" <gmrenak (AT) earthlink (DOT) com> wrote in message news:45210644 (AT) newsgroups (DOT) borland.com... Quote: I think I found the answer to my particular problem: setting the user's permissions for the Firebird install directory to Read & Execute, List Folder Contents, Read, and Write. G Gary Mrenak wrote: I'm trying to set the lowest user permissions necessary to run a Delphi application interacting with Firebird on a Win 2003 server. Administrator's privileges work fine, of course, but I can't quite figure out how to do it with less. Gary Back to top Gary Mrenak Guest Posted: Mon Oct 02, 2006 10:37 pm    Post subject: Re: User Permissions on Windows Server 2003 So you're saying that the database should never be located in a "share?" If the db's directory happens to be located in the middle of stuff that has been "shared" maybe I can un-share the db's directory. I wonder if that will provide the same result? If not, would you recommend moving the db out of the share? Gary Dan Palley wrote: Quote: Are you connecting to the database via a shared drive? That's a no-no. The client shouldn't need any permissions on the server. Dan "Gary Mrenak" <gmrenak (AT) earthlink (DOT) com> wrote in message news:45210644 (AT) newsgroups (DOT) borland.com... I think I found the answer to my particular problem: setting the user's permissions for the Firebird install directory to Read & Execute, List Folder Contents, Read, and Write. G Gary Mrenak wrote: I'm trying to set the lowest user permissions necessary to run a Delphi application interacting with Firebird on a Win 2003 server. Administrator's privileges work fine, of course, but I can't quite figure out how to do it with less. Gary Back to top Dan Palley Guest Posted: Mon Oct 02, 2006 10:49 pm    Post subject: Re: User Permissions on Windows Server 2003 For interbase, all access to the database needs to be routed through the database server process. Typically, you would specify the servername, a colon, and then the local path to the database, i.e. myserver:c:\mydatabase.ib. I assume Firebird works the same way. If you connect via a share, then your locally installed copy of Interbase/Firebird is actually connecting to the database file on the remote server and you will have corruption as a result. Dan "Gary Mrenak" <gmrenak (AT) earthlink (DOT) com> wrote in message news:45214ed1$1 (AT) newsgroups (DOT) borland.com... Quote: So you're saying that the database should never be located in a "share?" If the db's directory happens to be located in the middle of stuff that has been "shared" maybe I can un-share the db's directory. I wonder if that will provide the same result? If not, would you recommend moving the db out of the share? Gary Dan Palley wrote: Are you connecting to the database via a shared drive? That's a no-no. The client shouldn't need any permissions on the server. Dan "Gary Mrenak" <gmrenak (AT) earthlink (DOT) com> wrote in message news:45210644 (AT) newsgroups (DOT) borland.com... I think I found the answer to my particular problem: setting the user's permissions for the Firebird install directory to Read & Execute, List Folder Contents, Read, and Write. G Gary Mrenak wrote: I'm trying to set the lowest user permissions necessary to run a Delphi application interacting with Firebird on a Win 2003 server. Administrator's privileges work fine, of course, but I can't quite figure out how to do it with less. Gary Back to top Bill Todd Guest Posted: Tue Oct 03, 2006 12:18 am    Post subject: Re: User Permissions on Windows Server 2003 Gary Mrenak wrote: Quote: So you're saying that a local workstation user (no server account) can expect the app to interact with Firebird without permission limitations. I will try that on my system. That is what I am saying. The only communication between the client and the Firebird server is over the TCP/IP connection. If you find that not to be true you should post in the Firebird support list because requiring that a user have any access to any folder on the database server is a security hole. -- Bill Todd (TeamB) Back to top Gary Mrenak Guest Posted: Tue Oct 03, 2006 1:52 am    Post subject: Re: User Permissions on Windows Server 2003 I misunderstood your advice. My actual connection string does not include a share .. it's the full path on the server. Thanks. Dan Palley wrote: Quote: For interbase, all access to the database needs to be routed through the database server process. Typically, you would specify the servername, a colon, and then the local path to the database, i.e. myserver:c:\mydatabase.ib. I assume Firebird works the same way. If you connect via a share, then your locally installed copy of Interbase/Firebird is actually connecting to the database file on the remote server and you will have corruption as a result. Dan "Gary Mrenak" <gmrenak (AT) earthlink (DOT) com> wrote in message news:45214ed1$1 (AT) newsgroups (DOT) borland.com... So you're saying that the database should never be located in a "share?" If the db's directory happens to be located in the middle of stuff that has been "shared" maybe I can un-share the db's directory. I wonder if that will provide the same result? If not, would you recommend moving the db out of the share? Gary Dan Palley wrote: Are you connecting to the database via a shared drive? That's a no-no. The client shouldn't need any permissions on the server. Dan "Gary Mrenak" <gmrenak (AT) earthlink (DOT) com> wrote in message news:45210644 (AT) newsgroups (DOT) borland.com... I think I found the answer to my particular problem: setting the user's permissions for the Firebird install directory to Read & Execute, List Folder Contents, Read, and Write. G Gary Mrenak wrote: I'm trying to set the lowest user permissions necessary to run a Delphi application interacting with Firebird on a Win 2003 server. Administrator's privileges work fine, of course, but I can't quite figure out how to do it with less. Gary Back to top Dan Palley Guest Posted: Tue Oct 03, 2006 9:37 pm    Post subject: Re: User Permissions on Windows Server 2003 Ok, what account is the Firebird service running under? It sounds like a permissions problem locally. Dan "Gary Mrenak" <gmrenak (AT) earthlink (DOT) com> wrote in message news:45217c88$1 (AT) newsgroups (DOT) borland.com... Quote: I misunderstood your advice. My actual connection string does not include a share .. it's the full path on the server. Thanks. Dan Palley wrote: For interbase, all access to the database needs to be routed through the database server process. Typically, you would specify the servername, a colon, and then the local path to the database, i.e. myserver:c:\mydatabase.ib. I assume Firebird works the same way. If you connect via a share, then your locally installed copy of Interbase/Firebird is actually connecting to the database file on the remote server and you will have corruption as a result. Dan "Gary Mrenak" <gmrenak (AT) earthlink (DOT) com> wrote in message news:45214ed1$1 (AT) newsgroups (DOT) borland.com... So you're saying that the database should never be located in a "share?" If the db's directory happens to be located in the middle of stuff that has been "shared" maybe I can un-share the db's directory. I wonder if that will provide the same result? If not, would you recommend moving the db out of the share? Gary Dan Palley wrote: Are you connecting to the database via a shared drive? That's a no-no. The client shouldn't need any permissions on the server. Dan "Gary Mrenak" <gmrenak (AT) earthlink (DOT) com> wrote in message news:45210644 (AT) newsgroups (DOT) borland.com... I think I found the answer to my particular problem: setting the user's permissions for the Firebird install directory to Read & Execute, List Folder Contents, Read, and Write. G Gary Mrenak wrote: I'm trying to set the lowest user permissions necessary to run a Delphi application interacting with Firebird on a Win 2003 server. Administrator's privileges work fine, of course, but I can't quite figure out how to do it with less. Gary Back to top Gary Mrenak Guest Posted: Wed Oct 04, 2006 5:08 am    Post subject: Re: User Permissions on Windows Server 2003 I'm new to Win2k3 so please excuse this basic question: when you say "..account .. the Firbird service [is] running under?", I'm not sure what you mean. Firebird was installed on the server by an administrator. Does it have an "account?" How would I determine this? Gary Dan Palley wrote: Quote: Ok, what account is the Firebird service running under? It sounds like a permissions problem locally. Dan "Gary Mrenak" <gmrenak (AT) earthlink (DOT) com> wrote in message news:45217c88$1 (AT) newsgroups (DOT) borland.com... I misunderstood your advice. My actual connection string does not include a share .. it's the full path on the server. Thanks. Dan Palley wrote: For interbase, all access to the database needs to be routed through the database server process. Typically, you would specify the servername, a colon, and then the local path to the database, i.e. myserver:c:\mydatabase.ib. I assume Firebird works the same way. If you connect via a share, then your locally installed copy of Interbase/Firebird is actually connecting to the database file on the remote server and you will have corruption as a result. Dan "Gary Mrenak" <gmrenak (AT) earthlink (DOT) com> wrote in message news:45214ed1$1 (AT) newsgroups (DOT) borland.com... So you're saying that the database should never be located in a "share?" If the db's directory happens to be located in the middle of stuff that has been "shared" maybe I can un-share the db's directory. I wonder if that will provide the same result? If not, would you recommend moving the db out of the share? Gary Dan Palley wrote: Are you connecting to the database via a shared drive? That's a no-no. The client shouldn't need any permissions on the server. Dan "Gary Mrenak" <gmrenak (AT) earthlink (DOT) com> wrote in message news:45210644 (AT) newsgroups (DOT) borland.com... I think I found the answer to my particular problem: setting the user's permissions for the Firebird install directory to Read & Execute, List Folder Contents, Read, and Write. G Gary Mrenak wrote: I'm trying to set the lowest user permissions necessary to run a Delphi application interacting with Firebird on a Win 2003 server. Administrator's privileges work fine, of course, but I can't quite figure out how to do it with less. Gary Back to top Dan Palley Guest Posted: Thu Oct 05, 2006 12:26 am    Post subject: Re: User Permissions on Windows Server 2003 If you look at the Firebird service on the server, you will see how it's set up as far as what account it runs under. The default is to use the local system account, which should have full access to the server resources, but it's possible to use another account. Whatever account is used, you need to make sure that the account has the correct permissions for the firebird folder and the folders where the databases are located. All of these settings are only done on the server. The client permissions for workstations connecting to Firebird should not be an issue. Dan "Gary Mrenak" <gmrenak (AT) earthlink (DOT) com> wrote in message news:4522fc30$1 (AT) newsgroups (DOT) borland.com... Quote: I'm new to Win2k3 so please excuse this basic question: when you say "..account .. the Firbird service [is] running under?", I'm not sure what you mean. Firebird was installed on the server by an administrator. Does it have an "account?" How would I determine this? Gary Dan Palley wrote: Ok, what account is the Firebird service running under? It sounds like a permissions problem locally. Dan "Gary Mrenak" <gmrenak (AT) earthlink (DOT) com> wrote in message news:45217c88$1 (AT) newsgroups (DOT) borland.com... I misunderstood your advice. My actual connection string does not include a share .. it's the full path on the server. Thanks. Dan Palley wrote: For interbase, all access to the database needs to be routed through the database server process. Typically, you would specify the servername, a colon, and then the local path to the database, i.e. myserver:c:\mydatabase.ib. I assume Firebird works the same way. If you connect via a share, then your locally installed copy of Interbase/Firebird is actually connecting to the database file on the remote server and you will have corruption as a result. Dan "Gary Mrenak" <gmrenak (AT) earthlink (DOT) com> wrote in message news:45214ed1$1 (AT) newsgroups (DOT) borland.com... So you're saying that the database should never be located in a "share?" If the db's directory happens to be located in the middle of stuff that has been "shared" maybe I can un-share the db's directory. I wonder if that will provide the same result? If not, would you recommend moving the db out of the share? Gary Dan Palley wrote: Are you connecting to the database via a shared drive? That's a no-no. The client shouldn't need any permissions on the server. Dan "Gary Mrenak" <gmrenak (AT) earthlink (DOT) com> wrote in message news:45210644 (AT) newsgroups (DOT) borland.com... I think I found the answer to my particular problem: setting the user's permissions for the Firebird install directory to Read & Execute, List Folder Contents, Read, and Write. G Gary Mrenak wrote: I'm trying to set the lowest user permissions necessary to run a Delphi application interacting with Firebird on a Win 2003 server. Administrator's privileges work fine, of course, but I can't quite figure out how to do it with less. Gary Back to top Display posts from previous: All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year Oldest FirstNewest First         BorlandTalk.com Forum Index -> Delphi Databases (SQL Servers) All times are GMT Goto page 1, 2  Next Page 1 of 2   Jump to: Select a forum C++ Builder Newsgroups----------------C++ BuilderC++ Builder (ActiveX)C++ Builder (Announcements)C++ Builder (Command Line Tools)C++ Builder DatabasesC++ Builder Databases (ADO)C++ Builder Databases (Desktop)C++ Builder Databases (InterBase Express)C++ Builder Databases (Multi-Tier)C++ Builder Databases (SQL Servers)C++ Builder (Graphics)C++ Builder (IDE)C++ Builder (Internet)C++ Builder (Internet Socket)C++ Builder (Internet Web)C++ Builder (Jobs)C++ Builder (Language)C++ Builder (Language C++)C++ Builder (Compatibility with MFC)C++ Builder (Native API)C++ Builder (Non-Technical)C++ Builder (Students)C++ Builder (Third Party Tools)C++ Builder (Upgrade)C++ Builder (VCL)C++ Builder (VCL Components Usage)C++ Builder (VCL Components Development)C++ Builder (VCL Usage)C++ Builder (WinAPI)C++ Builder Installation Delphi Newsgroups----------------Delphi (General)Delphi ActiveX Controls UsageDelphi ActiveX Controls DevelopmentDelphi As400Delphi DatabasesDelphi Databases (ADO)Delphi Databases (dbExpress)Delphi Databases (Desktop)Delphi Databases (InterBase Express)Delphi Databases (Multi-Tier)Delphi Databases (SQL Servers)Delphi DeploymentDelphi GraphicsDelphi IDEDelphi InternationalizationDelphi InternetDelphi Internet Isapi-WebBrokerDelphi Internet WebSnapDelphi Internet WinsockDelphi JobsDelphi Language BASMDelphi Language ObjectPascalDelphi Model Driven Architecture (General)Delphi Model Driven Architecture (Third Party)Delphi MultimediaDelphi Native APIDelphi Non-TechnicalDelphi ObjectPascalDelphi OLE AutomationDelphi OO designDelphi OpenToolsAPIDelphi Reporting-ChartingDelphi RTLDelphi StudentsDelphi TeamSourceDelphi Thirdparty ToolsDelphi Thirdparty Tools (General)Delphi Thirdparty Tools (IntraWeb)Delphi Thirdparty Tools (RaveReports)Delphi UpgradeDelphi VCLDelphi VCL ComponentsDelphi VCL Components UsingDelphi VCL Components WritingDelphi WebServices SOAPDelphi WinAPIDelphi XMLDelphi Installationcomp.lang.pascal.delphi.components.misccomp.lang.pascal.delphi.components.usagecomp.lang.pascal.delphi.components.writingcomp.lang.pascal.delphi.databasescomp.lang.pascal.delphi.misccomp.sources.delphi JBuilder Newsgroups----------------JBuilderJBuilder AnnouncementsJBuilder Applet IssuesJBuilder As400JBuilder CompilerJBuilder CORBA/RMIJBuilder DatabasesJBuilder DB SwingJBuilder DebuggerJBuilder DeploymentJBuilder DocumentationJBuilder EnterpriseJBuilder HandheldJBuilder IDEJBuilder JavaJBuilder JavaAPIJBuilder Java LanguageJBuilder Java SwingJBuilder Java BeansJBuilder Java Beans UsageJBuilder Java Beans DevelopmentJBuilder JBCLJBuilder JDataStoreJBuilder JobsJBuilder LinuxJBuilder MacintoshJBuilder & MobileSetJBuilder MultiLingual AppsJBuilder Non-TechnicalJBuilder OpenToolsJBuilder Servlets (JSP)JBuilder StudentsJBuilder Team DevelopmentJBuilder Thirdparty ToolsJBuilder UpgradeJBuilder Installation InterBase Newsgroups----------------InterBaseInterBase Bug DiscussionInterBase GeneralInterBase IBConsoleInterBase OpenSourceInterBase ReplicationInterBase SQLInterBase ThirdpartyInterBase Installation Miscellaneous Borland Newsgroups----------------AppCenterAppServerEnteraVisiBroker  You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum Powered by phpBB © 2001, 2006 phpBB Group SEO toolkit © 2004-2006 webmedic.