What permissions does a user need to manage the promoted workspaces in Carbon? Are these the same permissions required to edit individual workspaces?
Carbon Administration
Carbon administrator permissions are required to publish and promote Carbon workspaces (i.e., choose which workspaces are displayed in the workspace switcher), as well as manage org-wide settings, such as whether or not Carbon is displayed in dark mode.
Carbon administrator permissions are granted via the Carbon Organization Administrator application permission in Control Panel and are organization specific. You may need to reach out to your platform administrator if you require these permissions.
Editing Carbon Workspaces
Permission to edit Carbon workspaces is based on compass permissions of the workspace and is separate from administrator permissions. If a user has edit permissions on the compass resource, they are able to edit it in Carbon. If they have view permissions, they can view it but not edit it.
Related
edit
I also have the same problem as an admin on a domain
I just installed SSRS locally on a machine for and I cannot access the reports I deployed. Everything was installed as admin
when going to the web portal I get this massage
Could not load folder contents
You are not allowed to view this folder. Contact your administrator to obtain the necessary permissions.
and when trying to access the web service via the config manager I get this one:
The permissions granted to user <username> are insufficient for performing this operation. (rsAccessDenied)
Additionally in the web portal I got no "manage" folder and only "my subscriptions" under the settings button .
Everything is running locally and as admin, the OS is windows 11 and the SSRS is version 15.0.1102.1002 and running in native mode.
I've looked all over the place and found out something about certificates, but almost everything in google is about access problems via remote server.
adding the URL to the trusted sites didn't help
it certainly look like you don't have permission. Are you administrator? When you were installing did you set up some users to be administrators?
Find which account is administrator and then add yourself from the SSRS site. Is there another account you can run or Run as administrator?
Another way to install again.
If you decide to install again pay attention on the page with the users.
We have a C# Windows Forms client application. This application occasionally needs to check for updates to itself from a trusted internal web site, download them, install them, and restart itself.
To make the application compatible with User Account Control (UAC), we embedded a manifest in the .exe that requests the highest available privileges:
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="highestAvailable" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
We want standard (non-administrator) users to be able to run the application without being prompted to elevate to administrator. We gave standard users full permissions to the entire application folder. This means the user has the power to mess with the software files, but that is acceptable.
The users have been working with this application on Windows 7, Windows 8, and Windows 8.1 for a while with UAC fully enabled. On these operating systems, when our application is launched, Windows does not prompt the user to elevate to administrator privileges.
We are now testing behavior on Windows 10. On a Windows 10 system, with full UAC enabled, Windows is prompting standard users to elevate to administrator. Nothing else has changed. The .EXE is the same, and the embedded manifest is the same requested execution level highestAvailable.
We have tested this with the client files in C:\Program Files and in C:\Users\Public. Both locations have the same behavior.
Why is the UAC elevation behavior different on Windows 10? Is the behavior on prior versions a bug in UAC? Should it have been prompting to elevate all along?
Note that we must keep UAC enabled. I am aware of how to disable it.
Also note that I have tested changing the manifest to requestedExecutionLevel of asInvoker. This is not prompting for elevation on Windows 10.
-- UPDATE --
We have tracked the elevation prompting to a difference between local users and domain users. This MSDN article says:
Application launch behavior for a standard user with additional privileges (E.G. Backup Operator)...[will] prompt for credentials before running the application
We are seeing local standard users not prompted for elevation, but local domain users are prompted for elevation. The only privileges the domain user has over the limited user is being a member of the Domain Users role.
You miss understand highestAvailable. This means request the full admin token if your account is part of the admin group, but for normal standard users no UAC dialog is shown and the process runs with the standard token.
If your program requires admin rights to function then you need to use requireAdministrator in the manifest. When a standard user starts such a process, the over-the-shoulder UAC dialog is shown, where the user can enter credentials of an admin account.
I am running Report Service Manager - Web portal for accessing the Reports. For Development and Testing purpose, Report service is running from my computer.
Whenever Testing Team tries to access the web from their end, report service is asking an Initial Authentication of my computer account. ( Windows Authentication ). How to skip this authentication mode ? This is an Internal Application, i want Report service to run on any computer without asking any authentications.
If you are all on the same domain, simply add "DomainName\All Users" with the appropriate role to the portal. The testers may also need to add your site as a trusted site in their browsers. "All Users" is exactly as it sounds - any user account on that domain will have the access you grant.
Alternatively, if you need to disable security entirely (bad idea), you'll have to configure a new security extension - it's relatively simple to do, especially with all the samples you can find online (google "SSRS custom authentication" or "SSRS anonymous authentication"), but if you've never done anything like this before, you may struggle if you run into any unexpected issues.
See here for one example on how to enable anonymous access:
http://blogs.msdn.com/b/jameswu/archive/2008/07/15/anonymous-access-in-sql-rs-2008.aspx
I have installed Bitnami Trac for windows. (bitnami-trac-windows-installer) and I created new projects but the new project is wrong. I couldn't see Account section in Admin tab also I didn't create an admin but the first admin is assigned to new projects automatically. How to see Account section (configuration , users) ?
Thanks for your advance .
You can use the trac-admin command-line tool to adjust account permissions. When setting up a project, I typically give TRAC_ADMIN permissions to the anonymous user with something like:
trac-admin path\to\trac\project permission add anonymous TRAC_ADMIN
This should give you full access to everything, even without logging in. Once you get the admin accounts set up and can verify they're working and have the correct permissions, you can revoke that permission with permission remove.
Since it sounds like you already have the admin accounts created, this might be overkill. It may be enough to just add the TRAC_ADMIN permission to your specific admin account. To verify that the permissions are set up as expected, you can use:
trac-admin path\to\trac\project permission list username
I am having some issues setting up Reporting Server. I can open http://localhost/reports only when I run Internet Explorer as administrator. When I try to open it from another server, logging in with the same user as the service account, I get prompted for credentials before it proceeds. What settings do I need to check\change to allow me to open the reports home page without having to open IE as administrator locally or having to enter my username and password from a remote connection? Here is the error I am receiving if I open IE not as admin.
User 'DOMAIN\USER' does not have required permissions. Verify that sufficient permissions have been granted and Windows User Account Control (UAC) restrictions have been addressed.
Connect to SSRS Report Manager (/reports) as admin, then check what you see when you click on the Folder Settings. This should give you the security settings for the root folder. Make sure that your account is included here, whether by AD group or individually. Content Manager is the most permissive setting.
In addition to checking the Home folder security settings as #Jamie-F pointed out, check the "Site Settings", "Security" as well and make sure the user or group is there.