Permission Problem with edit entries
Devolutions Server 5.0.2.0
RDM 13.6.1.0 64-Bit
Hello,
we have permissions for user, they can view,add and edit entries.
View and add works fine.
But when a user edit, example a entry name and click save, this user get this error message:
Unable to save entry; access denied!
Regards
Andreas
Senior Network Consultant
Ostertag DeTeWe GmbH
All Comments (21)
Hello,
Do you have something relevant about this issue in the DVLS logs? If so, could you please send those logs to mailto:support@devolutions.net?
Please consult the following online help page on how to consult the logs.
https://helpserver.devolutions.net/configure_dvlslogs.htm
Best regards,
Érica Poirier
Hello,
no entries in the log.
20.06.2018 14:34:32 RDMSMembershipProvider Debug ProcessDomainUserInfo using userName/password - Exit
20.06.2018 14:34:32 RDMSMembershipProvider Debug ProcessDomainUserInfo using userName/password - Enter
20.06.2018 14:33:51 RDMSMembershipProvider Debug ProcessDomainUserInfo using userName/password - Exit
20.06.2018 14:33:51 RDMSMembershipProvider Debug ProcessDomainUserInfo using userName/password - Enter
20.06.2018 14:31:14 RDMSMembershipProvider Debug ProcessDomainUserInfo using userName/password - Exit
20.06.2018 14:31:13 RDMSMembershipProvider Debug ProcessDomainUserInfo using userName/password - Enter
Only login and logout.
And the time from the log is not the same as from the Server.
3 minutes difference in the future.
The server has the real time (NTP).
Regards
Andreas
Senior Network Consultant
Ostertag DeTeWe GmbH
Hello,
About the time of the logs, I will check with an engineer.
About your issue, which entry type the user tried to edit?
This information will help us to see if there is any missing information in the entry configuration to be able to save it in the database correctly.
What is the value set for the Data validation mode option in the Advanced tab of the DVLS Settings?
Could you please try to set it to Warning to see if this will help to resolve the issue?
Best regards,
Érica Poirier
Hello,
About your issue, which entry type the user tried to edit?
We check this with, edit the name from the entry or change the Icon from the entry.
Could you please try to set it to Warning to see if this will help to resolve the issue?
No, this didn't resolve the problem.
When this help, we can make a Teamviewer session.
Regards
Andreas
Senior Network Consultant
Ostertag DeTeWe GmbH
Hello,
I will send you in a private message a link to our online calendar to book an appointment for a remote session.
Best regards,
Érica Poirier
Hello,
do you have any news about the problem?
The initiation of the RDM for all technicians fails at the moment, because of this thing.
Regard
Andreas
Senior Network Consultant
Ostertag DeTeWe GmbH
Hello,
We are still trying to identify the main issue but we are unable to reproduce it on our end.
Could you please run the following SQL statement and send the result to support@devolutions.net? We are suspecting that some old permissions that was set on a role with an older version of RDM are still applied.
SELECT [Name]
,[CanAdd]
,[CanDelete]
,[CanEdit]
,[CustomSecurity]
FROM [SQLLocal].[dbo].[UserSecurity]
WHERE [UserType] = '1'
Best regards,
Érica Poirier
Hello,
after i set the Delete and Add to Root settings to default, now it works.
You can close this Thread.
Thanks
Andreas
Senior Network Consultant
Ostertag DeTeWe GmbH
Hello,
@everyone,
The Delete and Add in Root rights are located in the Security Groups tab of a specific Role.
Best regards,
Érica Poirier
Now we have a following problem.
The User can edit entries (Connections), but not folder.
And he can't move an entry from one folder to another.
P.S. The old problem is now still alive.
The User can't edit entries.
Regards
Andreas
Senior Network Consultant
Ostertag DeTeWe GmbH
Hello,
It's very strange that the old problem still exist. I am wandering if there is any old setting that cause this issue.
Are you available today for a remote session? If so, please write us an email or your availability and we will send you the remote session link.
Best regards,
Érica Poirier
Hello,
I've time.
Send me an invite.
Regards
Andreas
Senior Network Consultant
Ostertag DeTeWe GmbH
Hello,
The invitation has been sent and I am connected.
Best regards,
Érica Poirier
Ok.
Senior Network Consultant
Ostertag DeTeWe GmbH
Hello,
@Andreas, the Move issue is a bug in Devolutions Password Server. The workaround is to allow a user or a role the Delete permission. A ticket has been submitted to our engineering department. The ticket number is DVLS-1652.
@everyone, it seems that set the all Rights to Default resolve the issue for editing entries. For your information, these Rights are only applied with Security Groups and it is not recommended to use them anymore. It is recommended to only the Role Based Security System.
Best regards,
Érica Poirier
Thanks,
but in our second Repository, i've set the same permissions like the in first.
The normal user can't edit anything.
The User have the second repository marked on in the settings.
Regards
Andreas
Senior Network Consultant
Ostertag DeTeWe GmbH
Hello,
Do you have the same permissions set on the second repository Root folder for this user?
Best regards,
Érica Poirier
Anyone has changed the permission in a sub folder.
Now we fixed this :cool:
Regards
Andreas
Senior Network Consultant
Ostertag DeTeWe GmbH
Hello,
That's a good news. Glad that it's working now!
Best regards,
Érica Poirier
Hello,
@Andreas, the Move issue has been fixed internally and should be available in the next version of Devolutions Password Server.
With that fix, the Delete permission will not be needed anymore on folders or entries to be able to move entries.
Best regards,
Érica Poirier
Hello Erica,
nice to read this.
We will check this.
Thanks
Best Regards
Andreas
Senior Network Consultant
Ostertag DeTeWe GmbH