- Mark as New
- Bookmark
- Subscribe
- Permalink
- Report Inappropriate Content
Banking
We are also experiencing the same issue with fiblueprint.xml file permissions being modified by the quickbooks program, even when we set "Authenticated Users" to Modify only in a multi user Azure Virtual Desktop. Quite annoying! We are currently testing the following as a resolution:
- Remove inheritance for the file and remove all permissions.
- Set file owner as your administrator account
- Set Authenticated Users to Modify
- Set Local Administrators (or domain administrators if you choose) to Full Control
- Make sure all other permissions including SYSTEM are removed and only Authenticated Users and Administrators are in the permissions.
We are not experiencing this issue for any other files. This shows up when users work in the bank feed. Additionally, here are the permissions we set on a multi-user environment:
$user = New-Object -TypeName 'System.Security.Principal.SecurityIdentifier' -ArgumentList @([System.Security.Principal.WellKnownSidType]::AuthenticatedUserSid, $null) $MyPath1 = "C:\ProgramData\Intuit" $acl1 = Get-Acl -Path $MyPath1 $rule1 = New-Object System.Security.AccessControl.FileSystemAccessRule($user, 'Modify', 'ContainerInherit,ObjectInherit', 'None', 'Allow') $acl1.SetAccessRule($rule1) Set-Acl -Path $MyPath1 -AclObject $acl1 $MyPath2 = "C:\ProgramData\Common Files\Intuit" $acl2 = Get-Acl -Path $MyPath2 $rule2 = New-Object System.Security.AccessControl.FileSystemAccessRule($user, 'Modify', 'ContainerInherit,ObjectInherit', 'None', 'Allow') $acl2.SetAccessRule($rule2) Set-Acl -Path $MyPath2 -AclObject $acl2 $MyPath3 = "C:\Program Files\Intuit" $acl3 = Get-Acl -Path $MyPath3 $rule3 = New-Object System.Security.AccessControl.FileSystemAccessRule($user, 'Modify', 'ContainerInherit,ObjectInherit', 'None', 'Allow') $acl3.SetAccessRule($rule3) Set-Acl -Path $MyPath3 -AclObject $acl3 $MyPath4 = "C:\Program Files\Common Files\Intuit" $acl4 = Get-Acl -Path $MyPath4 $rule4 = New-Object System.Security.AccessControl.FileSystemAccessRule($user, 'Modify', 'ContainerInherit,ObjectInherit', 'None', 'Allow') $acl4.SetAccessRule($rule4) Set-Acl -Path $MyPath4 -AclObject $acl4 $MyPath5 = "C:\Program Files (x86)\Intuit" $acl5 = Get-Acl -Path $MyPath5 $rule5 = New-Object System.Security.AccessControl.FileSystemAccessRule($user, 'Modify', 'ContainerInherit,ObjectInherit', 'None', 'Allow') $acl5.SetAccessRule($rule5) Set-Acl -Path $MyPath5 -AclObject $acl5 $MyPath6 = "C:\Program Files (x86)\Common Files\Intuit" $acl6 = Get-Acl -Path $MyPath6 $rule6 = New-Object System.Security.AccessControl.FileSystemAccessRule($user, 'Modify', 'ContainerInherit,ObjectInherit', 'None', 'Allow') $acl6.SetAccessRule($rule6) Set-Acl -Path $MyPath6 -AclObject $acl6 Write-Output "C:\ProgramData\Intuit" (Get-ACL -Path $MyPath1).Access | Format-Table IdentityReference,FileSystemRights,AccessControlType,IsInherited,InheritanceFlags -AutoSize Write-Output "C:\ProgramData\Common Files\Intuit" (Get-ACL -Path $MyPath2).Access | Format-Table IdentityReference,FileSystemRights,AccessControlType,IsInherited,InheritanceFlags -AutoSize Write-Output "C:\Program Files\Intuit" (Get-ACL -Path $MyPath3).Access | Format-Table IdentityReference,FileSystemRights,AccessControlType,IsInherited,InheritanceFlags -AutoSize Write-Output "C:\Program Files\Common Files\Intuit" (Get-ACL -Path $MyPath4).Access | Format-Table IdentityReference,FileSystemRights,AccessControlType,IsInherited,InheritanceFlags -AutoSize Write-Output "C:\Program Files (x86)\Intuit" (Get-ACL -Path $MyPath5).Access | Format-Table IdentityReference,FileSystemRights,AccessControlType,IsInherited,InheritanceFlags -AutoSize Write-Output "C:\Program Files (x86)\Common Files\Intuit" (Get-ACL -Path $MyPath6).Access | Format-Table IdentityReference,FileSystemRights,AccessControlType,IsInherited,InheritanceFlags -AutoSize |
