I have created a site collection as a site collection administrator with User A. I added a link to the site feature page, at the click of that link I am trying to make a timer job. Allow unscrewed code
// Clicked on the link given below. SPContext.Current.Web.AllowUnsafeUpdates = True; // Get the current web application SPWebApplication webApp = SPContext.Current.Site.WebApplication; // Create new job ArchiveJob automaticArchiveJob = new ArchiveJob (scheduleDetails.scheduleName, webApp); SPHourlySchedule hourlySchedule = New SPHourlySchedule (); Hourly schedule.big = 0; Hourly schedule Expiration = 1; Self ReservedWeb Schedule = hourly schedule; // Update archival job at the end automaticArchiveJob.Update (); Now when I log in with User A and click on that link on the 'Site Settings' page, in line with the "Security Disapproved" message, automaticArchiveJob Update () . But if I'm logged in to the Administrator user (I am logged in to the machine using this user) and it works successfully by clicking on the link, besides I have a user of the WSS_ADMIN_WPG group Had made a member but still this is the problem, do I have to do something else to solve this problem?
"Access denied" allow you to explain the expected behavior you are trying to do.
When a timer job example is created, it remains in the farm configuration database, for access to this database for writing purposes it is a privileged operation; As a rule of thumb, only the Agricultural Services account (the account under which OWSTIMER.EXE is executed) or accounts are clearly the necessary rights to complete such operation on the Config Database (usually the Administrator) .
By default, an attempt to instantiate the timer job with reference to the site collection is failing. Trying to Operation in an Advanced Privilege Block (Advanced Privilege via SPSAquiry) is only going to be used instead of the current user reference in the context of the application pool account of the web application; This is only successful if app pool account has the right to write a farm configuration database. If this happens, then it usually happens because (a) the farm service account is being used in those roles which It should not be in (for example content to run web applications), or (b) application pool accounting for additional pool permissions. In both cases the deviation from the operating model of best practices is represented.
Examples of timer job are usually created on the feature activation timeline, which has been scotched at the fields or webpage level. Why? Since those characteristics are generally activated by the administrators from the command line (the administrator believes that the agricultural configuration database also has the authority) or within the central administration (where the activation happens through the agricultural service account - the config database The guarantee is right). When the feature is activated and the feature active method of the SPF receiver is called, then this timer is safe (from a security perspective) to set up the job.
By solving your particular problem properly, the problem is a little over its head. Instead of trying to instantiate the timer job from within the site collection on demand, I recommend setting up a "sweep" timer job equal to when my feature is active. Of course, it takes more planning and effort than your efforts, but your current path is only going to work if security is adjusted in some way - and it is not recommended.
When I was putting together my Blob Cache Farm Flush feature (), I had to do a lot for myself. You have the characteristics of working through the timer job creation in the Feature Receiver Class (BlobKachfarmFlusSweepSubjectFeature Receiver). can see. The rest codes and associated documents can also help with some other challenges that come up.
Feel free to use whatever you find in any way; That's why it's there!
I hope that helps. If there are follow-up questions, stay away from the fire and I will answer just as much as I can: -)
Comments
Post a Comment