Acces Denied in Workflows of in site collection - configuration-files

When I publish a workflow I receive this message "Error in configuration file".
It's happened in a specific site collection.
In site configuration I can't activate features because return access denied, but with powershell works.
Why I can fix this.

I descovery it this problem caused because i use permissions group...

Related

Azure devops error 0000000d-0000-8888-8000-000000000000 needs Read Organization resources permission

I have been using azure devops pipelines for some time but today there is an error:
Access Denied: 0000000d-0000-8888-8000-000000000000 needs the following permission(s) on the resource /Organizations to perform this action: Read Organization resources
I cant find what/who is 0000000d-0000-8888-8000-000000000000 and where to configure those permissions.
Any idea?
I cant find what/who is 0000000d-0000-8888-8000-000000000000 and where
to configure those permissions.
The 0000000d-0000-8888-8000-000000000000 is the Microsoft.VisualStudio.Services.ReleaseManagement. You could get it from the Response:
Get all deployments in the project
According to your description, this issue exists from today. And it works fine before.
After investigation, there are some recent events of available degradation of Azure DevOps, which affected these services, please wait for a while and then try again. If you want to know more information, please click here: https://status.dev.azure.com/_event/257032220
You could wait for a while and check if this issue still exists, please continue to contact us.

Azure DevOps login via github fails

I get the following error
We cannot complete your request
server_error: The request could not be completed. Please try again later.
Error link:
https://login.live.com/HandleGithubResponse.srf?code=c3f48c4783f6d1d5ef1b&state=38FEE58AB9343DAB#
update
I used GitHub to log in to Azure before, and published a plugin. Now, when I want to log in to Azure using GitHub, I will be forced to log in to my MS account. My mailbox is rxliuli#gmail.com on both MS and GitHub.
At the same time, I created an organization rxliuli after logging in with an MS account, Azure did not have any errors, but when I want to log in to rxliuli (create a personal token), it will prompt ERROR Failed request: (401) What's wrong, is there any way for me to use the publisher name rxliuli after logging in with GitHub before?
update
I can't use vsce to create any new users right now. . .
update
Currently, I can use github to log in to azure, but using vsce login rxliuli still shows ERROR Failed request: (401), I am sure that the token has all permissions and has not expired
Well, actually because the token I created has no choice to allow all organizations. . .
ref: https://code.visualstudio.com/api/working-with-extensions/publishing-extension#i-get-403-forbidden-or-401-unauthorized-error-when-i-try-to-publish-my-extension

TF400813: The user '' is not authorized to access this resource

I have my own private organization and repositories.
I also have multiple directories and all of them work except for the "Microsoft account" directory.
I am able to log into Azure Devops no problem using the Microsoft account directory.
I see my organization and I can go through my repositories, agents, pipelines, everything.
However, I can't change anything. All I get is the error or screens that don't load fully.
Its like its in read only mode.
I went into user settings to check permissions and it lets me in but only so far. It stops loading user lists after selecting groups.
It shows me groups and permissions for everything, however.
When I try and generate a PAT, the screen sits there and says "Loading Tokens..."
The error I see everywhere and in the network responses is:
$id: "1"
innerException: null
message: "TF400813: The user '' is not authorized to access this resource."
typeName: "Microsoft.TeamFoundation.Framework.Server.UnauthorizedRequestException, Microsoft.TeamFoundation.Framework.Server"
typeKey: "UnauthorizedRequestException"
errorCode: 0
eventId: 3000
Exactly like that, nothing there between the quotes.
It also shows up in Red text with just this message:
TF400813: The user '' is not authorized to access this resource.
To resolve this I have done the following:
Logged out of devops entirely, which seems to log me out of several services.
Switched between my AD accounts while logged in.
I've rebooted my machine(I first started seeing this in VS so I updated and rebooted as part of that)
Anything I'm missing here?
message: "TF400813: The user '' is not authorized to access this
resource.
This looks more like the anonymous access error as you said that there's nothing between the quotes.
In azure devops, e.g PAT generated, most services have themselves security module. When user want to make use of them, it must pass the firstly identity check. If for system, your visit and operate are identified as anonymous, it will look like read-only.
We ever handled such issue and found it due to the proxy blocking the traffic, which also lead him to get the same error when accessing azure devops with vscode.(Similar with yours)
You need confirm is there any proxy configured in your side.
If there's no proxy set but still has this issue. Since Stackflow is a open forum but this is a identity issue. I strongly suggest you contact here and then attach below info also:
Activity id: You could see this from the Headers of Network. For our backend, we could use this id to check the exactly stack
trace.
Org name and account name.
Fiddler trace. The mostly useful info we need is fiddler trace.
I tried a few options like setting the PAT in interactive screen or via environment variable or by storing it in a file and echoing that file content to the az devops login or az pipeline create command as mentioned in
https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&viewFallbackFrom=vsts&tabs=preview-page#create-personal-access-tokens-to-authenticate-access
However none of them worked. Finally it worked after I changed the token (PAT) in the file
/home//.azure/azuredevops/personalaccesstoken.
Try to sign out and the sign in again,
it's worked for me.

How to restore permission when I am the admin of the project?

After mistakenly add myself to a wrong role, I am no longer able to access "IAM & admin".
While trying to extract Big Query tables to Google Storage, I received the following error,
bq extract --compression GZIP Dataset.TableName gs://tableName_*.csv.gz
Waiting on bqjob_r4250d44ecf982a22_00000169c666b451_1 ... (23s) Current status: DONE
BigQuery error in extract operation: Error processing job 'Dataset:bqjob_r4250d44ecf982a22_00000169c666b451_1': Access Denied: BigQuery BigQuery: Permission denied while writing data.
I thought I may have a permission issue, therefore I change my role in Google Cloud. I don't remember what role I changed. It may be owner or creator.
After that, I am not able to to access the project in Big Query, as well as "IAM & Admin" page.
bq extract --compression GZIP Dataset.TableName gs://tableName_*.csv.gz
BigQuery error in extract operation: Access Denied: Project projectName: The user myemail#xxx.com does not have bigquery.jobs.create permission in project projectName.
Since I am the admin of this account, there is no other person who has the access. What options do I have to restore the access?
Thank you in advanced.
For this case, please open a case through the billing support form, and for "How can we hep?" select "other." https://support.google.com/cloud/contact/cloud_platform_billing
This way, I can follow up with you in private and get the details necessary to move forward. Please let me know once you submit the case and what your case number is so I can follow up.
Edit: For anyone else viewing this issue, the above method is just for this case and not the correct avenue of support for this problem. If you have a support package and you have this issue, please reach out through normal channels.
Thanks,
Hunter,
GCP Billing

Access denied on create any workflow on Sharepoint designer 2013

When I change the mode of start of any workflow in any List of the SharePoint 2013, I receive a Access Denied message, but I have full control of site.
I also receive message "Error on configuration file".
And all workflows of the site are stopping automatic
How I can fix this error?
The problem is:
Workflow 2013 can't work with permission for groups, somelly individually