Access Control User Stats

Hey Guys,
I was checking the Access stats in BM the other day and noticed that it has stopped reporting the usernames of the users accessing sites, and started giving me IP addresses instead.
We're using Client Trust. It is run via login script. BM 3.8 on NW 6.5 SP7.
Any info would be greatly appreciated
Thanks
Dave

In article <[email protected]>, Dwiseman2 wrote:
> I'll need to find a way around this that still allows them access to
> the net.
>
You just have to be careful how you structure your access rules. (I
have examples of this in my BMgr 3.x book - see the URL below).
You need to allow some users by IP address, and others by eDir user,
group or container. You do not want to allow by 'Any' or you'll get
into trouble with unauthenticated access.
Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files and books on
BorderManager, go to http://www.craigjconsulting.com ***

Similar Messages

  • GRC10 Access Controls - User Provisioning

    Hello All,
    While creating Access request form NWBC getting below mentioned error :-
    - Item '0001' resulted to 'Initiator_Final'; cannot resolve path; check routing mapping
    - Request submit failed; error in MSMP submit method
    Version is already generated successfully ,without any errors and warnings
    Thanks,
    Jagat

    Hello Luis,
    I am also facing similar issue and when i check SLG1 for object GRFN , i see the following errors
    Error 1 :
    Object Txt : GRC
    Sub-Object Txt : Access control
    Error :
    Config Error,Function Module is not maintained for Plug-in
    Error 2 :
    Object Txt : GRC
    Sub-Object Txt : MultiStage Multi Path
    Error :
    Submission failure of request 900000031/ACCREQ/001635B0E5821ED181BEFC3542741962 - Process ID SAP_GRAC_ACCESS_REQUEST
    Item '0001' resulted to 'Z_WF_TriggerVal'; cannot resolve path; check routing mapping
    We checked the routing mapping and it seems to be fine.
    Is there anything that needs to be configured in SPRO (looking at error1 ) ??
    Regards,
    Victor

  • Create user menus in hierarical tree with access control

    Hi All,
    I am facing problem in populating user menus in hirarical against user access control.
    I have table of menus in which i populate data as:
    Menu
    - Sub Menu 1
    -- Form 1
    -- Form 2
    -- Form 3
    - Sub Menu 2
    -- Form 4
    -- Form 5
    -- Form 6
    Now I have created hierarical query as:
    SELECT -1, LEVEL, menu_name, NULL, id
    FROM menu_opt
    START WITH parent_id IS NULL
    CONNECT BY PRIOR menu_id = parent_id
    and menu_id in
    (3, 4);
    Note: where menu_id 3 = Form 1, Menu_id 4 = Form 2.
    If I allow only menu ID 3 and 4 (not parents menus) then Hierarchy should be completed from top to bottom. What change i have to made to achieve my target?
    Thankx
    Qasim Javaid

    Hi,
    Sorry, it's very unclear what you want to do.
    Whenever you have a problem, please post CREATE TABLE and INSERT statements for a little sample data, and the results you want from that sample data.
    Say which version of Oracle you're using, e.g. 11.2.0.2.0. This is always important, but especially so with CONNECT BY queries, because every version since Oracle 7 has had significant improvements in this area.
    See the forum FAQ {message:id=9360002}
    If you can show the problem using commonly available tables (such as scott.emp or hr.employees, both of which contain trees) then you don't need to post any sample data; just the results you want and an explanation of how you get those results.
    For example, I think you're asking something like this:
    "I want to show the hierarchy in scott.emp, but I only want to show certain nodes and their descendants. For example, if I ask for 'MILLER' and 'SCOTT', I would want to see
    {code}
    ` EMPNO ENAME
    7876 ADAMS
    7788 SCOTT
    7934 MILLER
    {code}
    (order doesn't matter). ADAMS is included because ADAMS is a child of SCOTT."
    Here's one way to do that:
    SELECT DISTINCT
         empno, ename
    FROM     scott.emp
    START WITH     ename     IN ('MILLER', 'SCOTT')
    CONNECT BY     mgr     = PRIOR empno
    ;This query should work in any version of Oracle.

  • Adobe with User Access Control

    I am trying to watch videos which use Flash Player and they
    will play if I turn off my User Access Control however, as soon as
    I turn it back on, the videos will not play; I do not want to keep
    my User Access Control off - is there some solution to this? I was
    able to use flash before without turning this off but I could not
    tell you what happened other than I added Adobe Reader (registered
    version) and an update to my computer.

    quote:
    Originally posted by:
    brohdaw
    I am trying to watch videos which use Flash Player and they
    will play if I turn off my User Access Control however, as soon as
    I turn it back on, the videos will not play; I do not want to keep
    my User Access Control off - is there some solution to this? I was
    able to use flash before without turning this off but I could not
    tell you what happened other than I added Adobe Reader (registered
    version) and an update to my computer.
    Okay, I followed the steps for another posting...
    http://www.adobe.com/cfusion/webforums/forum/messageview.cfm?forumid=15&catid=194&threadid =1415087&enterthread=y
    However, this did not help the problem; I did everything
    exactly the way it appears on these instructions however, one part
    I had to do differently - where it states to place the
    reset_fp10.cmd I also received an administrator error
    message:
    eExtracting to "C:\Program Files\Windows Resource Kits\Tools\"
    Use Path: yes Overlay Files: no
    Error: Access is denied.
    Cannot create C:\Program Files\Windows Resource
    Kits\Tools\reset_fp10.cmd.
    Administrative privileges may be required
    Therefore, I saved this file to documents and then moved it
    to the C:\Program Files\Windows Resource Kits\Tools\ folder.
    Everything else followed just the way the details explained they
    would so I figured it should have worked.
    My main thing is, this is my laptop and I'm the only user so
    I should have Admin. privileges without any of this to begin with!
    I check my user settings and it is set at "Administrator
    Privileges." This is making no sense; I have had this computer
    three years and I went through this one other time but I cannot
    remember how I fixed it - this time I am being wise and saving
    everything in a note however, that's only going to help if I ever
    get this issue fixed.
    Can anyone help?
    also feel free to contact me by an alternate (but checked
    more frequently)
    [email protected]
    Thank you,
    Kerri

  • How do I allow parental controlled users to access third party apps on the admin account?

    I just set my son up with a separate parental controlled user account and he can't seem to access some third party games that we installed for him under my admin account. He has saved progress on these games that we don't want to lose, so I don't want to reinstall them. I checked them off as allowed apps, but when he tries to play- the game icon shows up in the doc then changes to the updater icon and they won't run. I've searched for answers to this question, but can't seem to find any. Please help? My son and I would be very grateful!

    jeremiahfromva wrote:
    Mavericks (isn't that an old Ford model?
    Sure was! They used it on 4 different models. But that was Maverick, as in horse. This will be Mavericks as in ocean waves.

  • File structure and Multi-user access/control

    Hi All
    Currently evaluating RH. Our plan is to use RH HTML with RoboServer and either SourceSafe or Team Foundation for source control. We will be producing the "printed" manual (PDF) and publishing online help (hopefully html via RH server) from the single source layout
    Given that we will edit content in RH's XHTML editor, I'm not clear on when we should create new files or the granularity of multi-user access. We have 17 apps and I plan to use a master project and merging (because we need to link to related topics in other apps).
    I'm really not sure what should constitute a file in RH. First off, is access controlled at the file level?
    I want to have multiple authors editing the same manual at the same time, so do I need to break the manual into multiple small files (currently it's a single word doc)?
    If I do break it into multiple files, what's the best approach: 1 file per topic (or is this a requirement)?
    Finally, when I come to generate the PDF, will the files be combined. (i.e. can I have different page-breaks than I have in the RH project)?
    Any pointers greatly appreciated
    Regards
    Mark

    Hi,
    First off, is access controlled at the file level?
    Not sure what you mean by that. In source control, you can check in/out ever file independent. Sometimes dependent files will be automatically checked out, for instance images used in the css when you check out the style sheet.
    I want to have multiple authors editing the same manual at the same time, so do I need to break the manual into multiple small files (currently it's a single word doc)?
    That be the idea. Anyway, it's not a good idea to have an entire RoboHelp project in a single topic. You probably want to cut up your contents into the small chunck: topics.
    If I do break it into multiple files, what's the best approach: 1 file per topic (or is this a requirement)?
    In RoboHelp a topic is a HTML file. RoboHelp doesn't force you to split up content into one or more topics. If you are creating help for the web, you want the information to be organized in relatively small chunck so users can quickly scan through it.
    Finally, when I come to generate the PDF, will the files be combined. (i.e. can I have different page-breaks than I have in the RH project)?
    Not sure what you mean by page breaks. As RoboHelp creates HTML files, there are no page breaks such as in paper manuals. When you create a PDF, you combine the topics you need into a single document.
    If a PDF is required for you, you may want to consider not using RoboHelp for your sources. A PDF created by RoboHelp is useful for internal use, but it never seems to get good enough to give to customers. Personally, when a PDF version of a manual is required, I create the manual in FrameMaker and link or import the book into RoboHelp. You can also link Word documents, so you may want to play around with that before deciding whether to use Word, RoboHelp or FrameMaker for your source.
    Greet,
    Willam

  • HR User, REST example - network access denied by access control list (ACL)

    Hi,
    I am new to APEX and am running the 'Oracle Developer Days' vm. I'm logged into APEX as the default HR/oracle account and I've been following the 'Creating and Using a RESTful Web Service in Application Express 4.2' training video, however when I try to retrieve information by entering a dept no. and clicking submit I get:
    ORA-29273: HTTP request failed ORA-06512: at "SYS.UTL_HTTP", line 1130 ORA-24247: network access denied by access control list (ACL)
    I've seen the following thread:
    ORA-24247: network access denied by access control list (ACL)error-UTL_HTTP
    and I've tried running the command:
    GRANT EXECUTE ON SYS.UTL_HTTP TO HR;
    but I'm not getting anywhere, presumably the HR user does not have permissions to access 'http://localhost:8888/apex/hr/employee_test'
    Any help much appreciated, also if this is the wrong forum for this question please let me know.
    Many Thanks

    Hi,
    Thank you for the link; I executed the first block of code to 'grant connect privileges to any host for the APEX_040200 database user' that did not work so I changed the user to HR within the code and re-executed and that seems to have done the trick. I guess the HR user is now in the power_users list/group?
    Thanks again!

  • Access control for different user groups in APEX 4.0

    Hi guys,
    in Apex 4.0, is there any way to use the access control page to configure access control for different user groups?
    The access control page currently only has an access control list by users with 3 privileges namely, Administrator, Edit & View where Administrator has the highest access level & View the lowest. Therefore 1 user cannot have more than 1 different privilege, however if the user belongs to 2 or more different groups then we can control what access he can have in a more fine grained manner. We also want to have more than the 3 privileges given.
    Can we assign different groups to different users and let them have different privileges to be configured by page, region, process or item level?
    Now Apex will create 2 tables, Apex_Access_Control & Apex_Access_Setup to store the application access control mode & access control list. It will also create 3 authorization schemes "access control - administrator", "access control - edit" & "access control - view" based on the 2 tables.
    Does this mean we have to change the table structures & edit the authorization schemes to suit our usage? We are reluctant to do this because if we upgrade to a newer version of Apex then we would have to merge our pl/sql coding with Apex's updated code.
    How can we auto-configure more than the 3 authorization schemes in the access control page? Is there any way to achieve a finer grain of access control based on the current access control administration page given by Apex without writing it ourselves?
    We are afraid that we may have missed something on Apex access control & do not want to reinvent the wheel.

    Hi Errol,
    to build your own application authorization scheme around the security model supplied by Apex for administration of the Apex environment would be a bad idea.
    This was never intended for authorization scheme management in custom built Apex applications, it was solely intended to control access in the Apex environment overall. The API for it is not published, and making changes to it, such as adding more roles, would run the risk of breaking the overall Apex security model. It would not be supported by Oracle and Oracle would not guarantee the upwards compatibility of any changes you make in future versions of Apex.
    In short, you should follow Tyson's advice and build your own structure. As he indicated, there are plenty of examples around and provided your requirements are not too complicated, it will be relatively simple.
    Regards
    Andre

  • User management and Access Control in HCM Cloud

    Hello,
    Information is scarce about User management and Access Control in Oracle Cloud generally. Today, I have two questions :
    - How can I bridge HCM Cloud user store with my on-premise IDM or security repository in order to allow identty governance to flow to HCM Cloud service ?
    The only information I got was that you can declare manually and by bulk import through files my users. This is not really interresting as I have an automatic IDM with workflows and identity control on provisioning and de-provisioning.
    Is there a SPML or proprietary endpoint to do it automatically ? What are the prerequisites ? Do I have to implement OIM on my side ?
    - Once my users are created, how can I do webSSO from my internal security repositories to the HCM Cloud service ?
    I do not want to distribute new set of login / passwords to my users. Is it possible to do Identity Federation (SAML 2.0 or WS-Fed) with HCM Cloud service ? What are the prerequisites ? Do I have to implement OAM on my side ?
    I accept all pieces of information you can give me on this topic to help me understand the funcitonalites, limits and options offered by Oracle Cloud and more precisely by HCM Cloud service.
    Best regards,

    OIDDAS has limited capability of access control and information hiding. Presently, the permissions and privileges can be set at a realm level, and fine grained access control / information hiding cannot be done.
    At present, the only way to restrict view and access control is by appplying ACLs (which is not the safest bet).

  • Exam 1Z0-007 and questions from Controlling User Access

    Hi,
    I am preparing for exam 1Z0-007 and going to give this exam in two weeks. I like to confirm if "Controlling User Access" topic is part of this exam 1Z0-007? I have checked on Oracle website and this topic is not a part if this exam anymore unless they add it later.
    Has anyone recently given this exam and were there any questions related to "Controlling User Access" or user Privileges?
    Thanks

    user10878991 wrote:
    Hi,
    I am preparing for exam 1Z0-007 and going to give this exam in two weeks. I like to confirm if "Controlling User Access" topic is part of this exam 1Z0-007? I have checked on Oracle website and this topic is not a part if this exam anymore unless they add it later.
    Has anyone recently given this exam and were there any questions related to "Controlling User Access" or user Privileges?
    ThanksI recommend people are very very very careful in answering this question as it could be very easy to breach one's certification candidate agreement.
    Rgds - bigdelboy.
    Edited by: bigdelboy on 27-Dec-2009 04:26
    It is certainly true the topic you mentioned is in ISBN: 007-219537-1 printed in 2001.
    It is also apparent, unless bigdelboy's eyeball is deceiving him, the topic does not appear in [http://education.oracle.com/pls/web_prod-plq-dad/db_pages.getpage?page_id=41&p_org_id=28&lang=US&p_exam_id=1Z0_007] which is authorative.
    I have not followed these things that closely until recently, however this will not be the only example of an OraclePress/Sybex book being left behind because of errata/topic updates etc. These often occur when the exams are update for new releases, eg from 10gR1 to 10gR2; or for when the exam moves from beta to production (sometimes these books are prepared and even pulbished while exam is in beta). In your case I suspect the change quite probably have occured when the exam moved from 9gR1 to 9gR2 or to better accomodate the WDP programme. The exam may also be influenced by the content of Oracle training courses that are being taught and from time to time these will be chaged for a variety of reasons.
    How you handle it is up to you ..... you may:
    - ignore these topics. IMHO you are always entitled to complain if questions asked did not sigificantly match the published topics and you feel this caused you to fail. (I assume the remedy would be a retake voucher). You can hit a comment button on the question and also a comment button the the end of the exam. This is a sort of negative approproach.
    - Go over these topics. If your're serious about Oracle you really need to understand this anyway. See it as an opportunity. A few hours revision ought tosee you able to answer 50% of he topics. This is a positive approach. And this if how certification study ought to be .... sometimes it good to investigate a non examined topic that is interesting.

  • More than 1 user access control of vi via web browser

    Hi all,
    Currently I've a vi that need to share it with other PCs using web browser (eg: IE) I've tried using Web Publishing Tools and I noticed that only 1 pc at a time can grant access control of the vi. May I know is there any methods or other 3rd party software that could possibly able to give multiple PCs to control one vi simultaneously over the net using web browser? THANKS!!!...

    Hello,
    I’m not so sure that using VNC or remote desktop to have
    multiple users control LabVIEW is really in-line with our license policy.  I suppose if you built your program into an executable
    and had the VNC users access the exe program they wouldn't really be using the development
    environment so I suppose this would be ok…
    I found a tutorial which might help.  Check out: http://zone.ni.com/devzone/conceptd.nsf/webmain/bc79065d8b2e0d0886256c590072a454.
    Hopefully this will help out for now!  Let us know if you have questions-
    Travis M
    LabVIEW R&D
    National Instruments

  • Controll user access with internal attribute date

    I all.
    i've created an internal attribute called Date-of-validity  of type Date.
    the objective is to controll user access based on the date configured in this attribute and permit acces only when the date as not been reached.
    who do i control-it, putt the acs looking to the date in an autommated way.
    thanks in adv
    Antero Vasconcelos

    It is possible to define an internal user whose password is taken from an external store.
    In internal user definition select "Password Type" to be the LDAP database and then define the rest of the user definition, including identity groups, as desired

  • Disable include statements to access control

    Hi,
    include statements (@include, not include actions) can include any
    resource and are not subject to declarative or programmatic access
    control. So access control works for the including JSP but not for the
    included resource.
    Is there a way to restrict include statements (@include, not include
    actions) to mitigate this risk?
    Tag library validators don't work because they just get a byte stream
    of the XML view of the JSP with expanded include statements.
    Security manager policies are difficult because the servlet container
    needs access to all resources and FilePermissions paths are not
    expressive enough. Something like
    grant the jsp engine {
    permission java.io.FilePermission "/some-root/-.jsp" "read";
    permission java.io.FilePermission "/some-root/-.jspx" "read";
    seems not possible.
    Do you have any idea how to restruct include statements?
    Thanks
    Hannes

    Hi Private_frazer,
    Welcome to the forum, that does sound a bit frustrating. I can get this look into for you. Please could you send me in your details using the link found in the "About Me" section of my profile.
    Thanks
    Paddy,
    BTCare Community Mod
    If we have asked you to email us with your details, please make sure you are logged in to the forum, otherwise you will not be able to see our ‘Contact Us’ link within our profiles.
    We are sorry but we are unable to deal with service/account queries via the private message(PM) function so please don't PM your account info, we need to deal with this via our email account :-)

  • Users in different systems GRC Access Controls

    Hello
    Today we have more than 40 systems (dev, quality, prod)
    We use access enforcer for provisioning to all these 40 systems.
    Is there a way for us to find out if a user account exists in these 40 systems (connectors)?
    Example:
    User RAMSEY exists in quality, fix, prod r3
    exists in prod bw etc.,
    Can we find this information in any of the GRC Access Controls products?
    Thanks

    Sorry, Prakash. This fuctionality does not exist in CUP. It used to exist in early versions of Access Enforcer (AE.NET). This is a good feature and lots of cutomers want this feature. I hope SAP includes it.
    You can find the user using RAR (CC) but again it will be maunal process. You can go to informer -> risk analysis. Over there you can select the system and search for user. If the user exists, it will show up. This will not work, if you have not done user sync from SAP system to RAR.
    Regards,
    Alpesh Parmar
    SAP GRC Manager (PwC)

  • [SOLVED] xhost access control does not work for specified users

    After last upgrade of xorg to v1.17.1-1 I get message: "unable to open display ":0" " when trying to run any window application as user specified in xhost. My xhost list looks like:
    access control enabled, only authorized clients can connect
    SI:localuser:steam
    SI:localuser:root
    But if I disable access control for everyone by invoking "xhost +" applications run on another accounts without problems. Does anyone has that problem too?
    Last edited by slx (2015-02-22 12:24:17)

    slx wrote:I see that fix is pending http://lists.x.org/archives/xorg-devel/ … 45644.html
    Can you test package here http://pkgbuild.com/~lcarlier/test/ ?

Maybe you are looking for