Create user with read access for all tables SAP SID .*

Similar Messages

• Users with read access to the site unable to view Managed Metadata Navigation

  Hi everyone,
  I created a Managed Metadata service and created group, term-set and terms
  I gave read access to users
  I set up navigation to use Managed Navigation
  I am logged in as farm admin and able to view the navigation when i browse site. But user are not seeing navigation.
  One thing i noticed is when i give users full access or designer access to site they will be able to see the navigation. but i don't want to give users full access or designer access to the site.
  How can users with read only access to site can view Managed Metadata Navigation...Please help?

  Hi Sunil,
  Have you given your users permissions to actually read the MMS data from the service application?
  http://technet.microsoft.com/en-us/library/ff625176.aspx covers permissions on the MMS.
  Regards
  Paul.
  <<edit>> On reflection you might be hitting the issue in this Stackexchange post..
  http://sharepoint.stackexchange.com/questions/75636/permissions-and-managed-metadata-in-navigation Is yours behaving the same way?
  Please ensure that you mark a question as Answered once you receive a satisfactory response. This helps people in future when searching and helps prevent the same questions being asked multiple times.

• Creating users with limited access (admin level)

  Hi,
  I have a requirement where in I need to create a user which can only assign business areas to other users. This user should not have access to "Create/Edit" business area or to assign priviledges.
  I tried to achiieve this by using "Allow administration" at the Security level to this user for a biz area. This ensures that the "Priviledges" option is disabled for that user. But I need to give the "Create/Edit" business area privliedge to this user so that he can grant access to business area (which I dont want). I want to ensure that he is able to grant access to business area without having create/edit rights on that business area.
  Could you let me know if you have any way to solve this.
  Thank You.
  Nawaz

  Hi,
  Changing the security access to a business area counts as a edit to the business area therefore the user will need Create/Edit privilege. One way to do what you want is to create a trigger over the EUL5_BAS table that will prevent the user from making changes to this table raising an error if this is attempted. However, this is not an Oracle supported approach but will work fine.
  Rod West

• User Access to all tables of a database

  Hi,
  Is it possible to create a user that has access to all tables in a particular database?  I know I can grant permissions on individual tables, but I would like to create a user that can add, delete, and insert data into any table in the database.  This is easy in MSSQL, but not so easy with MaxDB
  Thanks and Kind Regards,
  Diana Hoppe

  It's not so easy, because it's a nonsense requirement!
  While it may be convenient to be able to just access data and db-objects during development, this becomes a nightmare on production.
  It's far easier and usually better to create schemas to put the database objects in and roles that have the required permissions.
  Then you can grant the roles to the users that need them.
  This way you've cleanly separated the naming (schemas) from the permission (roles/users/grants) aspect.
  A common approach for this is:
  - SYSDBA user (e.g. SUPERDBA) owns the application schemas and can create/alter the objects in it
  - SYDBA also owns the roles and users.
  One step more secure would be to have a specific user own the application schemas - just like it is the case for NetWeaver databases.
  With this, you can have your DBAs have their superuser access to the database and still not the super-easy option to look at the data.
  regards,
  Lars

• Users with direct access to tables

  I need to find out which users have direct access to tables, not through the roles.
  Is dba_tab_privs the right table to query or table_privileges is the correct one.
  Please let me know the difference between these two.
  I have gone through the documentation but I am still not clear about the difference between them.
  Let me know whatever your thoughts are on this.
  Thanks,
  Rushi

  Ah, an opportunity to illustrate the value of COMMENTs:
  SQL> select * from dict where table_name = 'TABLE_PRIVILEGES';
  TABLE_NAME
  COMMENTS
  TABLE_PRIVILEGES
  Grants on objects for which the user is the grantor, grantee, owner,
  or an enabled role or PUBLIC is the grantee
  SQL> select * from dict where table_name = 'DBA_TAB_PRIVS';
  TABLE_NAME
  COMMENTS
  DBA_TAB_PRIVS
  All grants on objects in the database
  SQL>So, TABLE_PRIVILEGES is a view relevant to the user who is currently connected and SELECTing from it.
  DBA_TAB_PRIVS is what you want to use to find users with direct access granted to tables.

• User in hr can able to create records in PA30.But will give read only access for all infotypes

  Hi Team,
  I have created one test role in HR. It will give Read access to all info types.
  But user can able to create Info type records in PA30. Please find the P_ORGIN values below.
  Authorization level            R
  Infotype                       *
  Personnel Area                 US
  Employee Group                 1
  Employee Subgroup              U*
  Subtype                        *
  Organizational Key             *
  OOAC values.
  AUTSW ADAYS       15
  AUTSW APPRO 0
  AUTSW DFCON 4
  AUTSW INCON 0
  AUTSW NNCON 0
  AUTSW NNNNN 0
  AUTSW ORGIN 1
  AUTSW ORGPD 4
  AUTSW ORGXX 0
  AUTSW PERNR 1
  AUTSW XXCON 0
  Note : user does not have access to any structural profile.
  I suspect is this bcz, if any user has proper 0105 and 0001 in HR master data can able to create records.Bcz user will be assigned to default sap structural profile "ALL"  in OOSB ?
  I can see user was not assigned to "ALL" profile in OOSB or in T77UA. and user cant able to write or change infotype data in pa30.
  Please suggest how the user can able to create  inftotype records in PA30.(Info :0002 for example)
  Appreciate Quick response.
  Regards,
  Venu.

  Sorry did not get the below comment.
  "The maintain flag in the structural profile does not relate to any maintenance authorization in PA.  It only affects the OM objects authorized by the structural profile.  For example the user may be able to delimit a position.  It will never grant any write authorization for any PA infotype "
  Do you mean , suppose if we give Org unit and evaluation path like attached screen ,user will get access to only the ORG UNIT  as its object type (can able to perform activities as mentioned in the role PLOG ) but cant perform any activity like address infotype change on the person (P) (as mentioned in P_ORGIN) who comes under the org unit mentioned in Structural profile ?
  My understanding is that i believe user total auth is an intersection of general +structural authorization.lets take HR admin wanted to change 0002 data   for some imps in org.We need to give access to that particular org to which the emps belongs to (through structural auth) and SHOULD CHECK the maintenance box in strucural auth and will access change access via role.
  And user cant able to edit his own data.
  Please find the Screens as requested. Please let me know if my understanding is correct or not ?
  Regards,
  venu.

• How to create a user with read only access for ESB / BPEL Console

  I need to create a user with read only access to ESB Console & BPEL Console. I have created a user
  (esbreadonly) and assigned ascontrol_monitor role but user is still able to
  delete services from ESB systems (such as DefaultSystem). Is there any way to
  create a user that has strickly read only access to ESB Console & BPEL
  Console
  Thanks
  Dinesh Patel

  Check out this post.. I'm in the process of testing.
  http://chintanblog.blogspot.com/2007/12/i-saw-numerous-people-asking-about-bpel_290.html

• Create dump file with datapump, with read right for everybody

  Hello,
  I have a problem under Linux : I am creating dump files with datapump.
  Those dump files are owned by a dba group, with no read access for users not in the dba group.
  Is there a way that the datapump utility creates dump files with a read access given to any user ?
  Franck

  Unlike "exp", when using "expdp", the dumpfile is created by the server process. The server process is forked from the database instance. It inherits the umask settings that are present when the database instance is started.
  (Therefore, the only way to change the permissions would be to change the umask for the oracle database server id and restart the database instance --- which is NOT what I would recommend).
  umask is set so that all database files created (e.g. with CREATE TABLESPACE or ALTER TABLESPACE ADD DATAFILE) are created with "secure" permissions preventing others from overwriting them -- of course, this is relevant if your database files are on FileSystem.
  Hemant K Chitale

• Authentication prompt issue when opening an office file in a document library with read permission for domain users

  An user as part of the domain users tries to open an office file from a document library but he got an authentication prompt asking him to authenticate. Domain users has only access to this library and not to the whole site. This uses to work in SharePoint
  2007 without any problem but not in SharePoint 2013, we didn't have a workflow on SP2007.
  Domain users has read access to only this document library in the site, but he shouldn't get an authentication prompt since he is part of the domain users and he is not trying to modify the document, he can open the document but gets two prompts, he can't
  also see the list using explorer view since nothings appears using the explorer view.
  Now, when opening the file, we can see..Updating Workflow Status, but we don't have any workflow working on this site or library, event any feature related to workflow.
  If we go to the event viewer in the server, we find this information,
  I also checked this thread but I couldn't find this scenario.
  https://social.technet.microsoft.com/Forums/sharepoint/en-US/91bc770b-bb70-4885-a4ad-a243edb88753/event-id-8026-workflow-soap-getworkflowdataforitem-failed-doc-library-no-workflow?forum=sharepointgeneralprevious
  I also created another list with the same permissions and using other office files but got the same behavior.
  Now, we have migrated this site from SP2007 to SP2013.
  Any ideas?

  OK, I am going to throw out a lot of ideas here so hopefully they get you closer to a diagnosis. Hang on :)
  Does it happen to work for some users but not others? If so, try logging in on the "good" computer with the "bad" username. This will tell you if the problem is related to the end-user's system. Also, once the user downloads a document
  successfully can they open and work on it in Word? Also, does the document library have any custom content types associated with it or does it just use 'Document'?
  I notice that there are other folks on the web that have run into this same problem and the similarity seems to be that they are either on SharePoint 2007 or have upgraded from 2007. Did this doc library start out as a 2007 library?
  What you might want to do is this: Make a site collection from scratch in 2013 (or find one that you know was created in 2013). Choose team site (or whatever you want) for the root web and set up the security the same way you have it on the malfunctioning
  library. Now, use windows explorer to copy and paste some of the documents to the new location. Be sure you recreate any needed content types. Now test it from the troubled user's computer.
  I'm thinking there may be something that is different about the library since it was migrated through various versions and updates since 2007. I've sometimes found that there can be problems (especially with user profiles but that's a different story) with
  things that go through this evolution.

• HELP needed on Remote Management set to allow access for all users

  my mac mini snow leopard server runs in a data center and i use screen sharing to interact with it. i played with the sharing settings remotely yesterday and changed "allow access for" to all users. i was disconnected immediately and i couldn't logon again. i have no luck changing to other users. i don't want to make a special trip to the center to change it back to whatever it used to be. i can still use afp to connect but the screen sharing option is no longer available. what does "allow access for all users" mean anyway?
  thanks!

  As its name implies, allow access for all should allow any valid user account to access the server. I'm not sure why it's no longer working. It almost sounds like the ARDAgent crashed.
  Either way there's a command-line interface to the ARD preferences:
  /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/ki ckstart
  man kickstart discusses the options, including examples of how to enable access for specific users.

• Possible Sequential Read Access for a Sorted Table

  Hi All,
  I have the following warnings in Code inspector check.
  'Possible Sequential Read Access for a Sorted Table'
  Kindly provide me the solution to overcome this warning message.
  This is my code in BAdi : CRM_ORDER_FIELDCHECK , Method : FIELDCHECK
  I am getting the above warning at
    READ TABLE lt_status INTO ls_status WITH KEY status = 'E0001'
                                                 user_stat_proc = 'ZITRHDQT'
                                                 object_type = 'BUS2000114'.
  and at
      MODIFY ct_input_field_names FROM ls_input_field_names
                                  TRANSPORTING changeable
                                  WHERE fieldname NE lv_field.
  Please see the below code .
    DATA : lt_header_guid TYPE crmt_object_guid_tab,
           lt_item_guid TYPE crmt_object_guid_tab,
           lt_order_i     TYPE crmt_orderadm_i_wrkt,
           ls_order_i     LIKE LINE OF lt_order_i,
           lt_status      TYPE crmt_status_wrkt,
           ls_status      LIKE LINE OF lt_status,
           ls_input_field_names  TYPE crmt_input_field_names.
    DATA : lv_header_guid TYPE crmt_fieldcheck_com-guid,
           lv_chng_no   TYPE c VALUE 'A',
           lv_field(10)  TYPE c VALUE 'ACT_STATUS'.
    DATA: lv_status_completed     TYPE crmt_boolean.
  To Get GUID
    IF is_fieldcheck_com-guid IS NOT INITIAL.
      lv_header_guid = is_fieldcheck_com-guid.
    ELSE.
      lv_header_guid = is_fieldcheck_com-ref_guid.
    ENDIF.
    IF is_fieldcheck_com-ref_kind EQ 'A'.
      INSERT lv_header_guid INTO TABLE lt_header_guid.
      ELSE.
        SELECT SINGLE header FROM crmd_orderadm_i INTO lv_header_guid
                              WHERE guid = is_fieldcheck_com-ref_guid.
        INSERT lv_header_guid INTO TABLE lt_header_guid.
    ENDIF.
  *To Get the required details
    CALL FUNCTION 'CRM_ORDER_READ'
      EXPORTING
        it_header_guid       = lt_header_guid
      IMPORTING
        et_status            = lt_status
      EXCEPTIONS
        document_not_found   = 1
        error_occurred       = 2
        document_locked      = 3
        no_change_authority  = 4
        no_display_authority = 5
        no_change_allowed    = 6
        OTHERS               = 7.
    IF sy-subrc <> 0.
  MESSAGE ID SY-MSGID TYPE SY-MSGTY NUMBER SY-MSGNO
          WITH SY-MSGV1 SY-MSGV2 SY-MSGV3 SY-MSGV4.
    ENDIF.
    READ TABLE lt_status INTO ls_status WITH KEY status = 'E0001'
                                                 user_stat_proc = 'ZITRHDQT'
                                                 object_type = 'BUS2000114'.
    IF sy-subrc = 0.
      ls_input_field_names-changeable = lv_chng_no.
      MODIFY ct_input_field_names FROM ls_input_field_names
                                  TRANSPORTING changeable
                                  WHERE fieldname NE lv_field.
    ENDIF.
  ENDMETHOD.
  Regards
  Venkat

  Hello Blake,
  Try this:
  READ TABLE lt_action_fld WITH KEY STATUS = '0' BINARY SEARCH.
  wf_index = sy-tabix.
  loop at lt_action_fld from wf_index.
  if lt_action_fld-status ne '0'.
  exit.
  endif.
  delete lt_action_fld index wf_index.
  endloop.
  Let us know, if this helps.
  Rgds,
  Raghu.

• HT1386 How do I create one Apple ID and iTunes user name and password for all of my Apple products: iPad, iPhone, and iPod plus iTunes on my PC?

  How do I create one Apple ID and iTunes user name and password for all of my Apple products: iPad, iPhone, and iPod plus iTunes on my PC?

  Yes, I do have multiple devices and it appeared to me that every time I tried to sync or log onto iTunes, the password was incorrect.  Consequently, I was and am constantly changing it.  Wouldn't it be nice if Apple would simply say that you only need one Apple ID and one password regardless of the number of Apple devices you intend to sync via iTunes. 
  Barring the above, how about a way to merge all of the Apple IDs and passwords into one.

• Make UDF Read-only for all users

  Hi
  Can i use any script to make a UDF read-only for all users?
  i am looking at CPRF and CUFD Tables
  thanks

  Hi,
  You should never try updating system table directly.  That will against supporting policy by SAP.
  Thanks,
  Gordon

• Javascript: Query all users with read permission to specific list

  Is it possible to use javascript to retrieve all users with read permissions to specific list? This (http://www.c-sharpcorner.com/UploadFile/anavijai/how-to-get-all-the-users-from-site-group-in-sharepoint-2013/) shows how to get users from group but what
  about list. All users in list may not exist in spgoups.

  Hi,
  If with Server Object Model which is executed in server side, in the
  SPList object, there is a
  RoleAssignments property can help to get what you want without looping through all the users in site:
  public static void getPermissionsOfList()
  using (SPSite site = new SPSite("http://sp"))
  using (SPWeb web = site.RootWeb)
  SPList list = web.GetList("/Lists/List1");
  SPRoleAssignmentCollection roles = list.RoleAssignments;
  foreach (SPRoleAssignment role in roles)
  Console.WriteLine("~");
  Console.WriteLine("Name: " + role.Member.Name);
  SPRoleDefinitionBindingCollection bindings = role.RoleDefinitionBindings;
  XmlDocument doc = new XmlDocument();
  doc.LoadXml(bindings.Xml);
  //Console.WriteLine(doc.InnerXml);
  XmlNodeList itemList = doc.DocumentElement.SelectNodes("Role");
  foreach (XmlNode currNode in itemList)
  string s = currNode.Attributes["Name"].Value.ToString();
  Console.WriteLine("Permission Level: " + s);
  However, when comes to JavaScript Client Object Model, as there is no such property provided, I suggest you take the solution provided in my previous post for a try.
  Thanks 
  Patrick Liang
  TechNet Community Support
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
  [email protected]

• No read access to system tables

  Hi
  i try to migrate access db to oracle and when testing connection it gives me error message says "no read access to system tables modify access db before retrying"
  what to do?
  thanks in advance.

  Access tab
  For a connection to a Microsoft Access database, click Browse and find the database (.mdb) file. However, to be able to use the connection, you must first ensure that the system tables in the database file are readable by SQL Developer, as follows:
  Open the database (.mdb) file in Microsoft Access.
  Click Tools, then Options, and on the View tab ensure that System Objects are shown.
  Click Tools, then Security, and, if necessary, modify the user and group permissions as follows: select all tables whose names start with Msys, and give the Admin user at least Read Design and Read Data permission on these tables. Save changes and close the Access database file.
  Create and test the connection in SQL Developer.