User security at Favoritesfolder level : IMPORT_PREVENT_UPDATE

hello,
I'm trying to modify default security of Favoritesfolder using dotnet BusinessObjects.DSWS* libraries.
I'm able to retrieve Favoritefolder's SecurityInfo2, principal, and roles but when I try o update it , I get the following error :
An XSD Exception occurred. Import file parsing exception occurred : 'Attempting to update an object of type 'FavoritesFolder', which was marked as preventUpdate, and the IMPORT_PREVENT_UPDATE option was specified.' (FWM 04009) (WBP 42029)
Where can I change the "preventUpdate" or the "IMPORT_PREVENT_UPDATE" ?
Can I use the CrystalDecisions.Enterprise framework instead of the web service?
We are using BOXI3.1 SP3.2
many thanks
Marc

You may want to open a support case with SAP to start a technical investigation.
The BIPlatform Web Services uses the BIAR engine for object updates, and the error is stating a restriction with certain objects via BIAR is affecting your ability to alter that object.
Sincerely,
Ted Ueda

Similar Messages

  • How to set user security on dimension levels?

    Hi, there. I am considering setting use access right to specific levels on the branch dimension.
    Suppose there are four companies on level 1 of the branch dimension. I would like to limit users only access their own company.
    How should it be done in share service? Thanks.

    Thanks both.
    However, I encountered another problem. After created users in shared service, I could not see it in
    application even after refresh secutiry.
    Another problem is that I could not apply filters by Essbase administration console. The Edit User/Group access function is disabled.
    Therefore, even I selected a user I could not apply the filter. Does anyone know how to enable the function?
    Thanks in advance.

  • Essbase user security on DB level

    Hi, All
    I am using Essbase 9.3.1 with Shared Services. I have already successfully provisioned the users, but not have a problem about the user access rights. I have one application with multiple databases (DB1, DB2, DB3, etc.). I would like the user to be able to only see DB1 using Excel spreadsheet login, but in HSS, I can only provision the user with Read Access of the application only, which means the user can see all the DBs while logging Spreadsheet Add-In.
    The Essbase is already externalized, thus can not be back into native mode.
    Any suggestions or work-around?
    Thanks a lot

    ESST wrote:
    Hi, All
    I am using Essbase 9.3.1 with Shared Services. I have already successfully provisioned the users, but not have a problem about the user access rights. I have one application with multiple databases (DB1, DB2, DB3, etc.). I would like the user to be able to only see DB1 using Excel spreadsheet login, but in HSS, I can only provision the user with Read Access of the application only, which means the user can see all the DBs while logging Spreadsheet Add-In.
    The Essbase is already externalized, thus can not be back into native mode.
    Any suggestions or work-around?
    Thanks a lotYou need to create a filter for DB1 and assign it to One Group...[we can do this in EAS console even we have multiple dbs in one application...i don't have idea for shared services..]
    Regards,
    Prabhas
    Edited by: Prabhas on Jul 12, 2011 4:54 PM

  • Information Regarding Essbase Security Except Filter Level and User Level

    I have an requirement to implement data level security in Essbase. For ex: A user can only see those data which are from Asia region or an user will be able to see those data which are from America.
    Asia and America are defined in my location dimension.
    can any one explain about it without using user Level Security and Filter level security.
    Please tell me how to do it?
    Thanks in advance.

    Sandeep's reference the DBAG and the section on filters is the right direction. The filter is created in EAS.
    Let's use an example.
    You create a METAREAD filter (that is, it filters both data and dimensionality) that gives a user limited access to the Location dimension (I think I have that right), e.g., the British Isles, the UK and Ireland. You can also create a READ filter but it only limits data and, in my opinion at least, causes confusion because users can see metadata (the whole world) but only see data for the British Isles.
    NB -- filters can be assigned to individual usernames or to groups that users are members of. For a POC, I'd keep it simple and just assign it to a username, but it's your choice.
    Assign the filter to the user in Shared Services.
    Try connecting to the database in Excel through the Classic Add-In or SmartView to test what the user sees -- it should be: Total Location, British Isles, the UK, and Ireland. You will see Total Location (top of the dimension) because that's how Essbase navigates down -- it has to have the dimension name to find the limited children. You won't see any data there. But you will see data at the Location members that the METAREAD filter allows.
    That's it -- it's been around since the year dot, and is the way access is restricted. You shouldn't need to reinvent the wheel to get this to work in OBIEE. Essbase should do the work.
    Regards,
    Cameron Lackpour

  • OLS Label Security: how users can view own level/compartment/group choices?

    I have an application using OLS (Oracle Label Security) Virtual Database (VDB) for security; to allow users to only view rows to which they have access.
    I'm creating a list of values (LOV) to allow the user to change the level or compartment of a database record to a different value for which they still have access. The views that show these values is DBA_SA_USER_LEVELS (and COMPARTMENTS, GROUPS) but this view is only visible to DBA users, not the regular user. We are considering giving regular users access to this view, or granting SELECT_ALL_TABLES as suggested in an article I read. However, this approach seems to loosen security, not maintain it.
    How can I allow a user to get a list of levels, compartments or groups available to them without loosening the security on the DBA_* views?
    thanks,
    Scott

    Bump

  • Error in SRM:  a user with enough authorisation level is miss

    Hello,
    We are on SRM 5.0 and our users get the following error in SRM when creating a shopping cart:
    No user assigned to object a user with enough authorisation level is missing.
    Anybody any idea ?
    Thanks as ever

    Hello Can anybody helpe me please ?

  • User status in item level in Interaction center

    I confirgue the sales function in Interaction center. I want to set user status in Item level. But I don't find the user status field in item level in UI. Could you tell me how find user status field?

    Hi Prem:
         Yes, I have already  confirgued status management and assigned to item category. I can see the status appear  in back office UI but not in Interaction center. So it is strange.

  • User exit at item level for billing block field default for VA41 or VA42

    Hi All,
    I want user exit at item level for contract (VA41or VA42) for the field Billing Block in the Billing document tab
    which has to populate with some default value.
    Which user exit i need to check.
    Regards
    Jai

    Hi,
    Use subroutine USEREXIT_FIELD_MODIFICATION in Include MV45AFZZ.
    Make sure this is for only tcodes VA41 and VA42 because this wil trigger for sales order also.
    Regards,
    Ashok.

  • User status at operation level

    Hi,
    I have created one user status profile and attached in order type. In this profile I have included Operation and Order header as an "Allowed object type"
    My problem is when I am changing  user status at order level , it is not getting changed automatically at operation level.
    Pls suggest me the solution.
    Thanks

    Hi,
    I dont think it is possible .
    A suggestion not sure if it works .
    Assign user status profile operation wise and then have some development to check the operation status and
    then update production order status with same user status you mentioned in operation.
    FM: STATUS_CHANGE_EXTERN will help you to change the user status of order.
    Regards,
    Vishal

  • Environment variables (user) created at OS level dont show up in BIDS 2008

    Environment variables (user) created at OS level don't show up in BIDS 2008.
    I had a variable ConfigLocation created and it is not showing up when I am trying to configure it in BIDS
    Is this a known issue or a bug?
    Now in BIDS it doesnt show up
    Mudassar

    Yes it shows up after restart of BIDS .
    But during design time this is a bug I hope Microsoft fixes this bug in the future releases
    Mudassar
    It's not really a bug. Visual Studio loads the environment variables when starting up.
    In future releases you use projects and parameters instead of environment variables, so the issue goes away ;)
    MCSE SQL Server 2012 - Please mark posts as answered where appropriate.

  • Get error while Integrating with Oracle's Enterprise User Security

    Hi,
    I am trying to create an Oracle Enterprise User integrating with OVD and MS Active Directory.
    I am following all the steps in Integrating with Oracle's Enterprise User Security.
    In the documentation section: "Configuring Oracle Virtual Directory for the Integration"
    I have applied the steps successfully until:
    Update and load the entries into the Local Store Adapters by performing the following steps:
    I have successfully extended the Oracle Virtual Directory schema with the loadOVD.ldif
    However I am getting errors in the next step: Update realmRoot.ldif to use your namespaces
    The next step states the following:
    Update realmRoot.ldif to use your namespaces, including the dn, dc, o, orclsubscriberfullname,
    and memberurl attributes in the file. If you have a DN mapping between Active Directory and
    Oracle Virtual Directory, use the DN that you see from Oracle Virtual Directory.
    The realmRoot.ldif file is located in ORACLE_VIRTUAL_DIRECTORY_HOME/eus,
    where ORACLE_VIRTUAL_DIRECTORY_HOME represents the location where Oracle Virtual Directory is installed.
    The realmRoot.ldif file contains core entries in the directory namespace that Enterprise User Security queries. The realmRoot.ldif file also contains the dynamic group that contains the registered Enterprise User Security databases to allow secured access to sensitive Enterprise User Security related attributes, like the user's Enterprise User Security hashed password attribute.
    Load your domain root information in the realmRoot.ldif file into Oracle Virtual Directory using the following command:
    ldapmodify -h Oracle_Virtual_Directory_Host –p OVD_Port -D cn=admin -w Admin_Password -v -a –f realmRoot.ldif
    When I run the ldapmodify command I get the following error:
    add dc:
    testldap
    add objectclass:
    top
    domain
    domainDNS
    adding new entry DC=testldap,DC=local
    ldap_add: Operations error
    ldap_add: additional info: LDAP Error 1 : null
    The actual realmRoot.ldif looks like this:
    # Please uncomment the following one line if you are importing this
    # LDIF file via OVD Manager or OVD Server's ldapmodify tool.
    #version: 1
    #dn: dc=com
    #dc: com
    #objectclass: domain
    dn: DC=testldap,DC=local
    changetype: add
    dc: testldap
    #o: subarashii
    objectclass: top
    objectclass: domain
    objectclass: domainDNS
    #objectclass: orclSubscriber
    #orclsubscriberfullname: subarashii
    #orclVersion: 90400
    # If your domain structure has more layers than dc=subarashii,dc=com,
    # for example, it's dc=us,dc=subarashii,dc=com, you will need to load
    # the following ldif entry/entries too.
    # Uncomment out the following, if required.
    #dn: dc=us,dc=subarashii,dc=com
    #orclversion: 90400
    #orclsubscriberfullname: us
    #objectclass: domain
    #objectclass: top
    #objectclass: orclSubscriber
    #dc: us
    # Adding EUSDBGroup entry
    # Modify the memberurl attribute and replace it with your own domain name
    #dn: cn=EUSDBGROUP,dc=subarashii,dc=com
    #cn: EUSDBGROUP
    #memberurl:ldap:///dc=subarashii,dc=com??sub?(&(objectclass=orclService)(objectclass=orclDBServer))
    #objectclass:groupofuniquenames
    #objectclass:groupofurls
    #objectclass:top

    Did you ever get your questions answered about the realmRoot.ldif file? Did you manage to configure a successful integration of OVD with EUS? I am battling with trying to get Oracle Virtual Directory integrated with Enterprise User Security, but every step I take in Chapter 7 of the OVD manual fails in some way, and the instructions are often vague. I am not sure how to modify the realmRoot.ldif file. Is there any improved documentation on this? I have logged a Service Request, but not getting any help. Any resources or documentation you know of that provides better guidance would be much appreciated. I am way behind my schedule now and this is a very frustrating exercise.
    Thanks.

  • Completion Insight not working correctly when using Enterprise User Security (EUS) logon

    This is a pre existing issue we've experienced with SQL Developer, though I've only just worked out what is causing the issue it is present in previous versions of the tool, up to the current 4.0.EA2.
    We experience issues with the Completion Insight functionality of SQL Developer.
    When we log into a database using Enterprise User Security i,e authenticating against OID, the schema of the database account is prefixed to any reference to public synonyms, ie all user_%, all_%, dba_% and v$% views.
    When I change the authentication of the database account back to normal database authentication the schema prefix correctly isn't shown. It simply suggests the synonym name of the views.
    An example of this is as follows when attempting to query the DBA_TABLES view:
    The database account is ORADBA and has DBA privs.
    The EUS user that is mapped to the ORADBA schema is dbutler.
    The ORADBA user is configured to authenticate externally (against OID).
    I login with my dbutler directory credentials:
    If I start typing:
    select * from dba_tabl
    The object name is suggested as ORADBA.dba_tables
    If I change the authentication of the ORADBA account back to database authentication, the prefix is no longer present.
    i.e If I start typing:
    select * from dba_tabl
    The object name is suggested as dba_tables

    If you're not using DB 10.2 this is the "expected" behavior for the DB. See also metalink note 351170.1 "Enterprise Users Can Connect to a Database when the OID Account is Disabled"
    regards,
    --Olaf                                                                                                                                                                                                                                                                                                                                                                                                                   

  • IGS: Vulnerability "security hole in level 3"

    Hi!
    We are using SAP ERP 6.0 system with an ingetrated IGS 7.0
    We already changed IGS according to sap note 896400 to the version 7.00 (Patch 15)
    When we run scan on demand we get the following information: 
    A security hole in level 3 was found at server ServerX.
    Vulnerability-Level [highest]: 3
    Vulnerability-Level [highest counted]: 0
    Vulnerability Details
    Date: Sun 10 May 2009  1:26:13 MET
    Vuln: 300803
    Vulnerability: SAPXPG Remote OS Command Execution at sysnr 3
    ToDo: Set up a project to implement access restriction rules to RFC programs
    with the 'secinfo' and 'reginfo' (only available in SAP Netweaver) mechanism
    CertRef: M906071, SAP 30/08
    Tool Reference: proprietary CERT and IPINS scanner
    Comment:
    Counted in: 2009-07
    Monitor:
    Date: Sun 10 May 2009  1:26:17 MET
    Vuln#: 100806
    Vulnerability: External Server Registration is possible at sysnr 3
    ToDo: Secure remote registration of RFC programs (only possible in SAP Basis
    7.00 and later)
    CertRef: M906071
    Tool Reference: proprietary CERT and IPINS scanner
    Comment:
    Counted in: 2009-07
    Monitor:
    Date: Sun 10 May 2009  1:26:17 MET
    Vuln#: 101802
    Vulnerability: IGS HTTP Administration is enabled and this version has
    reported vulnerabilities at sysnr 3
    ToDo: Upgrade to a higher patch level, i.e., for BC-FES-IGS 6.40 Patch Level
    17 or higher and for  BC-FES-IGS 7.00 Patch Level 07 or higher
    CertRef: SAP 34/09
    Tool Reference: proprietary CERT and IPINS scanner
    Comment:
    Counted in: 2009-07
    Monitor:
    End of Vulnerability Details
    Question:
    What we have to do to avoid s security holein level 3?
    Thank you very much!
    regards

    Do you solved tye probllem below. ???  Can you help me.
    I have the same problem.
    What the format of secinfo, reginfo and what value to to profile gw/reg_no_conn_info ??
    Thanks,
    Vulnerability Details
    Date: Sun 10 May 2009 1:26:13 MET
    Vuln: 300803
    Vulnerability: SAPXPG Remote OS Command Execution at sysnr 3
    ToDo: Set up a project to implement access restriction rules to RFC programs
    with the 'secinfo' and 'reginfo' (only available in SAP Netweaver) mechanism
    CertRef: M906071, SAP 30/08
    Tool Reference: proprietary CERT and IPINS scanner
    Comment:
    Counted in: 2009-07
    Monitor:

  • IGS: Vulnerability (security hole in level 3 was found)

    Hi!
    We are using SAP ERP 6.0 system with an ingetrated IGS 7.0
    We already changed IGS according to sap note 896400 to the version 7.00 (Patch 15)
    When we run scan on demand we get the following information: 
    A security hole in level 3 was found at server ServerX.
    Vulnerability-Level [highest]: 3
    Vulnerability-Level [highest counted]: 0
    Vulnerability Details
    Date: Sun 10 May 2009  1:26:13 MET
    Vuln: 300803
    Vulnerability: SAPXPG Remote OS Command Execution at sysnr 3
    ToDo: Set up a project to implement access restriction rules to RFC programs
    with the 'secinfo' and 'reginfo' (only available in SAP Netweaver) mechanism
    CertRef: M906071, SAP 30/08
    Tool Reference: proprietary CERT and IPINS scanner
    Comment:
    Counted in: 2009-07
    Monitor:
    Date: Sun 10 May 2009  1:26:17 MET
    Vuln#: 100806
    Vulnerability: External Server Registration is possible at sysnr 3
    ToDo: Secure remote registration of RFC programs (only possible in SAP Basis
    7.00 and later)
    CertRef: M906071
    Tool Reference: proprietary CERT and IPINS scanner
    Comment:
    Counted in: 2009-07
    Monitor:
    Date: Sun 10 May 2009  1:26:17 MET
    Vuln#: 101802
    Vulnerability: IGS HTTP Administration is enabled and this version has
    reported vulnerabilities at sysnr 3
    ToDo: Upgrade to a higher patch level, i.e., for BC-FES-IGS 6.40 Patch Level
    17 or higher and for  BC-FES-IGS 7.00 Patch Level 07 or higher
    CertRef: SAP 34/09
    Tool Reference: proprietary CERT and IPINS scanner
    Comment:
    Counted in: 2009-07
    Monitor:
    End of Vulnerability Details
    Question:
    What we have to do to avoid s security holein level 3?
    Thank you very much!
    regards

    Do you solved tye probllem below. ???  Can you help me.
    I have the same problem.
    What the format of secinfo, reginfo and what value to to profile gw/reg_no_conn_info ??
    Thanks,
    Vulnerability Details
    Date: Sun 10 May 2009 1:26:13 MET
    Vuln: 300803
    Vulnerability: SAPXPG Remote OS Command Execution at sysnr 3
    ToDo: Set up a project to implement access restriction rules to RFC programs
    with the 'secinfo' and 'reginfo' (only available in SAP Netweaver) mechanism
    CertRef: M906071, SAP 30/08
    Tool Reference: proprietary CERT and IPINS scanner
    Comment:
    Counted in: 2009-07
    Monitor:

  • How to assign possible agents at security role / CAG level?

    Hi Experts, How to assign possible agents at security role / CAG level?

    Yes, that's exactly what I'm talking about. In your task maintenance, goto additional data -> agent assignment -> Maintain
    Click on th task, click on the assign button. Choose object type 'Role', enter role.
    Cheers,
    Mike

Maybe you are looking for

  • New lot-sizing procedure (similar FX fixed order quantity)

    Dear All, I have to create a new lot sizing procedure for MRP run. This new procedure should be similar to FX - the material should be included in MRP run when the stock falls below reorder point - but the quantity ordered (proposed to be ordered in

  • Configure Word 2010 startup with /n switch.

    Hello, Opening MS Word with /n switch, Example "C:\Program Files\Microsoft Office\Office\Winword.exe" /n, Word 2010 will start a new instance of Word with no document open. Can this be done via GPO as we are looking into configuring this for hundreds

  • Why is oracle limited appropriate to save any kind of xml documents

    hey, currently i´m student of health informatics in dortmund (germany) our next test is about oracle database. i do now know a lot about it. but there is one open question and noone can give me an answare... why is oracle limited appropriate to save

  • Blackberry app world icon disappeared

    Hi anyone could help, I have tried to upgrade my Blackberry app world and the icon just disappeared and tried to open menu to show all hidden icon nothing help. I also tried to re-download the icon but nothing shows on the home screen, please help on

  • Apparant Pen Tool glitch of some sort in CS2

    Okay, I use Photoshop frequently, and am quite familiar with the Pen tool. However, this time, when I tried to fill a closed path, the colour appeared on the OUTSIDE of the path. I've never seen it do that before, and it's proving persistent and anno