Access Level restrictions

Hi
I'm currently re-developing an old site I built a few years
back.
Is it possible to have the User Login - Access Level
restriction dependent on more than 1 database field. I'm using CS3
and the pages are PHP.
Currently when a customer logs in, they use their username,
password and then there is also an Access Level field in the
database called 'status' that the customer must have set to 'Y' or
'admin' to proceed otherwise it redirects to a failed login page -
all simple so far...
What I now need to do is add an extra function so that as
well as the 'status' field being an Access Level, another field
called 'license_agreement' must also be set to 'Y' otherwise the
customer gets re-directed.
So I need 2 Access Levels - but the Dreamweaver Log In User
window, only allows the set up of 1 Access Level.
Any ideas guys???
Many Thanks

The patchlevel of the R2 system is 11.5.8.826
The R3 system works on a seperate machine.
Both systems are still alive and connects the same database (teradata).

Similar Messages

Restrict certain function based on access level

I'm working through an approval process with Office 365 SharePoint Lists and Infopath, and I want certain people to be able to submit items in a Sharepoint list on behalf of someone else. So, the boss might have her assistant post news for her,
but her name will be on it. I only want certain people with a higher access level to be able to do this. Most people will just be able to submit news on their own behalf. I'm not sure how to do this other than to actually have a separate list that only certain
people can access to support this one function.
Currently I have lists for...
Draft Items
Submitted Items
Published Items
and I might create a fourth one for "Drafts Items on behalf of." Can you think of a better way than to actually create a fourth list?

Hi ,
According to your description, my understanding is that you want to three permission level for a list: unable submit and unable approval, able submit and unable approval, able submit and able approval.
If you just want to restrict for a list, you can try to stop inheriting permissions for the list.
For the above permission level, it can be reflected to the SharePoint default permission level: read, edit, approve. So for achieving your demand, you can add the users into suitable permission
group (Site Visitors, Site Members, Approvers).
Then you can go to the list ->List Settings ->Versioning Settings, select “Yes” for Require content approval for submitted items.
Best Regards,
Eric
Eric Tao
TechNet Community Support

Problem with Restrict Access to Page with access level using ASP

I'm using Dreamweaver CS3 with ASP-VBScript and an Access
database. The pages were created from scratch for this project,
using those tools all the way through.
I've created a login page, an admin homepage, and add, edit,
and list records pages for three tables. The login page uses the
Server Behavior "Log in User", all other pages use the Server
Behavior "Restrict Access to Page". All of these are based on an
Access Level.
Login seems to work correctly, and redirects to the admin
homepage. From the admin homepage, I can open any other page as
expected, and they initially display correctly. On the add and edit
pages, however,
submitting the form often results in getting logged out, but
not always.
Once this happens, I can log back in, but other problems will
sometimes occur during that second login session. Sometimes,
logouts will occur on pages that worked fine during the first login
session. Sometimes, another session variable that I've setup
manually will change when it shouldn't...as if there were two
values stored for my session variable, and reloading the page
changes to the other value.
This
post seems closest to my experience, but it doesn't look like
there was really an answer beyond "I had to fight with it for a bit
to get it to work":
I suspected that there is some problem with session settings
on the server. We have an almost identical tool on the same server
that was developed with an older version of DW that works more
reliably; it sometimes has problems with the initial login, but
never has a problem after that.
Has anyone experienced problems like this? Any suggestions
for what to check? I'm really pulling my hair out since it's so
unreliable...the kind of problem that goes away when you try to
show someone and comes back when they leave.

Hello,
I was thinking that all I would need would be the username, although username and paswsword would be more secure. There are about 50 users and no groups or levels. They are all equal ... same level.
The website is private and there is a general content area for all users and then there will be private areas for each user where proprietary documents will be held. I need to be able to ensure that user 'A' can only see the user 'A' pages, user 'B' can only see user 'B', etc.
I don't really understand what the Dreamweaver script is doing, but the overview sounded like it was the right tool to accomplish what I'm trying to do.
Any assistance greatly appreciated.
thanks.

Problems with Serv.Behav. Restrict Access Level

Hi,
I hope you can help - can't find an answer to this one. Been
going nuts on this! Thank you very much for anything help you can
provide.
1) Using DW 8.0, PHP 4.4.7, MySQL 4.1.22
2) Set up log in page, everything works if the LogIn Server
Behavior is set to "Restrict Access" to only Username &
Password. If set to Username, Password & Access Level get a
MySQL error page:
"You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to
use near 'Privileges FROM tbl_users WHERE Username=%s AND
Password=%s' at line 1"
3) Here's the code:
<?php require_once('Connections/conn_MemberList.php');
?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType,
$theDefinedValue = "", $theNotDefinedValue = "")
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue)
: $theValue;
$theValue = function_exists("mysql_real_escape_string") ?
mysql_real_escape_string($theValue) :
mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" :
"NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) .
"'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" :
"NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue :
$theNotDefinedValue;
break;
return $theValue;
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
if (isset($_POST['textfield'])) {
$loginUsername=$_POST['textfield'];
$password=$_POST['textfield2'];
$MM_fldUserAuthorization = "Privileges";
$MM_redirectLoginSuccess = "MemberList.php";
$MM_redirectLoginFailed = "MemberDeny.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_conn_MemberList, $conn_MemberList);
$LoginRS__query=sprintf("SELECT Username, Password,
Privileges FROM tbl_users WHERE Username=%s AND Password=%s",
GetSQLValueString($loginUsername, "text"),
GetSQLValueString($password, "text"));
$LoginRS = mysql_query($LoginRS__query, $conn_MemberList) or
die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = mysql_result($LoginRS,0,'Privileges');
//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
header("Location: " . $MM_redirectLoginSuccess );
else {
header("Location: ". $MM_redirectLoginFailed );
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0
Transitional//EN" "
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="
http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=iso-8859-1" />
<title>Untitled Document</title>
<style type="text/css">

</style>
</head>
<body>
<p> </p>
<form id="LogOn" name="LogOn" method="POST"
action="<?php echo $loginFormAction; ?>">
<table width="100%" border="0" cellspacing="2"
cellpadding="2">
<tr>
<th scope="col"><div align="right"><span
class="style3">User:</span></div></th>
<th scope="col"><label>
<div align="left">
<input type="text" name="textfield" />
</div>
</label></th>
</tr>
<tr>
<td><div align="right"><span
class="style3">Password:</span></div></td>
<td><label>
<div align="left">
<input type="text" name="textfield2" />
</div>
</label></td>
</tr>
<tr>
<td> </td>
<td><label>
<input type="submit" name="Submit" value="Submit" />
</label></td>
</tr>
</table>
</form>
<p> </p>
</body>
</html>
Thank you

I tried this and get the same error message.
ERROR at line 1:
ORA-28545: error diagnosed by Net8 when connecting to an agent
NCRO: Failed to make RSLV connection
ORA-02063: preceding 2 lines from ALPACWOBF
listener.ora:
LISTENER =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = spruce)(PORT = 1521))
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC0))
SID_LIST_LISTENER =
(SID_LIST =
(SID_DESC =
(SID_NAME = alpacwobf)
(ORACLE_HOME = C:\oracle\ora92)
(PROGRAM = hsodbc)
tnsnames.ora
alpacwobf.3LOG.COM =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = SPRUCE)(PORT = 1521))
(CONNECT_DATA =
(SID_NAME = alpacwobf)
(HS=ok)
initalpacwobf.ora:
HS_FDS_CONNECT_INFO = AlpacWOBF
HS_FDS_TRACE_LEVEL = 4
HS_FDS_TRACE_FILE_NAME = alpacwobf.log
ODBC setting is ok. odbc name is alpacwobf, db is access 2000.
restart the listener.
tnsping alpacwobf is ok.
database link creating is ok.
but when query,I got error.
alpac > create database link alpacwobf using 'alpacwobf';
Database link created.
alpac > select count(*) from test@alpacwobf;
select count(*) from test@alpacwobf
ERROR at line 1:
ORA-28545: error diagnosed by Net8 when connecting to an agent
NCRO: Failed to make RSLV connection
ORA-02063: preceding 2 lines from ALPACWOBF
Any help will be appreciated.
Thanks a lot.
Richard

Problem with user access level

David,
I have so far succesfully implementend your tutorial on users registering and having to validate their emailaddress (both part I and II).
Part I: http://cookbooks.adobe.com/post_Registration_system_that_requires_the_user_to_vali-16646.h tml
Part II: http://cookbooks.adobe.com/post_Registration_system_that_requires_the_user_to_vali-16649.h tml
When creating a login form however, I don't get it to work based on the access level verified = y. The database is set up exactly as you described in the above tutorials.
This is the HTML for the log in form (index.php):
<form ACTION="<?php echo $loginFormAction; ?>" method="POST" id="logon">
<label for="user">Username</label>
<input type="text" id="user" name="username" />
<br />
<label for="pass">Password</label>
<input type="password" id="pass" name="password" />
<br />
<label for="done"> </label>
<input type="submit" value="Log On" />
</form>
Below the code that is found above the <html> tag in the index.php file:
<?php require_once('../Connections/conn.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
return $theValue;
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "verified";
$MM_redirectLoginSuccess = "overview.php";
$MM_redirectLoginFailed = "index.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_conn, $conn);
$LoginRS__query=sprintf("SELECT username, password, verified FROM users WHERE username=%s AND password=%s",
GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));
$LoginRS = mysql_query($LoginRS__query, $conn) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
    $loginStrGroup = mysql_result($LoginRS,0,'verified');
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;
    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
    header("Location: " . $MM_redirectLoginSuccess );
else {
    header("Location: ". $MM_redirectLoginFailed );
?>
On the overview.php page, I applied the restrict access to page behaviour, which results in the following code:
<?php require_once('../Connections/conn.php'); ?>
<?php
if (!isset($_SESSION)) {
session_start();
$MM_authorizedUsers = "y";
$MM_donotCheckaccess = "false";
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;
// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
    // Parse the strings into arrays.
    $arrUsers = Explode(",", $strUsers);
    $arrGroups = Explode(",", $strGroups);
    if (in_array($UserName, $arrUsers)) {
      $isValid = true;
    // Or, you may restrict access to only certain users based on their username.
    if (in_array($UserGroup, $arrGroups)) {
      $isValid = true;
    if (($strUsers == "") && false) {
      $isValid = true;
return $isValid;
$MM_restrictGoTo = "index.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
?>
Any idea/thoughts on what I'm not adding to the page in order to work?

David,
Thank you for that insight, I figured it would be something like that and when I woke up this morning, it all made sense. I changed somthing from the tutorial (part I) you wrote and now it works fine.
I had trouble with the validation link in the email that is sent automatically. In your tutorial, section "generating and sending the validation email", you write:
$message .= urlencode($_POST['username']);
$message .= '&t=';
$message .= urlencode($token);
When using the code like this, it wouldn't set the verified column to y. However, when I changed the middle $message to
$message .= '&t=';
it updated the verified column to y. The URL that displayed from the original code displayed the & sign as & in the URL itself.
Next to that, whenever I try to add something to the e-mail, the validation link becomes not clickable anymore.
As the login problem concerns, encrypting indeed did the trick.
if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=sha1($_POST['password']);
Putting the $_POST['password'] between brackets, adding sha1 in front of it. It works just fine now.
Hopefully no further problems on this anymore! Thanks a lot for your insights!
EDIT: I can't mark this thread as answered anymore?

Access level in lookup table

I'm using Dreamweaver CS4. It seems that access levels can
only be applied (at least through Server Behaviors) to a field
within the same table that host the users and their associated
passwords. I have adopted a database which contains a table which
contains the users and their passwords but the access levels are
stored in a lookup table. Aside from hand coding this or changing
the table structure to include access levels, users and passwords
in the same table, can anyone provide some insight as to how to
handle this?

OK i have successfully achieved the JOIN...I think. I clicked
"Test" on the Recordset dialog and I can see records from the table
but not the JOIN table.
Here is the SQL statement I used:
SELECT authuser_id, firstname, lastname, uname, passwd
FROM authuser INNER JOIN user_access ON
authuser.authuser_id=user_access.userID
So once this is done, I'm not sure how to proceed. I added
the "Log In User" server behavior but the JOIN field is not
displayed under the "Restrict access based on:".
I obviously have a lot to learn about how Dreamweaver helps
streamline this process. Any help (detailed as possible) would be
much appreciated.

10 dim 1 fact data level restrict

All,
I have 10 dimension tables and 1 fact table.
and my Country Dimension table like below data
Name,Country
A UK
B US
C MY
D SG
My requirment is When user "A" logged in,he wants to view only UK country values simillarlly other user data.
How will restrict each dimenstion table.
Thanks

hi,
this can be achieved by implementing row level security. you can define permissions for a particular group in the rpd so that when the user logs in, he only sees the data according to his role/access level. for more details see these urls
http://mithil-tech.blogspot.com/2010/07/obiee-session-variables-and-row-level.html
http://www.rittmanmead.com/2007/05/obiee-and-row-level-security/
assign points if found helpful.

How to Apply Row level restrictions On objects

Hi All,
I am working on universe designer(BO 3.1) .....
I would like to apply row level restrictions on a cloumn of table based on the user who is running the report .
can any one please help me on this..
Thanks in Advance.............

Hi
Universe access and row-level security can also be managed at the group or individual user level from within the design environment.
Find the below video row level restrictions
http://www.youtube.com/watch?v=6yM0OLK6QlI
Create a data security profile that restricts access to specific rows: Information design tool 4.x - YouTube
Implementing row level security in IDT using Data Security Profile
And You cannot set row-level security authorizations in an OLAP universe.
User security can be defined at the most granular level for the following content objects.
Folders and sub-folders
Reports
Categories
Events
Program Files
Publications

Multiple access level Webi Reports

Hi,
We have Business Objects Enterprise XI 3.1 SP2 FP2.4. Our problem is that we want to asign to the same user diferent levels of visualization for a webi report, but if we asign the security at application level (WebIntelligence) the access levels applies for all reports and if we assign the access level at folder level it doesn´t applied to the visualization of the report. Basically we want that a user see a WebiReport without refresh the data and the same user saw a diferent report in a diferent folder with the capability to do this action.
Is this possible??
Thanks a lot.

Hello,
I apologize for not replying earlier. I tried to reproduce what you mentioned. InfoView kept crashing on my end when I disable right-click.
In any case, you mentioned that disabling right-click only works when applied on on the application level (for Webi). We can work with this itself.
Again, for sake of simplicity, lets assume that we have only two access levels.
1. Right_Click_Disabled
2. Toolbar_Disabled
Also, lets assume that a specific user requires the Right_Click_Disabled access level on Rep_1 in Folder_A and the Toolbar_Disabled access level on Rep_2 in Folder_A.
For this, you'll need to create two groups. Lets call them Right_Click_Disabled_Grp and Toolbar_Disabled_Grp. Add the user to both groups. Also apply access level Right_Click_Disabled to Webi (application) for group Right_Click_Disabled_Grp (principal).
Similarly, apply access level Toolbar_Disabled to Webi (application) for group Toolbar_Disabled_Grp (principal).
Now, give both groups View access on Folder_A. So, the user will have the most restrictive access of the combination of ViewRight_Click_DisabledToolbar_Disabled for all Webi reports in Folder_A.
Now, for Rep_1 in Folder_A, the user requires Right_Click_Disabled access. So, for Rep_1 in Folder_A, for principal Right_Click_Disabled_Grp, disable inheritance and give the group Right_Click_Disabled (access level) only for Rep_1. Similarly, for Rep_2 in Folder_A, the user requires Toolbar_Disabled access. Again, for Rep_2, for principal Toolbar_Disabled_Grp, disable inheritance and give the group Toolbar_Disabled (access level) only for Rep_2.
Summary:
Groups
Right_Click_Disabled_Grp
Toolbar_Disabled_Grp
Access Levels
Right_Click_Disabled
Toolbar_Disabled
Let me know if you have any questions.Also, note that I haven't tested this.
Best.
Srinivas

Column Level restriction on Oracle 9i User

i want to implement the column level restriction on oracle 9i users but it is not implementing. can u help me in this regard.

Use Fine-Grained Access Control/Virtual Private Database (VPD)
http://download-east.oracle.com/docs/cd/B10501_01/appdev.920/a96590/adgsec02.htm

FOLDER LEVEL RESTRICTION IN SOLMAN

SOLMAN PROJECT
Dear All,
I have to create a new project in Sol man (eg."Document"). The requirement is to upload all the documents of the project into Sol man. Documents are already classified module wise as IT,MM,SD,Mktg,E Biz etc. and stored in respective Subfolders.
Similar folder structure has been created within Sol man, with folder names as below and documents have been uploaded respectively:
Level 1: Project Name
Level 2: Module Names
Level 3: Module Folders
DOCUMENT
IT
- Sub Folders
SD
- Sub Folders
PP
- Sub Folders
our requirement is to restrict user's access for Level 2 and Level 3 Folders. Suppose There is three user A user is having IT access and B is having SD access and C is having PP access but the requirement is A user is not able to see SD and PP sub folders and Vice versa and B user is not able to see PP and IT and C user is not able to access SD and IT.
Kindly help in this matter
Thanks in Advance

Hi
to restrict the folder level access.
[Restricting access to structures in the Solution Manager|Restricting access to structures in the Solution Manager] check the above thread
and for documents
i would like to direct you to the sdn solution manager wiki,
[http://wiki.sdn.sap.com/wiki/display/SMSETUP/Home|http://wiki.sdn.sap.com/wiki/display/SMSETUP/Home]
there you get link of all documents.
Jansi

Access Levels to change Universe

Hi
I have created a WebI template (with formated layout) based on a kind of 'dummy universe'.
The goal is that some 'power users' should be able to copy this template to their favorites and then change the universe to one they are allowed to use.
These 'ad hoc ' universes are accessible when you create a new webi report but when you want to change it to one of the other adhoc univereses then they are not viewable.
The current access levels let the power users choose an universe to work with. So that's OK.
But rights in the Access levels should be set on the universe (sub) folder where these adhoc Univ's are stored?
I assigned already these rights to the universe folder:
System - Connection   => Data Access
System - Connection   => Use connection for Stored Procedures
System - Connection   => View objects
System - Universe       => Create and Edit Queries Based on Universe
System - Universe       => Data Access
System - Universe       => View objects
We're working with BOE XI R3.1 sp 3 fixpack 5
Thx in advance for your answers
JP - BO Admin

Hi Jean-Pierre,
The only thing that comes to mind is the possibility that the universes are in a different domain, meaning different repository, etc. Do you all log into the exact same CMS/Infoview server?
If that is not the issue, then try creating a new user with the same access rights as yours, the one that can access the other universes, and see how that works, then change theirs to match, and then restrict them as necessary.
Hope that helps.

HT201304 It would be tremendously helpful to be able to access, set restrictions, and make changes from the parents device to all devices under the same iTunes account, so that I could make changes to my kids devices without physical access.

Please help!
It would be tremendously helpful to be able to access, set restrictions, and make changes from the parents device, to all devices under the same iTunes account, so that I could make changes to my kids devices without physical access.
I understand that I can set up a different Apple ID for the kids devices, or take physical control of the device and make the changes myself. However, my teenage son is technically savvy enough to have a job in Silicon Valley, as are most young people these days. However, in order to access his devices the current way, I first have to bypass the four digit pass code. This starts a fight of why I need in the device and continues to escalate. The argument that I am the parent will gain access but the fight is simply exhausting, and quite frankly shouldn't have to happen at all. He is not yet an adult, he did not pay for his iPad or iPhone and I, as a parent, should have not only have the right to change options at will, and from anywhere, but look at history or current activity when I feel like it.
I currently have the settings where app and in-app purchases require my password to be put in, and he must come to me to type it in, but I need more control and would like, and should be able to access any of our six devices and make individual changes simply by logging in to my account, with my password.
If I can see all my devices on the "Lost My iPhone" app, this technology should be easy to make happen.
C'mon parents! I have a pretty good kid, given all things that they can get into, but I am not stupid. For everything I see has been done, there is much more I haven't seen. I want my children to be kept safe and be able to know what they are looking at or listening to. We parents are the only ones who know our beliefs and what our kids can handle and when.
Thanks for any support or information that I may be missing in order to fulfill my request.

There are mobile device management solutions that can do this, including in Apple's OS X Server system, but most parents generally find that setting this up is more work than it's worth. If you're interested, though, there are a couple that at least purport to be free (I don't know if there are any hidden "gotchas"):
http://www.unwireddevicelink.com/features/
https://meraki.cisco.com/products/systems-manager
and Apple's system:
http://www.apple.com/osx/server/features/#profile-manager
I don't think any, however, allow you to see current activity or browser history. iOS doesn't expose those to access from MDM solutions, to the best of my knowledge.
Regards.

Row Level Restrictions on DeskI Report not working under InfoView

When running/refreshing DesktopIntelligence XI r3 (Full Client) reports under InfoView, the row-level restrictions applied in the universe are not being included in the SQL (additional filtering is NOT happening). However, if a user creates a report using the same universe in WebIntelligence or if the user runs the same report in DesktopIntelligence, the row-level restrictions are working.
It strikes me that the problem has to do with security rights granted (or not granted), but I can't figure out which settings would allow the proper running of a DeskI report under InfoView.
Thanks for any assistance rendered!

Mike,
Do people connect to Infoview and Deski using the same authentication method and the same username?
How does this compare to how your data restrictions are configured?
Are you using @Variable('BOUSER') restrictions? Have you taken domain into account e.g. "Domain\UserName" vs "UserName"?

Org Level, fund center/cost center level restriction for tcodes????

I am looking to see whether org level restriction and cost center/fund center level restriction is possible for certain set of transactions.
I am using USOBX table for this analysis. This table has a check flag field ( same as in SU24) which says whether the Tcode (program) does the authority check for certain auth objects. Example- X (checked but not maintained in USOBT). This table pulls up several authorization objects under the 'X' category. However, when I do the System trace for the same tcode, all the objects (marked as X) are not captured. Instead only a few are captured.
Can we rely on the USOBX data or should we do system Trace for every tcode. I am just pulling a report and not creating roles at this point. So trace is time consuming. But data reliability is equally important.
My objective is to verify whether org level and cost center/fund center level restriction is possible or not for some tcodes.
Do you have any suggestion to achieve this faster (through USOBX or any other means)?
Thanks in advance
Kee

I would suggest you to check USOBX_C and USOBT_C instead of USOBX and USOBT as it will have your customization as well and not just the standard ones given by SAP.
Also when check field is X ...it means the object is checked but not maintained for the t-code as you already said but I am not sure how much it will help you as the they will not be pulled by PFCG when you are creating the role until you change the object to Check / maintain . When you do that the check field will be Y and not X. So basically it is the Y one which you need to see.
Going for trace is time consuming for every t-code and I am not sure if it really needed. When your roles are in testing phase and are tested by the functional team or the team which needs it and if they are missing some object, you can run a trace and find the missing object....
I am not sure on what basis you want to change some field to Org level ...but typically it is done if you want to do segregation of roles based on these org level. There could be various other reasons and it is better to talk to your functional counterparts before changing a field to Org level.
for ex : If you want to segregate on company code, you will create co. code as Org level and create roles for different company code.

Access Level restrictions

Similar Messages

Maybe you are looking for