Access Level - WebI XI3.0/3.1

Similar Messages

• Multiple access level Webi Reports

  Hi,
  We have Business Objects Enterprise XI 3.1 SP2 FP2.4. Our problem is that we want to asign to the same user diferent levels of visualization for a webi report, but if we asign the security at application level (WebIntelligence) the access levels applies for all reports and if we assign the access level at folder level it doesn´t applied to the visualization of the report. Basically we want that a user see a WebiReport without refresh the data and the same user saw a diferent report in a diferent folder with the capability to do this action.
  Is this possible??
  Thanks a lot.

  Hello,
  I apologize for not replying earlier. I tried to reproduce what you mentioned. InfoView kept crashing on my end when I disable right-click.
  In any case, you mentioned that disabling right-click only works when applied on on the application level (for Webi). We can work with this itself.
  Again, for sake of simplicity, lets assume that we have only two access levels.
  1. Right_Click_Disabled
  2. Toolbar_Disabled
  Also, lets assume that a specific user requires the Right_Click_Disabled access level on Rep_1 in Folder_A and the Toolbar_Disabled access level on Rep_2 in Folder_A.
  For this, you'll need to create two groups. Lets call them Right_Click_Disabled_Grp and Toolbar_Disabled_Grp. Add the user to both groups. Also apply access level Right_Click_Disabled to Webi (application) for group Right_Click_Disabled_Grp (principal).
  Similarly, apply access level Toolbar_Disabled to Webi (application) for group Toolbar_Disabled_Grp (principal).
  Now, give both groups View access on Folder_A. So, the user will have the most restrictive access of the combination of ViewRight_Click_DisabledToolbar_Disabled for all Webi reports in Folder_A.
  Now, for Rep_1 in Folder_A, the user requires Right_Click_Disabled access. So, for Rep_1 in Folder_A, for principal Right_Click_Disabled_Grp, disable inheritance and give the group Right_Click_Disabled (access level) only for Rep_1. Similarly, for Rep_2 in Folder_A, the user requires Toolbar_Disabled access. Again, for Rep_2, for principal Toolbar_Disabled_Grp, disable inheritance and give the group Toolbar_Disabled (access level) only for Rep_2.
  Summary:
  Groups
  Right_Click_Disabled_Grp
  Toolbar_Disabled_Grp
  Access Levels
  Right_Click_Disabled
  Toolbar_Disabled
  Let me know if you have any questions.Also, note that I haven't tested this.
  Best.
  Srinivas

• Custom Access Level issue in XI 3.1

  Hi,
  I am using BOXI 3.1 with fp 1.5, this configuration is migrated from XI3.0.
  Earlier we have access level such that user can modify the webi report in folders but they can't overwrite the report, they can save the report in their personal folder but not in same folder or any folder under public folder.
  After migration users can't see the modify option at all, and if i gave then edit object rights then they can see the modify option but they can overwrite at the same time.
  Is there any other rights which i need to provide.
  Thanks for the help/suggestion.

  Hi Marianne,
  I have given the same rights in general rights section, i have denied to add objects to folder but i have give the copy objects rights due to which they can copy the report to their personal folder due to that they got overwritting the report rights.
  Thanks.

• Access Denied Web Application with Claims authentication NTLM only when using secondary URL

  I have a SharePoint 2010 server farm with 2 web front ends, an application server and a database server.  Both front ends are internal to
  our network and are not behind a load balancer.
  NOTE THAT I HAD TO SUBSTITUTE hzzp with hzzp so that I had no links in the body of this post since I am not verified
  I setup a new web application called "SharePoint 41171" with:
  Public URL:
  hzzp://testserver1:41171
  Claims authentication
  NTLM only: no forms auth
  No SSL
  New web site "SharePoint 41171"
  New app pool
  New content database
  I create a top level site collection and name mydomain\myusername as the primary site collection admin
  I am able to access this site as expected at
  hzzp://testserver1:41171 with the aforementioned site collection owner id: mydomain\myusername
  I add an alternate access mapping for a secondary URL for this web application in the Intranet zone:
  hzzp://iwatest.mydomain.com
  So my AAMs for the site read as:
  hzzp://testserver1:41171    
  Default     hzzp://testserver1:41171
  hzzp://iwatest.mydomain.com    
  Intranet     hzzp://iwatest.mydomain.com
  When I attempt to log on to
  hzzp://iwatest.mydomain.com with the same user name and password, I get "access denied".
  I can access this site using
  hzzp://iwatest.mydomain.com if I log in as the farm account.  This is the only account that seems to work.
  Side Note: If I create a separate web application without claims - just NTLM and create the same AAMs, I can login fine with the same secondary
  URL and the same user name
  IP address properly maps to this machine.
  I reviewed the ULS logs and find the following:
  10/30/2012 16:20:23.45              w3wp.exe (0x0E78)                      
                  0x1724       SharePoint Foundation              Monitoring                   
                  nasq                        Medium    Entering
  monitored scope (Request (GET:hzzp://iwatest.mydomain.com:80/_layouts/AccessDenied.aspx?Source=hzzp%3A%2F%2Fiwatest%2Emydomain%2Ecom))                
  10/30/2012 16:20:23.45              w3wp.exe (0x0E78)                      
                  0x1724       SharePoint Foundation              Logging Correlation Data     
        xmnv                        Medium    Name=Request (GET:hzzp://iwatest. mydomain.com:80/_layouts/AccessDenied.aspx?Source=hzzp%3A%2F%2Fiwatest%2Emydomain%2Ecom)      
  8f313b5e-8476-4dd4-9abe-0cb6dbe024b6
  10/30/2012 16:20:23.45              w3wp.exe (0x0E78)                      
                  0x1724       SharePoint Foundation              Logging Correlation Data     
        xmnv                        Medium    Site=/          8f313b5e-8476-4dd4-9abe-0cb6dbe024b6
  10/30/2012 16:20:23.45              w3wp.exe (0x0E78)                      
                  0x1724       SharePoint Foundation              General                      
                     8e2s                        Medium 
    Unknown SPRequest error occurred. More information: 0x80070005       8f313b5e-8476-4dd4-9abe-0cb6dbe024b6
  10/30/2012 16:20:23.45              w3wp.exe (0x0E78)                      
                  0x1724       SharePoint Foundation              Monitoring                   
                  b4ly                        Medium    Leaving
  Monitored Scope (Request (GET:hzzp://iwatest.mydomain.com:80/_layouts/AccessDenied.aspx?Source=hzzp%3A%2F%2Fiwatest%2Emydomain%2Ecom)). Execution Time=8.66003919492561   8f313b5e-8476-4dd4-9abe-0cb6dbe024b6
  Basically it tells me that access is denied.  I didnt see anything that stood out here.
  I found this article:
  hzzp://social.technet.microsoft.com/Forums/en-US/sharepointadminprevious/thread/ded9188b-ee03-4ef0-bb50-3ad138110e0c, which pointed me in the direction of ensuring that the portal
  super user and portal reader accounts were properly added to my web application.  I followed the every popular article on doing this:
  hzzp://technet.microsoft.com/en-us/library/ff758656.aspx, but still no luck.  As per the thread, I added the 2 domain accounts to the user policy with appropriate privilege
  and then set them as the super user and super reader accounts via powershell, and yes I did prefix those names with "i:0#.w|mydomain\".  To be exta sure, I repeated this for all web applications on this server with slightly different powershell steps
  depending on wether or not claims was enabled on the web application.
  The Claims to Windows Token Service is running.
  I saw some mention of ensuring that the secure token service is running with a proper application pool account, but we are not running that service
  and I cant imagine what that would have to do with my situation.
  I have deleted and readded the web application and repeated these steps to no better effect.
  I gave the mydomain\myusername full control for the web application through the user policy, ensured that it was indeed the primary site collection
  owner and added it to the default site owners group.  None of this helped.
  I changed the application pool account to the farm account.  No change in behavior.
  Rebooted IIS and the machines many times along the way.
  Further, when I attempt to sign in as a different user after being denied, I get "an unexpected error has occured message.  I found the following
  in ULS:
  10/30/2012 11:19:03.71 w3wp.exe (0x182C)                      
  0x1210  SharePoint Foundation                 Logging Correlation Data                     
  xmnv     Medium               Name=Request (GET:hzzp://iwatest.mydomain.com:80/_layouts/accessdenied.aspx?loginasanotheruser=true&Source=hzzp%3A%2F%2Fiwatest%2Emydomain%2Ecom)
  cc409ec2-4889-42fa-aa7d-9cc4535e4f0e
  10/30/2012 11:19:03.71 w3wp.exe (0x182C)                      
  0x1210  SharePoint Foundation                 Logging Correlation Data                     
  xmnv     Medium               Site=/    cc409ec2-4889-42fa-aa7d-9cc4535e4f0e
  10/30/2012 11:19:03.72 w3wp.exe (0x182C)                      
  0x1210  SharePoint Foundation                 General                      
           8e2s                Medium               Unknown SPRequest error occurred.
  More information: 0x80070005      cc409ec2-4889-42fa-aa7d-9cc4535e4f0e
  10/30/2012 11:19:03.72 w3wp.exe (0x182C)                      
  0x1210  SharePoint Foundation                 Runtime                      
          tkau                Unexpected       System.NullReferenceException: Object reference not set to an instance
  of an object.    at Microsoft.SharePoint.ApplicationPages.AccessDeniedPage.LogInAsAnotherUser()     at Microsoft.SharePoint.ApplicationPages.AccessDeniedPage.OnLoad(EventArgs e)     at System.Web.UI.Control.LoadRecursive()    
  at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)            cc409ec2-4889-42fa-aa7d-9cc4535e4f0e
  10/30/2012 11:19:03.74 w3wp.exe (0x182C)                      
  0x1210  SharePoint Foundation                 Monitoring                        
  b4ly                Medium               Leaving Monitored Scope (Request (GET:hzzp://iwatest.mydomain.com:80/_layouts/accessdenied.aspx?loginasanotheruser=true&Source=hzzp%3A%2F%2Fiwatest%2Emydomain%2Ecom)).
  Execution Time=22.5439266722447           cc409ec2-4889-42fa-aa7d-9cc4535e4f0e
  By the way, this occurs for the farm account also after a successful login and an attempt to sign in as a different user.
  Any help would be greatly appreciated

  Thanks spadminspadmin:
  I have, though I am not sure that what I've added there is correct:
  The URL that I am trying to use to access the web application's IIS site is hxxp://iwatest.mydomain.com.  I added a binding to the IIS site as follows:
  Type    Host name                      port        IP address
  http     iwatest.mydomain.com     41171     *
  Is that correct?

• How to include group access level in a ws call

  I want to include a Group Access Label in a Permission for a Course using an iTunes web service call.
  I don't see how to do this in the docs.
  (The example in iTunesUAdministratorsGuide.pdf at page 111 doesn't include the Group Access Label.
  And it's not in the schema for the ws xml document at http://deimos.apple.com/iTunesURequest-1.0.xsd)
  Is this an obvious omission or am I missing something? Anyone know how to do this?
  Background:
  We're creating most Courses programmatically.
  Obviously, we'd strongly prefer not to require an administrator to go into every Course and manually add a common Group Access Label to the Permission. (This manual piece is essentially what's now missing from the ws call or at least from my understanding of it.)
  Either way -- manually by an administrator or programmatically -- our instructors would then be able to set Permissions themselves on any Group they create -- doing this themselves and without the help of an administrator.

  To resume with a little progress made:
  I have a Section
  * with Access Level == Edit for Credential == Instructor@...${IDENTIFIER} with no Group Access Label, and also
  * with Access Level == Download for Credential == Student@...${IDENTIFIER} with Group Access Label == Student.
  I'm doing ws calls to add a Course including an identifier. This is successful, and I can then go into the iTunes client as Instructor@...${IDENTIFIER} (substitution made) and manually add Groups and change Access to each individually. (I'm adding Groups "Download", "Shared Uploads", and "Drop Box", changing the Access Level accordingly for Group Access Label "Student".
  But naturally I want to do the manual part programmatically, to save n instructors from having to learn how to do this same thing and then to do it.
  So I'm trying to change my ws call to add the Groups, including Permissions. Schema http://deimos.apple.com/rsrc/xsd/iTunesURequest-1.1.xsd doesn't include Group Access Label for Permission. What does this mean?
  I've tried the actual Credential == Student@...${IDENTIFIER} (with IDENTIFIER substitution made before the call) and also Credential == Student (to see if I'm supposed to match the Group Access Label, instead).
  For either of these trials, the ws call successfully adds the Groups and a ShowTree includes the Permissions for the Groups. But in the iTunes client user interface, it's as if I gave no Permissions in adding the Groups.
  Am I approaching this wrong or is there a bug here?
  (I haven't tried yet a separate call to add the Group Permissions, not wanting to suffer the processing wait of getting handles for the three Groups.)
  Anyone else doing this? (successfully or not ) Thanks.

• Error during JNDI lookup Accessing Remote EJB (access to web service restricted using declarative security model)

  Hello everyone,
  I developed a Web Service prototype accessing remote EJB using the EJB
  control with special syntax in the jndi-name attribute: @jws:ejb
  home-jndi-name="t3://10.10.245.70:7131/AccountDelegatorEJB"
  Everything works fine, but I get an error when I restrict access to my web
  service with a declarative security model by implementing steps provided in
  help doc:
  - Define the web resource you wish to protect
  - Define which security role is required to access the web resource
  - Define which users are granted the required security role
  - Configure WebLogic Server security for my web service(Compatibility
  Security/Users)
  I launch the service by entering the address in a web browser. When prompted
  to accept the digital certificate, click Yes, when prompted for network
  authentication information, enter username and password, navigate to the
  Test Form tab of Test View, invoke the method by clicking the button and I
  get the following exception:
  <error>
  <faultcode>JWSError</faultcode>
  <faultstring>Error during JNDI lookup from
  jndi:t3://10.10.245.70:7131/AccountDelegatorEJB[Lookup failed for
  name:t3://10.10.245.70:7131/AccountDelegatorEJB]</faultstring>
  <detail>
  <jwErrorDetail> weblogic.jws.control.ControlException: Error during JNDI
  lookup from jndi:t3://10.10.245.70:7131/AccountDelegatorEJB[Lookup failed
  for name:t3://10.10.245.70:7131/AccountDelegatorEJB] at
  weblogic.knex.control.EJBControlImpl.acquireResources(EJBControlImpl.java:27
  8) at
  weblogic.knex.context.JwsInternalContext.acquireResources(JwsInternalContext
  .java:220) at
  weblogic.knex.control.ControlHandler.invoke(ControlHandler.java:260) at
  ibas.AccountControl.getTransactionHistory(AccountControl.ctrl) at
  ibas.GetSecure.retrieveVisaHistoryTxn(GetSecure.jws:64) </jwErrorDetail>
  </detail>
  </error>
  I have a simple Hello method as well in my WebService (which is also
  restricted) and it works fine, but remote EJB access doesn't. I tested my
  prototype on Weblogic 7.2 and 8.1 platforms - same result.
  Is that a bug or I am missing some additional configuration in order to get
  that working. Has anyone seen similar behavior? Is there a known resolution?
  Or a suggested way to work around the problem?
  Thank you.
  Andre

  Andre,
  It would be best if this issue is handled as an Eval Support case. Please
  BEA Customer Support at http://support.beasys.com along with the required
  files, and request that an Eval support case be created for this issue.
  Thanks
  Raj Alagumalai
  WebLogic Workshop Support
  "Andre Shergin" <[email protected]> wrote in message
  news:[email protected]...
  Anurag,
  I removed "t3", still get an error but a different one (Unable to create
  InitialContext:null):
  <error>
  <faultcode>JWSError</faultcode>
  <faultstring>Error during JNDI lookup from
  jndi://secuser1:[email protected]:7131/AccountDelegatorEJB[Unable to
  create InitialContext:null]</faultstring>
  <detail>
  <jwErrorDetail> weblogic.jws.control.ControlException: Error during JNDI
  lookup from
  jndi://secuser1:[email protected]:7131/AccountDelegatorEJB[Unable to
  create InitialContext:null] at
  weblogic.knex.control.EJBControlImpl.acquireResources(EJBControlImpl.java:27
  8) at
  weblogic.knex.context.JwsInternalContext.acquireResources(JwsInternalContext
  .java:220) at
  weblogic.knex.control.ControlHandler.invoke(ControlHandler.java:260) at
  ibas.AccountControl.getTransactionHistory(AccountControl.ctrl) at
  ibas.GetVisaHistoryTransactions.getVisaHistoryTxn(GetVisaHistoryTransactions
  .jws:67) </jwErrorDetail>
  </detail>
  </error>
  Note: inter-domain communication is configured properly. The Web Service to
  remote EJB works fine without a declarative security.
  Any other ideas?
  Thank you for your help.
  Andre
  "Anurag" <[email protected]> wrote in message
  news:[email protected]...
  Andre,
  It seems you are using the URL
  jndi:t3://secuser1:[email protected]:7131/AccountDelegatorEJB
  whereas you should not be specifying the "t3:" protocol.
  The URL should be like
  jndi://secuser1:[email protected]:7131/AccountDelegatorEJB
  Please do let me know if you see any issues with this.
  Note that this will only allow you to access remote EJBs in the same WLS
  domain. For accessing EJBs on another domain, you need to configure
  inter-domain communication by
  following a few simple steps as mentioned at
  http://e-docs.bea.com/wls/docs81/ConsoleHelp/jta.html#1106135. This link has
  been provided in the EJB Control Workshop documentation.
  Regards,
  Anurag
  "Andre Shergin" <[email protected]> wrote in message
  news:[email protected]...
  Raj,
  I tried that before, it didn't help. I got similar error message:
  <error>
  <faultcode>JWSError</faultcode>
  <faultstring>Error during JNDI lookup from
  jndi:t3://secuser1:[email protected]:7131/AccountDelegatorEJB[Lookup
  failed for
  name:t3://secuser1:[email protected]:7131/AccountDelegatorEJB]</faultstr
  ing>
  <detail>
  <jwErrorDetail> weblogic.jws.control.ControlException: Error during JNDI
  lookup from
  jndi:t3://secuser1:[email protected]:7131/AccountDelegatorEJB[Lookup
  failed for
  name:t3://secuser1:[email protected]:7131/AccountDelegatorEJB] at
  weblogic.knex.control.EJBControlImpl.acquireResources(EJBControlImpl.java:27
  8) at
  weblogic.knex.context.JwsInternalContext.acquireResources(JwsInternalContext
  .java:220) at
  weblogic.knex.control.ControlHandler.invoke(ControlHandler.java:260) at
  ibas.AccountControl.getTransactionHistory(AccountControl.ctrl) at
  ibas.GetSecure.retrieveVisaHistoryTxn(GetSecure.jws:64) </jwErrorDetail>
  </detail>
  </error>
  Anything else should I try?
  P.S. AccountDelegatorEJB, the remote EJB my Web Service calls is NOTaccess
  restricted.
  I hope there is a solution.
  Thanks,
  Andre
  "Raj Alagumalai" <[email protected]> wrote in message
  news:[email protected]...
  Andre,
  Can you try using the following url with username and password
  jndi://username:password@host:7001/my.resource.jndi.object ?
  once you add webapp level security, the authenticated is the user who
  invokes the EJB.
  http://e-docs.bea.com/workshop/docs81/doc/en/workshop/guide/controls/ejb/con
  CreatingANewEJBControl.html?skipReload=true
  has more info on using remote EJB's.
  Hope this helps.
  Thanks
  Raj Alagumalai
  WebLogic Workshop Support
  "Alla Resnik" <[email protected]> wrote in message
  news:[email protected]...
  Hello everyone,
  I developed a Web Service prototype accessing remote EJB using the EJB
  control with special syntax in the jndi-name attribute: @jws:ejb
  home-jndi-name="t3://10.10.245.70:7131/AccountDelegatorEJB"
  Everything works fine, but I get an error when I restrict access to my
  web
  service with a declarative security model by implementing steps
  provided
  in
  help doc:
  - Define the web resource you wish to protect
  - Define which security role is required to access the web resource
  - Define which users are granted the required security role
  - Configure WebLogic Server security for my web service(Compatibility
  Security/Users)
  I launch the service by entering the address in a web browser. Whenprompted
  to accept the digital certificate, click Yes, when prompted for
  network
  authentication information, enter username and password, navigate tothe
  Test Form tab of Test View, invoke the method by clicking the buttonand
  I
  get the following exception:
  <error>
  <faultcode>JWSError</faultcode>
  <faultstring>Error during JNDI lookup from
  jndi:t3://10.10.245.70:7131/AccountDelegatorEJB[Lookup failed for
  name:t3://10.10.245.70:7131/AccountDelegatorEJB]</faultstring>
  <detail>
  <jwErrorDetail> weblogic.jws.control.ControlException: Error during
  JNDI
  lookup from jndi:t3://10.10.245.70:7131/AccountDelegatorEJB[Lookupfailed
  for name:t3://10.10.245.70:7131/AccountDelegatorEJB] at
  weblogic.knex.control.EJBControlImpl.acquireResources(EJBControlImpl.java:27
  8) at
  weblogic.knex.context.JwsInternalContext.acquireResources(JwsInternalContext
  .java:220) at
  weblogic.knex.control.ControlHandler.invoke(ControlHandler.java:260)at
  ibas.AccountControl.getTransactionHistory(AccountControl.ctrl) at
  ibas.GetSecure.retrieveVisaHistoryTxn(GetSecure.jws:64)</jwErrorDetail>
  </detail>
  </error>
  I have a simple Hello method as well in my WebService (which is also
  restricted) and it works fine, but remote EJB access doesn't. I testedmy
  prototype on Weblogic 7.2 and 8.1 platforms - same result.
  Is that a bug or I am missing some additional configuration in order
  to
  get
  that working. Has anyone seen similar behavior? Is there a knownresolution?
  Or a suggested way to work around the problem?
  Thank you.
  Andre

• Security and access levels

  I have created 4 users access levels, however, when I try to implement, when I keep inheritence, default security keeps coming up,   e.g. try changing everyone to my new access level and I get the new access level, but I also get view (inherited) - how can I "clean out" the old security settings??

  Sorry for the delay!
  OK, here's our situation - it's pretty straight forward;
  1500 users
  1500 (all) users in Everyone
  Of the 1500 users in Everyone;
  1200 in subgroup A
  200 in subgroup B
  90 in subgroup C
  10 users in Administrators
  4 universes
  1 connection
  Goal:
  Everyone and subgroups, same as admin, exception: can't delete or save to "corp" doc's.  My thought is to use same access level, then use the advanced configuration on the folders to prevent everyone from deleting any "corp docs"
  I have applied this access level to everyone and admin at;
  application > infoview, webi. cmc, deski, discussions, search
  universes > all 4
  connections > the 1
  folders > root folder,  level 1, denied access to everyone accordingly on level 2
  I have also added this access level to the top level security for users and groups
  Issues; 
  1. When I check the access level for everyone on folders, level 1 and below, I get the custom access level as inherited, but also view aslo as inherited.
  2. The users added to the admin group do not have same rights as the "administrator - for example, administrator can delete objects in the folders, but other users (within admin group) can not?  if I manually add the users to the folders, I can get this to work,  but doesn;t make sense, why would a user within a group have different rights, than any other user within the same group, with the same rights???
  Hope this helps!
  Edited by: Michael Bujarski on Jun 5, 2009 3:56 PM

• Multiple Access Level Management

  Let's say there are 8 pages on a web site. Each of the pages
  until now has had a different access level defined in the database.
  A user logs in, and access levels are checked via the predefined
  levels on the pages he is attempting to view. Now users begin to
  require access to different combinations of the 8 pages. So user A
  might require page 1, 3, 5, 7 user B 1, 2, 3, 4 and user C wants 2,
  4, 6, 8.
  Is there a way to tell coldfusion to examine a string in the
  access level field in which case a 1 means grant access and a 0
  means no access? In other words, a string of 11001000 would grant
  access to page 1,2 and 5 while a string of 00011100 would grant
  access to 4, 5 and 6.
  It seems as though this should be relatively easy, but after
  searching the documentation, I cannot find any solution.

  It would be easier to store individual database records
  resembling
  user_id has_access_to
  1 1
  1 3
  1 5
  etc

• Access Levels to change Universe

  Hi
  I have created a WebI template (with formated layout) based on a kind of 'dummy universe'.
  The goal is that some 'power users' should be able to copy this template to their favorites and then change the universe to one they are allowed to use.
  These 'ad hoc ' universes are accessible when you create a new webi report but when you want to change it to one of the other adhoc univereses then they are not viewable.
  The current access levels let the power users choose an universe to work with. So that's OK.
  But rights in the Access levels should be set on the universe (sub) folder where these adhoc Univ's are stored?
  I assigned already these rights to the universe folder:
  System - Connection   => Data Access   
  System  - Connection   => Use connection for Stored Procedures   
  System  - Connection   => View objects   
  System  - Universe       =>  Create and Edit Queries Based on Universe   
  System  - Universe       =>  Data Access   
  System  - Universe       => View objects
  We're working with BOE XI R3.1 sp 3 fixpack 5
  Thx in advance for your answers
  JP - BO Admin

  Hi Jean-Pierre,
  The only thing that comes to mind is the possibility that the universes are in a different domain, meaning different repository, etc. Do you all log into the exact same CMS/Infoview server?
  If that is not the issue, then try creating a new user with the same access rights as yours, the one that can access the other universes, and see how that works, then change theirs to match, and then restrict them as necessary.
  Hope that helps.

• TFS - Access Level - page not found when trying to add user

  When I'm trying to modify some group under Limited Access Level I cannot do that because of the following error:
  Page not found.
  wrapErrorCallback/</<@server/tfs/_static/tfs/12/_scripts/TFS/debug/Presentation/Scripts/TFS/TFS.Core.Ajax.js:175:37
  endRequest@server/tfs/_static/tfs/12/_scripts/TFS/debug/Presentation/Scripts/TFS/TFS.Core.Ajax.js:114:17
  wrapErrorCallback/<@server/tfs/_static/tfs/12/_scripts/TFS/debug/Presentation/Scripts/TFS/TFS.Core.Ajax.js:141:1
  jQuery.Callbacks/fire@server/tfs/_static/3rdParty/_scripts/jquery-1.8.3.js:984:10
  jQuery.Callbacks/self.fireWith@server/tfs/_static/3rdParty/_scripts/jquery-1.8.3.js:1094:7
  done@server/tfs/_static/3rdParty/_scripts/jquery-1.8.3.js:7815:1
  .send/callback@server/tfs/_static/3rdParty/_scripts/jquery-1.8.3.js:8528:8
  Any ideas why it happens?
  Environment: Windows Server 2012 with latest updates, TFS 2013.4, user which is used for TFS is a member of local administrators group.

  Hi Rybak,  
  Thanks for your reply.
  Try to clean the Cache for TFS 2013 manually(delete the content of the folder only, not the cache folder itself):
  Clean the Cache folder on Server machine. The folder path is:
  C:\Program Files\Microsoft Team Foundation Server 12.0\Application Tier\Web Services\_tfs_data.  
  After cleaned, on Server machine, click Start and select
  Run… to open the dialog box, then input iisreset.exe and click OK, wait it run completely.
  If clean Cache cannot resolve this issue, please try to repair your TFS 2013 Update 4 Server, then check the result.
  Additionally, you can run TFS 2013 Power Tools BPA to scan the installation of your TFS Server.
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Access from WebI/ Universe to SAP Query with user who has analysis authenti

  Hello together,
  I try to run and build a WebI report which is build on a universe based on SAP BW query. The user has restricted access to the data provider on which the SAP query is build. This restriction is based on analysis authentification (SAP BI 7.0) if I start the SAP query in BW the user has only restricted access to the data in the data provider (on which the SAP query is build). If I start the WebI report the user has full access to the data. I checked the authentification and in my opinion there is no other authentification in SAP BW which extends the restrictions.
  Has anyone an idea why the authentification doesn't work?
  Greetings Janine

  Hey here,
  I m creaing my universe on top of Infocube or multiprovider.
  >> The recommendation path is to use BW queries with the necessary Authorization Variables leveraging your BI Authorizations.
  For eg:
  I have 2 users, User1 and User2.
  Now if I want User1 should see data for CostCentre = UK,India.
  User2 should see data for CostCentre = US, UK,India
  >> This is part of BI Authorizations in BW.
  Here are my queries:
  1) Will User1 and User2 be able to see the data level access in Webi Report based on the their Login?
  >> assuming you follow the 2 steps mentioned above (Query and authorization variables) - yes
  If Data level access cannot be achieved in Webi via universe created on top of Infocube/Multiprovider then what is the approach to do so?
  >> Data level security is part of your BI authorizations in BW.
  In a nutshell, BO alone can't do that, one has to set up at BI level.
  Hope clarified all your doubts.
  Gracias...!!

• Schedule Access Level as Edit Objects granted

  Hi,
  I am currently working on implementing and testing XI3.1 Security.  While testing, I have noticed that the Schedule Access Level has General --> Edit Objects as explicitly granted and this should not be the case.  Has anyone come across this before?
  Thanks
  NT

  Srinivas Ganapathi wrote:
  As the earlier poster mentioned, the only relevant right name I see is 'Edit objects that the user own'. Is this the right you mean?This right is explicitly granted. We're however on SP1 (so there's no LCM).
  >
  > Best,
  >
  > Srinivas
  No, its definetely General --> Edit Objects that is Explicitly Granted.

• How do I access the web utility with model cisco sf302-08p ?

  Hi,i have a problem with the model Cisco SB SF302-08PP Switch , i connect a cable rj45 to my pc and configure the adapter local area connection (ip address:192.168.1.252), the LEDs blink green, and go to the address bar and get the IP by default, which according to the manual is 192.168.1.254 and the result is: page not found. Is there any way to change the web utility? How do I access the web utility?

  restore  the switch by holding more than 30 seconds and try accessing with ip 192.168.1.254. username and password is "cisco". before change your base ip to 192.168.1.2-253.try to ping and check the connectivity

• Can't Edit Data in Access 2013 Web App

  I have an Office 365 P1 account that I have been using to create apps in Access 2010. I tried Access 2013. But when I launch an app, it loads in my Office 365, but editing data is not enabled (the Add and Edit buttons are displayed, but not enabled).
  I have tried creating a new custom web app with one simple table and a view, as well as creating one using a Microsoft pre-built template, and simply creating the app and launching it. In both cases, the app displays, but I cannot add or edit data.
  Is there something with my Office 365 account that is limiting my ability to work with Access 2013 web apps?
  Thank you!

  Hi KrisMarshall7,
  In regarding of the issue, please provide us more information to assist you better.
  What the file format is your Access 2007 file? MDB or ACCDB?
  Where do you want to add the columns? Table, form or query?
  As far as I know,
  the limitation of columns in a table is 250. Thus, I suppose that the database had some hidden columns. Please try to check it. Steps:
  Right-click any field title, then select Unhide Fields. A dialog box will appear. Click the check boxes of any fields you would like to be visible again, then click Close.
  Hope it's helpful.
  Regards,
  George Zhao
  TechNet Community Support
  It's recommended to download and install
  Configuration Analyzer Tool (OffCAT), which is developed by Microsoft Support teams. Once the tool is installed, you can run it at any time to scan for hundreds of known issues in Office
  programs.
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• How to access .asmx Web Service using JAVA? Newbie

  Hello Experts,
  Currently, I have a project where in I have to access a ,NET web service. It is made of C#. I just want to ask how will I start the accessing process? I made this simple equation on how my project is.
  Java Project + C#.Net Web Service = Integration
  1. Do i need to create a Web Service too for the Java Project? If yes, What are the necessary tools needed for the creation of this Java Web Service?
  2. The .NET Web Service is available online. (It is made by other people).
  3. Based on the equation, what is the equivalent technology for the + sign?
  4. Can you site a concrete example for accessing a web service?
  5. I'm new here. Totally I have no idea where to start.
  6. Thank you experts.
  Edited by: Benedict.Aluan on 05 30, 08 1:38 PM
  Edited by: Benedict.Aluan on 05 30, 08 1:39 PM

  Hello
  Thanks a lot for your help ...
  I am developing simple J2EE based web service client using IBM WSAD 5.1. I have used the following code to call .asmx web service in Java
  String url = "http://www.w3schools.com/webservices/tempconvert.asmx?wsdl";
       String namespace = "http://tempuri.org/";
       name = request.getParameter("txtName");
       try
            System.out.println("In Internet Service");
            ServiceFactory factory = ServiceFactory.newInstance();
            Service serv = factory.createService(new URL(url),new QName(namespace,"TempConvert"));
            System.out.println("Got Service......");
            Call obj = (Call)serv.createCall();
            System.out.println("Got Call......");
            obj.setProperty(Call.ENCODINGSTYLE_URI_PROPERTY,"");
            obj.setProperty(Call.OPERATION_STYLE_PROPERTY,"wrapped");
            obj.setTargetEndpointAddress(url);
            obj.setPortTypeName(new QName(namespace,"TempConvertSoap"));
            obj.setOperationName(new QName(namespace,"FahrenheitToCelsius"));
            obj.addParameter("param1",XMLType.XSD_STRING,String.class,ParameterMode.IN);
            obj.setReturnType(XMLType.XSD_STRING);
            System.out.println("Parameters Set.....");
            Object[] params = new Object[]{name};
            k = (String)obj.invoke(params);
            System.out.println("Result: "+k);
       catch(Exception e)
          System.out.println("Exception is : "+e);
      }But this code is throwing exception that
  Invalid Address "http://www.w3schools.com/webservices/tempconvert.asmx?wsdl"I have also tried this URL with Java Proxy. But it showing the same error.
  Plz can u tell me how to access .asmx web service ?
  Waiting 4 reply.