ACE: Read users under a particular User Group

Similar Messages

• Create User under a particular organization

  Hi,
  After running reconciliation i need to create the UNMATCHED users in IDM under a particular organization.
  I have configured the reconciliation policy to create the user in IDM.
  By default it is creating the user under Top organization. But i need to create it under a particular
  organizantion without using a custom post reconciliation workflow.
  Can anyone of you experts suggest?
  Edited by: jjIDM on Feb 4, 2009 11:15 PM

  Hi,
  You have to set proxy administrator in Reconcillation Policy and assign a form to that proxy admin.
  u have to write this code in that form which you have assigned to proxy admin.
  <Field name='waveset.backgroundSave'>
  <Display class='Hidden'/>
  </Field>
  <Field name='waveset.organization'>          
       <Expansion>
       <block trace='true' name='kkkkkkkkkk'>
       <s>Organization Name</s>
       </block>
       </Expansion>
  </Field>
  Then run your reconcillation Process from the Proxy Admin.
  Edited by: negiqueries on Feb 5, 2009 7:49 AM

• How to find out the cost of SAP user for a particular user id

  Dear All,
  I got one issue like how to find out the cost of SAP user, i mean for a particular user id.
  Could you please advice me regarding this.
  Raghu

  Hello Raghu,
  I got one issue like how to find out the cost of SAP user, i mean for a particular user id.
  Could you please advice me regarding this.
  I think you need to reach out to BASIS consultant to check out the Cost involved for User ID for the SAP application.
  Regards,
  Sarthak

• Making a transaction read-only for a particular user status

  Hello,
          I have a requirement wherein I need to make an opportunity read-only if it is saved with the user status set to 'Lost'. I tried setting the 'Forbidden' flag for 'Change Document' for this status but the problem is that the transaction gets locked even before saving it.
  I have a 'Reason' field where I have dropdown values for the 'Lost' status. But when I try to select a reason, error message appears as: 'no changes possible in document'.
  Is it possible via configuration to have the transaction locked only after it is saved with user status 'Lost' and not immediately on setting the status?
  Regards,
  Aditya Mishra

  2 ways to achieve it...
  1. the document editing can be controlled based on its status i.e. standard auth objects exist to control so that user is not able to make changes with this status.
  2. implement BADI CRM_ORDER_AUTH_CHECK
      put your logic to check the document status and accordingly reutrn FALSE if you do not want user to open it in edit mode.
  hope this helps.
  rgds

• How to get list of Users under an Auth Group (for executable Programs)?

  Hi experts.  I have a requirement to get a list of all users under a particular Auth Group for Program Objects.
  Goal of this requirement is to identify the users allowed to use/access a program - we're doing some sort of Program Inventory and we'd like to identify the users per program, via the Auth Group. 
  So question is:  Which tables hold data about Program <-> Auth Group <-> Users, and how are they linked?
  I know this is Basis/Security stuff, but I was thinking of developing a report program to output the information needed.
  Thanks in advance.
  Edited by: George Esquerra on Nov 17, 2011 10:24 AM

  This is available in the standard via tx SUIM - user - users by complex selection criteria - by authorization values.
  If you enter auth object = S_PROGRAM and value = auth group, you will get the list of users.
  You can analyse how this program finds the information and incorporate it into your own logic.
  Thomas

• How to get all users under an organizations?

  Hello everyone.
  Just want to know if anyone knows how to get all users under a particular organization.
  From the Search User form, I found they may kind of user such attribute conditions:
  MemberObjectGroup
  is in
  XXXX(organization)
  But unfortunately, the "is in" is not a valid AttributeConditionOperator, so besides using "recursive" self-written function, anyone knows any possible buit-in trick?

  Here is my solution:
  <Rule'>
      <RuleArgument name='organization'/>
      <RuleArgument name='context'/>
      <block>
          <defvar name='orgs'>
              <new class='java.util.ArrayList'/>
          </defvar>
          <invoke name='getChildObjectGroupNames'>
              <invoke name='getObject' class='com.waveset.ui.FormUtil'>
                  <ref>context</ref>
                  <s>ObjectGroup</s>
                  <ref>organization</ref>
              </invoke>
              <ref>orgs</ref>
          </invoke>
          <append name='orgs'>
              <ref>organization</ref>
          </append>
          <invoke name='getUsers' class='com.waveset.ui.FormUtil'>
              <ref>context</ref>
              <map>
                  <s>conditions</s>
                  <list>
                      <new class='com.waveset.object.AttributeCondition'>
                          <s>MemberObjectGroups</s>
                          <s>in</s>
                          <ref>orgs</ref>
                      </new>
                  </list>
              </map>
          </invoke>
      </block>
      <MemberObjectGroups>
          <ObjectRef type='ObjectGroup' id='#ID#Top' name='Top'/>
      </MemberObjectGroups>
  </Rule>

• Create users under Administration Server Create user and Refresh users options are disabled

  We have installed and configured 11.1.2.2 successfully, Essbase in standalone mode.
  When we try to create users under Administration Server Create user and Refresh users options are disabled. Please let me know how to create EAS users?
  Thanks,
  Satheesh.

  Please find below response.
  1.You can create users from EAS console using maxl, if you have not externalized the users .
  When we create using Maxl it will create for 'ESSBASE Servers' users but we want to create additional administrator users under 'Administrator Services' --> 'Users'. At the moment default 'Admin' users is created under 'Administrator Services' --> 'Users'.
  2.  you have installed your essbase in a stand -alone mode  , then the option of creating users will be enabled and you can give appropriate provision to applications.
  Yes. But the create users is disable for Admin.
  3. Through which url are you accessing EAS console is it http://Servername:19000/workspace/index.jsp ?
  http://prod-server:10080/easconsole/console.html
  Please suggest.

• UI elements not being displayed for a particular user

  Hi,
  I designed two i/p fields and text view for the same in a view. All are static UI elements and no visibility property is set.
  This view is displayed as a popup when i press the button in the main view.
  This is working fine for all the users in production except for one user.
  This particular user is able to see only one input field and the corresponding text view.The other i/p element is missed here.
  The whole component is displayed in a portal as a tab with other components in the adjacent tabs.
  Please help me out to resolve this issue.
  Is this problem is related to webdynpro abap? or
  Is this a portal issue?
  Regards,
  Bala.

  Hi balamurugan ,
  may be check the user setting for the User id .
  right click on the view click user setting . and check whether he hide that button .
  look at the pic.
  http://i46.tinypic.com/x3cyf9.jpg
  If any UI element is made invisible it will show the option invisible elements .
  you can restore it .
  http://i46.tinypic.com/2vjpraf.jpg
  Regards
  Chinnaiya P
  Edited by: chinnaiya pandiyan on May 28, 2010 4:59 PM

• Group name in which a particular user is member

  Hi all,
  I would like to be able to get the group name in which a particular user is a member.
  I have created 2 groups: CHEFS and EMPLOYEES.
  The Chefs are members of both groups. The "normal" Employee is the member only of EMPLOYEE group.
  I have the navigation plsql portlet. And I would like to enable any links of this portlet only for chefs. At default these are disabled.
  Now I make it with the function get_user_group:
  =========================================
  create or replace function get_user_group
  v_username IN VARCHAR2,
  v_groupname IN VARCHAR2
  return boolean
  as
  var_groupname varchar2(50);
  begin
  select upper(name)
  into var_groupname
  from portal.wwsec_group
  where id in (select group_id from portal.wwsec_flat
  where person_id in (select id from portal.wwsec_person
  where user_name=upper(v_username)))
  and name=v_groupname;
  return true;
  exception
  when no_data_found then
  return false;
  end;
  =====================================
  But the user needs DBA privileges to select on the tables of PORTAL-User.
  I don't want to give this privileges to user.
  Is there any other way to get the usergroup?
  Regards
  Leonid Pavlov

  There are portal API's that look like they would do exactly what you are asking for. Take a look at the wwsec_api functions, specifically, is_user_in_direct_group or is_user_in_group in http://portalstudio.oracle.com/pls/ops/docs/FOLDER/COMMUNITY/PDK/PLSQL/DOC/PLDOC_9026/D:/PDK/pdkjuly/pdk/plsql/doc/pldoc_9026/index.html.
  These API's are specific to 9.0.2.6. You'll have to ask someone who knows other versions if you are running something else.

• Check user belongs to a particular sharepoint group in sharepoint 2013 designer workflow

  Hello, How to validate a user belongs to a particular sharepoint group in sharepoint designer 2013 workflow.

  You can make a REST call from workflow to determine if a user belongs to a group.
  REST API reference and samples
  Calling the SharePoint 2013 Rest
  API from a SharePoint Designer Workflow
  This post is my own opinion and does not necessarily reflect the opinion or view of Slalom.

• Authority Check at the T.Code level for the user in particular User Group

  Hi Friends,
  I have created a ZREPORT and assigned this report to a ZTRANSACTION CODE.
  Need to give Authority Check at the T.Code level for the user in particular User Group.
  I have searched in SCN, but not get suitable pages.
  How to solve this?
  Regards,
  Viji.

  Hi Viji.
  Saha way is actual way for authority tcode but user authority in TCODE:- SE38 he/she can run report(ZREPORT) wise program is run is no authority check.
  Another way is you have also check authority in program level.
  DATA: T_ROLE_USERS TYPE STR_AGRS OCCURS 0 WITH HEADER LINE.
     INITIALIZATION.
    CALL FUNCTION 'ESS_USERS_OF_ROLE_GET'
      EXPORTING
        ROLE       = 'ZROLE''  " Role define
      TABLES
        ROLE_USERS = T_ROLE_USERS.
    READ TABLE T_ROLE_USERS WITH KEY UNAME = SY-UNAME.
     IF SY-SUBRC NE 0.
     RETURN.
     ENDIF.
  Thanks & Regards
  Rahul

• HT4796 I did all of the above and the migration was successful, but I don't know where the files are.  It says they're under a different user, 'owner' .  I tried to access via sys pref/system/users&groups, but it asks for a password for owner which I don'

  Migration Assit , PC to MAC - The migration was successful, but I don't know where the files are.  It says they're under a different user, 'owner' .  I tried to access via sys pref/system/users&groups, but it asks for a password for owner which I don't have.  What must I do to access my files?
  My experience is with MS PC's I'm new with the MAC Book Pro.

  Then, see if this works:
  Mac OS X 10.6 Help- If you forget your administrator password
  If you are running Lion or Mountain Lion you may need to do the following to access the same utility:
  Boot to the Recovery HD:
  Restart the computer and after the chime press and hold down the COMMAND and R keys until the menu screen appears. Alternatively, restart the computer and after the chime press and hold down the OPTION key until the boot manager screen appears. Select the Recovery HD and click on the downward pointing arrow button.
  When the menubar appears select Terminal from the Utilities menu. Enter resetpassword at the prompt and press RETURN. Follow instructions in the dialog window that will appear.
  Or see Reset a Mac OS X 10.7 Lion Password and OS X Lion- Apple ID can be used to reset your user account password.

• LDAP Query for particular user account in local Administrators group on All Enabled Computer Accounts

  Need to query on all enabled computer accounts that have a particular user account present in the local Administrators group.
  Ldap query is best, because not all our machines have SCCM client
  Thanks for any help you can provide. Lisa

  Ya, I have 41800+ computer accounts in my directory. I think that option is not feasible :) Thanks for your reply.
  I can use SCCM to do this too, but only for those that the client is running on and which are online. Thanks again.
  Hope is not all lost; a scripting solution is still possible.  The difference is instead of running a central script to pull info from all computers, you let the computers report back to you with the info.
  If I were you, I'd do the following:
  1) Create a file share and adjust the permissions so that "Domain Computers" have "Modify" Permissions.
  2) Create a script similar to the 2nd link I posted above, with a bit of adjustment:  at the end of the script, write the information to the file share created in (1), and name the file
  ComputerName.txt
  3) Use Group Policy Preference Scheduled Task to deploy the script, and make sure it only runs once.
  4) Happily wait for the results to come back :)
  The main benefit of this approach is you're not restricted by the computer connectivity at the moment you run the script.  This is especially true if you have many mobile computers in your environment.  Just wait for a reasonable time (they all need
  to come back to the mother ship once a while don't they?) and the results will show up in the file share you created.
  Cheers.

• IS IT POSSIBLE TO RESTRICT A PARTICULAR MATERIAL GROUP FOR A USER

  Hi Gurus,
  I want to know whether it is possible to restrict a particular material group for a particular user.
  e.g Material Group : 101
  User : ADMIN
  Our requirement is that the user should not be able to select material group 101 in
  any stock related transactions. e.g MB5B, MB51, etc.
  Thanks
  Amol

  Hi Amol
  You ca try Tcode OMT3E where in u can maintain settings relatesd to Users.
  Regards

• How to make available certain features available to a particular user group in APEX.

  Hi
  I am trying to make available certain features like (updating/viewing some fields) to a particular set of users. Our requirement is to use SSO for signing in. So when a particular user logs in she/he will be allowed to update or view only certain fields depending on the job role or designation.
  E.g If an analyst logs in she/he would not be able to edit certain fields. Those should appear to her/him as read only.
  I would appreciate if a step-by-step guide is provided using APEX since I haven't done any such things earlier.
  Regards
  Saumyadip Sarkar.

  Powershell (or vbscript if you want to be old school).
  You can trigger a powershell script which will remove the offending user(s) easily enough with out resorting to a TOLDAP pass.  Nearly any script type thing would work but powershell is preferred.  It can be triggered separately from the TO AD stuff and will take multiple objects to run in one pass if you can construct the command line (or create a text file and feed it in).
  Otherwise, TOLDAP is the way to write to AD...
  Peter