ACL failure with RDBMSRealm removed user session

Similar Messages

• Help with Stock Removal User Exit

  Hello All
  To control the storage bin selection, I am using the user exit MWMTO004.  When I use the transaction LT03 to create a transfer order the system selects the storage bin selected by me.  However, when I create a transfer order through L_TO_CREATE_INT it doesnt select the storage bin chosen by me.  After debugging the code in LT03, I found out that SAP locks the bin with lock object ELLQUAX and ELLQUAY and thus prevents it from re-selecting the same bin.  Is there a way in the user exit, through which I can prevent selecting the same bin.  I would be thankful for your inputs in this regard.
  Thanks in Advance.

  Oh God, such a relief I solved it.  SAP provides a FM, L_TO_CREATE_GET_INFO, which updates the quantity that has already been picked.  The following is what I am doing to select a bin in the user exit:
  1) Clear the internal table sent to the user exit (t_qmat).
  2) Call the FM L_TO_CREATE_GET_INFO to check the quantity left in each bin.
  3) Select a bin and insert that bin as the first record of the internal table.
  Thanks
  Sunil Achyut

• License vanishes with the removed user

  Hi folks,
  I have a typical problem.
  I created 10 users.
  Then I allotted all 10 licenses I had to all the 10 users.
  No one did any transaction.
  Due to some reason I deleted the 10th user and created 11th user.
  But the 10th license allocated to the 10th user vanished along with the user.
  Now I have 10 users visible in the Licence Administration window but only 9 allocated with licenses to them.
  Kindly advice.
  Take Care,
  Jimmy

  Hi Jimmy,
  You may check this thread:
  Delete License assignments - Deleted DB
  Thanks,
  Gordon

• New user session from an existing logged in user browser window

  Hi,
  I have a requirement that says, a new browser window should be popped up with a new user session from the current "logged in user" browser window when he clicks a button event.
  What I have with me is the "UserID" of that new user. Is it possible in portal?
  Let me know.
  Thanks,
  Megha.

  Megha,
  I know that you can manually click CTL-N to open a new browser window and the user is still authenticated. 
  So I would think that you could code a similar function into the button event.
  Hope it helps.
  Regards,
  Keith

• Deleted/Removed Users

  Hi Experts
  Hi,
  I tried to create the a user on SAP, the system throws that he already exists, it turns out the user was removed from SBO some time ago. When I run a query on OUSR sure enough the user is there, the only difference is they fall under a table called Group 99. On the normal user window the user is not available.
  How can I restore this user or recreate them in the system?
  Regards,
  Lebo

  Check with the following SAP Notes which deals with Deleted/ Removed Users
  869326     Cannot add user code even if previously deleted     
  [https://websmp130.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/spn/smb_searchnotes/display.htm?note_langu=E&note_numm=869326]
  827232     Recreation of deleted users     
  [https://websmp130.sap-ag.de/saphttps://websmp130.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/spn/smb_searchnotes/display.htm?note_langu=E&note_numm=827232]

• Long delay for ManagedEventWatcher __InstanceCreationEvent query as number of user sessions increases

  We have a Windows service that monitors for process start events and sends notifications to client applications.
  We have discovered that the delay between when a process starts and when our EventArrivedEventHandler is called gets excessively long when the number of user sessions on the Windows server gets to about 80.
  The delay gets worse as the number of user sessions gets higher.
  The delays are not consistent. Even with 100 sessions some observed delays are short but most are too long and the maximum observed delay grows with the number of sessions.
  Here is one example of the delay we are seeing.
  A client application wrote its first log record to its log file at 11:05:34.076. Our EventArrivedEventHandler did not get notified of the process start event for the client application until 18 seconds later (at 11:05:52.188 ).
  We need the delay to be less than 5 seconds to be tolerable and would like the delay to be less than 3 seconds if possible.
  Is there something we can do to reduce the delay? Below are the details of our use of WMI.
  We are using an instance of class WqlEventQuery to represent a WMI event query in WQL format.
  We are constructing an instance of ManagementEventWatcher to consume events asynchronously.
  Below is how we are instantiating and running the query. Variable m_PollingIntervalInMilliseconds is set to 1000 by default.
                  WqlEventQuery query = new WqlEventQuery("__InstanceCreationEvent", new TimeSpan(0, 0, 0, 0, m_PollingIntervalInMilliseconds), "TargetInstance isa \"Win32_Process\"");
                  m_ManagementEventWatcher = new ManagementEventWatcher(query);
                  m_ManagementEventWatcher.EventArrived += new EventArrivedEventHandler(managementEventWatcher_EventArrived);
                  m_ManagementEventWatcher.Start();
  Our Windows service is not the only user of WMI services on the server. I do not know if there is contention with other users of WMI services or if there is something about the way we are consuming WMI services that is inefficient.

  Hello RossAtWFMC,
  It seems that the services are working with a complex environment, and currently, we do not have such an environment which could reproduce this issue you described. Anyway, I would like to share whatever I found and some suggestions about this issue:
  >> called gets excessively long when the number of user sessions on the Windows server gets to about 80.
   The delay gets worse as the number of user sessions gets higher.
  This seems to show that the issue is related with the number of user sessions, it may be that when with lots of user sessions, there are something additional delay the event to be fired. As you mentions, there are other services on that server machine, if
  possible, you could make a test to run your WIM service only to see if it is still delayed.
  >> Is there something we can do to reduce the delay?
  I suggest that you could check this blog below which provide a way to debug with the .NET course code:
  http://blogs.msdn.com/b/dotnet/archive/2014/02/24/a-new-look-for-net-reference-source.aspx
  So that you could know which method inside costs most time.
  From your provided code, it is not very clear if you use multi threads in your service, if not and your event handler is short, you could have a try with it, and there is a discussion about this topic:
  https://social.msdn.microsoft.com/Forums/en-US/13f30e33-7f61-498e-a91a-ef982a63453c/event-handling-in-multithreaded-apps?forum=netfxbcl
  Regards.
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• I have purchased a from within an app. I submit my password for the app, and then my Apple ID.  I then get the following messages "Regrant failure _ please log in with the same user that has bought this app"  and that is followed  by "cant conn with IT _

  I have purchased an item from within the app PocketBible on my iPad.  However when I try to download it I am asked for my app User Name and Password and then my Apple ID and password.  I give both of these.  I then get a message which says Regrant failure - Please log in with the same user that has bought the app.  That is then followed by  Pocket Bible Alert - cannot connect to iTunes Store.
  Anybody got any ideas, both what the 1st alert means and how I get round the problem please.

  I had the same problem. My wife had the PocketBible on her Ipad 2 and she transferred ownership to me. I had to delete the app and reinstall it from the App store(logged in with my apple ID) and its working without a problem. I do not get those error messages when I attempt to Buy/Upgrade or Add/Remove books.

• Flex connect with a per user ACL with APs locally switched

  Hi all,
  Does flex connect allow a per user ACL to be downloaded to the session with local switched, central authentication? We are using ISE for the central policy engine and have setup dACL for wired but am about to embark on WLAN. The controller is a 5508 and the. APs are 3700's.
  Second question- if the flex connect APs don't do any form of per user ACL, the other option is to have the units in regular mode where they are both centrally switched and centrally authenticated which I understand to support a per user ACL. Our WAN links are between 10mbps - 30mbps and the most latency would be around 40ms. Will this cause issues at all with the size WAN links and latency?
  Thanks
  Sent from Cisco Technical Support iPad App

  Well you are running v7.6 so FlexConnect per user radius ACL's are supported per this doc since v7.5.
  http://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/112042-technote-product-00.html#anc9
  As far as WAN latency, 200ms is good, but it depends in your WAN utilization now and how many AP's you plan on installing and the increase in wireless traffic across your WAN. There is a minimum requirement, but it's up to you in the end to make sure you have enough bandwidth or else you will need to QoS the capwap traffic to ensure the APs don't bounce from connected to stand alone.
  Sent from Cisco Technical Support iPhone App

• Lil' help with systemd user session units

  I'm using systemd 207. i would like to change my desktop-session on the fly. in this suituation form razor to openbox. these are my configs located in ~/.config/systemd/user/
  razor.config
  [Unit]
  Description=Razor Qt Desktop
  Before=mystuff.target
  After=xorg.target
  After=environment.target
  Requires=dbus.socket
  [Service]
  ExecStart=/usr/bin/startrazor
  #Restart=on-failure
  Environment=DISPLAY=:0
  KillMode=process
  [Install]
  WantedBy=de.target
  de.target
  [Unit]
  Description=Desktop Enviroments
  Wants=xorg.target
  Wants=mystuff.target
  Requires=dbus.socket
  AllowIsolate=true
  [Install]
  Alias=default.target
  openbox.service
  [Unit]
  Description=The Openbox Window Manager
  After=xorg.target
  Requires=dbus.socket
  [Service]
  ExecStart=/usr/bin/openbox
  Restart=on-failure
  [Install]
  WantedBy=openbox.target
  openbox.target
  [Unit]
  Description=Openbox
  Wants=xorg.target
  Wants=mystuff.target
  Requires=dbus.socket
  AllowIsolate=true
  mystuff.target
  [Unit]
  Description=Xinitrc Stuff
  After=environment.target
  Wants=razor.target
  Wants=environment.target
  [Install]
  Alias=default.target
  now...
  systemctl --user isolate razor.target
  ...doesen't close razor-qt desktop to make place for a new wm session
  what shall we do whith the system units....
  what shall we do whith the system units....
  what shall we do whith the system units....
  early in the morning
  Last edited by kriz (2013-09-25 12:25:43)

  I have this problem too.  I had not seen this thread you linked to above before... but in my one reboot test (which shoud be taken with a bucket of salt since my machine sometimes shuts down okay) it worked great.  It would seem that 65kid's workaround is effective.  I'm going to reboot again to see if this is consistent. I'll udpate if it hangs.
  Edit: So it didn't hang, but it looked like it was going to.  Often the session will seem to start to exit, but the root window will remain (the background).  It did just this, and then after a second, continued to the printing of the shutdown messages.  Success!
  Edit2: I guess I should note the actual fix so that others don't have to follow that link.  As putting the workaround in more than one place is probably optimal.  So you need to add "TimeoutStopSec=2" to the [Service] section of the [email protected].  This can be done either by the .include function of unit files, or by the drop-in replacement functionality via /etc/systemd/system/user-session@<youruser>.d/<added-config>.conf.  I would imagine that you could play around with the value of the timeout.  Systemd's time capabilities are pretty extensive, so I imagine that you could actually configure it down to the ms here.
  Last edited by WonderWoofy (2013-06-04 23:17:41)

• Can we give UNIQUE ACCESS FOR THE SPECIFIC FILE IN THE LIBRARY in SP2013? How can we remove users from SHARED WITH link where files are shared with users?

  Hi,
  Any help on this?
  Thanks
  srabon

  Hi srabon,
  For giving unique access for a specific file in a library, you can go to the library, and select the file , and click FILES->Shared With->ADVANCED, under PERMISSION ribbon, click ‘Stop Inheriting Permissions’, then the file will have unique permissions.
  For removing the shared users for a file, firstly, like the above steps, select the file , and click FILES->Shared With->ADVANCED , make sure the file has unique access, then select the users that you want to remove, and click Remove User Persmissions
  under PERMISSIONS ribbon.
  I hope this helps.
  Thanks,
  Wendy
  Wendy Li
  TechNet Community Support

• Problem with transfered user sessions from a 10.4 system

  On my new MacBook pro with ML, I tranfered the user sessions of my previous mac (power book G4 working with OS 10.4).
  With these "old" users accounts,  part of the trackpad features (like scroling up and down with 2 fingers) does not work, whereas it is working with new users.
  Any idea on how to solve this?
  Thanks in advance

  That was a good idea, I tried to delete the com.apple.finder.plist and the com.apple.systempreferences.plist but that did not work.
  Eventually to solve the problem, I transferred all the files I needed to a session created with the new system. I'm waiting a week or two just to see if I have not forgotten something important and then I will delete the "old session".
  Thanks anyway for your help.

• Can't create a new user session with KDE

  Hi,
  when I select "Switch user" in KDE, and try to start a new user session, I get dropped to a lockscreen of the currently logged-in user. I first thought this was a KDM issue, but this still persists with SDDM. I'd post any relevant logs, but I'm not even sure where to look for the source of the problem now.
  Thanks in advance!

  I have the exact same problem.
  Using:
  kde-meta-*   14.12.1

• Implementing max user sessions settings for TACACS with ACS 5.3

  I'm a little confused about the configuration of max user sessions for device administration with TACACS.
  When I've changed the configutration of unlimited sessions for a value in Access Policies > Max User Session Policy > Max Session User Settings
  I think this value could limit the maximum number of sessions for each user, but instead this value limit in a global meaning all of my sessions.
  For example: I need to limit the session for my users in 2.
  user1 = Max 2 sessions
  user2 = Max 2 sessions
  user3 = Max 2 sessions
  Whe i Put the value of 2 in Max Session User Settings
  user1 + user2 + user3 = Max 2 sessions
  This is a limitation of ACS 5.3 or my configuration needs something aditional.

  Luis,
  Are you saying that when you authenticate with user1 and user 2 that user3 isnt able to get access?
  Do you have tacacs accounting enabled on the network access device?
  Also what do you have configured for the group settings? If there is a maximum group setting and all the users are a member of the same group then the lesser of the two will be enforced. So if the group max sessions is set to 1 then the all users in that group will have a max session of 1.
  Here is some reference material.
  http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/user/guide/access_policies.html#wp1162177
  Thanks,
  Tarik Admani

• Java API Failed to authenticate the user session with LDAP

  I have created a Java class that uses the MDM Java Api's it works fine on our Development environment where the MDM server uses its own built in authentication, but when I moved it to our QA environment where MDM use LDAP for authentication its failed with a  'Failed to authenticate the user session'.  Has anyone seen this before?

  hi Dan,
  The java class which u have created that suppose to works fine on MDM server because to execute that program there are no requirement of such protocols, the problem u will face while exporting those program to an client machine
  LDAP(Lightweight Directory Access protocol) connector communicates with the SAP system using RFC and with the directory server using these standard communication protocol.
  so try to select the protocol such that it should help in making connection between the server,direcotryserver and the client machine through which u can execute u r java class using java Api's.
  i hope this will give u an idea to through ur problem.
  regards,
  swapnil

• How to Remove User from Built in Administrators group With Group Policy Enabled

  Hi,
  I want to remove user from Administrator group which is in restricted group. So I cannot remove him through Active Directory what is the way to remove user from Administrator restricted group.
  Thanks
  Jibran Ishtiaq

  > Disable Group policy
  "Edit", not "Disable"
  > Under Domain click Delegation and went to the restricted group account.
  > Remove User from group.
  Why "Delegation"? Simply edit the GP object where the "Restricted
  Groups" setting is in place...
  > Also we have two DNS but one from where I remove account is the primary.
  How is DNS related to group policy?
  Martin
  Mal ein
  GUTES Buch über GPOs lesen?
  NO THEY ARE NOT EVIL, if you know what you are doing:
  Good or bad GPOs?
  And if IT bothers me - coke bottle design refreshment :))