Adding another Auth-check to ME28

Hello All ,
we are planning to add additional authorization check (M_BEST_EKG )for Tcode me28 .
is it advicable to add additonal check for standard tcode.
if we add are there any consequences ?
Or
we can create customized tcode for me28 then include the checks
please advice which is better way of implementing .
Edited by: Julius Bussche on Feb 6, 2009 6:41 PM
Please use meaningfull subject titles in future

>
Raghu Boddu wrote:
> It is always recommended to create a custom Z transaction code and impart the objects of the standard tcode. My strict advise is to leave ME28 without any modifications and go with a new transaction code.
>
I disagree.  Why do SAP offer user exits, enhancement points etc in standard transactions?  Sometimes a Z transaction is the better option but not always by any means.  If there is a user exit/enhancement point available then looking at that first has a wide range of benefits.
If you copy a transaction into a Z tcode then you are still going to have the same problems when it comes to upgrade etc if you don't perform adequate planning and testing.

Similar Messages

  • Suppress a normal auth check

    I know in most business scenarios this is not normal.  However, please consider this question.
    A developer, at the request of the business partner, wants to create a  custom transaction code like a traditional transaction...say me22n.  It's purpose is to update a standard PO (NB), which the user is not normally authorized to do.   The developer has been asked to only offer 2 fields for update, not all fields.
    So, normally, the user would have me22n, but not have m_best_bsa for updating an NB type of purchase order - but he is allowed to update other types of purchase orders.  However, though this  custom transaction, we would like him to be able to update the standard PO, but only two fields. 
    Because the custom transaction runs the standard program, the normal auth checks are taking place, preventing the person from updating the standard purchase order.  If we grant the access required by the program, we will introduce a problem.  The user already HAS me22n to update other types of purchase orders "legally"...but now we've granted the object they did not have.  Via me22n, they can now update all fields on a standard purchase order (type NB).
    So, do you copy the standard program and make a custom program, and then suppress the auth checks in it?  Therefore, you never have to grant m_best_bsa update to type NB.  And through ME22n, they can't update a standard PO, which is what we want.
    OR, is there another, better way to do this.

    You may want to play around with the SU24 settings for your new transaction.
    See [SAPhelp on Authorization Checks|http://help.sap.com/saphelp_nw04/helpdata/en/52/67129f439b11d1896f0000e8322d00/frameset.htm] for more information.
    Jurjen

  • EHSM: Use Auth Check BAdI to hide Incident

    Hi all,
    I have enhanced the standard Auth Check BAdI BADI_EHHSS_INC_EXT_AUTH_CHECK for EHSM. Works like a charm.  But I just got another requirement and thought maybe someone else has done this before.
    Right now, I have it set up so people with out the correct access can only view incidents.  Is there a way to use the BAdI to completely hide an incident when a user clicks on it?
    Hope this makes sense.
    Cheers,
    Kevin

    Hey all,
    Our requirements ended up changing a bit but ended up putting authorization checks into class methods that control visibility for the sections of EHSM that we wanted to hide.  So, we got the result we were looking for.
    Cheers,
    Kevin

  • No auth checks for custom transactions

    Hi,
    In my SAP system there are many custom trasanactions in which there are no auth checks in their respective programs,
    Is their any way to restrict these transactions based on the organisational levels without doing any changes to the program.
    Can we restrict these transactions by adding a authorization through se93 ?
    If any documents are there on the same issue please share.
    Thanks,
    Sanketh.

    I would take a slightly different approach, as a least worste option.
    > Assuming that there is reluctance/inability to modify the code
    In that case the code is modularized, but the security front-end is lazy.
    What you can do is assign an authorization group to the report type program as well which has the org.value in the P_GROUP field of S_PROGRAM in it, and create a variant for it protected by P_ACTION = VARIANT. The users can submit reports if they are authorizated for the variant action as well, but not directly.
    Then create an myriad of parameter transactions per org level and submit the report via transaction START_REPORT (so, via the varint!) with the variant set for the org. level in the selection screen.
    But this completely defies thze concept of modularizing code and not maintaining redundant code, as well as redundant variants, and redundant menus of roles which could have been modularized as well.
    The only potential "up side" of this is maintaining the SU24 data of the parameter transactions, but who does that?
    Yes, if you maintained SE93 then the system would do it for you (automatic adjustement) but the scalability and flexibility of org. level maintenance in roles and well as the modularization (and maintainability) of code would be toasted.
    Probably developers would not make authority-checks at all anymore, and that would be like going back to the conceptual stone ages.
    Even the Commodore 64 was more modularized than that....
    Cheers,
    Julius

  • [svn:osmf:] 10707: Fixing FM-113 by adding a null check.

    Revision: 10707
    Author:   [email protected]
    Date:     2009-09-29 18:26:03 -0700 (Tue, 29 Sep 2009)
    Log Message:
    Fixing FM-113 by adding a null check.
    Ticket Links:
        http://bugs.adobe.com/jira/browse/FM-113
    Modified Paths:
        osmf/trunk/framework/MediaFramework/org/openvideoplayer/composition/ParallelSeekableTrait .as

    First, if this is your only backup, you must make another full backup to a locally-attached external hard drive. One backup is never enough to be safe, and backing up over a network is less reliable than backing up locally.
    Hold down the option key and select Verify Backups from the Time Machine menu in the menu bar (not the Dock icon.) This operation may take several hours. If the menu-bar icon (a clock that runs backwards) isn't showing, check Show Time Machine in menu bar in the Time Machine preference pane.

  • Added another email account, won't send from it?

    I have a couple email accounts on my phone and all is great. I just added another account from a local internet provider for a small business I have. It will recive mail from there but when I try to send i get "The sender address is invalid" I checked and double checked and all seems to set up correctly???
    The account is with Plantation Cable in Georgia, if that means anything to anybody.

    If the local internet service provider for this email account does not provide an authenticated SMTP server (most ISPs do not provide an authenticated SMTP server), you won't be able to send with the account using the ISP's SMTP server unless you are connected to the internet with your ISP via an available wi-fi network. When connected to the internet via AT&T'a network, you can use AT&T's SMTP server to send messages with the account, which is available on your iPhone to select as the SMTP server for the account. This may or may not work for sending with the account when connected to an available wi-fi network with a different ISP used for internet access.

  • Is it possible Adding another 2 harddrive sas 2.5' hot plug on existing raid 1 ????

    Dear All,
    I have HP ML370 G6 with 2 harddrives sas 2.5' 300GB hotplug on raid 1.
    And it is almost runout space. I have plan to adding another 2 harddrive with same type.
    Is is possible to add another harddrive on raid 1 without change or re-install the operating system installed ??
    My operating system is Redhat  Enterprise Linux 4 (RHEL 4) and oracle database inside.
    Please I need your suggest and advise, what should I do to add more space on existing raid 1.
    Thank You,
    breakthelimit

    There is no BIOS in OS X. There is only the EFI stored in ROM that is not user modifiable. OS X is probably checking Bay 0 for the boot drive since that is where it should be. It won't check the Tempo drive since it is treated like an external drive. I suggest you open Startup Disk preferences to see if the Tempo device is selected as the boot device. If it isn't, then select it. That will probably shave off a few seconds in the startup time.

  • Adding another AM to existing setup

    Hi All,
    I have following setup at present.
    2 backend servers and 2 front end servers. 2 backend servers a and b has directory server installed in MMR. 2 front end servers p an q has webservers and Access Manager. AM session fail over has been configured on it.
    Now I have added another backend server ‘c' in the setup. I have configured LDAP on it and now I am all three in MMR.
    I have following MMR agreements:
    Agreemenr suffix Source server Destnation server.
    dc=DOMAIN,dc=COM a b
    dc=DOMAIN,dc=COM b a
    dc=DOMAIN,dc=COM a c
    dc=DOMAIN,dc=COM c a
    dc=DOMAIN,dc=COM b c
    dc=DOMAIN,dc=COM c a
    Exactly similar for following suffixes:
    o=comms-config
    o=pab
    o=piserverdb.
    Now I am trying to add new Access manager (server r) to the existing setup.
    However when I am trying to configure AM using modified amsamplesilient file it works. But when I restart web server, I see the error below:
    warning: WEB6100: locale-charset-info is deprecated, please use parameter-encoding
    failure: WebModule[/amserver]StandardWrapper.Throwable
    java.lang.StackOverflowError
    at java.lang.Integer.parseInt(Integer.java:497)
    at java.net.URLStreamHandler.parseURL(URLStreamHandler.java:195)
    at java.net.URL.<init>(URL.java:596)
    at java.net.URL.<init>(URL.java:464)
    at java.net.URL.<init>(URL.java:413)
    at com.iplanet.services.naming.WebtopNaming.updatePlatformServerIDs(WebtopNaming.java:801)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:704)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updatePlatformServerIDs(WebtopNaming.java:802)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:704)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updatePlatformServerIDs(WebtopNaming.java:802)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:704)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updatePlatformServerIDs(WebtopNaming.java:802)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:704)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updatePlatformServerIDs(WebtopNaming.java:802)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:704)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updatePlatformServerIDs(WebtopNaming.java:802)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:704)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updatePlatformServerIDs(WebtopNaming.java:802)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:704)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updatePlatformServerIDs(WebtopNaming.java:802)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:704)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updatePlatformServerIDs(WebtopNaming.java:802)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:704)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.service
    failure: WebModule[/amserver]PWC1396: Servlet /amserver threw load() exception
    java.lang.StackOverflowError
    at java.lang.Integer.parseInt(Integer.java:497)
    at java.net.URLStreamHandler.parseURL(URLStreamHandler.java:195)
    at java.net.URL.<init>(URL.java:596)
    at java.net.URL.<init>(URL.java:464)
    at java.net.URL.<init>(URL.java:413)
    at com.iplanet.services.naming.WebtopNaming.updatePlatformServerIDs(WebtopNaming.java:801)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:704)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updatePlatformServerIDs(WebtopNaming.java:802)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:704)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updatePlatformServerIDs(WebtopNaming.java:802)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:704)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updatePlatformServerIDs(WebtopNaming.java:802)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:704)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updatePlatformServerIDs(WebtopNaming.java:802)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:704)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updatePlatformServerIDs(WebtopNaming.java:802)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:704)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updatePlatformServerIDs(WebtopNaming.java:802)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:704)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updatePlatformServerIDs(WebtopNaming.java:802)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:704)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updatePlatformServerIDs(WebtopNaming.java:802)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:704)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405) As I resolution to this, I followed following steps. But failed to remove &lsquo;iplanetamplatformservice'.
    [root@dr-msgfe1|mailto:root@dr-msgfe1] # ./amadmin -u amadmin -w 14amrk20 -r iplanetamplatformservice
    com.sun.identity.authentication.spi.AuthLoginException: Could not get module properties
    at com.sun.identity.authentication.AuthContext.checkException(AuthContext.java:1396)
    at com.sun.identity.authentication.AuthContext.checkAndSetLoginStatus(AuthContext.java:1417)
    at com.sun.identity.authentication.AuthContext.runRemoteLogin(AuthContext.java:728)
    at com.sun.identity.authentication.AuthContext.runLogin(AuthContext.java:606)
    at com.sun.identity.authentication.AuthContext.login(AuthContext.java:498)
    at com.sun.identity.authentication.AuthContext.login(AuthContext.java:356)
    at com.iplanet.am.admin.cli.Authenticator.getAuthContext(Authenticator.java:231)
    at com.iplanet.am.admin.cli.Authenticator.sessionBasedLoginInternal(Authenticator.java:130)
    at com.iplanet.am.admin.cli.Authenticator.ldapLogin(Authenticator.java:148)
    at com.iplanet.am.admin.cli.Main.runCommand(Main.java:707)
    at com.iplanet.am.admin.cli.Main.main(Main.java:1141)
    com.sun.identity.security.AMSecurityPropertiesException: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
    Check AMConfig.properties for the following properties
    com.sun.identity.agents.app.username
    com.iplanet.am.service.password
    at com.sun.identity.security.AdminTokenAction.run(AdminTokenAction.java:243)
    at java.security.AccessController.doPrivileged(Native Method)
    at com.sun.identity.sm.SMSEntry.read(SMSEntry.java:505)
    at com.sun.identity.sm.SMSEntry.read(SMSEntry.java:492)
    at com.sun.identity.sm.SMSEntry.<init>(SMSEntry.java:325)
    at com.sun.identity.sm.CachedSMSEntry.getInstance(CachedSMSEntry.java:315)
    at com.sun.identity.sm.ServiceConfigManagerImpl.checkAndUpdatePermission(ServiceConfigManagerImpl.java:496)
    at com.sun.identity.sm.ServiceConfigManagerImpl.getInstance(ServiceConfigManagerImpl.java:459)
    at com.sun.identity.sm.ServiceConfigManager.<init>(ServiceConfigManager.java:121)
    at com.iplanet.ums.ConfigManagerUMS.<init>(ConfigManagerUMS.java:992)
    at com.iplanet.ums.ConfigManagerUMS.getConfigManager(ConfigManagerUMS.java:121)
    at com.iplanet.ums.TemplateManager.<init>(TemplateManager.java:133)
    at com.iplanet.ums.TemplateManager.getTemplateManager(TemplateManager.java:151)
    at com.sun.identity.authentication.internal.server.LocalLdapAuthModule.getDN(LocalLdapAuthModule.java:298)
    at com.sun.identity.authentication.internal.server.LocalLdapAuthModule.login(LocalLdapAuthModule.java:133)
    at com.sun.identity.authentication.internal.LoginContext.login(LoginContext.java:125)
    at com.sun.identity.authentication.internal.AuthLoginThread.ru,
    n(AuthLoginThread.java:82)
    Deleting Service Schema iplanetamplatformservice
    Error 9: Operation failed: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
    Check AMConfig.properties for the following properties
    com.sun.identity.agents.app.username
    com.iplanet.am.service.password Any idea how to get rid of this issue? I want to add 3^rd^ AM to the existing setup.
    Thanks and Regards,
    -Shashank
    Edited by: shashankj on Aug 2, 2008 10:32 PM

    Hi Shashankj,
    I am having the same issue with Access Manager 7.1.I am trying to configure another AM instance with Directory server replication but when i start second Access Manager webserver throws same exception as follow.
    [23/Nov/2008:15:29:40] failure ( 3500): WebModule[amserver]StandardWrapper.Throwable
    java.lang.StackOverflowError
    at java.util.Hashtable.put(Hashtable.java:401)
    at com.iplanet.services.naming.WebtopNaming.updateServerIdMappings(WebtopNaming.ja
    va:765)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:70
    2)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.nam
    [23/Nov/2008:15:29:40] failure ( 3500): WebModule[amserver]PWC1396: Servlet /amserver thr
    ew load() exception
    java.lang.StackOverflowError
    at java.util.Hashtable.put(Hashtable.java:401)
    at com.iplanet.services.naming.WebtopNaming.updateServerIdMappings(WebtopNaming.ja
    va:765)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:70
    2)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:405)
    at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:381)
    at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:72
    4)
    at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:603
    at
    Is there anything I can do while installing second instance of Access Manager. or how can I modify Directory server.Help will be valuable.
    Thanks and Regards,
    Parul

  • How do I delete a credit card from my iTunes account without adding another one? My friend bought an app with her credit card and I no longer have the info but every time I try to download a free app (ex: Instagram, Twitter, vine etc.)it ask for the info

    How do I delete a credit card from my iTunes account without adding another one? My friend bought an app with her credit card and I no longer have the info but every time I try to download a free app (ex: Instagram, Twitter, vine etc.) it ask for the credit cards security code. I can not find a way to delete that cards info without adding another cards info.

    http://support.apple.com/kb/ht1918
    http://support.apple.com/kb/ts5366

  • Can we give more than one value for an Authorization field in Auth-Check.

    Hi all,
    Can we give more than one value for an Authorization field in Auth-Check.
    Ex: AUTHORITY-CHECK OBJECT 'S_TRVL_BKS'
    ID 'ACTVT' FIELD '02'
    ID 'CUSTTYPE' FIELD <Value 1> <Value 2> <Value 3>.
    IF SY-SUBRC 0.
    MESSAGE E...
    ENDIF.
    If yes, please help me with exact syntax.
    Think it will be like
    ID 'CUSTTYPE' FIELD: <Value 1>, <Value 2>, <Value 3>.

    Hi,
    yes we can give more than one field.
    program an AUTHORITY-CHECK.
    AUTHORITY-CHECK OBJECT <authorization object> 
       ID <authority field 1> FIELD <field value 1>. 
       ID <authority field 2> FIELD <field value 2>. 
       ID <authority-field n> FIELD <field value n>. 
    The OBJECT parameter specifies the authorization object.
    The ID parameter specifies an authorization field (in the authorization object).
    The FIELD parameter specifies a value for the authorization field.
    The authorization object and its fields have to be suitable for the transaction. In most cases you will be able to use the existing authorization objects to protect your data. But new developments may require that you define new authorization objects and fields.
    please reward points, if it is useful.
    satish.

  • Need to deactivate structural auth. check for a custom Report

    Hi all experts:
    I have a report that is based on PNPCE logical database and it displays work hours for a project, all non-sensitive information.  We would like a wide range of users to have access to this but since this is based on PNPCE logical database whenever a user runs it, the str. authorization check is performed.  I have tried deactivate this check with P_ABAP object and coers 2 but it only ignores infotype auth. check but still checks the structural.  We don't want to expand str. profile for users. 
    Do you know if there is a way to deactive this just for one report?
    Your help will be greatly appreciated.
    Regards,
    Net

    Thanks Kiran. I had tried that value but still got the same message.  I am having problem understanding exactly when this value 2 ignores structural authorization because it works on some reports and not others.  Anyway, we implemented BADI for this report to ignore structural auth. check and it is working fine.
    Thanks again,
    NT

  • Sec. Optimization self-service - Customer specific auth Checks

    Hi There,
    checking some automatic check like 0750 I see in SolMan there are some tabs like Green, Red, Recommendation (0705)
    checking the Customer specific auth Checks I found out only some of them.... I would be interested to know if it is possible to configure "something" in order to have the  tab Recommendation (9XXX)  for Customer specific auth Checks .
    Thanks
    FedeX.

    Hi,
    I still test and no quit sure if I am doing the right process...what I have done:
    use st13 to create my own alerts > 9000.
    use st14 for creating the report on target system... I check on the target system and by viewing data of the generated report there is a list of users because security specification > 9000.
    export report to SolMan ... successfully
    on SolMan ... what are the steps that I have to do?..I am not quit sure ... I go to session workbench ...here there are already some info of the previous check that I did days before ......  I click on the option collect data (ST13, ST14)..I delete the old number and introduce the new GUI Number and click on collect button... the rest of the fields are filled in ... and no additional message appear..
    one of the existing entries on the left side  is Customer specific Auth check ...it is in red..
    being on the collect data (ST13, ST14) entry I just click on save + next open check an the focus/cursor jump automatically to the last entry check session consistency  I do not identify any change in the entry Customer specific Auth check which still red and not showing the expected list ( what I see in target system)
    well hope this give some idea about the issue and possible solution
    Thanks
    FedeX

  • Adding another machine to Primary Zone

    Adding another machine to Primary Zone
    I have a good split-DNS configuration that has been working without issue for some months now since I installed OS X Server Snow Leopard (Mac Mini) at my company's office. We have another machine used as a file server (Mac Pro), without the dedicated server OS installed.
    We want to add a virtualized instance of Windows Server 2008 R2 as a guest OS on the Mac Pro via VMWare Fusion. We want to use this Windows Server instance to host some private web based services for our corporate team (intended to be reachable from within the local private network, and remotely, from the public internet (with proper authorization to access only).
    So far so good:
    -WinServer2008R2 installed as a guest OS on the host Mac Pro
    -WinServer's virtual NIC is in bridged mode (joins the host OS's physical network)
    -WinServer instance configured with an IP 10.0.1.33, which is set aside and reserved for the WinServer by the local DHCP service on the same network
    -WinServer successfully installed and tested IIS7 - both localhost from the WinServer instance and http://10.0.1.33 from other machines on the local private network (and from remote VPN clients) resolve to the WinServer's IIS default page properly.
    Where I am stumbling now in configuring DNS on the Mac Mini to properly forward requests aimed at the WinServer instance.
    DNS for the local domain is controlled by the Mac Mini. The configuration has been quite simple up to now, as that has met our needs. Just one Primary Zone and one Reverse Zone. We have an external DNS service from DYNDNS that handles any request for our domain from the external public internet. For now I'm not concerned with altering the external DNS service. Once I get the name service to properly resolve requests for the WinServer instance from the local domain, then I'll move onto matching up the external DNS.
    --Primary Zones
    Primary Zone:
    Primary Zone Name: ourcompany.net.
    Nameservers: Zone: ourcompany.net. Nameserver Hostname: server.ourcompany.net.
    --Records
    Machine Record:
    Machine Name: server.ourcompany.net.
    IP Address: 10.0.1.11
    --Reverse Zones
    Reverse Zone:
    Reverse Zone Name: 11.1.0.10.in-addr.arpa.
    Nameservers: Zone: 11.1.0.10.in-addr.arpa. Nameserver Hostname: server.ourcompany.net.
    Resolve 10.0.1.11 to: server.ourcompany.net.
    The -checkhostname command returns:
    Primary address = 10.0.1.11
    Current HostName = server.ourcompany.net
    DNS HostName = server.ourcompany.net
    The names match. There is nothing to change.
    dirserv:success = "success"
    So I attempted to add a Machine Record to the Primary Zone with the following settings:
    Machine Record:
    Machine Name: dash.thewcateam.net.
    IP Address: 10.0.1.33
    When I did this it added the following Reverse Zone:
    Reverse Zone:
    Reverse Zone Name: 1.0.10.in-addr.arpa.
    Nameservers: Zone: 1.0.10.in-addr.arpa. Nameserver Hostname: server.ourcompany.net.
    Resolve 10.0.1.33 to: dash.ourcompany.net.
    And with the following records added I don't seem to have a proper resolution to 10.0.1.33 when requesting dash.ourcompany.net.
    I'm wondering where I should look next in troubleshooting this issue. Any pointers or advice would be very appreciated.

    Remove the "Reverse Zone Name: 11.1.0.10.in-addr.arpa."
    It's probably left from when you first configured the server.
    Though the "Primary Zone Name: ourcompany.net." seems correct.
    Then update the 10.0.1.11 record so it's added to the right reverse zone - "1.0.10.in-addr.arpa."
    In a MacPro we run VM Ware on a separate interface (en1/"Built in 2") that is forced up using a LaunchDaemon. "Built in 2" must be active in Network config in OS X but don't need to be configured (red "LED").
    That way the MacPro can use it's own IP on the en0 interface without disturbing en1 and vice versa.

  • Powershell script assistance - adding another property to existing script

    This is not my script but was written by Richard L. Mueller. It works perfectly for us but I would like to know if the account is enabled or disabled when the output is created. Basically it would output the name, lastlogon and then either enabled or disabled.
    I've attempted to add a new property by adding another " $Searcher.PropertiesToLoad.Add" and "$Result.Properties.Item ".
    It works fine if I add something like "givenName" but I can't find the property name to show if the account is enabled or disabled.
    The entire script is shown below:
    # PSLastLogon.ps1
    # PowerShell script to determine when each user in the domain last
    # logged on.
    # Copyright (c) 2011 Richard L. Mueller
    # Hilltop Lab web site - http://www.rlmueller.net
    # Version 1.0 - March 16, 2011
    # This program queries every Domain Controller in the domain to find the
    # largest (latest) value of the lastLogon attribute for each user. The
    # last logon dates for each user are converted into local time. The
    # times are adjusted for daylight savings time, as presently configured.
    # You have a royalty-free right to use, modify, reproduce, and
    # distribute this script file in any way you find useful, provided that
    # you agree that the copyright owner above has no warranty, obligations,
    # or liability for such use.
    Trap {"Error: $_"; Break;}
    $D = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
    $Domain = [ADSI]"LDAP://$D"
    $Searcher = New-Object System.DirectoryServices.DirectorySearcher
    $Searcher.PageSize = 200
    $Searcher.SearchScope = "subtree"
    $Searcher.Filter = "(&(objectCategory=person)(objectClass=user))"
    $Searcher.PropertiesToLoad.Add("distinguishedName") > $Null
    $Searcher.PropertiesToLoad.Add("lastLogon") > $Null
    # Create hash table of users and their last logon dates.
    $arrUsers = @{}
    # Enumerate all Domain Controllers.
    ForEach ($DC In $D.DomainControllers)
    $Server = $DC.Name
    $Searcher.SearchRoot = "LDAP://$Server/" + $Domain.distinguishedName
    $Results = $Searcher.FindAll()
    ForEach ($Result In $Results)
    $DN = $Result.Properties.Item("distinguishedName")
    $LL = $Result.Properties.Item("lastLogon")
    If ($LL.Count -eq 0)
    $Last = [DateTime]0
    Else
    $Last = [DateTime]$LL.Item(0)
    If ($Last -eq 0)
    $LastLogon = $Last.AddYears(1600)
    Else
    $LastLogon = $Last.AddYears(1600).ToLocalTime()
    If ($arrUsers.ContainsKey("$DN"))
    If ($LastLogon -gt $arrUsers["$DN"])
    $arrUsers["$DN"] = $LastLogon
    Else
    $arrUsers.Add("$DN", $LastLogon)
    # Output latest last logon date for each user.
    $Users = $arrUsers.Keys
    ForEach ($DN In $Users)
    $Date = $arrUsers["$DN"]
    "$DN;$Date"

    It is part of the userAccountControl attribute. Retrieve that attribute for each user and test if the ADS_UF_ACCOUNTDISABLE bit (2) is set.
    -- Bill Stewart [Bill_Stewart]

  • Adding HTTP Auth header with WCF-Basic http adapter

    Hello,
    we have a scenario where we receive a message from a source ssytem and make a
    soap webservice call using this message. The third party webservice expects basic
    authentication. The source message contains the userid/passphrase to be used while
    making the webservice call. How can we go about adding this auth headers with WCF adapters?
    Any suggestions?
    thanks

    Refer http://msdn.microsoft.com/en-us/library/bb226467.aspx and lookup Username and Password for the properties to use when handling WCF with Basic Authentication.
    For creating the send port for the service refer
    http://msdn.microsoft.com/en-us/library/jj572853(v=bts.80).aspx
    So somewhere in your orchestration you'll read the userid/passphrase and then in the Construct Shape use WCF.Username and WCF.Password to assign these value for the outbound call to the 3rd party web service. With the send port setup to use the Basic Authentication
    credentials it'd work.
    Regards.

Maybe you are looking for

  • Where can I find the files to upgrade Acrobat 9.0 pro to 9.5.5?

    I have to re-install Acrobat 9.0 Pro and have the files to do that but I need to find the upgrade files to get to 9.5.5.  The Adobe website no longer lists them and Chat says they don't support 9.0 any longer.   This is hardly customer friendly. BFB

  • Nokia Pro Camera App Problems

    I am on EE and finally got the Pro Cam App last night when I got the Amber Update for my Lumia 920. I have two problems with it: 1) Everytime I take a picture, the image I've taken is displayed on the screen and doesn't go away, I have to return to t

  • How to use Mail with Kerberos?

    I am a Mac user in a mostly Windows office which uses an Exchange Mail Server 2003 for mail. Currently I connect to our mail server using Mail's Password Authentication. This works well, but our IT manager is concerned that this method sends the pass

  • Where can I find the Boot Camp Assistant on Leopard?

    I have a new MacBook with Leopard, but I can't find the Boot Camp Assistant anywhere. Not with spotlight, not in my Applications folder, not in the Utilities map. I checked the both Leopard CD's that came with my MacBook, but no luck. Anyone who can

  • Please Enable Book Loaning in Digital Editions

    Hi Adobe, If libraries can loan ebooks why cant I? How could this work? Loaning would occur inside Digital Editions, would require the Adobe id of the borrower and, if needed, a connection to the internet (to update the DRM). eBooks would not be able