Analysing User Accounts for Security

Similar Messages

• Help-I want to move my stuff out of admin user account to a non-admin user account for security.  How can this be done?

  So... I have amassed loads of documents, videos, music, photos, etc. onto my MacBook Pro all under the admin user account I set up for myself.  I am the only one who uses the MacBook.  I now work virtually and am online at different free wifi spots, and I want to access all of my stuff under a non-admin user account for security reasons.
  I attempted to uncheck the "allow this user to administer this computer" box under my admin user account, but it is greyed out and I cannot.
  Is there an easier way to fix this than backing up all of my stuff and then moving it to a non-admin account?

  There is only one solution: create a new Standard user account and set it as your auto login account, if you use that feature.
  Using what you describe is mostly a false sense of security. Were someone to hack into the computer they could hack into the standard account, so you would not wish to keep any sensitive data in that account. Other things to consider:
  Turn on your Firewall in Security & Privacy preference panel.
  Use software to mask your online presence such as ProxyCap 2.03, MacProxy, Proxifier, or Hotspot Shield.

• Data Buffer error USER_AUTH_FAILED: User account for logonid "SYSTEM"

  All,  I have the following errors on both the Quality and the Production system in our data buffer job.
  com.sap.security.api.NoSuchUserException: USER_AUTH_FAILED: User account for logonid "SYSTEM" not found!
  These entries will not process because they are generating an error about the loginid for the Username SYSTEM is not found.
  So I am thinking that somehow the MII system is not capturing the correct username when they are being added into the Data Buffer Jobs, or there is something I am overlooking when I set up the databuffering.
  Other entries that were in the data buffer jobs were listed as using the RS1000SVC-QMUSBATCH, RS1630SVC-PMIIBATCH User accounts.  These are the accounts that our scheduled tasks run under.
  Those entries process OK out of the data buffer jobs.
  I did notice a similarity between the data buffer jobs in the quality and production systems as it pertains to the following transactions.
  Production MII ver 12.0.7 (Build 20)
  Muscatine%2FIntegration%2FSAP%2FPROD_CONFIRMED_INPUT_InsertQuery
  Which is called from the MIIC1043_IDOC Message Processing Rule.
  Muscatine%2FIntegration%2FSAP%2FHEADER_InsertQuery
  Which is called from the MIIC1043_Control_Recipe_Download Message Processing Rule.
  Quality MII 12.0.11 (Build 14)
  Muscatine%2FIntegration%2FSAP%2FPROD_CONFIRMED_INPUT_InsertQuery
  Which is called from the MIIC1043_IDOC Message Processing Rule.
  So the commonality is that these transactions are being initaiated by the Message processing rules.
  Are there known issues with data buffering from transactions initiated with Message Processing Rules?
  Is anyone sucessfully using data buffering of transactions called by message processing rules?
  Any help is appreciated.
  Bob

  Jeremy,  Thanks for your reply.
  There doesn't seem to be much detailed information on the use of Catagories with Processing rules in Help or in the forums.  So let me see if I understand your suggestion correctly.
  On the MII server create a processing rule for the message using a category instead of using a transaction,  The message received by the message listener will be placed in a buffer.  I am assuming these messages whould show up in the message monitor and not in the  Data Buffer jobs/entries.
  So in my transaction which normally processes this data I could add logic to access the message data; using the Message Service (Query, Read, Update and Delete) action blocks.  I could pare down the selection by selecting messages based on the MessageCategory that I defined in the message processing rule.   This will allow me to access the stored message data.
  Finally use a scheduled Job to execute the transaction.  The scheduled job would be run with a valid userID and Password so if it connection to the external database failed the enteries would be placed in the data buffer jobs with a valid userID credentials.
  Does this sound like what you had in mind?

• I want to set up a user account for my 3 year old, so when she goes into her account, only her games show up on the desktop

  I am trying to set up a user account for my 3 year old so that when she goes into her account, only her games show up on her desktop.  How??

  yes -- I think I am setting it up right, but when I go into her account to check it, it doesn't work.

• How can i set up multiple user accounts for my new ipad mini?

  How can i set up multiple user accounts for my new ipad mini?

  The iPad mini is basically a one user device. There are no Accounts. You can set up restrictions so that only you can do certain things.

• I have created separate user accounts for my 2 boys on my macbook. How do i get my itunes library onto their new ipods?

  I have created separate user accounts for my 2 boys on my macbook. How do i get my itunes library onto their new ipods?

  They can't.  Which came first - the chicken or the egg?  Actually, that's a bad comparison but a sync must come first.
  The library is actually part of iTunes and it contains everything.  iTunes is then configured so that you (or they) determine which portion of everything will be synced to each iPod (identified by a unique name, see below for an example of an iPod and an iPad).  iTunes can't make that decision until AFTER it knows which iPods exist.
  By the way, I (you, they) can very easily change the name of each device to whatever I (you, they) wish to call it.

• Tacacs authentication fails for one user account for only one switch

  Hi,
  I am having an scenario, where as Tacacs authentication fails for one user account for only one switch.
  The same user account works well for other devices.
  The AAA configs are same on every devices in the network.
  Heres the show tacacs output from the switch where only one user account fails;
                Socket opens:        157
               Socket closes:        156
               Socket aborts:        303
               Socket errors:          1
             Socket Timeouts:          2
     Failed Connect Attempts:          0
          Total Packets Sent:       1703
          Total Packets Recv:       1243
            Expected Replies:          0
  What could be the reason ?
  No errors on ACS server; same rights had been given to the user account.
  Thanks to advise.
  Prasey

  Hi there,
  Does the user get authenticated in the ACS logs?
  reports and activity----> failed attempts
  ro
  reports and activity----->  passed authentications
  That will help narrow it down.
  Brad

• Error while getting the ORACLE user account for your concurrent request

  Hi ,
  When I am submitting the Concurrent Program from OAF page Iam getting
  Error
  Encountered an error while getting the ORACLE user account for your concurrent request. Contact your system administrator.
  When we will face this error.
  Not able to submit the Request
  Krishna

  Krishna
  Try like this
  public int submitCPRequest(String shipmentId) {
  System.out.println("into submitCPRequest");
  try {
  OAApplicationModule am = pageContext.getApplicationModule(webBean) ;
  OADBTransaction transaction = am.getOADBTransaction();
  Connection conn = transaction.getJdbcConnection();
  ConcurrentRequest cr = new ConcurrentRequest(conn);
  cr.setDeferred();
  String applnName = new String("XXAPL"); //Application that contains the concurrent program
  System.out.println("ApplName"+ applnName);
  String cpName = new String("SHIP_REQ"); //Concurrent program name
  System.out.println("Concc Name"+ cpName);
  // String cpDesc = new String("Shipping Request"); // concurrent Program description
  // Pass the Arguments using vector
  // Here i have added my parameter headerId to the vector and passed the
  //vector to the concurrent program
  Vector cpArgs = new Vector();
  cpArgs.addElement(shipmentId);
  System.out.println("Args"+ cpArgs);
  After this it is going into exception
  // Calling the Concurrent Program
  int requestId = cr.submitRequest(applnName, cpName, null, null, false, cpArgs);
  System.out.println("Req Id"+ requestId);
  tx.commit();
  return requestId;
  catch (SetDeferredException e)
  throw new OAException("SetDeferredException " + e.getMessage(),OAException.ERROR);
  catch (RequestSubmissionException e) {
  System.out.println("Into Exception");
  OAException oe = new OAException(e.getMessage());
  oe.setApplicationModule(this);
  throw oe;
  }Thanks
  AJ

• Use of Authorizations Tab in User Account for Version 10

  Whats the use of Authorizations Tab in User Account for Version 10. Please find the snapshot attached.

  Hi Pawan,
  SAP Sourcing 10 allow custom script and query-based web services which support OAuth authentication so
  client consumer application will consume this web service and if the OAuth handshake is done successfully, then we can verify by going to the Authroizations tab of the User Account of the user that signed on to Sourcing/CLM and allowed the external program to access the particular webservice.
  For more insights please refer the Web services cookbook of SAP Sourcing 10.
  Hope it helps to some extent.
  Best,
  Kushagra A

• Delete the previous administrator and make a user account for myself on my iMac G4

  delete the previous administrator and make a user account for myself on my iMac G4

  Open the Accounts pane of System Preferences, create the new account, log in with it, and delete the existing one. If the computer's one you've recently purchased, you may want to erase the drive and install a new OS; do this only if you have the computer's original disks or a retail package compatible with it.
  (64808)

• How to copy information from a user account's Security tab of Active Directory User and Computer Security tab to another user account?

  Hi, I'm using vs2012
  Grammatically, by C# code, I need to copy a user account's Security (from ADUC Security tab) and apply it to a new user account I created by code.  My application creates new AD accounts when needed.  I need to duplicate/copy attribute from another
  user account that we use as a base template.  I can copy most other attributes through property["xxxxx"] but how do I copy all that permission access information under the ADUC Security tab?
  How can I do that?  Thank you.
  Thank you

  I would recommend asking them in C# forums: https://social.msdn.microsoft.com/Forums/vstudio/en-US/home?forum=csharpgeneral&filter=alltypes&sort=lastpostdesc
  This posting is provided AS IS with no warranties or guarantees , and confers no rights.
  Ahmed MALEK
  My Website Link
  My Linkedin Profile
  My MVP Profile

• Encountered an error while getting the ORACLE user account for your concurrent request. Contact your system administrator

  Dear Techies,
  We have registered an Extra Information Type as self service OAF page and did some validations using user hook which are working fine. But for some requests EIT creation page is throwing below errors.
  1. Encountered an error while getting the ORACLE user account for your concurrent request. Contact your system administrator.
  2. An unexpected situation occurred while executing routine FND_DATA_SECURITY.GET_SECURITY_PREDICATE_HELPER.The cause was: The parameter 'p_object_name' cannot be 'GLOBAL'.
  System throws these errors whenever user hook suppose to throw our customized validation messages.Since we are at UAT instance, we are bouncing apache and oacore to get rid of these errors every time they appear. But we cannot bounce once it is moved to production.
  Kindly share some ideas  to fix these errors as we are very close to Go-Live and we are facing this issue with all EIT's and SIT's.
  Thanks and Regards
  Dileep Kumar.

  Hi Mahesh,
  Thanks for reply.
  I have gone through the link that you have suggested. But our EIT user hook validations doesn't  have any code related to submission of concurrent programs. More over our error is not stable. If we bounce the apache and oacore, the system will work fine without unexpected errors for some time. We are not even able to replicate these errors.
  Thanks and Regards
  Dileep Kumar.

• Create unique user accounts for each Oracle process

  hi,
  Please tell me the command to create unique user accounts for each Oracle process
  Thanks

  create unique user accounts for each Oracle processWhat do you mean by unique user account for each oracle process ? Provide more information.
  do you mean create oracle user?
  create user <username> identified by <password> default tablespace <tablespace_name>;
  -Anantha

• Admin and User Accounts for Single User

  I am the only user of my iMac. According to the article I found below, I should create a User Account for myself and use that one for my daily work. Is this correct?
  "Don't use the administration account for anything other than setting up the machine and applications or changing "permanent" settings (if you want to, say, change network settings as a normal user you'll be prompted for the admin password, and since you'll do configuration changes less and less often as time progresses, this isn't a problem)."

  Aha! It would appear that this is exactly the sort of thing that using a non-admin account would normally protect you from.
  ..."yet all applications are available to me in Finder > Applications"...
  That's good news. So I wonder where the "Applications" folder has been moved to... The folder that is opened when "Finder" is activated is something that can be changed through the "Finder" > "Preferences" menu under "General". I suspect that it is either "Home" or "Documents", so that when you refer to "Finder > Applications", the path is actually either "Macintosh HD" > "Users" > "Applications", or else "Macintosh HD" > "Users" > "Documents" > "Applications".
  To put things back, it might be easier to temporarily remove any "Parental Controls" from your current account and check the "Allow user to administer this computer" check box.
  Then rename the "Macintosh HD" > "Applications" folder (the one with only "iTunes") to something else, eg "Applications-temp". After that, open a second window and drag the folder you refer to as "Finder > Applications" to where it belongs in the "Macintosh HD" window.
  Now check the versions of "iTunes.app" in the "Applications" and "Applications-temp" folder - one way to do this is to click on the iTunes icon once and change the "Finder" window to "Column View" ("View" > "As Columns", or use the keyboard shortcut ⌘3). The version number should be displayed in the "Preview" panel. Take the older version (lower version number), and throw it away. If necessary, drag the newer version into the "Macintosh HD" > "Applications" folder.
  Now, open "Macintosh HD" > "Applications" > "Utilities" > "Disk Utility.app", select your hard drive, and click the "Repair Disk Permissions" button (not the "Repair Disk" button). This might take a few minutes.
  Hopefully that will do it, and you can go back and make the account a non-admin again.
  I should mention that with some third pary apps, if they were originally installed while the "Applications" folder had been moved, they may complain if their location is changed. It might be necessary to reinstall those, although it will likely depend on a case to case basis.

• Created a user account for my daughter but itunes will not open, just says something about digital signature policy

  Hi there, newbie here. Wondered if anyone can help, opened another user account for daughter on windows 64, and when we tried to open itunes a message came up saying it could not open because of digital signature policy, when i go back to my user it opens ok.
  Could anyone help.
  Cheers

  am not prepared to enter my credit card also on her account application.
  You can enter it on the registration page then delete it immediately after you complete the registration.
  If I purchase a iTunes card with some credit, can I open the account for her just with the code?
  If you wish. Instead of going to Create new accout, go to Redeem on the main iTunes store screen, enter the code, then select *Create new account*.
  What will happen if the credit on the card gets to zero?
  She will not be able to make a purchase until another gift card is entered or a CC is linked to the account.