Authorizations missing SOAMANAGER http issue

Similar Messages

• Authorizations missing for aggregation (":")

  Hi ALL,
  i have already included these in my authorization object Y_WBS_D174.........for 0WBS_ELEMT__0RESP_CCTR
  I     EQ     C174000
  I     EQ     D174000
  I     EQ     N174000
  I     EQ     R174000
    Authorizations missing for aggregation (":")  
  Characteristic      Y_WBS_D0174
  0WBS_ELEMT__0RESP_CCTR        I EQ C174000,...  
  Entries marked with red do not have aggregation authorization
  You can find more information about this here 1140831
    The authorization check stops here as this selection is no longer needed  
    Message EYE007: You do not have sufficient authorization  
    No Sufficient Authorization for This Subselection (SUBNR)  
    Authorization Check Complete 
  Please help on this

  hi Raj,
  you are restricting users to be able to see some particular values only using authorisations...
  but in case if that particular infoobject is itself not there in the report then what should be displayed to user in report:
  here if you use EQ ':'
  then user will be displayed aggregated to data for the one level up.
  else
  user will not be displayed anything.
  hope it helps...

• ERROR: Execution failed due to binary missing or permission issues

  I have a little problem with OEM. I've setup the LDAP authentication on my Linux RAC nodes and when I run a OS command without sudo, the date command works. I've setup my sudoers so my regular LDAP account can execute any command as oracle, but when I run the same OS command with sudo to oracle, the job comes back with:
  Error Log
  ERROR: Execution failed due to binary missing or permission issues
  Has anyone else seen this problem?
  Thanks,
  Arwin

  Looks like someone had some fat fingers when typing in the emcli commands to tell OEM where the sudo binary lives. I which the errors that OEM spit out are more meaningful, such as if it is going to tell me that a binary or permission is not there or set, what was it looking at?

• Kapsel Logon Example - IOS 7 https issue

  Hello Experts,
  When i try to connect via HTTP from the cordova project "logondemo" everything works fine, when i switch to HTTPS, i have this issue on the cordova project... CFNetwork SSLHandshake failed (-9807)
  I tested the connection via the REST API Client App from Google Chrome and i had no problem, it seems that this is an IOS 7 Issue...
  http://social.technet.microsoft.com/Forums/lync/en-US/901a65f4-0417-4287-abd1-f4840f4d6a4f/ios-users-with-4222014-client-update-unable-to-connect?forum=lyncdeploy
  Is there any update on this? a newer version?
  i currently have XCODE: 5.1.1
  IOS Simulator 7.1
  Cordova version 3.4.0-0.1.3
  This is the log of the error when i try to connect via HTTPS
  2014-06-23 11:16:37.251 LogonDemo[19448:60b] IAB loadstart: iOS
  2014-06-23 11:16:37.251 LogonDemo[19448:60b] event: "onsubmit"
  2014-06-23 11:16:37.251 LogonDemo[19448:60b] calling parent callback
  2014-06-23 11:16:37.252 LogonDemo[19448:60b] {"serverHost":"server name","user":"xxxxx","password":">>> FILTERED <<<","resourcePath":"","https":true,"serverPort":"8081","farmId":"","communicatorId":"REST","securityConfig":"CEMEXNET"}
  2014-06-23 11:16:37.252 LogonDemo[19448:60b] logonCore.startRegistration
  2014-06-23 11:16:37.252 LogonDemo[19448:60b] {"serverHost":"xxxxx","user":"xxxxx","password":">>> FILTERED <<<","resourcePath":"","https":true,"serverPort":"8081","farmId":"","communicatorId":"REST","securityConfig":"CEMEXNET"}
  2014-06-23 11:16:37.273 LogonDemo[19448:4613] Initializing Client connection with ApplicationID : com.cemex.logon  Domain :  default  SecurityConfiguration:  CEMEXNET
  2014-06-23 11:16:37.276 LogonDemo[19448:4613] Setting Client connection with Url:  https://xxxxx:8081
  2014-06-23 11:16:37.277 LogonDemo[19448:4613] Clearing session cookies
  2014-06-23 11:16:37.278 LogonDemo[19448:4613] Assigning the selectors
  2014-06-23 11:16:37.279 LogonDemo[19448:4613] Automatic Registration : Registering user ASYNCHRONOUSLY with user name : xxxxx, security configuration : CEMEXNET
  2014-06-23 11:16:37.295 LogonDemo[19448:2f3] CFNetwork SSLHandshake failed (-9807)
  2014-06-23 11:16:37.296 LogonDemo[19448:60b] Request Failed With Error Code  0 message:  (null)
  2014-06-23 11:16:37.298 LogonDemo[19448:60b] ER:MAFLogon Registration failed with error: Error Domain=HTTPRequestErrorDomain Code=1 "A connection failure occurred: SSL problem (possibly a bad/expired/self-signed certificate)" UserInfo=0xc2ea240 {NSUnderlyingError=0xc294d60 "The operation couldn’t be completed. (OSStatus error -9807.)", NSLocalizedDescription=A connection failure occurred: SSL problem (possibly a bad/expired/self-signed certificate)}
  2014-06-23 11:16:37.299 LogonDemo[19448:60b] ER:MAFLogon Registration failed
  2014-06-23 11:16:37.301 LogonDemo[19448:60b] registration failed
  2014-06-23 11:16:37.301 LogonDemo[19448:60b] {"errorMessage":"keyErrDescrMAFLogonErrorCommunicationManagerError","errorDomain":"MAFLogonCoreErrorDomain","errorCode":"3"}
  2014-06-23 11:16:37.301 LogonDemo[19448:60b] "LogonController.getRegistrationErrorText: {\"errorMessage\":\"keyErrDescrMAFLogonErrorCommunicationManagerError\",\"errorDomain\":\"MAFLogonCoreErrorDomain\",\"errorCode\":\"3\"}"
  2014-06-23 11:16:37.301 LogonDemo[19448:60b] iabui showNotification
  2014-06-23 11:16:37.334 LogonDemo[19448:60b] THREAD WARNING: ['InAppBrowser'] took '31.832031' ms. Plugin should use a background thread.
  2014-06-23 11:16:37.363 LogonDemo[19448:60b] executeScript returned:[null]
  Any comment of this its appreciated,
  Regards,
  Daniel Y.

  I assume that the issue might be related to missing certificate in the device do to a HTTPS request. To make a HTTPS request a certificate is needed. This thread might give more information,Re: SMP 3.0 Kapsel Development in  HANA Cloud
  Midhun VP

• Name of .crl and .crt file missing from HTTP URL in certificate details

  Hello Everyone,
  I am in the process of building a 2-tier Windows Server 2012 R2 PKI. The CA name of both the offline standalone root CA and enterprise subordinate CA have spaces in it (we'll call the CA name, 'Test Lab Root CA' for point of reference).
  When I submitted the certificate request for the subordinate CA to the root CA and viewed the attributes/extensions of the pending request, I noticed the HTTP URL is missing the name of the .crt and .crl file.
  The AIA extension reads URL=http://test.domainname.com/pki/.crt
  in the issued certificate details.
  The CDP extension reads URL=http://test.domainname.com/pki/.crl
  in the issued certificate details.
  The AIA and CDP location HTTP URLs are configured as http://test.domainname.com/pki/<CertificateName>.crt and  http://test.domainname.com/pki/<CRLNameSuffix><DeltaCRLAllowed>.crl, respectively on the
  root CA. 
  The LDAP URL shows the .crt and .crl file name (with %20 replacing the spaces) perfectly fine. The LDAP URL is configured using variables as well. It's just the HTTP URL that is missing the name of the file altogether. 
  I have read about the issue where spaces are not being replaced with %20 in the URL on Windows Server 2012 and a hotfix is available for that issue. But this issue seems to be slightly different and I'm running Windows Server 2012 R2. I tried installing
  the hotfix to see if it would help, but the hotfix can't install because it doesn't apply to Server 2012 R2.
  I've been trying to find a technet discussion or blog article for a week to see if anyone has seen this and what the fix is, but I'm coming up empty. I only find talks about %20 not replacing the space in the name.
  Does anyone have any insight to my particular issue? I don't want to issue the subordinate CA certificate until I know the HTTP URL populates the CRL and CRT file name correctly. I can get around this by typing out the name of the file (with spaces and not
  %20... e.g. http://test.domainname.com/pki/Test Lab Root CA.crl) in the URL via the registry and the URL displays the name of the file (with %20 in the name) when I do another certificate request and check the attributes/extensions in the
  pending request. However, I prefer to avoid manually typing out the name of the file in the registry. I'd like to use the variables if at all possible. 
  Any help/guidance would be greatly appreciated.
  Thank you.

  On Fri, 27 Mar 2015 03:42:28 +0000, Brian Komar [MVP] wrote:
  You have totally messed up the URLs.
  If you run certutil -getreg ca\CRLPublicationURLs and certutil -getreg ca\CACertPublicationURLs, you will see that you do not have correct use of variables when compared to the settings that follow:
  The URLs should be set to the following for an offline CA:
  certutil -setreg CA\CRLPublicationURLs "1:%WINDIR%\system32\CertSrv\CertEnroll\%%3%%8%%9.crl\n2:http://test.domainname.com/pki/%%3%%8%%9.crl"
  *certutil -setreg CA\CACertPublicationURLs  "1:%WINDIR%\system32\CertSrv\CertEnroll\%%1_%%3%%4.crt\n2:http://*test.domainname.com*/pki/%%1_%%3%%4.crt"*
  For an issuing CA, they should be set to:
  The URLs should be set to the following for an offline CA:*certutil -setreg CA\CRLPublicationURLs "65:%WINDIR%\system32\CertSrv\CertEnroll\%%3%%8%%9.crl\n6:http://test.domainname.com/pki/%%3%%8%%9.crl"*
  *certutil -setreg CA\CACertPublicationURLs  "1:%WINDIR%\system32\CertSrv\CertEnroll\%%1_%%3%%4.crt\n2:http://**test.domainname.com**/pki/%%1_%%3%%4.crt"*
  Just a clarification here, if you're running the above certutil commands at
  the command prompt you only need single % characters in the command line.
  The double % characters are only required if the commands are being run in
  a batch file.
  Paul Adare - FIM CM MVP

• Mapi over HTTP issue

  Hi all!
  Hope somebody can help me out. In my test lab, where I`m experimenting with Exchange 2013 SP1 and Outlook 2013 SP1 I came across very annoying thing.
  Let me explain a little bit more about config that worked.
  Outlook 2013 connected to Exchange 2013 via RPC over HTTPS is working great actually really great. I have created my own certs and imported ROOT CA cert to all of my machines and things are working peachy. As part of my plans for 2014 I have to test and
  deploy MAPI over HTTP sometime at the end of 2014 in our company (and migrate fromEX2007 but this is different story).
  OK so I`ve enabled MAPI over HTTP on my test server and configured 5 virtual machines with different accounts to test things out. Started Outlooks, accepted "Your administrator has made change ....." prompts and here we go, I`m connected MAPI/HTTP
  and all works really great.
  Except for one thing. When it does connect, things are super fast and it works as it should. But sometimes it does not connect right away and it is sluggish in performance. Also Outlook is missing "Quick steps" menu, see attached image:
  I restarted all servers, clients, clean Outlook install nothing helps.
  When RPC/HTTPS I could quit and start Outlook 10 times and it worked 10/10 without problems.
  When MAPI/HTTP I restart outlook and it works 6/10, so 4 times I get messed up Outlook and very poor performance.
  Any idea where to start troubleshooting? Maybe Outlook has a bug or 2 with this mode?
  Server is correctly sized and backed up by enough of memory and CPU, mailboxes have 100-3500 items in them.
  Again, RPC/HTTPS works every time without any problem.
  MAPI/HTTP works lets say 6 times without any prolem at all and really works great but 4 times out of 10 it makes me want to throw it away :)
  If someone knows best way to troubleshoot this one, please let me know.
  Regards,
  G

  Hi,
  From your information, when Outlook hang on PC A, there was no problem to connect at the same time from computer B, so the client side related issue causing this problem is more likely. For
  example, when Outlook was trying to connect to Exchange server, it fails due to the temporary Network issue, or it hang when loading something. As far as I know, it may also be caused by the local OST file. But it is difficult to do troubleshooting since there
  could be many possible causes and more logs may be required to do troubleshooting.
  Please try to run Outlook in safe mode by running "Outlook.exe /safe", see if we can reproduce this issue.
  Thanks
  Jessie

• Is the "Wake Lock" app a good workaround for the Missed Calls/Texts issue?

  Back on Jun 18, at the beginning of the "Any One Having Missed Call Problem after ED04 ..." thread, wardcst24 posted that the Wake Lock app seemed to fix the issue of missing calls and that all calls now were received A-OK (not sure about texts).
  I think the train of thought is that after the Froyo / ED01 / ED04 updates, when the phone is in sleep mode it doesn't recognize some incoming calls and texts, but that this app keeps the CPU active enough to detect them when received.  There's probably a (minimal?) hit to memory / battery life / processing speed, but certainly acceptable vs missing calls.
  Has anyone had any luck with this or a similar app?  I can't test it since I'm still on 2.1 (never got around to upgrading to Froyo, sometimes it pays to be lazy . . . )..
  Here's the thread with the original Wake Lock reference:
  http://community.vzw.com/t5/Samsung-Fascinate/Any-One-Having-Missed-Call-Problem-After-ED04-Update-Post-Here/td-p/561962
  Joel

  It did work but when you would get a call wake lock would crash and if you didn't remember to reset it you would start missing calls again.
  It would consume 3% per hour
  I could not deal with having to remember to reset all the time so I sent my phone back to Samsung for the 5th time.
  There is another one that is said to work very well it is sofLocker
  https://market.android.com/details?id=otis8.softlocker
  I have not been able to test because Samsung has my phone for time #5

• AAA authorization of SF302-08MPP issue

  Hi
  I'm having an issue with getting RADIUS working on a SF 302-08MPP. RADIUS server is working fine with other switch ie cat2960's. I keep getting the following error when I attempt to login using AD credentials, which work on my other switches.
  Invalid user or password at the login screen and in the switch RAM logs the below log entry.
  Warning     %AAA-W-REJECT: New https connection, source <ip address> destination <ip address>  REJECTED
  I'm not seeing any errors on the NPS (Windows 2008 R2 ent server)
  Under Security=>RADIUS I've used most of the default setting and match them on the NPS(RADIUS) server.
  The active access profile is one I created for HTTPS, and my PC is the device permitted.
  Is there anything I'm missing? Any thoughts?
  Thanks
  John

  Hi,
  According to the configuration guide http://www.cisco.com/c/dam/en/us/td/docs/switches/lan/csbms/sf30x_sg30x/administration_guide/78-19308-01.pdf
  "For the RADIUS server to grant access to the web-based configuration utility, the
  RADIUS server must return "cisco-avpair = shell:priv-lvl=15."
  So you need to make sure along with "access-accept" the server is returning the value to provide GUI access to users.
  Here's few links which might help:
  https://supportforums.cisco.com/discussion/10687961/windows-2008-nps-radius-and-aaa
  http://technologyordie.com/windows-nps-radius-authentication-of-cisco-prime-infrastructure
  Regards,
  Kush

• Authorize an e-reader issue

  Hello All
  I am have an issue with adobe digital additions on one of my computers. When ever i try to authorize an e-reader, I've tried two different e-readers with two different accounts, I get an error message saying it could not authorize it and to please try again later with the error code "E_AUTH_USERID_INUSE" with the link 'http://adeactivate.adobe.com/adept/addsignindirect" when I click onto hat link it opens an application that give me another error message and code that are as follows "Error getting license server communication problem E_ADEPT_HTTP_GET_NOT_SUPPORTED"
  I have been able to log into sever accounts and authorize them with different e-readers in the past but I have been getting the error for the past few days.
  Any help would be much appreciated. Thanks
  -Andrew

  Hello Jim
  I'd like to thank you for your help. I have looked into that a little more and apparently my device is authorized with my account it is the computer that is having problems authorizing. one of the accounts I tried authorizing it with was a brand new account that has never been used. do you have any suggestions on why that would be and how I could fix that?
  I was also wondering how many times can an account can be used to authorize a computer and or an e-reader?
  Also what do you / does adobe suggest for public terminals for patrents?
  Thanks again - Andrew

• Can't set Authorization header in http message

  Perhaps someone can help me with a problem I'm having. I want
  to set an Authorization header in an HTTP request. From the
  documentation, I can set the "headers" attribute in the HTTPService
  element or I can use a <mx:headers> subelement. It is looking
  for an object or array. I hoping to set the header to look like:
  Authorization: GoogleLogin auth=1234abcd....
  When I use an object, it does not show at all. When I use an
  array of a single string, it includes the zero index of the array
  in the header something like:
  0: Authorization: GoogleLogin....
  Has anybody added custom headers to Http requests before?
  What am I missing?
  --Danny

  Perform for "idUserInteractionLevels" with a Google Site search in this site: http://www15.ocn.ne.jp/~preopen/iddom/domCS-CS3.html. You will get all sorts of questions answered if you are looking for InDesign help with VBScript. One of best sites with InDesign objects clearly documented.
  Hope this helps.
  I created a whole VBScript that will import XML and generate a PDF document in a interactive mode invlking this script from a Web Service.
  PRabhu

• Analysis Authorization for nav Attr Issue

  Hello:
  I have a 0COMP_CODE as an attribute of 0SALSORG and it is marked as authorization relevant. i.e 0SALESORG_0COMP_CODE is authorization relevant.
  I created an analysis authorization Object ZCOMPCODE_1000 by adding following in it.
  InfoObject           Value
  0COMP_CODE  = 1000
  0SALESORG = *
  0SALESORG_0COMP_CODE = 1000
  0TCAACTVT = *
  0TCAIPROV - *
  0TCAKYFNM = *
  0TCAVALID = *
  Now I have a report on a cube which has 0SALESORG as char and also 0SALESORG as a variable on selection.
  When I run a query for sales org = 1000, I can see rsults as sales org 1000 is assigned to company code 1000.
  If I run report for sales org 2000, I should get not authorized message as 2000 is not assigned to company code 1000 and I only have a role assigned to me which has analysis authorization object ZCOMPCODE_1000. But Still I am getting report results.
  Please explain Why and How can I overcome this issue.
  Thanks

  First of all it is strange that we see two appearances of sales org.
  0SALESORG = *
  0SALESORG_0COMP_CODE = 1000
  Probably the star value overrides the setting in the second one.
  Besides did you create the variable in the query as authorization relevant or you will have problems there.

• Weird iTunes 10.6.3 missing album artwork issue

  I upgraded to iTunes 10.6.3 yesterday, and I had to restart my Mac for an unrelated issue. This afternoon, I noticed something really weird- all my "Documentary" movies that I purchased through iTunes Store have lost their artwork previews; meaning, if I click on "Movies" in the Library menu at left, then select the "Documentary" genre, and view the movies under "Grid" mode, none of the movies have any artwork along the left side next to the title. It has ONLY affected the "Documentary" movies, but none of my other genres. In fact, I created a separate sub-category for "Disney Documentaries", and those movies are missing the artwork in "Grid" view as well. If I view all Movies in "List" mode, all the movies have artwork EXCEPT the Documentaries.  Interestingly enough- if I select a Documentary movie and type "Cmd+I", then select the "Artwork" tab in the "Information" window. the artwork is still there, it just doesn't show in the "List" or "Grid" view.  How can I fix this? I am currently rebuilding the Spotlight Index, I've repaired permissions, and even done a verify/repair with Disk Utility, but nothing has worked so far. I've already checked the "Automatically Download Missing Album Artwork" under Preferences, but that didn't solve the problem either. The movies all play fine otherwise, but this little glitch is frustrating me. Please help!

  I have this issue.  Album artwork was totally fine before.  After this update, it is all messed up and even got messed up when transferred to my iphone.
  iTunes doesn't have the artwork anymore, but then iPhone has it but shows wrong artwork with wrong albums.
  Please fix!

• Authorization restriction for Goods issue against an Order

  Hello All,
  We have a situation wherein the user is able to issue goods using tcode MIGO by choosing Goods issue --> Others and mentioning an order number that belongs to another plant in the account assignment tab and issues a material which belongs another plant.
  For eg we have material A that has been created for plant 1. The user issues the material (movement type 261)and the account is assigned to an order which has been created for plant 2.
  I could not find any authorization object that restricts this.
  I checked the objects M_MSEG_BWA and M_MSEG_WWA and he has authorizations only for plant 1 and all movement types.
  Any pointers to restrict this access will be appreciated.
  Thanks & Regards,
  Subramaniam Iyer

  Hi,
  MIGO transaction by default restricted with Plant.  If you say that the user A is having access to only Plant 1 & 3, but not for 2, please check the below authorization objects does not have any manual objects inserted into the Role and restricted with the value only in organization field.
  M_MSEG_LGO
  M_MSEG_WMB
  M_MSEG_WWA
  M_MSEG_WWE
  This issue may occur because if the objects are maintained manually in the role.  If so, when you check in the organization field, it may not be showing the value which are manually added into the manual object.
  Also, please check the other roles are assigned to the user.  If any of the other roles assigned to the user having any of the above objects with * value, this may provide the user to do the Goods movement for any plant.
  To check the issue, please go to SUIM and check the user under "Roles by Complex Selection Criteria" and make sure that you are checking the objects for the particular user.  This should be able to identify whether the user is getting access from any other roles assigned to the user.
  Regards
  Anandm

• Authorization tag in  http header

  While making an end point call using the webservice control the authorization tag is getting added to the http header. This is causing 401 errors when going over SSL . We are adding the credentials as part of the SOAP header.
  Why / How is the Authorization Basic tag getting created? Also how can we eliminate it?
  ****************** tcpmon output shown below
  POST /DMIntegration/ContentService HTTP/1.1
  User-Agent: BEA WebLogic Server 10.3.0.0
  Content-Type: text/xml; charset=utf-8
  SOAPAction: ""
  Authorization: Basic U334567dGFsVXNlcjpQb3J0YW1234==
  Host: 10.157.44.155:7080
  Accept: text/html, image/gif, image/jpeg, */*; q=.2
  Connection: Keep-Alive
  Content-Length: 1834
  Thanks,
  - Shankar

  Hi,
  The Authorization group can be created as follows
  Transaction SE54 >Select 'Authorization Groups'>Create/Change-->New Entries.
  Now the authorization group created can be assigned to your table.
  Goto transaction 'SE56' and select authorization group radio button and create your authorization group.
  In general different users will be given different authorizations based on their role in the orgn.
  We create ROLES and assign the Authorization and TCODES for that role, so only that user can have access to those T Codes.
  USe SUIM and SU21 T codes for this.
  USE
  Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented.check Su22 and SU24u will get list of objects
  Hope clear to you.
  Regards,
  R.Brahmankar

• Python 2.5 / missing msvcp71.dll issue on Windows

  During a new DBXML installation I got stuck for a while installing the Python 2.5 bindings for DB XML 2.4.16 -- I kept getting a DLL import error when importing the dbxml module in the Python code. After a bit of troubleshooting I found that I was missing msvcp71.dll on the new Windows Server 2003 SP2 installation. Copying it over from the \windows\system32 folder of another of our servers (one that's currently running the same OS/Python/DB XML setup) to the system folder of the new server seems to have solved the problem.
  I haven't been able to find useful info on msvcp71.dll and this issue generally. I noticed that the new Windows server does have a msvcr71.dll in the system folder but I don't know if they're related. I'm just going with what worked for me. But I have two questions/suggestions:
  1. If there is a better approach than what I've done, please post it.
  2. The install.txt file in C:\Program Files\Oracle\Berkeley DB XML 2.4.16\python doesn't mention the msvcp71.dll dependency -- if others might encounter the problem I did, how about mentioning it there to save them some trouble?
  Tim

  Tim,
  msvcp71.dll is the runtime for the STL (standard template library) and is obviously required. Assuming you have installed the Windows Binaries, that file is supposed to be included in that distribution. What msvc* files can you see in the C:\Program Files\Oracle\Berkeley DB XML 2.4.16\bin directory (this is where it should be)?
  What you have done is safe but should not have been necessary if your PATH is correct and the library is installed.
  Regards,
  George