Block users from dba access

Similar Messages

• Block users from downloading from internet

  I'm curious as to what everyone is using to block users from downloading certain file types (.exe, msi, zip, bat, etc) from the internet? We had websense, now barracuda for a web filter but have major issues with filtering downloads from the internet. The main issues is filtering SSL sites.

  Hello,
  The WSA has a feature called Object Filtering which allows admin's to configure access policy parameters to block certain file types from being downloaded through the WSA. To apply the same settings to HTTPS requests the WSA would need to decrypt the request.
  I Hope this helps.
  Best Regards,
  Michael Hautekeete
  Customer Support Engineer
  Cisco Content Security - Web Security Appliance
  http://www.cisco.com/en/US/products/ps11169/serv_group_home.html
  https://supportforums.cisco.com/community/netpro/security/web
  https://supportforums.cisco.com/community/feeds?community=2091

• Securing data from dba access , like Credit Card Details

  Hello ,
  is there any way of hiding CC details from all users in db level except specifc users
  enrypting cc data like oracle hashed passwords
  for ex,
  case (1)
  user 1 ( has access to these details )
  select acc#,customer_name from cc_details
  output : it will show all the details decrypted
  case (2)
  user 2 : ( doesnt have access )
  select acc#,customer_name from cc_details
  output : it will show all the details encrypted
  both in db level , like using sqlplus or toad
  any idea!
  thanks and regards,

  Hi, Peter,
  You wrote:
  Can you please document the problems you mention for Patch Sets/ CPU?
  What are the vulnerabilities? Search Alex's Web site but didn't find anything in regards to >DBVault.I've told about these
  http://dms.aladdin.ru/file.php?id=d7eb03f7f47ec3c68f4b1f1fe3317119
  http://dms.aladdin.ru/file.php?id=88cf1d7a962eddf7e57e2447d1e5b207
  and may be this
  http://dms.aladdin.ru/file.php?id=232eb8ed58d04295bb3920dbe805358d
  (Note: The link will be valid until 26 Jun 2008 GMT).
  In reg's to reading data from datafile, that's where TDE comes into the picture; then no-one can read from data file directly.
  There is no user who owns TDE; TDE is enabled on a database-wide level. So the >normal data owner (who is the only who should have full access to his own data with >DBVault) can use TDE to encrypt; no extra privileges needed.I’ve told about the user who is the owner of the database wallet (usually SYS). He can temporary disable encryption, takes the data, then restore encryption.
  DBVault and TDE should be the perfect match for 'securing data from dba access , like >Credit Card Details'In other words we have yet another administrator (DV owner) instead of the good old SYS :)
  And I have a question: in case the protection with DV of some tables was made from the SYS, can he make (in example) full backup or full export of the data (his ordinary administrative tasks)? If yes, then it isn't protection, if no, then...what?
  The solution is somewhere else, I think

• Blocking Users from Posting

  Hi,
  We are auditing this company and we noted that there are three dormant company codes. They became dormant because these companies were already dissolved and liquidated. Currently. these three are set to non-productive.
  My question is: Is there a way to block users, who have access to all company codes, from posting to these company codes? I was hoping maybe there is some configuration that will prevent the users from posting any transaction to these company codes. We don't want to clean up the roles since this is a big exercise.
  Appreciate if you can help me on this matter.
  Thanks in advance.

  Post it in Netweaver--- security forum.
  For your question..I think it can be done through configuration...If there is no existing company code..how can they post?

• Block Websites from being accessed

  Is there a way to block websites from being accessed on the network through AEBS?

  Are you acquanted with using the Terminal?
  Not too many are, so, some solutions:
  If you make the specific user a username on the computer, you can block websites in the Parental Controls section in the Accounts preference pane.
  http://www.apple.com/macosx/features/family/
  Also, hosts can be blocked on a one-by-one basis by adding them to the /etc/hosts file, with an IP address of 0.0.0.0. If you're not familiar with the terminal then I don't recommend this route
  http://www.dreamlight.com/insights/bugs/Apple/lookupd.html#adsonar
  And then there's this:
  http://www.freeverse.com/apps/app/?id=5003
  And last"
  ProCon Latte for Firefox:
  https://addons.mozilla.org/en-US/firefox/addon/1803

• Blocking users from syncing calendars and contacts from itunes

  Is there a way to block users from syncing the corporate GAL and their Outlook calendars from their company computer?

  Thanks for the answer Simon. That seems simple enough but there are some things which aren't clear.
  If I create accounts on the server for the users independently (ie not ownership of the home folder) they're going to have different UID's. Surely this means that even with the same account name and password, they're going to be treated as unique users. Does that not affect who has write access? I don't know how the Calendar and Contact servers work so this may be irrelevant.
  How do you "have the server host their calendar and contact details"? Copying the files for the existing local users to the new users on the server will leave them with invalid permissions.
  I have read that using the Calendar and Contact components of Server.app is not a supported way of syncing across machines and that they're intended to be used for shared information rather than syncing. But maybe there is no way to avoid an "unsupported method" without moving the home folder. Is this a method you're using?
  I'll do a bit of testing with this but would also be grateful for any additional hints.

• How to Block user from Sending IM or Hide Presence of there user who is not in his department

  Hi All,
  How to Block user from Sending IM or Hide Presence of there user who is not in his department.
  Thank you

  Hi Jp,
  Method 1:
  You can use the Enhanced Privacy Mode in Lync 2013
  <section class="ocpSection">
  Enable Privacy Mode
  By default, everyone except Blocked Contacts can see your presence status. To modify the privacy settings, you can do the following:
  In the Lync main window, click the Options button.
  In the Lync - Options dialog box, click Status, and then do one of the following:
  Click I want everyone to be able to see my presence regardless of system settings (override default settings).
  Click I want the system administrator to decide - currently everyone can see my presence but this could change in the future.
  </section>
  About Enhanced Privacy Mode
  If your organization has enabled Enhanced Privacy Mode in Lync, you can choose whether to limit visibility of your presence information to only those people you’ve added to your Contacts list. You do that by selecting one of the following on the
  Options->Status window:
  I want everyone to be able to see my presence
  I only want people in my Contacts list to see my presence
  Method 2:
  Using Privacy Relationship, you can block a particular user by adding him to blocked contacts
  Anil Kumar (MCITP)
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

• Block user from copying media files

  how to block user from saving certain files like Avi,mP3 , ... to their computers by GPO ?
  it is possible?

  I do not think that you can go that by GPOs. However, this is feasible on File servers: http://www.petri.co.il/forums/showthread.php?t=45225
  You might think about creating scheduled tasks that will run periodically and remove files with these extensions from the user profiles (...).
  For GPO questions, please consider asking them here: http://social.technet.microsoft.com/Forums/windowsserver/en-US/home?forum=winserverGP&filter=alltypes&sort=lastpostdesc
  This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
  Get Active Directory User Last Logon
  Create an Active Directory test domain similar to the production one
  Management of test accounts in an Active Directory production domain - Part I
  Management of test accounts in an Active Directory production domain - Part II
  Management of test accounts in an Active Directory production domain - Part III
  Reset Active Directory user password

• How can l block users from backing dating transactions

  1. How can l block users from back dating transactions in SAP B1. It was discovered that, in production dept there is this allowance given to them to keep producing for the previous month in the new month; this according to line staff is to enable them meet up their monthly target, after a meeting with the management it was resolved to block that right of backdation of enteries. how can l  correct  this.
  2. How can l change the decimal places backward in the general settings of administration of SAP B1( iniatially it was set to be 5 under Quantity now want to correct it to 3 how do l go about this).
  Joel

  Joel,
  By forum rule, one question for one thread.  I will answer you the second:  If you are using 2007 version, the option to decrease decimal place is not available.  Check this thread to know more:
  Re: REDUCE NUMBER OF DECIMAL PLACES
  Also note: this forum is just for B1 system administration.  Please post it on the main forum.
  Thanks,
  Gordon

• How to revoke a user from having access to a table

  Hi,
  what is the syntax to revoke a user from having access to a certain table ??
  I want to revoke SELECT, UPDATE, INSERT, and DELETE ?
  thanks,

  Hi,
  Try this:
  revoke select, update, delete, insert on your_table from some_user;You can find more info at the docs:
  http://download.oracle.com/docs/cd/E11882_01/server.112/e10592/statements_9020.htm

• Block users from retrieving during manual calculation

  Hi Everyone,
  I am wondering if anyone knows how to block users from retrieving or pulling in Essbase while a calculation is running manually in EAS. We have a currency conversion calculation that manipulates the data for several minutes. Users who pull the data see erroneous data for some time and it becomes an issue.
  Thanks,
  Mark

  You would have to log them out, then disable connects while you run your script. You could execute maxl commands from EAS.

• Blocking Users from Commenting

  Is there a way to block users from posting comments on a blog? We have generic accounts for a labs and our students have figured out that they can login using the generic account and post a comment. Then another user can login sing the same generic account and read the comment even if it is not been moderated. They are using it like a chat system.
  Simply put can we create a "blacklist" of users for the service which would prevent the students from posting as a user. They would still post as anonymous users.

  Hi Vittal,
  use the user-exit described in note: 808971 (RSWUWFML2).
  If you had several users changing dynamically I would create a z_ table for those users and select all in the exit.
  The other way would be to allocate to the users a dummy email adress...but this is surely not so great.
  Regards
  Tibor

• Blocking User from accessing wrong customer code in VA01

  Hi SAP SD GURU,
  my finance user uses rebate recipent in sales order creation for rebate settlement.
  my operation user uses one-time customer code in sales order for sales.
  Both type of customer codes can be used in sales order creation under different order type.
  The problem arises when operation staff uses rebate recipent code to create sales order and then billing.
  My finance User want this to stop.
  How can I block the operation User from continuing the sales entry when they select the rebate recipent in a sales order entry?
  Is there any available setting in the customer master that allow me to do so?
  Is there any setting in the SPRO that can control this?

  Hi Colin,
  Well you need to control these through the user profile & roles
  you can do this in SU01 which a Basis person can help you out with .....
  now as said User X wants authorisation to va01  ( Rebate)
                    User Y wants Authorisation to va01 ( One time)
  since here we are not restricting any user for VA01 auth , the Basis person can define the role only till the transaction level not beyond that in standard SAP transaction and here you want to restrict user to not use different customer code
  as per my knowledge i dont think that is possible but still have a check with the Basis team
  Hope this helps
  Cheers

• Block users from tcodes

  Hi experts,
  i want to block a few users from ME9F tcode.
  whats the procedure for that? i am getting many posts related to this but nothingwhcih says. the steps u shouls go about.
  i want to know how to completly do this. even if we hav to craete auth obj..activities, roles, assign roles..
  please breif me abt this.
  please let me know how i should block a user from a tcode.-- complete steps..
  Thanks
  Kavana

  1. Identify which roles give the users access to ME9F
  2. Remove the roles from the users
  or
  3. Remove the transactions from the roles using PFCG
  or
  4. Read some of the huge collection of basic security material out there and decide which approach is suitable.
  The forum is not a substitute for basic training and if it is important then it is important enough for your company to train you in this area.

• BB10 cant block apps from internet access in Application Permissions?

  I have a Q10. BB 10.1 OS.
  It appears I cant prevent third party apps from gaining access to the internet among other settings under the Securities/Application Permissions. This is in huge contrast to my 9700 where I can very specifically dictate what program has access to, whether that be Wifi, Data, Bluetooth etc.
  Is there another way to do this or is this OS not complete yet and these functions will be included back in future iterations? Or is my OS a dated version?
  This is problematic for me. Seems this problem presents as both a security issue in cases where the third party app has mal-intensions, as well as being a data leech should the program constantly utilize data unbeknownst to the user.
  Internet is just one thing. What about the camera, mic etc? How do we know ID thieves are not making BB10 disguised as something useful so they can data mine the users and send all of their personal information back to them via unfettered internet access, mic access, camera access, GPS location access (hence know home + work addresses) and then perform criminal activities using your data?
  Im shocked. I thought Blackberry is supposed to be better in the security department compared to Apple. THis is what I expected from Apple and Android. Or is this the new thing? All third party apps purposefully get internet access whether the user agrees or not?

  Great question. Unfortunately I don't have an answer, but can comment that these preloaded apps are using MB from my datapak that I paid money to have for MY personal use! Not theirs! I believe it's theft when they use what we pay for. Time to check legalities in my opinion.