Bpf - package access rights

Dear Xperts,
i have created a bpf templete say bpf1 & created instance say my process.
there are 5 companies for consolidation,for specific user say user1 i have given right of comapny xyz only.
bpf runs correctly by showing only company xyz in bpf web main menu for user1.
problem is when i run a package,in criteria selection box requiring to select entity,time,category etc details for running package,it shows all 5 company in entity selection box. so user1 is in position to run package for other company for which it does not have right.
so can anyone tell me how to greyout entity selection box so that user1 can run only company xyz or is there any way i can set access rights while running package in criteria selection box.also i m working on nw 7.5 version
thanks
kashyap.

Dear Raju,
i have given secondry admin rights to user1 with bpf excution tasks .
i was able to allow access to this user only to one company by mentioning his domain name in owner property of entity dimension.
do i need to make any further changes?
thanks
kashyap.

Similar Messages

  • BPF Package Manager won't open in remote connection using Public IP address

    I have a problem to open BPF package manager.
    Im able to open bpf package manager in my server and to all local bpc users but on the remote connection (vpn/web) they couldn't open the bpf.
    Our server uses an private Ip address which is 10.1.25.81 (local LAN) but we also access BPC remotely using an
    Public IP address (202.129.238.46 or http://servername.example.com/osft ) using a configuration of IP Forwarding in our router.
    example:
    (LAN)
    User 1 on System 1 - does the BPF work?yes
    User 1 on System 2 - does the BPF work?yes
    User 2 on System 1 - does the BPF work?yes
    User 2 on System 2 - does the BPF work?yes
    (WAN/VPN)
    User 1 on System 1 - does the BPF work?no
    User 1 on System 2 - does the BPF work?no
    User 2 on System 1 - does the BPF work?no
    User 2 on System 2 - does the BPF work?no

    When you are performing installation of BPC or after if you are looking into Server Manager - Server Option you will see for application server, web server and reporting services server you have two fields where you can specify name for internal and nae Example for application server:
    Application  Server name: FQDN (or IP)
    External Application Name: FQDN (or IP)
    Normally we recommedn to use FQDN (Fully qualified DNS name)
    because if the DNS entry are set correct then you will be able to connect from internal and also from external without any problem.
    The system will provide every time the correct IP.
    In my opinion you used IP and the problem it is that internal the external IP is not recognized.
    Please verify the configuration and provide more information about the landscape.
    Only in this way we will be able to provide you the right sugestions to fix this issue.
    Kind Regards
    Sorin Radulescu

  • Access Rights

    I need two different access rights to a same user. One when he signs on to the application using forms and another when he sign on using SQL*PLUS. Is there a way to do this??

    One way we do is that, when launching the forms application, it first logs on as a dumb user login/login, that only has the rights of executing some stored functions in a package that return the name & password of a user that has all the needed privileges. After the making the calls to those functions, the form has the name & password of the user that will be used to logon and perform what's needed.
    You may say that this way one may easily find-out the name & password of that "priviledged user". Still, those functions are not returning "in clear" the name & password, but they have to be combined in a way one would not easily guess. Moreover, the "login" user has no other priviledges except executing the respective package, no selects, no other things at all.
    null

  • Accessing objects without access rights

    Hi,
    does anybody know if is possible to set object's attributes with no matter on its ACL?
    Describe of situation:
    I have an object SeqNum defining form of sequence number for instances of other objects. For example, documents of class Document can have automatically set attribute with sequence numbers "DOC001", "DOC002", "DOC003", etc. on their insert to iFS.
    Each SeqNum object have its ACL, by what I want to say that only admins can manage (change) definition of sequence numbers.
    SeqNum object has also an attribute, containing last used sequence number. The problem is that I need to increment (in background, with setAttribute method) this attribute every time some user inserts document with created sequence number. In order to do that, every SeqNum object must have Public ACL, else I get error message with insufficient access rights. Any idea to solve this?
    Thanks in advance
    Radek Zeman
    [email protected]

    >
    I get "table or view does not exist" error. Is there a way I can wirte refer to objects in this schema without having to indicate the owner. So instead of writing SCOT.EMPLOYEES I want to write just EMPLOYEES.
    >
    Create a public synonym for the object.
    CREATE PUBLIC SYNONYM EMP32 FOR SCOTT.EMP;Then you do not need to specify the schema.
    --- edited to add doc reference
    See CREATE SYNONYM in the SQL Language doc
    http://docs.oracle.com/cd/B28359_01/server.111/b28286/statements_7001.htm
    >
    CREATE SYNONYM Purpose
    Use the CREATE SYNONYM statement to create a synonym, which is an alternative name for a table, view, sequence, operator, procedure, stored function, package, materialized view, Java class schema object, user-defined object type, or another synonym. A synonym places a dependency on its target object and becomes invalid if the target object is changed or dropped.
    >
    Edited by: rp0428 on Apr 5, 2012 10:56 PM

  • "msvcr100.dll is missing" + "vc++2010 already installed" = "file access right issue" ?

    Hello,
    I just have a problem when starting a program in Win8, "msvcr100.dll is missing". This is not a fresh issue so I tried to download and install "VC++ 2010 redistributable package" to solve it. But when I execute the installer,
    it told me that I've already installed this (well actually yes, I've installed .NET framework4.5, Visual Studio2010 for C++...).
    So I suspect it's a problem of access right in Win8. I've just upgraded from win7 to win8 and I've experienced enough problem about "access right"...
    So can anyone tell me what to do? Thanks a lot!
    Léo

    Hi
    Firstly, please access to the path to check whether msvcr100.dll is there:C:\Windows\System32
    If not, please click the link below to download VC++ 2010:
    32Bit: Microsoft Visual C++ 2010 SP1 Redistributable Package (x86)
    http://www.microsoft.com/de-de/download/details.aspx?id=8328
    64Bit: Microsoft Visual C++ 2010 SP1 Redistributable Package (x64)
    http://www.microsoft.com/en-us/download/details.aspx?id=13523
    Roger Lu
    TechNet Community Support

  • BAM tab access rights

    Hi,
    I’m currently working on user access rights for tab groups in BAM.
    If the tabs within BAM each access different reports located in different directories, then by controlling the user access rights on those directories it is possible to control which tabs (ie. directories) the users will be able to view.
    However, in my design there is a single report with an input filter parameter. Each tab opens up the same report by applying a different input filter parameter. Instead of replicating the same report multiple times in separate directories for each of the 12 different input parameters, is there any way I can control access to the different tabs by different users?
    Any comments/suggestions would be greatly appreciated.
    Thanks in anticipation,
    Shiraz

    One way we do is that, when launching the forms application, it first logs on as a dumb user login/login, that only has the rights of executing some stored functions in a package that return the name & password of a user that has all the needed privileges. After the making the calls to those functions, the form has the name & password of the user that will be used to logon and perform what's needed.
    You may say that this way one may easily find-out the name & password of that "priviledged user". Still, those functions are not returning "in clear" the name & password, but they have to be combined in a way one would not easily guess. Moreover, the "login" user has no other priviledges except executing the respective package, no selects, no other things at all.
    null

  • Deployment Package vs Right-Click, Deploy directly from Software Update Groups?

    I'm not sure I understand the difference between collecting updates into a group and then just using right-click to create a deployment from within Software Update Groups?
    One thing I did notice this morning, is that if I want to distribute that content to other DPS, I have to create deployment package first? Are there other reasons for not simply deploying from within Software Update Groups?
    Thank-you

    Update Groups *group* updates together. That's it, they have no additional functionality.
    Updates can be deployed individually or as groups (in the form of Update Groups) -- it would be pretty painful to manually deploy every update individually so that's why there are update groups.
    Update Packages (I don't like calling them deployment packages even though that's what they're labeled as in the console because they have nothing to do with deployments) make update binaries available to the clients.
    Update Groups have nothing to do with Update Packages. Update Groups contain references to updates, update packages contain binaries. Deploying an update or update group assigns those updates to the client within the collection specified. Clients that have
    an update assigned that is also applicable will download the binary for the update from any available update package and install it.
    You create an update package by right-clicking on an update or update group and choosing download. The wizard offers you a choice between using an existing package or creating a new one. You cannot directly create on.
    Secondary sites have nothing to do with this process whatsoever. Clients are clients are clients regardless of where they are located. As long as they are within t he collection targeted by the deployment and they have access to the assigned update binaries
    in an update package, they will download and install the updates properly.
    Jason | http://blog.configmgrftw.com | @jasonsandys

  • Package access helper in htc

    package access helper is draining my batter in HTC for second time...magically fixed itself after 3 weeks of draining battery in 3 hours.  now doing it again.  nobody seems to know how to fix it...verizon store and htc clueless.  any thoughts?  (yes popped battery out, yes did factory reset, yes bought new battery...none of these are the issue)

        eric97229,
    I definitely understand you need your batter to last longer than what it is right now, let's work on this! Use http://vz.to/1pGkBsA to determine if it's working as it should. Was the factory reset performed without Automatic Restore, meaning your phone is as new(content-wise)?
    AdaS_VZW
    Follow us on Twitter at @VZWSupport 

  • How to retrieve access rights for an user/usergroup ?

    Hello everybody.
    I'm working on BO XI 3.1. And I have to develop with the .NET SDK package an application that retrieves the following data :
    - the access rights to WEBI application and properties for each user/user group.
    - the access rights to each folder and properties for each user/user group.
    etc
    The idea is to retrieve for an user/usergroup the access right on each property of WEBI application and softwares. and same thing for folders....
    I'm looking at the .NET SDK package contents but it takes me a lot of time, even too compared to my deadlines. So I'm looking for help.
    Does anyone have an idea about class of objects, properties and methods to use ?
    Thank you in advance for your help.

    Thanks for these samples.
    The list of user and usergroups is very interesting to audit CMC but my need is different : for example, I'm looking a method to retrieve the level access (full control, no access, ...) of an usergoup on each webi's property. The reason ? To know for example which usergroups have fullcontrol access on the right name "edit SQL" ?
    I think it's hard to retrieve but very interesting to audit CMC...

  • How do I fix an access rights error when launching Image Processor in Adobe Bridge CC?

    Often when I am working on files and want to batch process Jpegs for clients I get an error message from Image Processor.  It will state "I am unable to create a file in this folder.  Please check your access rights to this location ...."
    I have cleared cache and up'd my history levels.  I checked to make sure the files were not locked and read/write was enabled.  I am not sure why this error keeps occurring.  I am using Adobe Photoshop CC 2014 (2014.2.2 release) with Adobe Bridge CC (6.1.0.115)

    It's an endless circle.
    See if these instructions help: iTunes repeatedly prompts to authorize computer to play iTunes Store purchases

  • How to define a new user in Enterprise manager with Specific access rights?

    Hi,
    I want to create a new user in OEMS 11g who should be able to access only the scheduler jobs section.
    How can this be acheived?

    You can create new administrators via the Setup --> Administrators page
    You can grant certain access rights to targets, you can not however grant priv to only access the job system
    Take a look at http://download.oracle.com/docs/cd/E11857_01/em.111/e14586/security3.htm#sthref235
    Regards
    Rob
    http://oemgc.wordpress.com

  • You do not have sufficient access rights, pls help

    Hi folks,
    I'm getting the "You do not have sufficient access rights" error accessing the Identity System Console. The same admin account can access User/Group/Org Manager screen, however, for some reasons user and group searches return no results. This is the second OIS install against the same ldap dir (ovd to sun 6.3), so I had to specify Id server was not the first one to avoid profile conflict with oblix DBAgents. The admin user had been selected during prev install, and exists under o=Oblix in both cn=Web Masters and cn=Directory Administrators.
    I have LDAPMaxNoOfRetries set to the number of dir servers +1 in all globalparams.xml on OIS. I also can modify ldap dir via both ldapmodify and ldap browser binding to OVD as same user. Turning the TRACE on didn't showed any errors except for the following:
    DB_RUNTIME WARNING 0x00000504 ldap_config_db.cpp:187 "Exception during DB runtime code" function^LDAPConfigDB::Open() status^17
    DB_RUNTIME WARNING 0x00000504 ldap_config_db.cpp:355 "Exception during DB runtime code" function^LDAPConfigDB::ReadOblixDBConfig()status^17
    SCHEDULER_FRAMEWORK ERROR 0x00000501 ../obschedulerthread.cpp:316 "ObError exception caught" ObScheduledTaskLiaison::LoadTasks^ObWFScheduledTaskLiaison
    PPP INFO 0x000008C7 obeventcatalog.cpp:183
    Cannot find the action
    function^ObEventCatalog::GetActionEntry2Modify()
    actionName^front_page_admin_klogin_post
    APP_BASE WARNING 0x00000833 oblixbasecommon2.cpp:1235
    Login failed
    Error^You do not have sufficient access rights
    numLoginFailures^1
    There's nothing in the ldap logs either. The only warning I get per that user is in the ovd log:
    DoSManager: Found unbound connection from active ip addresses
    DoSManager: Found unbound connection from active users
    The Oracle Support is clueless, please help.
    Thank you, Roman

    Hi Vinod,
    Thanks for the post. OK, if I got it right, I have two entries under obcontainerId=DBAgents for each of my primary Id servers. For the one I currently use, I have this towards the bottom:
    obname=oblixConfig-OIS_mdi-oamlx-3
    obname=default-OIS_mdi-oamlx-3
    Both entries have obdbusedby set to OIS_mdi-oamlx-3 which is my OIS id. The obsearchbasestr is different: o=Oblix,o=paychex inc for the oblixConfig, and o=paychex inc,c=us for the default one. Is that's the way it should be?
    Thanks Roman
    P.S: I've noticed I get same error accessing My profile under User Manager.

  • Can not access CRM from outside the office network - Access denied You do not have sufficient access rights or privileges to perform this action.

    Hi,
    I can not access CRM from outside the office network - Access denied You do not have sufficient access rights or privileges to perform this action.  I can access CRM with same user id and password from our office inside the network.  I can get
    the page to give login details once I have login details I got below error. Please help me to solve this issue.  It was working before.
    Access denied You do not have sufficient access rights or privileges to perform this action. 
    Regards,
    Noushad
    [email protected]

    On Premise system Configured with AD FS server for claims-based authentication you need to update your host file with server url to access it from outside office network.
    Refer
    this on how to update host file.
    Regards, Saad

  • Oracle access manager: "You do not have sufficient access rights."

    Hi gurus,
    I'm doing self training on OAM, following an exercise I installed OAM and
    created a couple of Master Admins.
    Everything seams to work except the fact that this admins are not allowed
    to create users/orgs/groups and get the message "You do not have sufficient access rights".
    I may have missed something during the setup, however the question is: how can I recover this situation? How I can give more privileges to those admins?
    I tried to create a policy in directory server, without success.
    Please, help.
    Thank you very much.

    You will need to create a create user Workflow.
    Out of the box OAM does not know which attibutes to create for your user.
    Use the quickstart tool as follows
    http://download-west.oracle.com/docs/cd/B28196_01/idmanage.1014/b25343/workflow.htm#sthref961

  • OAM- "You do not have sufficient access rights" message with Master Admin

    Customer has configured the OAM system to have both the primary and the secondary side for failover purposes. The back end directory server on both systems are in sync. The primary side of the systems works well as far as this issue is concerned.
    On the secondary side, if you login with the MASTER administrator of the system and click 'Identity System Console' or click any of the configurations under the Configurations in the User Manager, you get the error message saying "You do not have sufficient access rights". However, if they navigate to the Access system on the same browser and access the "Access System Console", and then navigate back to the Identity system, the Master Administrative rights are granted and now have a full access to the system.
    We tried following things to resolve the issue, but could not resolve it:
    1) Tried deleting 'cookieencryptionkey' which is found under "obcontainerid=encryptionkey,o=oblix" and restarted both the Identity Servers.
    2) Confirmed that the OAM administrator is present in cn=Web Masters,o=Oblix,<> and cn=Directory Administrators,o=Oblix,<> from the LDAP.
    3) Under the apps=PSC node, checked the Advance Properties for the 'obuniquememberStr' attribute:
    - Master Web Resource Admins (cn=master web resource admins, obapp=PSC, o=oblix, ...)
    Made sure that the values for the 'obuniquememberStr' attribute has the correct value there.
    4) Reconfigured the Secondary Identity Server.
    None of the above really helped to resolve the issue.
    Could anybody please help here to get rid of this issue.
    -Amol

    Hi Vinod,
    Here is the customer's response to your above 2 questions:
    1. We have 4 Directory server profiles for Identity servers; one for user data and one for configuration data for each server.
    I have at least reduced them to two and used only the ones initially used by the primary identity server as our user and configuration data do not reside together. User data is consumed via OVD.
    However, this does not seem to have any effect on the current behavior.
    2. All components except for the access server are on 10.1.4.2 and the access server is on 10.1.4.1
    Also below are the errors from the oblogs:
    dentity Server log
    =============
    2008/03/19@10:04:16.508530 4332 262160 PPP INFO 0x000008C7 obeventcatalog.cpp:183 "Cannot find the action" function^ObEventCatalog::GetActionEntry2Modify() actionName^ENCRYPTION_cookieEncryptionKey
    Access Server Log
    =============
    2008/03/19@10:03:56.329959 13608 1687633 CONNECTIVITY DEBUG3 0x00000201 /usr/abuild/Oblix/1014lwhf/palantir/netlib/src/obmessagechannel.cpp:601 "Received " ipaddr^10.217.209.81 ipport^1853 seqno^12 opcode^1 opcodeStr^IsResrcOpProtected Message^ro=t%253d0%2520o%253d%2520no%253d%2520r%253d%2520nr%253d%2520wu%253d/identity/oblix/apps/admin/bin/frontpage_admin.cgi%2520wh%253d10.217.209.81%2520wo%253d1%2520wa%253d0%2520ws%253d st=ma%253d2%2520mi%253d2%2520sg%253d0%2520sm%253d version=3 pd=
    2008/03/19@10:03:56.340433 3099 802864 AUTHENTICATION DEBUG2 0x00000201 /usr/abuild/Oblix/1014lwhf/palantir/aaa_server/src/aaa_service_server.cpp:2779 "Authorization successful"
    Webgate Log
    ==========
    2008/03/19@10:04:05.661000 5796 4516 HTTP_REQ DEBUG3 0x00000201 \Oblix\coreid1014\palantir\webgate2\src\isprotected.cpp:185 "Resource is protected" ResourceOperation^GET ResourceType^http Resource^//10.217.209.81/identity/oblix/apps/admin/bin/front_page_admin.cgi authnSchemeName^Oracle Access and Identity Basic Over LDAP
    2008/03/19@10:04:14.661000 5796 4516 LDAP DEBUG3 0x00000201 \Oblix\coreid1014\np_common\db\ldap\util\ldap_util2.cpp:537 "MLK-Memory leak for LDAP error information. This will show up as memory leak in LDAP SDK calls." key^25
    2008/03/19@10:04:14.661000 5796 4516 LDAP DEBUG3 0x00000201 \Oblix\coreid1014\np_common\db\ldap\util\ldap_util2.cpp:537 "MLK-Memory leak for LDAP error information. This will show up as memory leak in LDAP SDK calls." key^25
    2008/03/19@10:05:54.552000 5796 5256 CONFIG DEBUG2 0x00000201 \Oblix\coreid1014\palantir\access_api\src\obconfig.cpp:865 "Client configuration not updated"
    2008/03/19@10:05:54.552000 5796 5256 CONFIG INFO 0x0000182D \Oblix\coreid1014\palantir\access_api\src\obconfig.cpp:866 "The Access Server has returned a fatal error with no detailed information." raw_code^302
    I checked the OVD logs but did not find any error in it. Customer also tried to unprotect the /identity and /access URLs but the issue persist.
    Also I do not feel this as a bug, because this environment was working quite for few months without any such issues, also there were no changes made on the OVD/AD configurations. However, the server that hosts the OVD/AD was shut down and when it was restarted, we started experiencing this issue.

Maybe you are looking for