Check Delegated user permission with AD Domain and OU levels

Similar Messages

• I am experiencing wireless connection problem on 4s after ios 8.1 upgrade. The wireless icon appears showing that it's connected but webpages do not load. I have checked my internet connection with other devices and seems to be alright. what to do?

  Hi
  I am experiencing wireless connection problem on 4s after ios 8.1 upgrade. The wireless icon appears showing that it's connected but webpages do not load. I have checked my internet connection with other devices and seems to be alright. what to do?
  I have tried reseting the network settings and forgetting my wireless connection and re-connecting to it. I even backed up my phone on itunes and restored it, factory reseted it. Nothing seems to work.
  Also after my upgrade to ios 8.1 my personal hotspot option under cellular data has disappeared.
  Would you please help me out? I would really appreciate it.

  Hi..
  Restart your router then restart the iPhone to test.
  If that doesn't help, try this support article >   iOS: Troubleshooting Wi-Fi networks and connections

• I have three users each with PC/Mac and iPods, how do I overcome the '5 user limit'?

  I have three users each with PC/Mac and iPods, how do I overcome the '5 user limit'? If I create a new acct, will it blow out the library on the iPod?
  thx

  You don't.  5 is the limit of COMPUTERS that can be authorized to a single itunes account.  Ipods/iphones/ipad/Apple Tvs do NOT count toward the 5.

• Can we use applets as user interfaces with sockets, RMI and J2EE

  Dear Sir or Madam,
  Since I am a TA for software architecture class, some one ask me the following question: I think the answer is "No" based on the document on http://java.sun.com/sfaq/
  How I answer the quesions? Looking forward your help!!!
  1.You may have 2 applets and 2 html files. One applet with one html file may stay at a client PC and run on this PC, and the other applet with the other html file may stay at a server PC and run on this PC. In this case, all the applets are run locally.
  2.Could applets works with sockets, RMI and J2EE?
  3.Can we use applets as user interfaces with sockets, RMI and J2EE?
  Thank you very much!
  Best regards,
  Jing

  The scenario you paint doesn't quite make sense. The "server PC" wouldn't be running an applet, normally, since applets are by definition in a web browser page, and most likely involve user interaction, and "server processes" generally are done without user interaction.
  The security rules around applets are that -- by default -- applets can connect with sockets ONLY to the server from whence the applet was loaded. RMI uses sockets (J2EE is too broad a spec) and hence RMI calls would also be limited to the server from whence the applet was loaded. Within that limitation, an applet could open all the sockets it wants, so long as they are all on the server from whence the applet was loaded.
  If you want two applets on two different systems to communicate with each other, the simplest way is to have them rendevous through a server process on the server(s) from whence each applet was loaded. Maybe it's PC-a <-> server-a <-> server-b <-> PC-b ...? Or maybe PC-a and PC-b both are talking to the same server.
  The limitation is rooted in the security subsystem. You can specify a policy file and override anything in the security subsystem. That does mean signing the applet and then cajoling the user into agreeing to grant greater levels of security than the default. In such a case you can open sockets more broadly and then PC-a could talk directly to PC-b without going through any servers.
  - David

• Want to create a user field with type alphanmumeric and structure text through coding

  i want to create a user field with type alphanumeric and structure text through coding.am using vb
  plz help me

  Hi.
  Please take a look at samples in SAP B1 SDK.
  Dim oUserFieldsMD As SAPbobsCOM.UserFieldsMD
  oUserFieldsMD = oCompany.GetBusinessObject(SAPbobsCOM.BoObjectTypes.oUserFields)
  ' Adding "Name" field
  '// Setting the Field's properties
  oUserFieldsMD.TableName = #YOUR_TABLE_NAME#
  oUserFieldsMD.Name = "Name"
  oUserFieldsMD.Description = "Name"
  oUserFieldsMD.Type = SAPbobsCOM.BoFieldTypes.db_Alpha
  oUserFieldsMD.EditSize = #LENGTH_OF_FIELD#
  '// Adding the Field to the Table
  lRetCode = oUserFieldsMD.Add
  GC.Collect() 'Release the handle to the User Fields
  Hope it helps.
  Regards,
  Pawel

• Credentials needed to raise domain and forest level from 2003 to 2012 R2.

  I migrated our environment from a single DC server 2003 to a single DC server 2012 R2.  I followed the migration process that is documented by Microsoft and others.
  However, I forgot to assign my account Enterprise Admin and Schema Admin before raising the domain and forest levels from 2003 to 2012 R2.  My account did have domain admin.  The GUI interface did not complain when I raised the level of the domain
  and then the forest.
  So I am thinking everything is OK.
  My question is am I going to have problems down the road with the AD environment?
  Thanks for any help or opinions.

  Using snapshot for a domain controller is not recommended, as usn rollback can occur. Allthough in server 2012 using snapshot for dc's has been improved and made 'safer', but I wouldnt use it as a backup solution.
  But back to your problem, Beaulieu, is it a single domain/single forest design? And the issue is that you have no membership in schema- and enterprise admins, but you do have an domain admin?
  Best Regards,
  Jesper Vindum, Denmark
  Systems Administrator
  Help the forum: Monitor(alert) your threads and vote helpful replies or mark them as answer, if it helps solving your problem.

• How to enable BPEL loggers at domain and system level ?

  As far as I know there are two kind of BPEL loggers
  - at domain and
  - system level
  Where EXACTLY can I enable/disable them resp. set them to e.g. DEBUG mode?
  Peter

  Apart from the posts mentioned above, please note that log4j-config.xml is the files that has these logging entries.
  For domain level : SOA_ORACLE_HOME\bpel\domains\default\config\log4j-config.xml
  For system level : SOA_ORACLE_HOME\bpel\system\config\log4j-config.xml
  You set these loggers on domain level or system level depending on the information you are interested to see, so set that particular logger.

• Delegated User Admin with only UNLOCK USER Permission.

  Hi
  i need to create a Delegated User Adminwho will have only UNLOCK USER Action Permission in the Portal UME.
  I tried the UME Action UME.Manage_User_Passwords
  but it contains LOCK Permission also.
  Is there any action to acheive this ?
  Regards
  Rajendra

  Rajendrakumar,
  You are correct! The option provided by me is not applicable for EP 7.0.
  Still you have options to implement the required functionalities:
  You can implement the portal component or Webdynpro application for unlocking users. Use UME API for this.
  or
  Try to Export the unlock user component from a EP 6.0 Environment and import it into EP 7.0.
  Ram

• Use old domain controller AD user profile with new domain (profile changed)

  Dear All,
  I have built Win Server 2012 for Domain migration from Windows Server 2003 to Windows Server 2012. I have tested all thing on VMware including user creation and tested Domain join using power shell for Win 7 and .VBs batch file for Win XP computers all thing
  are working fine.
  Let 1st I introduce my current environment. I have existing Win Server 2003 domain controller (abc.com) with 130 client computers and 200 users I am going to plan migrate my current environment to Win server 2012 Domain (xyz.com) Keep in mind that Domain
  name is changed but Domain Controller (Server) names are same i.e MY-PDC . I have tested domain join on multiple computers using existing clone of client computers and create all existing users using .csv file and power shell with required
  credentials and OU.I am facing the user profile issue when I join domain and login with existing user which was previously the user of same computer the required profile does not login and computer creates new user profile in Document and Settings section
  of Win XP.
  I need your expert opinions because copy old profile data and create new outlook profile for each user is a big headache for any one. Hope you people can understand and help me in this issue.
  Please provide best answer and result on priority I will be thankful to all of you.
  Regards,
  Arsalan

  Hi Arsalan,
  Please check if USMT can help you to achieve this target.
  User State Migration Tool 4.0 User's
  Guide
  Meanwhile, please also refer to following articles and check if can help you.
  How
  to Migrate Windows User Profile to New Account
  Keeping user old domain profile
  Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft
  does not guarantee the accuracy of this information.
  If anything I misunderstand or any update, please don’t hesitate to let us know.
  Hope this helps.
  Best regards,
  Justin Gu

• Problem with logical domain and boot net

  Trying to install a new domain on a T2000. Able to get to "Configuring devices" but then it just sits and twirls... What have I configured wrong in the domain creation?
  I have:
  {0} ok show-devs
  /cpu@7
  /cpu@6
  /cpu@5
  /cpu@4
  /cpu@3
  /cpu@2
  /cpu@1
  /cpu@0
  /virtual-devices@100
  /virtual-memory
  /memory@m0,8000000
  /aliases
  /options
  /openprom
  /chosen
  /packages
  -virtual-devices@100/channel-devices@200
  \virtual-devices@100/console@1
  /virtual-devices@100/ncp@4
  /virtual-devices@100/channel-devices@200/disk@0
  /virtual-devices@100/channel-devices@200/network@0
  /openprom/client-services
  /packages/obp-tftp
  /packages/kbd-translator
  /packages/SUNW,asr
  /packages/dropins
  /packages/terminal-emulator
  /packages/disk-label
  /packages/deblocker
  /packages/SUNW,builtin-drivers
  |0} ok show-disks
  /) /virtual-devices@100/channel-devices@200/disk@0

  There are a number of issues with network booting in LDOM 1.0.2, I think they affect all versions of the LDOM software though. If you add a vnet to a guest domain and then try and jumpstart a guest domain from time to time immediately after the guest domain does the RARP request it hangs. Just sending a break to the guest domain, going back to the ok prompt and starting the boot net - install again generally fixes it.
  Also there are some gotcha's with LDOM's that affect jumpstart.
  1) If you chose option a) harden the OS using JASS when doing the installation of the LDOM software and you have the jumpstart server on the control domain then it isn't going to work. JASS turns off things like rpcbind which will prevent jumpstart from working. The same problem affects network booting. You would think that running a jass-execute -u to undo the hardening of the o/s in the control domain would work but it doesn't and you have to start over with a fresh solaris image for the control domain. This only applies if you have your jumpstart server on your control domain.
  2) Since jumpstart relies on the MAC of the client to function and since with LDOM's the MAC is dynamically assigned from a pool of address's you can end up with the wrong entry in /etc/ethers on your jumpstart server. That is worth checking.
  3) Since the MAC of the virtual network device isn't the same as the MAC shown when you run banner at the ok prompt in the guest domain you can end up with the wrong entry in /etc/ethers. Either do a boot net (vnet1 whatever) and then make a note of the MAC its broadcasting or do an ldm list-bindings domainname for the guest you want to network boot and copy and paste the MAC of the virtual network you are going to be booting from.
  All the regular gotcha's with net boot and jumpstart still apply with LDOM's but so do all the usual fixes. Use of snoop will allow you do debug most problems. Also using show-nets at the ok prompt in the guest domain and make sure that you have the right number of virtual networks.
  Paul.

• Verity Error - Not letting user search with words NOT,AND,OR, etc. Why??

  I've meticulously created collections of the music on my ecommerce music site.  I am manually stripping off offending characters in the submitted search criteria with this code:
  Trim(REReplaceNoCase(URLDecode(URL.searchcriteria),"[()<>##""'@]"," ","all"))
  Then, if the user has ticked for an "exact word" search, I'm adding double quotes around it, otherwise, leaving it without.  Then submitting it to the right collection for a search with this code (I've substituted ZZZ and XXX for my protection).
  <CFSEARCH NAME="ZZZ" COLLECTION="XXX" type="simple" CRITERIA="#cleanedcriteria#" maxrows="300">
  When a user does not tick "exact match" but types in any phrase that includes any of the Verity operators, they get the following error:
  If you are using type="explicit", you must use Verity Query Language operators such as "<WORD>" or "<STEM>", or surround your search term with quotes. See the documentation for details.
  Pass Me Not
  will throw the error. but
  "Pass Me Not"
  which is passed when someone ticks "exact match" does just fine.
  From what I've read, the simple search is supposed to assume the <WORD> and <MANY> operators, but it's like that's being ignored.  What am I doing wrong, and/or how can I configure this so that my users can type terms, submit, and find what they're looking for?

  I think I finally understand, and am posting the solution here for others' benefit.
  Apparently the simple search is in fact behaving properly and will recognize AND OR NOT as operators instead of part of the search string.  The work around for this is to enclose those words in double quotes.  So that's what I've done.  If the user has not specified an "exact match" search (where I enclose the entire string in double quotes), then I single out these three words and put double quotes around them.  It appears to work beautifully.
  QED, and am happy to have had a complete uninterrupted discussion with myself.
  <cfset cleanedcriteria = ReplaceNoCase(cleanedcriteria,"and","""and""","all")>
  <cfset cleanedcriteria = ReplaceNoCase(cleanedcriteria,"not","""not""","all")>
  <cfset cleanedcriteria = ReplaceNoCase(cleanedcriteria,"or","""or""","all")>

• One User ID with 2 BPs and 2 CPs

  Hi,
  1) I have created an User ID U1 using users_gen. So system created CP1 and BP1 . I could logon.
  2) Deleted the user assignment and position
  3) Again created an user ID U1 using users_gen. So system created CP2 and BP2. I could logon.
  Now I want to link the user ID U1 to CP1 and BP1.
  Is it possible ?
  Please help
  Thanks
  Pranav

  Hi. What version of SRM are you using?
  If you have SRM 4 or below, then you can go to PPOMA_BBP and find the position of the user, then right click and select assign.
  It will then let you assign a BP of your choice to the position.
  Then you can right click the BP and select assign again, and assign the user of your choice.
  From what I can see in SRM 5 this has changed, as the relationship to BP is not visible in PPOMA_BBP any more.
  You can try and do it in SRM 5 and assign the CP, it might bring all the links through, but I am not sure.
  Regards,
  Dave.

• Needed SAP CRM Data model with Object, Entity and Attribute level details

  Hello all,
               We are working on a huge IS-U / CRM implementation and we are still in the data gathering phase. The client has a whole load of legacy systems that will be replaced with IS-U and CRM. Right now we are in the process of developing data models using Excel first and then presenting them to the client to go forward from there. For this we need to have all the business objects, entities and their attributes.
  I know about the SD11 transaction, but we don't have a CRM system yet. My colleagues have access to a German ERP system and they were able to get models for HR, FI and Asset management. I tried for the Business partner / customer in there, but the models were not proper.
  So, once again, I need the specific data models out of SD 11 for  CRM business partner. If anybody has the information, please do pass it on to me as I need them urgently. It would be a great help if somebody can do so.
  Regards
  Rajesh

  I suggest the following:
  Please, check whether the system works if you activate the implementation BUPA_F4_AUGRP.
  In addition check the notes 559662, 674869 and 782927. Maybe the notes are already implemented but you can try then the implementation of the BADI (SE19). It should resolve your issue.
  I have implemented this Badi solution before, and after activation; the search help ; nor search result list did NOT show any Business partners anymore that had an authorization group I was not allowed to see.
  kind regards
  Davy Pelssers
  SAP CRM/Security consultant

• Anyconnect permission with NT Domain user

  Hi,
  I am trying to setup a VPN with AnyConnect on my ASA5510 and it works fine.  I have setup an AAA server group for my Active Directory with the "NT Domain" protocol".  Right now, every user is able to connect with their Active Directory credentials.  I would like to restrict access to the Anyconnect VPN to only a few users in AD.
  Is there a way to do this?
  Thank you

  Hi Stephane,
  this is most easily done by switching from NT authentication to LDAP, and implementing the solution in this document:
  hth
  Herbert

• More problems with multiple domains and subaccounts

  I had been creating multiple .mac web sites in earlier versions of IWeb by creating extra “domain” files and dragging them in and out of the folder library/Application Support/IWeb as needed. Now I notice that IWeb 08 lets me store several domain files with different names in a folder, and pick whichever one I want when launching IWeb. That’s good -- but of course, the IWeb “Publish” command wants to publish them all to my same .dot mac web site -- even though I have four .dot mac subaccounts each of which can have its own web site. The only way I could figure out to publish different domain files to different .mac web sites was to create several different user accounts on my computer, assign each one to a different .mac subaccount, launch IWeb, find the domain file for that account, publish it -- then log out, log in to another account, launch IWeb there and do the whole exercise again.
  It would be bad enough if that worked, but it doesn’t: I found that when I logged in to an account other than the one that created a given domain file, I could open that file (I’ve got it stored in a folder on root level of my hard drive), but I couldn’t save it -- I would get the error message: “Couldn’t save file. You don’t have permission to make changes to that file.” So OK, I went into “Get Info” and changed the ownernship/permissions to match the user account I was in. Now I can make changes and save my domain file -- but I can’t publish what I just saved. When I try, to get the message: “Publish Error. An unknown error occurred.”
  Is there any way I make this all work -- to open and save my domain files and publish them to the .dot mac subaccount/web site I want? And is there any way around this whole clunky system that would allow me to publish to different .mac subaccounts/websites more efficiently (preferably logged into my Mac from the same user account)?
  (It may be irrelevant, but in addition to paying for the subaccounts, I bought the family pack version of ILife what should give me legit access from a licensing point of view anyway.)

  That's helpful -- I'll try it. It seems to me it would still be preferable to store my multiple domain files in one hard drive location, easily accessible and offering read and write privileges to any user account. That way I could at least do design work, etc., on any of my domains without logging in and out as various users. Any way to make that work? And really, it seems weird that I can sit at my Mac and mount the IDisks of any of my four .mac sub accounts, open their folders, and look at the web pages previously published to those subaccounts -- but apparently I can't publish any changes to those subaccounts/domains through IWeb without logging out and then back in as a different user. Isn't there some way around these apparent restrictions?