Check package/procedure level privileges for a user

Similar Messages

• Data Level security for specific Users

  Hi,
  Can you please suggest some ideas on by-passing the Data Level security for specific users or specific group?
  Currently, we have data level security defined on a group permissions for one group and for people belonging to another group, the security should not apply and they should see entire data.
  But, key thing here is that, the user belongs to both the groups.
  Any ideas helps.
  Thanks,
  Chandu.

  So you are saying you want a user to belong to a group with data-level security filters, but you don't want the filters to apply to that user?
  Why are they in the group then?
  Are the data filter defined with variables or are the hard-coded?
  If variables, you may be able to put logic in initialization block to set the variable appropriately for specific users.
  I'd rethink the security model - when I define data level security filters, I tend to force users to only belong to a single group/role.

• How to grant create table privilege for a user on a specific table

  Hi:
  I created a user, for a test scenario. I granted this user create any table, and I made the default tablespace as example.
  When I connect as the user and try to create a table, I get this:
  SQL> create table T1 (NAME varchar2 (500), AGE number(2));
  create table T1 (NAME varchar2 (500), AGE number(2))
  ERROR at line 1:
  ORA-01950: no privileges on tablespace 'EXAMPLE'
  How can I grant the necessary privilege to have user create/delete tables on tablespace example?
  Thanks.
  DA

  create user ADAM identified by radge default tablespace EXAMPLE
  quota 10M on EXAMPLE;
  for example 10Mbytes given to Example tablespace.... or you can write:
  .....quota unlimited on EXAMPLE
  and
  grant connect to ADAM
  grant create table to ADAM .....
  or
  grant connect , resource to ADAM .... although grant resource is not recommended...
  ....and something else....
  you should define temporary tablespace in create user command... otherwise the system would be used...
  Greetings...
  Sim
  Message was edited by:
  sgalaxy

• Problem in second level navigation for some users.

  Hello friends,
                  We have a group with few users, we have assigned certain roles to that group, all the roles are visible to all but the order of second level navigatin has changed for some users and not for all. Please suggest some solution.
  Thanks,
  Mitts

  Hi Mittal,
  Is there any merging of roles going on?
  When you assign new roles, does the 2nd level navigation contain the same nodes but in a different order, or are there additional nodes added?
  Perhaps you can explain in more detail the set up.
  Daniel

• Limited privileges for ReSA users

  Hi Experts,
  Can someone help me create users in Oracle Retail Sales Audit. Granting limited privileges to RMS users that only can only access Sales Audit or what script shall I use
  to grant limited privileges to roles like Manager and accounting Clerk?
  Thanks,
  Jeremy

  You may be able to do things with a script.
  Typical "Changing the EUL tables is a risky thing and could cause all sorts of problems..." disclaimers apply.
  I'm not sure how things work with responsibilities, but here's how they work for users.
  The query governor restrictions are stored in the EUL5EUL_USERS table. The "Warn user if predicted time exceeds..." value is stored in the EU_QUERY_EST_LMT column. The "Prevent queries from running longer than..." value is stored in the EU_QUERY_TIME_LMT column. The "Limit retrieved data to..." value is stored in the EU_ROW_FETCH_LIMIT column.
  You should be able to update these values with a simple update statement. Setting the values to 0 essentially acts as if there is no limit

• Task Privileges for Existing Users - Looking for a global update solution

  After some reading I understand that if you set the task privileges for the PUBLIC user in the Privileges section of Discoverer Administrator (10g), any new user created in the system will pick up the privileges you have assigned to the PUBLIC user.
  I currently have 4000+ users who have access to Discoverer Plus and the ability to create/edit queries. I want to limit who can access Discoverer Plus functionality to approximately 150 users.
  I have changed my PUBLIC user to NOT have privileges but this will only affect new users. Is there any way to restrict 4000+ users without having to go through each user individually and set the privileges.
  I am looking for a global update solution. I am wondering if this can be done through the back-end.

  Hi Mezzobella
  If you change the rights for the public user then other users, who have not been manually adjusted in any way, will automatically pick up the public rights. Therefore, if you have a lot of users that are not changing this means that at some point in their life you will have clicked OK or Apply on the screen with a user displayed. This now assigns the rights to that user as opposed to inheriting them from the public user.
  What you are describing is the perfect reason why you should not administer Discoverer using user accounts but to use roles or responsibilities instead.
  In your case you are now somewhat stuck. The programatic way to revoke these rights is to drop rows from the EUL5_ACCESS_PRIVS table but this could take longer than doing inside Discoverer. Basically, when a user has been granted privileges one row per privilege is inserted into this table. The column AP_EU_ID contains the ID of the user. The column GP_APP_ID is the one that tells you what privilege a user has. Here is a list of the privileges:
  1000 Desktop / Plus Privilege (U)
  1001 Create / Edit Query (U)
  1002 Item Drill (U)
  1003 Drill Out (U)
  1004 Grant Workbook (aka Sharing) (U)
  1005 Collect Query Statistics (U)
  1006 Admin Privilege (A)
  1007 Set Privilege (A)
  1008 Create / Edit Business Area (A)
  1009 Format Business Area (A)
  1010 Create / Edit Summaries (A)
  1011 Not used as far as can be determined
  1012 Schedule (U)
  1013 User is never required to schedule workbooks (U)
  1014 Save workbooks to database (U)
  1015 Managed scheduled workbooks (A)
  1016 This is an apps mode EUL
  1017 This is the user's assigned language
  1018 User is allowed to change password
  1019 to 1023 Not used as far as can be determined
  1024 Create Link (U)
  Note: A = Admin privilege, U = User privilege
  Theoretically you could manually delete rows from this table and that will revoke the rights. In reality, Oracle do not like it when inexperienced users manually the EUL as you could corrupt it. Therefore, any manual updates must be done with utmost caution after making sure you back up or have a copy of the table you will be updating - just in case.
  Try running this query to see the content:
  SELECT DECODE( AP_EU_ID, 104198, 'Viewer', 103697, 'Plus', 'Other' ) "Who" , AP_ID, AP_TYPE, AP_EU_ID, AP_PRIV_LEVEL, GP_APP_ID, GBA_BA_ID, GD_DOC_ID, AP_ELEMENT_STATE
  FROM EUL5_ACCESS_PRIVS
  Best wishes
  Michael

• Tables, views, packages, etc. not showing for most users

  11.1.0.7
  trying sqldeveloper 2.1.1 & 3.0.02 (64 bit)
  jre 1.6
  Started getting blanks this morning when expanding the nodes of most of my local users (cleared filters). Seeing no tables, views, packages. However, if I login sqlplus as that user and select * from tabs, I CAN see all tables are there.
  I can use sqldeveloper to view all the SYSTEM user objects and one recent user that I imported (impdp) from a 10g database. However, every other user appears empty in sqldeveloper.
  I grant connect, resource to all users since this is just a development database. Also tried granting CREATE SESSION and even ALL PRIVILEGES, no luck. All tried restarting.

  self is also facing the same issue. workstation is install WINDOWS 7 Pro and 10g client is not available as of now for Windows 7 Pro so oracle client 11.2.0.1.0 installed. Database pertains to one datacenter is serving as desired but databases lying with remote data center, none of objects are shown even not as SYS also where as sqlplus is showing all objects. tried with TNS option and without TNS as well but objects not listed. don't understand the behavior of SQLDeveloper 2.1.1.64 Build-Main 64.45. for information all DBs are of 10.2.0.4 with mix flavour of non windows o/s.
  Edited by: 824691 on Dec 30, 2010 10:33 PM

• AppV 5 HF5 packages using /appve fail for regular users on Win 7

  Hello,
  I've been struggling with some App-V packages that fail to start on Win 7 machines provided trough Xendesktop.
  All packages in question make use of locally installed Internet Explorer 9 and /appve switch  :
  "C:\Program Files (x86)\Internet Explorer\iexplore.exe"  /appvve:D89030F5-436B-4A82-A104-A5E5E8089824_6C521CD6-5116-4587-B9E8-E386075F7A79
  All other streamed apps can be started fine (the ones not using /appve switch)
  If I run this package as  a regular user I always get an error that "Internet Explorer has stopped working" and a error message in the application log:
  Faulting application name: iexplore.exe, version: 9.0.8112.16599, time stamp: 0x5473964b
  Faulting module name: AppVEntSubsystems32.dll, version: 5.0.3404.0, time stamp: 0x537e6b1f
  Exception code: 0xc0000005
  Fault offset: 0x00084444
  Faulting process id: 0xecc
  Faulting application start time: 0x01d0348e2b754fcb
  Faulting application path: C:\Program Files (x86)\Internet Explorer\iexplore.exe
  Faulting module path: C:\Program Files\Microsoft Application Virtualization\Client\Subsystems\AppVEntSubsystems32.dll
  Report Id: 6adc7087-a081-11e4-96bf-001dd8f22044
  If I start the application on the same machine using a domain account user the app starts fine.
  Internet explorer works fine for the regular users.
  On a machine running  Windows server 2008 R2 the same user can start the packages without any problems.
  I've been looking at the permissions needed but can't seem to get to the end of this...
  Has anyone seen the issue or has any clue what I can do?
  Thanks!

  It looks like some others have had issues with the /appvve switch in Citrix environments too:
  http://discussions.citrix.com/topic/348733-publishing-app-v-50-app-with-appvve-switch/
  I wonder if you've approached Citrix about this? I would assume it's something about the way Citrix pass the command
  PLEASE MARK ANY ANSWERS TO HELP OTHERS Blog:
  rorymon.com Twitter: @Rorymon

• Object level authorizations for deffirent user restrictions

  Hi
  i have 1 object, this object have only 3 values?
  i need authorizations for this object at report level?
  rsa1- i keep authorization relevant?
  rsecadmin i can include this object , here i need give from value and to value? i have 3 values only? suppose user 1 want only 1 value? user 2 need 2 and 3 value? how can i restrict like this ? ple let em know

  Hi Suneel,
  Go to RSECADMIN.
  Here, in maintain authorizations, create authorization for your characteristics along with the special characteristics.
  i.e. in your case, create authorization(assume 0plant is marked as authorization relevant)
  0PLANT
  0TCAACTVT
  0TCAIPROV
  0TCAVALID
  Double click on each characteristic to assign them the authorized value set.
  Thus, you will create two authorizations
  Z_PLANT_1
  0PLANT...................I..EQ..............1
  0TCAACTVT.............I...EQ..............3
  0TCAIPROV.............I...EQ..........ZPROVIDER
  0TCAVALID..............I...EQ...........*
  Z_PLANT_2&3
  0PLANT...................I..EQ..............2
  ..............................I..EQ..............3
  0TCAACTVT.............I...EQ..............3
  0TCAIPROV.............I...EQ..........ZPROVIDER
  0TCAVALID..............I...EQ...........*
  Go to RSECADMIN again in user tab in assignment, assign these authorizations created to the respective users.
  Like assign User1 -
  >Z_PLANT_1
  ................User2  -
  >Z_PLANT_2&3
  Refer  the link below for more information
  [Analysis Authorization|http://help.sap.com/saphelp_nw70/helpdata/en/66/019441b8972e7be10000000a1550b0/frameset.htm]
  Hope this helps,
  Best regards,
  Sunmit.

• Packaging InDesign CC file for CS5 user

  We just upgraded to InDesign CC (9.2), but the graphic designer I work with uses CS5.  I need to package some files for her but do not know how to do it so that she will be able to access a compatible file.  Thanks.

  Package it. Close the file and then open the one in the package. File > Save as and change the type to InDesign CS4 or later (IDML).
  You should probably send a PDF as well since the chances of a perfect conversion are close to zero. If that file is getting returned to you, you are in for a world of pain trying to work this way.

• Root Privileges for oracle user

  Hi,
  The System Administrator don´t whant that i have the roor password anymore.
  I need to use root user to do something like commands of RAC (crs_stat, crs_start , crsctl, ...).
  What option do we have to give the oracle all this privileges without need to give to me the root password???
  Tks,
  Paulo.

  He is trying sudo but hi is having some problem with that. Have another way????Maybe It's time the company changes SA, (or let him get the answer here).

• How to know (package , procedures or functions) name for current sessions

  Hi all
  I'm DBA and i want to find way to get object name whatever (package , procedures or functions) for current running statement in active session.
  To clarify when i open session browser from toad i can see active sessions and see current statement for every session but without the name of the object.
  Is there any way to know this point.
  thanks in advance

  select *
    from dba_objects
  where object_id in (select nvl(t.PLSQL_ENTRY_OBJECT_ID,-1)
                         from v$session t
                        where sid = 452)
  Ramin Hashimzade

• Report Export - Spreadsheet not working for one User: ECC6, SAPGUI710

  Hi,
  Our setup: SAP ECC6, Solaris10, Oracle 10g, SAPGUI Patch 9
  Normal download like List ->export ->Local file is working
  But when user click excel icon (list ->export->spreadsheet) it is not working and even it is not giving any error message.
  Only one user ID we are getting problem, all other user ids are ok.
  There is no issue with his work station or SAP GUI patch level as for other user id on his workstation export function is working fine. One more info with this problematic user id export function is not working in any workstation.
  Any thing we need to do with user parameters/user settings or authorization????
  Anyone faced this problem eralier . . .
  Advance thanks

  It is not hte problem with workstation, as for other user ids on his workstation working fine. Also with his user id on other machines also not working.
  Regarding trace in ST01, how to switch the trace for other users as there is no user selection option???
  Is it ok if I procedd as below:
  1. ST01 -> Edit menu ->Write to database
  2. Selected all trace components
  2. General Filters ->under "Trace for User Only" I give this problematic user id.
  3. From menu "Goto" ->"Save Trace file in" I give this user id, client and time
  But I am getting following message when I click "Analysis"
  No records that correspond to these search criteria found
  regards

• Transported Roles not Visible for the User Log-in

  I have three roles in the development system.  These roles show up in the top level navigation for the users in the dev system.  All these roles and the underlying BSPs are transported to QA successfully.  I could assign them to users without any problems, but when the users log-in they can not see any of these roles at the top level navigation (In fact, they just get a blank screen).  "Entry Point" setting and "Sort Priority" is maintained for all the three roles.
  As a test, I created a new role with the same BSP links in QA itself and assigned it to the users.  This shows up in the top level navigation for the users.  I am wondering what's wrong with the transported roles!  If someone could help me here that would be great and I will assign points to helpful replies.  I have a very basic knowledge in portal.

  After applying SP12 in the portal landscape (EP 6.0), the role transports only work in our test environment, but not in production.  Even the manual corrections suggested in OSS note 1002832 didn't help.  I can preview all the iviews in the roles with my user id (admin id), but as soon as I log-in with the end user id nothing shows up [Not even the top level navigation tabs show up].  The following is the portal authorization methodology I chose.
  1. I assign users to the user groups
  2. I assign user groups to the roles
  I want to emphasize that all is well in our test environment, it is the production environment that shows inconsistency.  Let me know if anyone has any pointers.

• Can I set privileges for publishing a site?

  Is it possible to set up Muse such that one of my team is able to make various changes to a site, but only I am able to publish to Business Catalyst, once the changes have been approved?
  Thanks in advance

  Hi
  With Muse we cannot setup permission privileges for publishing sites, Muse will publish the site to user account which is setup in Publish account ( Edit > Preferences > Publish Account )
  Any user with administrative permission with the site can make changes to the site within Business Catalyst as well from Muse, unless you remove all the permission privilege for that user from Business Catalyst.
  So if user is added as Admin role in Business Catalyst then he can edit the site as well pulish the site from Muse , but if User is removed from admin role then he cannot publish the site from Muse.
  Thanks,
  Sanjit