Creating users with limited access (admin level)
Hi,
I have a requirement where in I need to create a user which can only assign business areas to other users. This user should not have access to "Create/Edit" business area or to assign priviledges.
I tried to achiieve this by using "Allow administration" at the Security level to this user for a biz area. This ensures that the "Priviledges" option is disabled for that user. But I need to give the "Create/Edit" business area privliedge to this user so that he can grant access to business area (which I dont want). I want to ensure that he is able to grant access to business area without having create/edit rights on that business area.
Could you let me know if you have any way to solve this.
Thank You.
Nawaz
Hi,
Changing the security access to a business area counts as a edit to the business area therefore the user will need Create/Edit privilege. One way to do what you want is to create a trigger over the EUL5_BAS table that will prevent the user from making changes to this table raising an error if this is attempted. However, this is not an Oracle supported approach but will work fine.
Rod West
Similar Messages
-
Create user with read access for all tables SAP SID .*
Hello all,
could you please help me ? I would like to grant select privilege on all tables SAP<SID>.* for newly created user.
I have created standard database user (not exclusive).
I`m able to grant select for individual tables, but I would like to grant select for this user on all SAP<SID>
schema in simplier way
But as far as I know, the schema`s owner name must be different then schema name.
Any idea please ?
Thank you.
Pavolcreate user <user_name> identified by <password> <options>;
grant read on all tables:-
CREATE OR REPLACE PROCEDURE GRANT_SELECT AS
CURSOR ut_cur IS
SELECT table_name
FROM user_tables;
RetVal NUMBER;
sCursor INT;
sqlstr VARCHAR2(250);
BEGIN
FOR ut_rec IN user_tabs_cur;
LOOP
sqlstr := 'GRANT SELECT ON '|| ut_rec.table_name
|| ' TO <user_name>';
sCursor := dbms_sql.open_cursor;
dbms_sql.parse(sCursor,sqlstr, dbms_sql.native);
RetVal := dbms_sql.execute(sCursor);
dbms_sql.close_cursor(sCursor);
END LOOP;
END grant_select;
Edited by: varun4dba on Jan 18, 2011 4:13 PM -
I have a 2007 iMac running OS X Lion, all latest updates and patches applied.
My daughter has an account on the system, which I have limited to only being able to be used for a few hours a day.
The problem arises when she leaves herself logged in, but walks away, and the time runs out. When I sit down at the console, the first thing that happens is that the cursor disappears, and the systems starts to go into a logout. Makes sesne so far, I guess. However, the system then goes into what I can only presume is some sort of loop. The cube animation starts, and rotates back and forth several times between two screens, both equally hessian wrapped, with no distinguising features.
I can log into the system via ssh, and I can confirm that the system is spiking out on SecurityAgent:
Processes: 661 total, 5 running, 29 stuck, 627 sleeping, 2082 threads
19:59:08 Load Avg: 1.68, 3.07, 5.24 CPU usage: 43.38% user, 23.52% sys, 33.8% idle SharedLibs: 3620K resident, 1948K data, 0B linkedit.
MemRegions: 104350 total, 1295M resident, 189M private, 2974M shared.
PhysMem: 1166M wired, 3312M active, 1655M inactive, 6133M used, 9560K free.
VM: 1611G vsize, 1118M framework vsize, 34169473(356) pageins, 5796949(92) pageouts.
Networks: packets: 100372238/47G in, 162918821/146G out. Disks: 23914908/3252G read, 27697160/2570G written.
PID COMMAND %CPU TIME #TH #WQ #PORT #MREG RPRVT RSHRD RSIZE VPRVT VSIZE PGRP PPID STATE UID FAULTS
27013 SecurityAgen 98.0 37:41.27 2/1 1 88 84 508K 3904K 2664K 31M 2410M 27013 1 running 92 3028
28561 top 25.9 02:27.05 1/1 0 32 43 3752K 216K 4176K 20M 2381M 28561 28505 running 0 1924014+
1 launchd 4.6 50:43.63 3 0 3159- 343 2804K+ 2836K 2128K+ 15M+ 2405M 1 0 stuck 0 553252+
0 kernel_task 1.5 08:01:03 71/2 0 2 976 14M 0B 595M- 15M 5487M- 0 0 running 0 23008
197 WindowServer 0.7 01:57:50 5 1 6653 6448 22M+ 885M 486M+ 137M 40G 197 1 sleeping 88 25934192+
18548 Transmission 0.5 01:59:18 7 1 175 372 10M 7352K 16M- 47M 2550M 18548 282 sleeping 501 10297632
14 opendirector 0.4 02:27.27 13 13 617+ 108+ 6072K+ 1872K 6860K+ 32M+ 2417M+ 14 1 stuck 0 407028+
25117 mcxalr 0.2 00:40.33 4/1 3 43 41 200K 252K 1780K 30M 2391M 25117 1 running 54 1580
26441 SecurityAgen 0.2 00:01.55 2 1 121 245 2856K 19M 6820K 35M 2503M 26441 1 stuck 92 27427
28001 ManagedClien 0.1 00:00.11 4 3 98+ 86 1196K+ 4900K 3748K+ 31M 2413M 28001 27998 sleeping 0 3718+
294 UserEventAge 0.1 00:20.22 3 1 212 140 976K+ 3964K 2632K+ 34M 2422M 294 282 sleeping 501 294201+
28006 ManagedClien 0.0 00:00.11 4 3 97 86 1184K+ 4904K 3700K+ 32M 2414M 28006 28003 sleeping 0 3725+
28573 mdworker 0.0 00:00.41 4/1 2 55 101 8648K 6052K 13M 38M 2422M 28573 28443 running 89 4766+
27831 loginwindow 0.0 00:00.50 4 2 153+ 108+ 1692K+ 4804K 3252K+ 35M+ 2425M+ 27831 197 sleeping 0 4875+
15 configd 0.0 00:33.57 6 1 2316 230 2392K 1788K 3524K+ 27M 2420M 15 1 sleeping 0 320735+
28318 loginwindow 0.0 00:00.54 3 1 151 101 924K+ 4712K 3120K+ 33M+ 2423M 28318 197 sleeping 0 4778+
Now, obviously, because I can ssh in, I can start a clean shutdown and restart, but I'd like a way to do this that doesn't involve me bringing down the system, when the whole point of multiple users and parental controls is that a system can be shared cleanly.
Thoughts?
Thanks,
WillSee if this blog post that our support team created helps you with the connection information. This can create the desktop Access application linked up to the Access 2013 web app tables you have.
http://blogs.technet.com/b/the_microsoft_access_support_team_blog/archive/2014/03/24/how-to-make-external-connections-to-an-access-web-app-new.aspx
Also, you might just try clicking the Create Reports button in the Access web app client interface and Access will create the reporting database for you with links to the web app tables. On the File menu (when using the Access web app in client) make sure
to click the option to Allow Any Location under the Manage button. After that, just click the Create Reports button on the File menu (right above the Manage button) and wait a few seconds. Access will create a new desktop database linked up to all of the Access
web app tables. You can then create as many reports or other desktop objects as you like.
Hope that helps,
Jeff Conrad - Access Junkie - MVP Alumnus
Senior Content Developer - Office Content Development Team - Microsoft Corporation
Author - Microsoft Access 2013 Inside Out
Author - Microsoft Access 2010 Inside Out
Co-author - Microsoft Office Access 2007 Inside Out
Access 2007/2010/2013 Info: http://www.AccessJunkie.com
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/en-us/legal/Copyright/Default.aspx -
Create user with select privilege only one schema
can someone tell me how i can create user with select priviliges only one schema.
i don't want the user to have any select privileges with other schema.
can someone advise me.
ThanskIn general, you would do something like
CREATE ROLE abc_read_only;
FOR x IN (SELECT * FROM dba_tables WHERE owner='ABC')
LOOP
EXECUTE IMMEDIATE 'GRANT SELECT ON abc.' || x.table_name || ' TO abc_read_only';
END LOOP;
CREATE USER your_user ...;
GRANT abc_read_only TO your_userYou create a role, grant the role SELECT access to all the tables in the ABC schema (you can extend this to grant access to views, functions, etc depending on the requirements), and then grant that role to your user.
Justin -
Install for users with limited rights.
Is there a way to install Flash player so users with limited rights can perform updates? I don't want to touch hundreds of machines each time a minor upgrade is released. Security policies dictate that users cannot have local admin rights.
Hi, not that I have heard of. If you can't update, then most likely you are under Group Policy and the IT Department would be in charge of that.
If it is possible, then someone else would need to reply to you.
Thanks,
eidnolb -
Creating user with extension mobility on prime provisioning 10.5
Hi All,
Does anyone know any document or have any expirenece on creating user with extension mobility on prime provisioning 10.5?
I'm facing challenges on it, appreciate if you have any document or experience to share with me.
Thanks,
CherryWhat sort of issues are you facing?
I'm also having problems, but I think it is system related.
CUCM is LDAP synced.
When PCP tries to provision Extension Mobility Access, it actually seems to be trying to update the user on CUCM (via AXL) (this fails as it is an LDAP user and the values come from LDAP and cannot be updated)
I've got a tac case open.
Bug details are currently hidden - CSCuo11522 - but this one is extension mobility provisioning issue
There was also mention of another bug related to failures to provision users with directory URI's in their LDAP record. I didn't catch a bug ID for this one though.
Cheers,
Tim -
Can't create user with Delegated Administrator Console! Thank you!
I have installed JES2005Q4 (include Deirectory Server、Access Manager、Web Server、Messaging Server、Calendar Server、Instant Messaging、Communications Express and Delegated Administrator) ,
i can create domain and user with "commadmin" command, but can't create user with Delegated Administrator console.
When i checked the logs of the Web Server, found some errors:
[04/Feb/2006:11:55:25] failure (12015): for host 192.168.182.130 trying to POST /da/wizard/WizardWindow, service-j2ee reports: ApplicationDispatcher[da] WEB2649: Servlet.service() for servlet jsp threw exception
javax.servlet.ServletException
at org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:536)
at jsps.com_sun_web_ui._jsp._wizard._WizardWindow_jsp._jspService(_WizardWindow_jsp.java:559)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:107)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at com.iplanet.ias.web.jsp.JspServlet$JspServletWrapper.service(JspServlet.java:687)
at com.iplanet.ias.web.jsp.JspServlet.serviceJspFile(JspServlet.java:459)
at com.iplanet.ias.web.jsp.JspServlet.service(JspServlet.java:375)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:772)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:471)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:382)
at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:340)
at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
at com.sun.web.ui.view.wizard.CCWizard.handleNextButtonRequest(CCWizard.java:730)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:760)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:280)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:209)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:161)
at com.iplanet.ias.web.WebContainer.service(WebContainer.java:580)
----- Root Cause -----
javax.servlet.jsp.JspException
at com.sun.web.ui.taglib.wizard.CCWizardTag.getWizardPageHTML(CCWizardTag.java:1577)
at com.sun.web.ui.taglib.wizard.CCWizardTag.appendPageletBodyContentHTML(CCWizardTag.java:668)
at com.sun.web.ui.taglib.wizard.CCWizardTag.appendWizardBodyHTML(CCW
[04/Feb/2006:11:55:25] failure (12015): for host 192.168.182.130 trying to POST /da/wizard/WizardWindow, service-j2ee reports: WEB2798: [da] ServletContext.log(): [ERROR] Uncaught application exception
com.iplanet.jato.NavigationException: Exception encountered during forward
Root cause = [javax.servlet.jsp.JspException]
at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:380)
at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
at com.sun.web.ui.view.wizard.CCWizard.handleNextButtonRequest(CCWizard.java:730)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:760)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:280)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:209)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:161)
at com.iplanet.ias.web.WebContainer.service(WebContainer.java:580)
Root cause:
javax.servlet.jsp.JspException
at com.sun.web.ui.taglib.wizard.CCWizardTag.getWizardPageHTML(CCWizardTag.java:1577)
at com.sun.web.ui.taglib.wizard.CCWizardTag.appendPageletBodyContentHTML(CCWizardTag.java:668)
at com.sun.web.ui.taglib.wizard.CCWizardTag.appendWizardBodyHTML(CCWizardTag.java:658)
at com.sun.web.ui.taglib.wizard.CCWizardTag.getHTMLStringInternal(CCWizardTag.java:469)
at com.sun.web.ui.taglib.common.CCTagBase.doEndTag(CCTagBase.java:114)
at jsps.com_sun_web_ui._jsp._wizard._WizardWindow_jsp._jspService(_WizardWindow_jsp.java:260)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:107)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at com.iplanet.ias.web.jsp.JspServlet$JspServletWrapper.service(JspServlet.java:687)
at com.iplanet.ias.web.jsp.JspServlet.serviceJspFile(JspServlet.java:459)
at com.iplanet.ias.web.jsp.JspServlet.service(JspServlet.java:375)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:772)
at org.apache.catalina.co
[04/Feb/2006:11:55:26] failure (12015): for host 192.168.182.130 trying to POST /da/wizard/WizardWindow, service-j2ee reports: StandardWrapperValve[WizardWinServlet]: WEB2792: Servlet.service() for servlet WizardWinServlet threw exception
javax.servlet.ServletException: Uncaught exception
at com.iplanet.jato.ApplicationServletBase.onUncaughtException(ApplicationServletBase.java:1415)
at com.sun.comm.da.WizardWinServlet.onUncaughtException(WizardWinServlet.java:98)
at com.iplanet.jato.ApplicationServletBase.fireUncaughtException(ApplicationServletBase.java:1164)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:639)
at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:280)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:209)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:161)
at com.iplanet.ias.web.WebContainer.service(WebContainer.java:580)
----- Root Cause -----
com.iplanet.jato.NavigationException: Exception encountered during forward
Root cause = [javax.servlet.jsp.JspException]
at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:380)
at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
at com.sun.web.ui.view.wizard.CCWizard.handleNextButtonRequest(CCWizard.java:730)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:760)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChainNow i want to update the Delegated Administrator with the 119778-09.jar patch, but the error show:
Unable to open keystore </var/sadm/security/patchadd/trustore> for reading.
Signature invalid on signed patch <119778-09>. -
Problem in creating users with password restrictions
I have enabled the following option in the Authentication>Enterprise tab of CMC.
Must contain at least N Characters and specified N as 7
Enforce mixed-case passwords
However I am able to create user with password as abcd.
Please suggest.
Thanks in AdvanceI might be missing something but the rule applies to users changing their pw not administrators creating accounts. If the administrator sets this rule it would be thought/assumed that they would enforce their own rule when creating accounts. The users however should not be able to select 4 character passwords.
I'll run some tests and see if I find out anything different.
Tested this on XIR2 SP4 and XI 3.0 The rules apply to the user not the administrator creating the account.
So create an account while the 7 character pw is enabled. By default the user logs in with the pw (any amount of characters) and is prompted to change their pw. They cannot choose anything less than 7 characters. So unless an administrator creates an account with a password less than 7 characters AND deselects the option to force a pw change. All new users will be forced to select a 7 character password.
This is by design. If it forced the administrator to create accounts without a 7 character pw they could simply deselect the options(as administrators) so there is no security in forcing this.
Regards,
Tim
Edited by: Tim Ziemba on Aug 13, 2008 5:28 PM
Edited by: Tim Ziemba on Aug 13, 2008 5:33 PM -
Vista - Connected with Limited Access???
Please help!!! This problem is driving me mad. Every time I try to connect to the router whilst wireless it says "Connected with Limited Access"? I then plug the cable back in and "ta dah" it works fine. I have tried almost everything and cannot understand the problem - can anyone help?
try this one out.. click start >> networks >> network and sharing center >> manage my wireless network >> and on this page remove all wireless networks listed and restart your PC.
-
Users with direct access to tables
I need to find out which users have direct access to tables, not through the roles.
Is dba_tab_privs the right table to query or table_privileges is the correct one.
Please let me know the difference between these two.
I have gone through the documentation but I am still not clear about the difference between them.
Let me know whatever your thoughts are on this.
Thanks,
RushiAh, an opportunity to illustrate the value of COMMENTs:
SQL> select * from dict where table_name = 'TABLE_PRIVILEGES';
TABLE_NAME
COMMENTS
TABLE_PRIVILEGES
Grants on objects for which the user is the grantor, grantee, owner,
or an enabled role or PUBLIC is the grantee
SQL> select * from dict where table_name = 'DBA_TAB_PRIVS';
TABLE_NAME
COMMENTS
DBA_TAB_PRIVS
All grants on objects in the database
SQL>So, TABLE_PRIVILEGES is a view relevant to the user who is currently connected and SELECTing from it.
DBA_TAB_PRIVS is what you want to use to find users with direct access granted to tables. -
Security batch job to evaluate users with SAP_ALL access:
Hello,
I need to run some kind of batch report or program that runs for users that have SAP_ALL access.
Basically we need to run a report or program that shows what these users that currently have SAP_ALL are executing on a daily basis.
Do you have or know of a report/program that we can schedule nightly to find this information out ?
Thanks,
SteveHi Steve,
I don't think any SAP standard report or query is available for this. You probably have to design your own Z report/query to achive this.
However since SAP_ALL is a restricted access and you will have very few users with this access, if you want to find it out programs/transation being executed by these users, it can be done manually from ST03, through "Memory Use Statistics", probably this may help to identify the tables using which you can design your own report.
Regards,
Sanujit
Edited by: Sanujit Purohit on Jul 20, 2010 2:25 AM -
Set Single user with reviewer access to multiple conference room calendars
Want to add a single user with reviewer access to multiple conference room calendars, used the below but it given a below error , Single user i am able to add but single user for multiple confernce room calendars hot happening.
Import-csv C:\smtp1.csv | foreach-object {Add-MailboxFolderPermission -identity $_mail":\Calendar" -User "Mike" -AccessRights "Reviewer"}
Smtp1.csv
mail
[email protected]
[email protected]
Error:--
[PS] C:\>Import-csv "C:\smtp1.csv" | foreach-object {Add-MailboxFolderPermission -identity "$_mail:\Calendar" -User "Mike" -AccessRights "Reviewer"}
The specified mailbox "\Calendar" doesn't exist.
+ CategoryInfo : NotSpecified: (0:Int32) [Add-MailboxFolderPermission], ManagementObjectNotFoundException
+ FullyQualifiedErrorId : 78C23328,Microsoft.Exchange.Management.StoreTasks.AddMailboxFolderPermission
The specified mailbox "\Calendar" doesn't exist.
+ CategoryInfo : NotSpecified: (0:Int32) [Add-MailboxFolderPermission], ManagementObjectNotFoundException
+ FullyQualifiedErrorId : 78C23328,Microsoft.Exchange.Management.StoreTasks.AddMailboxFolderPermission
The specified mailbox "\Calendar" doesn't exist.
+ CategoryInfo : NotSpecified: (0:Int32) [Add-MailboxFolderPermission], ManagementObjectNotFoundException
+ FullyQualifiedErrorId : 78C23328,Microsoft.Exchange.Management.StoreTasks.AddMailboxFolderPermission
The specified mailbox "\Calendar" doesn't exist.
+ CategoryInfo : NotSpecified: (0:Int32) [Add-MailboxFolderPermission], ManagementObjectNotFoundException
+ FullyQualifiedErrorId : 78C23328,Microsoft.Exchange.Management.StoreTasks.AddMailboxFolderPermissioni tried with that as well but getting the below
A positional parameter cannot be found that accepts argument ':\Calendar'.
+ CategoryInfo : InvalidArgument: (:) [Add-MailboxFolderPermission], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Add-MailboxFolderPermission
A positional parameter cannot be found that accepts argument ':\Calendar'.
+ CategoryInfo : InvalidArgument: (:) [Add-MailboxFolderPermission], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Add-MailboxFolderPermission
A positional parameter cannot be found that accepts argument ':\Calendar'.
+ CategoryInfo : InvalidArgument: (:) [Add-MailboxFolderPermission], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Add-MailboxFolderPermission
Cannot process argument transformation on parameter 'Identity'. Cannot convert value "" to type "Microsoft.Exchange.Configuration.Tasks.MailboxFolderIdParameter". Error: "Valu
e cannot be null.
Parameter name: mailboxFolderId"
+ CategoryInfo : InvalidData: (:) [Add-MailboxFolderPermission], ParameterBindin...mationException
+ FullyQualifiedErrorId : ParameterArgumentTransformationError,Add-MailboxFolderPermission -
Create user with DBA privileges with a restriction to access user data
Hi
I need to create a user with all DBA privileges with a restriction to access all user schemas
Thanks,
BalajiUse Database Vault - http://download.oracle.com/docs/cd/E11882_01/server.112/e16544/toc.htm
HTH
Srini -
Add user in ACS with limited access
Dear
I have low experiance with cisco ACS
So kindly i need help to add user to The ACS which has limited access to my network Switches ( As Show only not to change configuration )
Also how to take backup for the ACS Database
Thanks,Hi,
Search about command authorization in the AAA section, you'll get ample information about it, i.e., on how to configure network devices so that you can allow certain users on ACS to have limited and certain user to have full access.
About taking a backup, that is pretty simple.
System Configuration > ACS Backup > Backup Now.
And you have a latest backup from ACS.
Regards,
Prem -
Users with read access to the site unable to view Managed Metadata Navigation
Hi everyone,
I created a Managed Metadata service and created group, term-set and terms
I gave read access to users
I set up navigation to use Managed Navigation
I am logged in as farm admin and able to view the navigation when i browse site. But user are not seeing navigation.
One thing i noticed is when i give users full access or designer access to site they will be able to see the navigation. but i don't want to give users full access or designer access to the site.
How can users with read only access to site can view Managed Metadata Navigation...Please help?Hi Sunil,
Have you given your users permissions to actually read the MMS data from the service application?
http://technet.microsoft.com/en-us/library/ff625176.aspx covers permissions on the MMS.
Regards
Paul.
<<edit>> On reflection you might be hitting the issue in this Stackexchange post..
http://sharepoint.stackexchange.com/questions/75636/permissions-and-managed-metadata-in-navigation Is yours behaving the same way?
Please ensure that you mark a question as Answered once you receive a satisfactory response. This helps people in future when searching and helps prevent the same questions being asked multiple times.
Maybe you are looking for
-
Kernel panic - mid 2010 macbook pro mar OX 10.9.3
Trying to help a friend of a friend I have bought a macbook pro mid 2010 - mar OX 10.9 updated with kernel panic. I have decided not to take it to the apple store yet because of money issues, and I was wondering if I could manage this with some help.
-
Why can't I have the same apple ID for iCloud and iTunes?
After down loading the latest upgrade on my 5s, the iCloud Apple ID (which is an email address I don't use) keeps asking me for a password that I don't have. When I change it to a new password (I've done it 4 times) it keeps going back to the passwo
-
Where can I go to get REAL SUPPORT for my apple products that don't work as adverstised?
I'm fed up with this mickey mouse pathetic attempt at users aimless trying to support other users. I paid a lot of money for these devices which don't work as advertised -- in particular iCLOUD. My time is MONEY and i've spent a lot of hours searchi
-
Streaming Audio repeats every 11.5 minutes????
when on the CBC Ideas streaming audio site, the stream repeats and layers over itself after 10-15 minutes. try it... Im on a older computer on ubuntu 10.04 (768 megs ram)
-
ADDITIONAL ROW INSTANCES PROBLEM
I am creating a form and I have the following issue: I have a dropdown list and a user can select one of two options. When the user selects one of the options, it populates the values for other dropdown lists that are within a row. I have created a b