Customizing the "DISABLE USER"  Function

Similar Messages

• Apple cause the disabled user identity?

  apple cause the disabled user identity?

  If your account is disabled then depending on the reason why, you might be able to re-enable it via this page : http://appleid.apple.com, then 'reset your password'
  Or you might need to contact Apple : http://www.apple.com/support/itunes/contact/ - click on Contact iTunes Store Support on the right-hand side of the page
  If it then works on your computer's iTunes but not your iPad then try logging out of your account on the iPad by tapping on the id in Settings > Store and then log back in and see if that 'refreshes' the account on it

• Disabled user function causing problems?

  Hi
  I made a commercial DVD for which I had to insert an "FBI warning and copyright" video track as First Play. To not allow viewers to skip the warning, I disabled all user functions for that track.
  Now, when I view the VTS using Apple's DVD player, everything looks great. But when I play the physical DVD in another, regular DVD player, towards the end of the FBI warning there's a brief jump/flash frame in the middle of the copyright.
  I haven't re-built the VTS yet ... but does this sound like a familiar problem to anyone?

  No, I never had this problem. I dont disable all user functions, only those i want to be disabled. But this "should" not be the problem

• Runtime error when customizing the logon user interface

  I followe the help.sap.com:
  1.http://help.sap.com/saphelp_nw04/helpdata/en/23/c0e240beb0702ae10000000a155106/frameset.htm
  2.http://help.sap.com/saphelp_erp2004/helpdata/en/1a/3afd4e641b8f42ac07bb77fe30375b/content.htm
  but when logon the EP, there are runtime error ,then I got the log in the my.new.logon.par.log:
  2005-09-08_18-12-37Application upload failed: my.new.logon.parjava.util.zip.ZipException: The file access permissions do not allow the specified action. /usr/sap/D01/DVEBMGS00/j2ee/cluster/server0/apps/sap.com/irj/servlet_jsp/irj/root/web-inf/deployment/pcd/my.new.logon.par
       at java.util.zip.ZipFile.open(Native Method)
       at java.util.zip.ZipFile.<init>(ZipFile.java:140)
       at java.util.zip.ZipFile.<init>(ZipFile.java:155)
       at com.sapportals.portal.prt.deployment.ArchiveIterator.iterate(ArchiveIterator.java:39)
       at com.sapportals.portal.prt.deployment.UploadProcess.upload(UploadProcess.java:60)
       at com.sapportals.portal.prt.deployment.DeploymentManager._uploadArchive(DeploymentManager.java:835)
       at com.sapportals.portal.prt.deployment.DeploymentManager.uploadArchives(DeploymentManager.java:599)
       at com.sapportals.portal.prt.deployment.DeploymentManager.populateRuntimeRepository(DeploymentManager.java:582)
       at com.sapportals.portal.prt.deployment.DeploymentManager.runtimeRepositoryDeployment(DeploymentManager.java:310)
       at com.sapportals.portal.prt.runtime.Portal.init(Portal.java:403)
       at com.sapportals.portal.prt.core.PortalCoreInitializer.coreInit(PortalCoreInitializer.java:54)
       at com.sapportals.portal.prt.dispatcher.PortalInitializer.<init>(PortalInitializer.java:129)
       at com.sapportals.portal.prt.dispatcher.Dispatcher$doSetupPortalInitializer.run(Dispatcher.java:161)
       at java.security.AccessController.doPrivileged1(Native Method)
       at java.security.AccessController.doPrivileged(AccessController.java:351)
       at com.sapportals.portal.prt.dispatcher.Dispatcher.initDispatcher(Dispatcher.java:359)
       at com.sapportals.portal.prt.dispatcher.Dispatcher.access$000(Dispatcher.java:42)
       at com.sapportals.portal.prt.dispatcher.Dispatcher$InitRunner.run(Dispatcher.java:114)
       at com.sapportals.portal.prt.dispatcher.Dispatcher.init(Dispatcher.java:392)
       at com.sap.engine.services.servlets_jsp.server.runtime.context.WebComponents.addServlet(WebComponents.java:134)
       at com.sap.engine.services.servlets_jsp.server.container.ApplicationThreadInitializer.loadServlets(ApplicationThreadInitializer.java:376)
       at com.sap.engine.services.servlets_jsp.server.container.ApplicationThreadInitializer.run(ApplicationThreadInitializer.java:110)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged1(Native Method)
       at java.security.AccessController.doPrivileged(AccessController.java:321)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:94)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:162)
  Then in order to solve the issue, I chmod the status of my.new.log.par., but still failed.
  my landscape: NW04SR1SP11, Portal6SP11,AIX, Oracle.
  how to solve it?
  thanks a lot!

  Hi Hua
  Check this and this should solve your problem
  https://www.sdn.sap.com/sdn/collaboration.sdn?node=linkFnode6-1&contenttype=url&content=https://Regarding the customizing portal logon page
  There are two jar files that u need to add
  These are the jar files.
  com.sap.portal.runtime.logon_api.jar
  com.sap.portal.runtime.logon_core.jar
  They can be found inside the par file. Extract the par file you will get those files
  The first one have to be placed in lib(inside PORTAL-INF)and the second one inside PORTAL-INF>>private>>lib.
  Regards
  Rajeev.

• Script to get the List of Disabled Users in UserProfiles

  Hi All,
  can somebody help me in writing a script to get all the disabled users in Share Point userProfiles.
  Thanks
  Kishore

  Hi All,
  can somebody help me in writing a script to get all the disabled users in Share Point userProfiles.
  Thanks
  Kishore

• How to disable an out of the box disable User process task  from resource?

  How should I disable the out of the box disable User process task that is assigned to a particular resource? If I disable this disable User process task, when the user is provisioned to the same resource will I be able to stop this disable User process from running?
  My requirement: I need to disable the disable user process task from three resources x, y and z. Whenever a user is provisioned to one of these resources I should stop this disable user process task an out of the box process task from running. How can this be accomplished?? Please help me out on how to configureto remove the process task in the OIM Admin console to stop the process task.

  You can avoid the disable task from triggering by removing the Disable Process Or Access to Application from the task effect drop down in the process task. But this task is triggered once the user is disabled. But still I didn't understand the exact scenario.
  By the way the disable task is triggered when the user gets disabled and not when the user is provisioned.
  Edited by: vindla on Aug 1, 2011 10:26 PM

• Invalid Credential/Disabled User

  Hi,
  I have a requirment of capturing the message "Invalid Username/Password" or Disabled User on the OAM Login (Enterprise Login Page). For example -
  I have 2 applications which are protected by the same authentication scheme and they are SSO enabled. If a user tries to access those applications will be challanged by the Login Page. If the user puts the wrong password or user name over to the Login Page, I should be able to caputre that message and show a message to the User saying that "The username or password provided are wrong". Similar is the case for the Disabled users, so if the userid is disabled and the user tries to get in to the application he should get a message "Your User ID is disabled" on the Log in Page. Is there any way I can achive this. Is it a Out of Box functionality of OAM or I have to write any custom scheme for this. Please help me on this.
  Thanks&Regards
  Debi

  Originally Posted by DParkes
  Can you try this from the standalone GWCheck, Tommy and I think the server
  side is broken for this specific operation
  Cheers Dave
  Dave Parkes [NSCS]
  Occasionally resident at http://support-forums.novell.com/
  Awesome. Local GWCheck works when you specify a user that is on the same post office as the library. The server task does not work even though the user is on the same po. Is this a confirmed bug?

• OAM11g Authentication - Disabled User

  Hi,
  In OAM 11g, i am able to successfully authenticate using disabled user account. How to prevent this in OAM11g.
  I have configured OAM to authenticate against Active Directory. The user account is disabled in Active Directory. Even then if the protected application is given the disabled account credentials, OAM is allowing him the access.
  How to disabled that?
  Thanks in Advance,
  Sandeep D.

  Hi Nishith,
  You mean to say, we need to capture the disabled user account and handle in the Custom Authentication Module using the Error Codes? As per the link provided by you, they are handling using BaseUserSession class.
  What is the attribute in case of Active Directory.
  If so, can you throw some light on the BaseUserSession class. And some samples on the same.
  Thanks,
  Sandeep D.

• Apply the default user logon picture to all users

  Hi
  I applied gpo "apply the default user logon picture to all users"
   Computer Configuration\Administrative Templates\Control Panel\User Accounts\Apply the default user logon picture to all users
  C:\programdata\Microsoft\User Account Pictures\user.bmp  --> renamed my company log to user.bmp.
  Taken backup of old user.bmp.
  But policy is not working.
  Environment:
  Windows Server 2008 R2
  Clients:Windows 7 and Windows 8

  Hi S.Vijay Kumar,
  Based on my understanding, the GPO which configured the
  Apply the default user logon picture to all users would not apply successfully. What’s more, you have customized the default user logon picture
  %ProgramData%\Microsoft\User Account Pictures\user.bmp. Right?
   Firstly, please check if the scope of this GPO and the setting of Filtering are correct.
  Secondly, please follow the steps below to check if the GPO is applied to these Windows XP clients:
  Click Start, type rsop.msc in the search box to access
  Resultant set of policy.
  Check if the GPO is applied to these clients and the setting of the GPO is correct.
  In addition, it would be helpful for future troubleshooting if you could help to collect the following information:
  Did the GPO fail to apply for all the computers or only some computers?
  Can you set the user.bmp as the user logon picture
  manually?
  Regards,
  Lany Zhang

• Disable User on updating an User attribute in OIM

  Hi,
  I have OIM 11g R2 with LDAP SYNC enabled with OID through OVD.
  I want to trigger Disable user on modifying an UDF attribute of user.
  Like if attribute1 of user is set to true then disabke user operation should be triggered for the user.
  So first in my adapter i will check whether attribute is true and then trigger disable user.
  In 11g R2 as mapping adapters attached to Users form in dataobject manager is not supported i am not able to map to the userdefinition and hence not able to check if attribute1 is true or false.
  Please help and let me know if this can be achieved in any other way.
  Edited by: 988070 on Mar 20, 2013 3:55 AM

  You can write a post process event handler:
  It will update the user status to disable when UDF attrtibute is set to true.
  For this, you need to set the condition as:
  Get the value of user defined attribute and store it in a variable "flag".
  disable UserManagerResult disable(java.lang.String attributeName, java.lang.Object attributeValue) //attributeName will be user defined fieldm value will be "true"
  throws ValidationFailedException,
  oracle.iam.platform.authz.exception.AccessDeniedException,
  UserDisableException,
  NoSuchUserException,
  SearchKeyNotUniqueException
  Disables the user account matching the search criteria.
  Parameters:
  attributeName - - The attribute name for the search criteria.
  attributeValue - - The attribute value for the search criteria.
  Returns:
  UserManagerResult containing the entity id of the disabled user.
  Cheers,
  Vamsi.

• Remove GrantSendOnBehalfTo disabled user accounts - A novice at scripting

  Hello.  Can anyone help please
  In our exchange 2010 environment we have users who are granted send on behalf to access.  Obviously some users leave and I m finding that there are ghosts left behind which are causing issues with our team who add users into the grantsendonbehalfto
  option using the EMC.  Using the log view we coy out the command and then remove the disabled user from the command and then paste this into an Exchange Powershell command line.  This wrks because it is doing what Exchange EMC does which is rewrites
  the -GrantSendOnBehalfTo option in it new entirety.  
  The problem occurs because I need to remove these en-mass from approx 700 plus accounts.  
  I have tried to modify one user in order to get the script to work but it doesn't.
  This is the error message that happens when I run the script below against a known account with at least 2 disabled users in:-
  Couldn't find object "xxxxxxxx.xx.xxxxxxx.xxx.xx/DisabledUsers/2013-08/Gaynor Collins-Punter". Please make sure that i
   was spelled correctly or specify a different object. Reason: The recipient xxxxxxxx.xx.xxxxxxx.xxx.xx/DisabledUsers/2
  13-08/Gaynor Collins-Punter isn't the expected type.
      + CategoryInfo          : NotSpecified: (:) [], ManagementObjectNotFoundException
      + FullyQualifiedErrorId : F6498844
      + PSComputerName        : ex02-0029.xx.xxxxxxx.xxx.xx
  Am running the script from my local PC
  This is the script I have used.
  # Gather info use get-mailbox -resultsize unlimited$mailboxes = Get-Mailbox zplew1
  Foreach($mailbox in $mailboxes)
  for($i = ($mailbox.GrantSendOnBehalfTo.count)-1; $i -ge 0; $i--)
  $address=$mailbox.GrantSendOnBehalfTo[$i]
  $addressString=$address.addressString
  If($addressString -like "*disabled*")
  $mailbox.GrantSendOnBehalfTo.removeat($i)
  $info >> "C:\Scripts\grantsendonbehalfto.csv"
  $mailbox |set-mailbox -GrantSendOnBehalfTo $mailbox.grantsendonbehalfto
  }If you requiere any more info please let me know.

  #1 - I recommend posting in xchange forum fo rhow to do this
  #2 - Wen an account is disabled most on the information in the object is hidden.  YOu would need to undelete to use the object.
  #3 - Get list as text and validaye al values are not deleted accounts.  Remove deleted and save back.
  ¯\_(ツ)_/¯

• How to catch rollback in Disable user process task in Xellerat User Process

  hi ...
  I want to send an email to manager group of the user, once the user is disabled from the OIM (when end date is reached). I created an adapter and attached it to the ‘Changed User Disabled’ process task in the ‘xellerate user provisioning’ process and add a new row in the “Lookup.USR_PROCESS_TRIGGERS” Lookup definition. (code key: USR_DISABLED and Decode: Change User Disabled ). This adapter executes only when the user status is equal to “disabled”.
  This works correctly when the OIM user disabling process execute without any errors. But sometimes while disabling the user it gives an error (“resource is not configured properly”) and rolls back everything and make the user active. But at the same time my adapter runs and sends the mail informing user is disabled but yet user is active.
  My problem is how can I find or catch rolls back transaction in the “Disable User” process task (which is in “Xellerate User” process”) ??? If I can get to know that a roll back is occurred then I can send a mail to OIM administrator, informing that user disable process is failed.
  Can someone please help me to find this..
  Thanks in advance :)
  Regards,
  i.k.

  Hi Rajiv,
  Error occurs while disabling the user due to resource configuration problems. ( error message is : DOBJ.RESOURCE_NOTCONFIGURED_PROPERLY -- One or more provisioned resource is not configured properly) In this case i know the problem and how to solve it. But what I want to know is in any case if disable process get fail and if things get roll back again, then how can I track that situation and send a mail to OIM Admin(informing the failure) instead of sending a mail to user managers saying that user account has been disabled.
  I think now my problem is clear…. Can u please help me to find this.
  Regards,
  i.k.

• Using PL/SQL code in ODI User Functions

  Is it possible to write PL/SQL code (with multiple in params and one out param) in ODI User Function ?
  Actually I need to use this user functions in my interface mapping.
  I know it can be done using ODI Procedures but Procedures cannot be used within interfaces when mapping columns.

  Hi Anurag Ambasta,
  You can use the ODI user functions and choose the Linked technology as 'Oracle' where you can implement and use oracle syntax .
  And the user functions can receive the multiple parameters and it returns the single value to the function cal, which use are expecting right?
  Thanks,
  Yellanki

• Disabling user through API call -process task-followed by an Enable User...

  Hi,
  I am running on OIM 9.1 BP11. I implemented a process task to disable the user based on a URS form field change.
  I can confirm from the log file and the resource that the Disable user (xellerate user) happened. But the user got enabled back right away. The log file showed that a scheduled task named "Enable User After Start Date" ran and enable the user. So, I disabled that scheduled task.
  Then I repeated the test again. I observed the same behavior of user being disabled and enabled again but this time, OIM called an adapter. This is what I observed in the log file:
  20988 INFO,20 Oct 2010 12:21:56,519,[XELLERATE.DATABASE],DB read: select evt.ev t_key, evt.evt_name, evt.evt_package, mil.mil_name from mil mil, evt evt w here evt.evt_key = mil.evt_key and mil.mil_key=10
  20989 DEBUG,20 Oct 2010 12:21:56,519,[XELLERATE.DATABASE],select evt.evt_key, ev t.evt_name, evt.evt_package, mil.mil_name from mil mil, evt evt where evt. evt_key = mil.evt_key and mil.mil_key=10
  20990 INFO,20 Oct 2010 12:21:56,519,[XELLERATE.PERFORMANCE],Query: DB: 0, LOAD: 0, TOTAL: 0
  20991 DEBUG,20 Oct 2010 12:21:56,519,[XELLERATE.SERVER],Class/Method: tcBusiness Obj/getSqlOperationFromMembers entered.
  20992 DEBUG,20 Oct 2010 12:21:56,519,[XELLERATE.SERVER],Class/Method: tcBusiness Obj/getSqlOperationFromMembers left.
  20993 DEBUG,20 Oct 2010 12:21:56,519,[XELLERATE.ADAPTERS],Class/Method: tcADPCla ssLoader/getClassLoader entered.
  20994 DEBUG,20 Oct 2010 12:21:56,519,[XELLERATE.ADAPTERS],Class/Method: tcADPCla ssLoader/getClassLoader left.
  20995 DEBUG,20 Oct 2010 12:21:56,520,[XELLERATE.ADAPTERS],Class/Method: tcADPCla ssLoader/findClass entered.
  20996 INFO,20 Oct 2010 12:21:56,530,[XELLERATE.ADAPTERS],Adapter: Enabling the User was initiated for the task: Enable User.
  20997 INFO,20 Oct 2010 12:21:56,531,[XELLERATE.JAVACLIENT],System Event Handler : Enabling the User
  I did exactly the same disabling user process at another client and it worked fine. I don't understand what causes OIM to call this system Event handler to re-enable the user.
  Please help.
  Thanks
  Khanh

  Do you have any Entity Adapter or Event Handler or Trigger which enables user for some condition ?
  Check your environment. If you have please remove that and try.
  Does this user has and provisioned resource ? If yes, try for some other user which doesn't have resource provisioned.

• Disable Inbox Rules for Disable Users

  I have found that when our helpdesk disables an AD user account (terminated employee) that has an Outlook inbox rule to forward the email to an email address outside the organization, emails sent to the former employee are still forwarded to that outside
  email address.  I would like to run a script each day that queries AD for all disabled accounts, removes any forwarding SMTP adresses, then removes all mailbox inbox rules.  I have been trying to use get-aduser against a DC and export the list of
  disabled users, this works fine.  I then take that csv, import it and use -foreach-object to set the forwarding smtp address to null.  I would then like to use the same csv file to run the -removeinbox rule command against the list.  I am having
  a hard time time combining the commands I need into a PS script that works against both AD and Exchange.
  Anyone have some powershell kung fu to assist me?  Thank you!
  ~Eric

  Hi Eric,
  According to your description, I understand that you want a script to get a list of disabled AD user, then removes any forwarding SMTP addresses, then removes all mailbox inbox rules.
  We can run following command to get a list of disabled AD user in PowerShell:
  Get-ADUser -Filter 'Enabled -eq "false"' | select name,userprincipalname
  More details about “How Can I Get a List of All the Disabled User Accounts in Active Directory? “, for your reference:
  http://blogs.technet.com/b/heyscriptingguy/archive/2005/05/12/how-can-i-get-a-list-of-all-the-disabled-user-accounts-in-active-directory.aspx
  Also, run below command to disable forwarding SMTP address and inbox rule:
  Get-Mailbox  -Identity xxxx | Set-Mailbox -DeliverToMailboxAndForward $false
  Get-InboxRule –Mailbox xxxx | remove-InboxRule
  However, we recommend use this disable AD user to disable mailbox.
  By the way, this question will related to the script of Exchange server, please contact relevant team so that you can get more professional suggestions. For your convenience:
  http://technet.microsoft.com/en-us/scriptcenter/dd742246.aspx
  Best Regards,
  Allen Wang