Database ActiveSync and Conditional Role
Hello IDM Experts,
I am trying to provision a Business Role during an Oracle Table ActiveSync that has conditional IT roles that set attributes in Active Directory and Google.
Business Role (Student):Student
Conditional Roles (Applicants,Students, Graduated, etc ): Provisions AD Org Unit, Security Groups and triggers the creation of a unique email address (for Students only)
Example Condition for applicants
IDM_STUDENT_DEV: CSU_CMS_ROLE starts with constant: Applicants
OR
Lighthouse: CSU_CMS_ROLE starts with constant: Applicants
Required Role (Student-NG): This is a required role that creates the common AD attributes such as Distiguished name, CN etc.
During ActiveSync Update the conditional roles are applied correctly. During CREATE they are not.
I understand that during activeSync the activeSync namespace is available.
My thought was to find a way to configure the conditional roles to look at the incoming role from the Oracle Table but I have been unsuccessful with defining the condition to evaluate the activeSync namespace.
How do I configure the Conditional role to evaluate at the activesync namespace?
Has anyone been successful with provisioning using conditional Roles during Active Sync Create?
I found that the problem was that a required attribute for Google needed to be generated for the idenitity template within the ActiveSync Form. The conditional logic was not being processed because of this missing attribute and IDM was exiting without creating accounts.
Similar Messages
-
DataBase unavailable and Mirrored Db role has chnaged.
Hello All,
We got below errors in our principal and Mirror db servers.
1) The mirroring connection to "TCP://servername.domain.com:5022" has timed out for database "Db name" after 10 seconds without a response. Check the service and network connections.(Mirror Server).
2) Database mirroring is inactive for database 'DB Name'. This is an informational message only. No user action is required.(Pricipal)
2) The command failed because the database mirror is busy. Reissue the command later. .(Pricipal)
3) The mirrored database "Db" is changing roles from "PRINCIPAL" to "MIRROR" because the mirroring session or availability group failed over due to role synchronization. This is an informational message only. No user action
is required. .(Pricipal)
Before the first error we got an alert that db is unavailable. After 1 min of this alert the issue has started.
After a successful fail-over of that particular db to mirror again it was rolled back to principle automatically. After that I can see a server shut down with below errors.and mirroring failed on all the dbs.
Database mirroring connection error 4 'The connection was closed by the remote end, or an error occurred while receiving data: 55(The specified network name is no longer available.)'' for 'TCP://Server Name.Domain.com:5022'.(Mirror)
Database mirroring connection error 4 'An error occurred while receiving data: '1054(An existing connection was forcibly closed by the remote host.)'.' 'TCP://Server Name.Domain.com:5022'. .(Mirror)
SQL Server is terminating because of a system shutdown. This is an informational message only. No user action is required. (Pricipal)
The connection has been lost with Microsoft Distributed Transaction Coordinator (MS DTC). Recovery of any in-doubt distributed transactions involving Microsoft Distributed Transaction Coordinator (MS DTC) will begin once the connection is re-established.
This is an informational message only. No user action is required. (Pricipal)
SQL Server cannot accept new connections, because it is shutting down. The connection has been closed. [CLIENT: IP. (Pricipal)
I am very confused that why this db unavailable before the issue. I don’t have any information about this.
Can some body help me to find out the root cause why this unexpected fail over and
sql shutdown.Hello,
It looks like something was updated or done to the end system as:
'An error occurred while receiving data: '1054(An existing connection was forcibly closed by the remote host.)'
Is generally caused by a firewall. Please double check software and hardware firewalls (including endpoint protection software) and make sure the exceptions for port 5022 tcp exist.
-Sean
The views, opinions, and posts do not reflect those of my company and are solely my own. No warranty, service, or results are expressed or implied. -
Database level users and their roles
Hi Team,
we are doing some auditing we need to check in database.
User name and his roles for this any script please kingly suggest me.
Use <<database name>>
UserName Role
subuRefer the below link:
http://www.pythian.com/blog/httpconsultingblogs-emc-comjamiethomsonarchive20070209sql-server-2005_3a00_-view-all-permissions-_2800_2_2900_-aspx/ -
I have purchased a movie and downloaded it. Next I get a screen that says Terms and Conditions and tells me to read and click on Agree. I cannot find the Agree anywhere in the document. How do I move on and view the movie?
Go to Settings>General>Usage. How much space does it show you have?
If you connect your phone to your computer, what does iTunes say is on your phone? Do you see a large amount of "Other"? If so, you may have a corrupted database. You'll need to sync your phone then restore it as NEW (not from back up) then re-sync your data). -
What are message tables and their role?How to create and access them ?
hi,
Can any body clarify me about What are messaging tables and their role(use) in DataBase?How to create and access them ?
Thanks in advance
GopiIf you have doubt that's you have an idea. So, explain your idea please, because I don't see what are "messaging tables".
Did you say about Oracle database ? Apps ?...
Nicolas. -
'Share Name ID' Terms and Conditions Questions
Sorry for the double post - I had originally, by habit, posted this in the Droid Razr forum, but realize now it would be better here.
I would rather have my Verizon number display my name than the generic "Wireless Caller" and the instructions for how toConfigure Share Name ID tell you how to do that. But my question has to do with the Terms and Conditions on that page which read:
Note the Terms & Conditions: Your use of Name ID Services is subject to the following terms and conditions. By submitting a name for display and disclosure to others you are affirmatively asking Verizon Wireless to give your name and wireless phone number to a publicly available directory for use and distribution and you agree and consent to disclosure and use of this information by third parties.
Can anyone tell me exactly what that means? Specifically, I have three questions:
Does it mean you are now in a public "white pages" type directory?
Does it mean your phone number will be shared with telemarketers?
And lastly, if you have chosen to keep your Customer Proprietary Network Information (CPNI) private and opted out, will using Share Name ID override that selection?
In another forum there's a lot of discussion about this and I'd like to be able to add some informed information as opposed to wild speculation.
So if anyone - especially a Verizon employee - can shed some light on what those Terms & Conditions mean (or don't mean), I'd appreciate it.
Thanks.I just got an answer to this from a very nice Verizon employee named Ryan. For anyone else who is interested, he said:
The Share Name ID service allows your name to show a specific or customized name when calling another person. The directory the terms and conditions are referring to are databases that landline companies use to provide Caller ID service. Landlines and cell phones process Caller ID in different ways. When you call a cell phone, whatever that phone has your number saved is how it shows on the display. Landline phones do not typically have a locally stored address book, so they rely upon these databases to give a name to display. The directory that is being referenced are these databases, used solely for Caller ID. They are not publicly accessible and searchable like a White Pages.
Opting in to Share Name ID will not override the CPNI opt out, they are two separate entities, and Verizon Wireless will not give your information to telemarketers. The only thing that will change with using Share Name ID is that your name(or whatever you choose) will show up whenever you call somebody instead of a generic "Wireless Caller" statement. Your privacy is still very much respected, and no alterations will be made. -
The problem of connect and resource role
Hi,
As we know, that while crating a new user, we can assign connect and resource so that the user can access the system tablespace.
The problem that i got is instead of assigning the connect and resource role, i have assigned each and every privilege individually from this role. But, surprisingly, my user has not got the privilege o accessing the system tablespace.
I was working in oracle 9i database. Can anyone help me in this regard and tell me what is the reason behind this?
Thanks in advance.what huntrex said is quite valid i would like to add some more..
SQL> create user myuser identified by myuser
2 /
User created.
SQL> select grantee,privilege
2 from dba_sys_privs
3 where grantee='MYUSER'
4 /
no rows selected
SQL> grant resource to myuser
2 /
Grant succeeded.
SQL> select grantee,privilege
2 from dba_sys_privs
3 where grantee='MYUSER'
4 /
GRANTEE PRIVILEGE
MYUSER UNLIMITED TABLESPACEWhen you create a new user, the user is not able to save data until given a tablespace quota.As well when you create user and dont define its default tablespace then it is assigned tablespace what you defined at the time of database creation.If you dont define the tablespace at the time of creating database then it goes to system tablespace.
When you grant resource role then user get unlimited tablespace over specified tablespace while creating users or
default when not mentioning tablespace.
conn myuser/muyuser
SQL> select * from session_privs;
PRIVILEGE
CREATE SESSION
ALTER SESSION[b]
UNLIMITED TABLESPACE
CREATE TABLE
CREATE CLUSTER
CREATE SYNONYM
CREATE VIEW
CREATE SEQUENCE
CREATE DATABASE LINK
CREATE PROCEDURE
CREATE TRIGGER
CREATE TYPE
CREATE OPERATOR
CREATE INDEXTYPEAs you created the user and i assume you didnt specify the default tablespace ,this user goes for system tablespace
but you didnt assign resource role then you will have to have assign quota for that user to create any object within
this created user.
SQL> conn sys/sys as sysdba
Connected.
SQL> drop user myuser
2 /
User dropped.
SQL> create user myuser identified by myuser
2 /
User created.
SQL> grant connect to myuser
2 /
Grant succeeded.
SQL> conn myuser/myuser
Connected.
SQL> select * from session_privs;
PRIVILEGE
CREATE SESSION
ALTER SESSION
CREATE TABLE
CREATE CLUSTER
CREATE SYNONYM
CREATE VIEW
CREATE SEQUENCE
CREATE DATABASE LINK
8 rows selected.
SQL> create table mytable (a number)
2 /
create table mytable (a number)
ERROR at line 1:
ORA-01950: no privileges on tablespace 'USERS'
SQL> conn sys/sys as sysdba
Connected.
SQL> grant unlimited tablespace to myuser
2 /
Grant succeeded.
SQL> conn scott/tiger
Connected.
SQL> conn myuser/myuser
Connected.
SQL> create table mytable (a number)
2 /
Table created.
SQL> Khurram -
What is data base interface and the role it will play while retrieving data
What is data base interface and the role it will play while retrieving data.
Hi,
check out the following link.
http://help.sap.com/saphelp_nw04s/helpdata/en/97/68d64260752a78e10000000a155106/frameset.htm
it says:
Database Interface
Interface to the database of the NetWeaver AS ABAP that is integrated in the ABAP-runtime environment. The statements of Open SQL and Native SQL access the database using the database interface. The database interface is responsible for data transport between business layer and persistence layer, automatic client handling, and SAP buffering.
hope it helps.
Regards,
kinshuk -
Filed and conditional Lost of value
Hello,
Is it possible to choose the LOV for a field dynamilcally ?
I've got LOV 1 based on RECORD GROUP 1 and LOV 2 based on RECORD GROUP 2 and a database field, for condition 1 I want the field to be validated with LOV 1, for condition 2 same but LOV 2.
Thanks.
Romeoyes you can do so
write code on key-listval on the field.
DECLARE
l_lret BOOEAN;
BEGIN
IF ( condition1 ) THEN
l_lret := SHOW_LOV('LOV1');
ELSE
l_lret := SHOW_LOV('LOV2');
END IF;
END;
set the validate from lov property for the field to true. -
Where are the OLAP_USER and OLAP_XS_ADMIN roles defined ?
I'm trying to install the OLAP Schema for evaluating OLAP.
GRANT olap_user, olap_xs_admin TO GLOBAL;
Error report -
SQL Error: ORA-01919: role 'OLAP_USER' does not exist
01919. 00000 - "role '%s' does not exist"
*Cause: Role by that name does not exist.
We are running Oracle 11gR2 and OLAP is installed.
Thanks,
Bob LarsenThe OLAP_USER role is defined in
$ORACLE_HOME/olap/admin/xoqroles.sql
The OLAP_XS_ADMIN role is defined in
$ORACLE_HOME/olap/admin/awmxsrol.sql
Both of these SQL scripts are run during the installation of the OLAP option and should be available.
Which user are you connect with when you did the grant?
Finally, as a double check, please run the query as the sys user:
In SQL*PLUS:
set linesize 120 pagesize 999
column comp_name format a40
Select comp_id, comp_name, version, status from dba_registry order by comp_id;
Make sure you have valid rows for APS, XOQ. You will also have a row for AMD which is not
shown below since I am running a 12.1 instance and AMD is no longer installed as part of the OLAP Option.
If you do not see valid rows for APS and XOQ then something did not run correctly for the installation of the
OLAP Option. You need to be enterprise edition of the database for the OLAP Option also.
COMP_ID
COMP_NAME
VERSION
STATUS
APS
OLAP Analytic Workspace
12.1.0.1.0
VALID
CATALOG
Oracle Database Catalog Views
12.1.0.1.0
VALID
CATJAVA
Oracle Database Java Packages
12.1.0.1.0
VALID
CATPROC
Oracle Database Packages and Types
12.1.0.1.0
VALID
CONTEXT
Oracle Text
12.1.0.1.0
VALID
DV
Oracle Database Vault
12.1.0.1.0
VALID
EXF
Oracle Expression Filter
12.1.0.1.0
VALID
JAVAVM
JServer JAVA Virtual Machine
12.1.0.1.0
VALID
OLS
Oracle Label Security
12.1.0.1.0
VALID
ORDIM
Oracle Multimedia
12.1.0.1.0
VALID
OWM
Oracle Workspace Manager
12.1.0.1.0
VALID
RAC
Oracle Real Application Clusters
12.1.0.1.0
OPTION OFF
RUL
Oracle Rules Manager
12.1.0.1.0
VALID
XDB
Oracle XML Database
12.1.0.1.0
VALID
XML
Oracle XDK
12.1.0.1.0
VALID
XOQ
Oracle OLAP API
12.1.0.1.0
VALID
16 rows selected. -
A Terms and Conditions offering
Hi Forum
Here's an interesting one for you, I'm looking to setup a Terms and Conditions object for users to run before being allowed to launch any offerings.
Had thought that I could do the Job by adding a competency to a content object then adding that to a job role and once the learner completed the object they would be added to the job roe and have self enrolment to a specific content folder. However this doesn't seem to be the case as they system does not add the member to the job role.
I am trying to avoid having to add the T&C object as a prerequisite to all offerings as this will be quite a large administrative exercise.
So I guess my question to the forum, is there a way to have a content object grant access to other content on completion on a large scale.
Think I may be pushing the system here but no harm in asking.
Thanks
StephenStill trying to get this wroking on iLearning
We created code that seems to work but the Custom attribute doesn't get updated.
here's the code:
function updateConfig()
// complete LO
var status = "completed";
var result_status = doLMSSetValue("cmi.core.lesson_status", status);
var update = "Y";
var setConfig = doLMSSetValue("oracle.ila.user.accepted_terms", update);
// get current value
LMS_config2 = doLMSGetValue("oracle.ila.user.accepted_terms");
// commit data and exit
var result = doLMSSetValue("cmi.core.exit", "logout");
result = doLMSCommit();
result = doLMSFinish();
// update page with current stored value
refreshConfigAttr(result_status,setConfig,LMS_config2);
Any pointers would be most appreciated - was thinking that this bit 'oracle.ila.user' is for OLM and not iLearning
Thanks
Stephen
Edited by: Stephen Wilson on 11-Feb-2009 09:00 -
Conditionally apply AND condition
CREATE OR REPLACE PROCEDURE SP_TFS_REPORT (LoginId IN STRING,
status IN STRING,
fromAmount IN STRING DEFAULT NULL,
toAmount IN STRING DEFAULT NULL,
accNumber IN STRING,
result_cursor OUT SYS_REFCURSOR)
IS
BEGIN
OPEN result_cursor FOR SELECT * FROM TEST_TABLE T1
WHERE T1.LOGIN_ID = LoginId AND
T1.STATUS = status AND
T1.FROM_AMOUNT >= to_number(fromAmount) AND --This needs to be applied only if fromAmount paramter is not null*
T1.TO_AMOUNT <= to_number(toAmount) AND --This needs to be applied only if fromAmount paramter is not null*
T1.ACCOUNTNUMBER = accNumber;
COMMIT;
As you can see 'fromAmount' and 'toAmount' are optional paramters to the stored procedure. So the AND conditions corresponding to them need to be conditionally applied. In other words they need to be applied only when I get a NOT NULL value.
I know we can do this using IF ELSE condition but is there any efficient way to do this?
My DB details are:
Oracle Database 11g Enterprise Edition Release 11.1.0.7.0 - 64bit Production
PL/SQL Release 11.1.0.7.0 - Production
CORE 11.1.0.7.0 Production
TNS for Linux: Version 11.1.0.7.0 - Production
NLSRTL Version 11.1.0.7.0 - Production
Thanks in advance for any help!!Hi,
Sure, you can use CASE in a WHERE clause, but there's usually no benefit in doing so.
Why not
WHERE T1.LOGIN_ID = LoginId
AND T1.STATUS = status
AND T1.FROMAMOUNT >= nvl ( to_number (l_fromAmount1)
, T1.FROMAMOUNT
AND T1.FROMAMOUNT <= nvl ( to_number (l_fromAmount2)
, T1.FROMAMOUNT
AND T1.ACCOUNTNUMBER = accNumber; ?
This assumes t1.fromamount is not NULL.
It looks like you've changed your requirements: earlier, you were interested in t1.from_amount and t1.to_amount, and now only t1.fromamount. -
Exchange 2013 IOPS Requirements for ActiveSync and anti-virus
I am currently planning to replace my Exchange 2003 server with Exchange 2013. I have used the Exchange Server 2013 Role Requirements Calculator but I'm stuck on how much additional IOPS to add for ActiveSync and my anti-virus solution (Symantec Mail Security
for Microsoft Exchange). The only info I've found for ActiveSync in regards to additional IOPS is to add .5 but nothing for SMSMSE. Symantec's web site has nothing on this (the question has been asked but not answered). I've also seen the ActiveSync question
asked but not answered.
Any advice or guidance would be appreciated.
Thank you.Only Symantec can answer that for the A/V, but for ActiveSync, assuming you are using mostly Android/iOS, I would recommend using 1.3 for both IOPS Multiplication Factor and Megacycles Multiplication Factor.
Twitter!: Please Note: My Posts are provided “AS IS” without warranty of any kind, either expressed or implied. -
Difference among the Help view,Database view and Maintanance View
hi,
can Anyone pls let me know the Difference among the Help view,Database view and Maintanance View
thanks®ards
ramaThe followings are different types of views:
Database View (SE11)
Database views are implement an inner join, that is, only records of the primary table (selected via the join operation) for which the corresponding records of the secondary tables also exist are fetched. Inconsistencies between primary and secondary table could, therefore, lead to a reduced selection set.
In database views, the join conditions can be formulated using equality relationships between any base fields. In the other types of view, they must be taken from existing foreign keys. That is, tables can only be collected in a maintenance or help view if they are linked to one another via foreign keys.
Help View ( SE54)
Help views are used to output additional information when the online help system is called.
When the F4 button is pressed for a screen field, a check is first made on whether a matchcode is defined for this field. If this is not the case, the help view is displayed in which the check table of the field is the primary table. Thus, for each table no more than one help view can be created, that is, a table can only be primary table in at most one help view.
Go thru this link plzz
http://help.sap.com/saphelp_nw2004s/helpdata/en/cf/21ecf9446011d189700000e8322d00/frameset.htm
Difference between "Help View" and "Search Help"
Projection View
Projection views are used to suppress or mask certain fields in a table (projection), thus minimizing the number of interfaces. This means that only the data that is actually required is exchanged when the database is accessed.
A projection view can draw upon only one table. Selection conditions cannot be specified for projection views.
Maintenance View ( SE54 )
Maintenance views enable a business-oriented approach to looking at data, while at the same time, making it possible to maintain the data involved. Data from several tables can be summarized in a maintenance view and maintained collectively via this view. That is, the data is entered via the view and then distributed to the underlying tables by the system.
Please have a look at below link. It will help you.
http://help.sap.com/saphelp_nw04/helpdata/en/cf/21ed06446011d189700000e8322d00/frameset.htm
for more detailed info look on:
http://www.sap-img.com/abap/what-is-the-different-types-and-usage-of-views.htm
https://www.sdn.sap.com/irj/sdn/wiki?path=/display/home/abap+dictionary&
1.Go to se11
2. select view radiobutton and give a name
3. Create
4. select type of view you want to create. Such as database view.
5. give short description
6. give a table name such as mara
7. press the pushbutton relationship. here you will find all the tables which are allowed to create view with mara.
8. select one or mane tables.
8 copy
9.save , check and activate.
The followings are different types of views:
Database View (SE11)
Database views are implement an inner join, that is, only records of the primary table (selected via the join operation) for which the corresponding records of the secondary tables also exist are fetched. Inconsistencies between primary and secondary table could, therefore, lead to a reduced selection set.
In database views, the join conditions can be formulated using equality relationships between any base fields. In the other types of view, they must be taken from existing foreign keys. That is, tables can only be collected in a maintenance or help view if they are linked to one another via foreign keys.
Help View ( SE54)
Help views are used to output additional information when the online help system is called.
When the F4 button is pressed for a screen field, a check is first made on whether a matchcode is defined for this field. If this is not the case, the help view is displayed in which the check table of the field is the primary table. Thus, for each table no more than one help view can be created, that is, a table can only be primary table in at most one help view.
Go thru this link plzz
http://help.sap.com/saphelp_nw2004s/helpdata/en/cf/21ecf9446011d189700000e8322d00/frameset.htm
Difference between "Help View" and "Search Help"
Projection View
Projection views are used to suppress or mask certain fields in a table (projection), thus minimizing the number of interfaces. This means that only the data that is actually required is exchanged when the database is accessed.
A projection view can draw upon only one table. Selection conditions cannot be specified for projection views.
Maintenance View ( SE54 )
Maintenance views enable a business-oriented approach to looking at data, while at the same time, making it possible to maintain the data involved. Data from several tables can be summarized in a maintenance view and maintained collectively via this view. That is, the data is entered via the view and then distributed to the underlying tables by the system.
Please have a look at below link. It will help you.
http://help.sap.com/saphelp_nw04/helpdata/en/cf/21ed06446011d189700000e8322d00/frameset.htm
for more detailed info look on:
http://www.sap-img.com/abap/what-is-the-different-types-and-usage-of-views.htm
https://www.sdn.sap.com/irj/sdn/wiki?path=/display/home/abap+dictionary&
Go thru this link plzz
http://help.sap.com/saphelp_nw2004s/helpdata/en/cf/21ecf9446011d189700000e8322d00/frameset.htm
Difference between "Help View" and "Search Help"
http://help.sap.com/saphelp_nw04/helpdata/en/cf/21ed06446011d189700000e8322d00/frameset.htm
Hope this is helpful, Do reward -
Run Singlular Database Control and Grid Control Agents at the same time????
Hello,
I have walked into a new job where one of my 1st tasks is installing and configuring EM Grid Control version 10.2.0.3. Most of the individual databases already have singular EM/Database Control also set up for basic monitoring - some are 10.2.0.1 databases; some are 9.2.0.7 databases.
Can I continue to run the existing singular EM Database Controls for monitoring and managing the databases while I am getting connected, the new agents up and running, and the Grid Control templates and alerts and notification fully set up?
Or will I have to shut down those agents fully prior to installing the new 10.2.0.3 agents???
I am hoping so since they use different communication ports of 1158 for the singular Database Controls versus 4889 for Enterprise Wide Grid Control.
Thanks for any help in clarifying this.
KLOK, so as long as I keep the homes separate & straight, I could conceivably allow them both (Database Control and Grid Control Agent) to run AND be used at the same time - even when using secured grid control (https), correct? Just have the separate homes for separate agents and use separate ports for the different consoles?
Of course I might still run into an issue with this, ass I am also in the process of securing Grid Control... The current Database Console used by the app users to monitor is NOT an https url...
The real reason for this is because some app users are used to using the EM Database Control for application monitoring. I would like to not take that away from them while I am in the process of setting up all of the users, roles, alerts, groups, etc. on Grid Control.
Maybe you are looking for
-
Compressing attachments in entourage email
I am unable to compress attachments in my entourage email. I have Stuffit Expander installed, and I still can't compress pictures and video. Is there something else that needs to be done?? Please help Powerbook G4 Mac OS X (10.4.6)
-
I have an imac 11.1 running 10.6.8. The internal optical drive has stopped working. I ordered an apple superdrive and it did not reconize it. What external drive can I hook up?
-
Row_number function not starting from 1
I have two row_number functions in my select statement both has same columns and condition for partition and order by, except one column in order by which is being ordered by DESC.below is function : row_number() over (partition by event_cd order by
-
Configure MB51 to be able to filter by material document number
Hi, Is it recommended to enhance MB51 by reconfiguring the fields contained in the field catalog (RM07DOCS)? For example, current MB51 is not able to filter by material document number. Will there be any issue if we will configure it to allow to filt
-
Your advice for best resolution/page dimensions for building a website
Hi. I would like to know your opinions on what the best resolution to use is prior to building a website in GoLive. Is it best to design a site that would fit a monitor screen thats 1024 x 768, considering that 1024 x 768 is probably the most common