De-provisioning MS Access
Hi,
We have to implement de-provisioning on MS Access.
Could you please suggest,
IDM supports MS Access data base?
What is the driver could be used for remote access?
What is the connection url string?
Thank you,
Mani
Hi,
Could you please tell us how do you compact Access database? You can follow these suggestions to compact it again.
http://office.microsoft.com/en-001/access-help/compact-and-repair-a-database-HA010341740.aspx
Is the database split? Front End or Back End? If split is it the Front End or Back End that won't compact. If not split, most likely you have corrupted mdb file.
Or you can try to create a new database and import all of the database objects from the old database into the new database to check if it works.
Regards,
Greta Ge
TechNet Community Support
It's recommended to download and install
Configuration Analyzer Tool (OffCAT), which is developed by Microsoft Support teams. Once the tool is installed, you can run it at any time to scan for hundreds of known issues in Office
programs.
Similar Messages
-
Seggregate Automated User provisioning using Access Policy-Diff Groups/Org
Hello there,
By default, the users that are created in OIM - via GTC/via self registration/via Administrator - they all get assigned to "All Users" group. Can we assign these users to a different User Defined group for e.g. "trialgroup", by default and Unassign the "All Users" group. If yes, how can we do that?
This question is related to another question of mine:
I want to avoid all the users that are being created in OIM system - to be all together provisioned to a single IT Resource in my case OID directly via Access policy which can be applied on individual group. I want to keep the system extensible for future purposes. And the only way to seggregate direct resource provisioning via access policy is by means of different "groups". So the solution that I could think of was to assign all the users that are being created currently (via GTC and via Bulk Load into OIM) to a separate group and assign an access policy to the group so that in future if any other resource comes into picture then the system can be extended by creating more groups and designing individual separate access policies for the same.
Does this makes sense?
Please provide your inputs! Any hints/suggestions/ideas are welcomed.
TIA,
- oidm.I am actually not very sure, what you want to achieve form the content of that post. If you mean that you would not want every user in OIM to be provisioned to OID automatically through access policy, then I am assuming that in that case you will aplly the access policy to the ALL_USERS group.
Well I may be missing the flow of your question, but here is what you can do based on my understanding:
1) Just forget ALL_USERS group. We can no nothing about it. Any User created will be a part of this group and you cannot remove a user from this group.
2) In place of this what you can do is create another group, for instance trialgroup and make all users a member of this group as well. This would be simple to do. See next step. Use addMemberUser() API of addMemberUser interface.
3) Create an Entity adapter with a javatask added, which takes an input of UserID, and assigns that user to this group (trialgroup) in OIM using above API. Attach this adapter to the post-insert trigger of the "Users" data object manager. (It also have another ootb Entity adapter which adds all the users to ALL_USERS group).
4) Attach your access policy to this group.
5) Now also you are free to extend your system by creating more groups and access policies. It shouldn't be a problem.
Thanks
Sunny -
Issue in OIM 11gR2Ps2 while provisioning using access policies
Hi,
we are provisioning resources using access policies, we are facing any issue while provisioning resource using two access policies. we are populating the main process form data using two access policies, according to the access policy priority we are seeing the first access policy form data value in the user process form, but the second access policy value is not showing in the user process form, for example we are populating processform fieldvalue1 using access policy1 and processform fieldvalue2 using access policy2.
Thank you,Hi,
we are facing issue in the following scenario
we are provisioning a resource based on the user position through access policies, for example a user position "contractor" is satisfies two rules based on the rules he will get two roles, these two roles trigger two access policies, and two access policies giving same resource for example "AD", in AD main process form there two lookups(lookup A,lookup B), we are giving looukp A value in acess policy1 and lookup B value in access ploicy2, when ever user gets AD resource through these roles, after provisioning when we see the user process form only lookup A value is there and lookup B is empty.But i want to get both lookup A,lookup B values, what i observed was based on the priority access policy values are comming to user resource form, the next access policy form values are not reflecting the user process form.
Thanks, -
Access provisioning through Access List
I have Inter Vlan Routing done on my Core Switch, through which subnets are restricted to access each other, Example subnet of 10.1.23.0 cannot have access to subnet of 10.1.24.0.
Due to certain requirement i want that 10.1.23.19(Users Worskstain IP) can access 10.1.24.41 (Users Workstation IP)
Is it possible to do that, without disturbing my InterVlan Routing? Please suggestBelow is the Configuration of Intervlan Routign on my core Switch, please suggest
interface Vlan2
description IAS
ip address 10.1.14.2 255.255.254.0
ip access-group IAS out
vrrp 2 ip 10.1.14.5
vrrp 2 priority 99
interface Vlan3
description MKT
no ip address
ip access-group MKT out
vrrp 3 ip 10.1.6.5
vrrp 3 priority 99
interface Vlan4
description ESG
ip address 10.1.16.2 255.255.255.128
ip access-group ESS out
vrrp 4 ip 10.1.16.5
vrrp 4 priority 99
interface Vlan5
description NMSG
ip address 10.1.24.2 255.255.255.128
vrrp 5 ip 10.1.24.5
vrrp 5 priority 99
interface Vlan6
description OAG
ip address 10.1.26.2 255.255.255.128
vrrp 6 ip 10.1.26.5
vrrp 6 priority 99
interface Vlan7
description SMG
ip address 10.1.28.2 255.255.255.128
ip access-group SMG out
vrrp 7 ip 10.1.28.5
vrrp 7 priority 99
interface Vlan8
description DMG
ip address 10.1.30.2 255.255.255.128
ip access-group DMG out
vrrp 8 ip 10.1.30.5
vrrp 8 priority 99
interface Vlan9
description DMS_UAT
ip address 10.1.32.2 255.255.255.128
ip access-group DMS_UAT out
vrrp 9 ip 10.1.32.5
vrrp 9 priority 99
interface Vlan10
description SEG
ip address 10.1.34.2 255.255.254.0
vrrp 10 ip 10.1.34.5
vrrp 10 priority 99
interface Vlan11
description SEG-2
ip address 10.1.33.2 255.255.255.128
vrrp 11 ip 10.1.33.5
vrrp 11 priority 99
interface Vlan12
description Finance_F2
ip address 10.1.2.2 255.255.255.0
vrrp 12 ip 10.1.2.5
vrrp 12 priority 99
interface Vlan13
description Operations
ip address 10.1.10.2 255.255.255.128
ip access-group OPS out
vrrp 13 ip 10.1.10.5
vrrp 13 priority 99
interface Vlan17
description PD&T
ip address 10.1.36.2 255.255.255.128
ip access-group PDT out
vrrp 17 ip 10.1.36.5
vrrp 17 priority 99
interface Vlan18
description HR&Admin
ip address 10.1.8.2 255.255.255.0
ip access-group HR&Admin out
vrrp 18 ip 10.1.8.5
vrrp 18 priority 99
interface Vlan19
no ip address
interface Vlan20
no ip address
interface Vlan21
no ip address
interface Vlan22
description SEG3
ip address 10.1.44.2 255.255.255.128
ip access-group SEG3 out
vrrp 22 ip 10.1.44.5
vrrp 22 priority 99
interface Vlan23
description Call_Center
ip address 10.1.42.2 255.255.255.0
ip access-group CC out
vrrp 23 ip 10.1.42.5
vrrp 23 priority 99
interface Vlan24
description IT_Sec
ip address 10.1.23.2 255.255.255.0
vrrp 23 ip 10.1.23.5
vrrp 23 priority 99
interface Vlan25
description Q-mgmt
ip address 10.1.9.2 255.255.255.0
ip access-group ACESSCONTROL out
vrrp 25 ip 10.1.9.5
vrrp 25 priority 99
interface Vlan26
description RTA
ip address 10.1.150.2 255.255.254.0
ip access-group RTA out
vrrp 26 ip 10.1.150.5
vrrp 26 priority 99
interface Vlan27
description P&D
ip address 10.1.45.2 255.255.255.0
ip access-group PD out
vrrp 27 ip 10.1.45.5
vrrp 27 priority 99
interface Vlan28
description Trustee
ip address 10.1.18.2 255.255.255.0
ip access-group TRUSTEE out
vrrp 28 ip 10.1.18.5
vrrp 28 priority 99
ip access-list standard CC
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard CEO
deny 10.1.2.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard CS
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
ip access-list standard DMG
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard DMSSCAN
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard DMS_UAT
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard ESS
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard FIN
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard HRADMIN
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard IAD
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard IAS
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard ITSEC
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
ip access-list standard MKT
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard NMSG
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard OAG
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
ip access-list standard OPS
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard PD
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard PDT
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard Q-mgmt
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
permit any
ip access-list standard RTA
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
permit any
ip access-list standard SEG
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard SEG2
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard SEG3
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard SMG
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard TRUSTEE
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard static-routes
permit 10.1.136.0 0.0.1.255
permit 10.1.138.0 0.0.1.255
permit 10.1.142.0 0.0.0.255
permit 10.1.144.0 0.0.1.255
permit 10.1.160.0 0.0.1.255
permit 10.1.200.0 0.0.1.255
permit 10.1.204.0 0.0.1.255
permit 10.1.210.0 0.0.0.255
permit 10.1.222.0 0.0.1.255
permit 172.18.100.0 0.0.0.255
permit 172.18.101.0 0.0.0.255
permit 172.18.102.0 0.0.0.255
permit 172.18.103.0 0.0.0.255
permit 172.18.104.0 0.0.0.255
permit 172.18.105.0 0.0.0.255
permit 172.18.106.0 0.0.0.255
permit 10.1.146.0 0.0.0.255
permit 192.168.1.0 0.0.0.255
permit 10.1.145.0 0.0.0.255 -
Unable to provision Business Rules access for users
Hi all,
Our analytic server is properly configured in Shared Services : we can correctly create users, provision Essbase access for those users, change password, etc...
An application business rules is visible in the left pane of shared services, but we are not able to provision Business rules access for users.
When we try to provision access for a user, we have only access to the Analytic properties.
What's going wrong ?It sounds like the user you login to HSS with hasn't been assigned with "Provisioning Mgr" rights to business rules.
Get the HSS admin user to grant you these rights and you should then be able to provision users to use Business RUles.
Gee -
Provisioning varying admin access levels by Planning plan types
How can I provision admin access levels by plan types? For example, I'd like to grant a user full admin access to one plan type, but limit their access for another plan type within the same application? The plan type I want to limit them to is basically a workforce plan type which I do not want to allow them to have any admin access to. Anyone know how to do this?
I took a look at the blog and my current setup design mostly follows what is on the blog. I too have a workforce plan type along with other plan types in the Planning application. What I'm trying to see if it's possible is to setup a user with admin access to manage and modify the member outlines for 2 out of the 3 plan types in Planning, but not give him access to the workforce plan type as that has sensitive compensation information. But it appears that if he's granted admin access to modify the application outline, then he would be able to grant himself access to the workforce members, which then means I can't provision him with limited admin rights while also preventing him from access to the workforce information.
-
Does anyone know how to remove user's access to the Default calc? Here's some background on what we're using.
Essbase 9.3.1
External authentication (Shared Services)
all users are members of groups
only groups are provisioned - calc access with filtersThe easiest way is to change the default calc to be only a semicolon ; it will make the default do nothing so even if someone has acccess to won't hurt anything. but you could also go into shared services and select the calc scripts the groups have access to and specify which ones they should be able to run
-
Hello
we have configured AD with OIM 9101. We have couple of groups inside AD were the user needs to be provisioned using access policy. that is working fine. Now when a user is making update to user form the user gets removed from the user group from AD. Don't know why is this happening. Let me know solution if any knows the fix. Thanks
AkshayYes the user is updating user attribute mostly password. But that attribute is not related to access policy. Access policy is basic ones e.g user from -- all employees group will have access policy to be part of people soft portal which uses the AD groups...
Akshay -
Access Policy and Resources -11gR2
Hi all,
I have create an Access policy in 11gR2, its working fine and as per requirement the Resource is getting provisioned / revoked properly.
In *11gR1* resources provisioned through the Access policy were used to be displayed / listed in the User's Resources tab, In *11gR2* the resources provisioned by Access Policy are not being displayed / listed in under the Accounts tab. is it the default behavior of 11gR2? or some bug? or I need to make any configurations to have it displayed here?
Regardsnothing special has to do for showing under Accounts tab. Have you created *'Application Instance'* for the Resource. You have to create Application Instance and run the "catalog sync' job. and once Application Instance is provisioned to user. It will be available under Accounts tab.
Follow 11gr2 doc for creating application instance
http://docs.oracle.com/cd/E27559_01/dev.1112/e27150/resmgt.htm#CBBFAIEC -
Access policy issue in oim11gr2
Does auto provisioning through access policy work in 11g R2? I have the manual provisioning working fine.
may your scheduled task "evaluate user policy" is disabled. Check "evaluate user policy" task, if it is not enabled, enable it and run once manually and let's see
-
UME and Portal role provisioning is available in AC 5.3
Hi All,
Can some body help me on this.
Abhimanu SinghHello Abhimanyu,
There is something offered in this respect by the SAP Identity Management tool too, which you can integrate for provisioning, alongwith Access Controls from GRC. This runs for many other applications as well. Not really sure of your whole scenerio but it can be of a help to you.
Regards,
Hersh. -
Is there an IDES system of "Access Enforcer" internally at SAP?
Hi expert,
Is there an IDES system of "Access Enforcer" in SAP so that we can access it internally from SAP network?
Thanks.Very well.
<b>This information is only applicable within SAP's corporate network.</b>
Access Controls 5.1 - compliant user provisioning (Virsa Access Enforcer for SAP)
http://idphl930.phl.sap.corp:50000/AE/index.jsp
ERP Backend: Application Server: idphl932.phl.sap.corp, System Number: 50, system ID: G13, Client: 870
Updated Demo Scripts are located here:
Rsophltrndb\FEPublic\Public\GRC_Workshop\DemoScripts -
- Is there any instruction on how to provision the access point from CAPWAP?
- I have one access point that lost the configuration and can access to the console port only. How do I provision the AP back to the controller?
Thank you very much.First, the Access-Point needs an IP Address. Assign IP address to the Access-Point using a DHCP Server configured on the router. Use the Option 43 with the AP Manager IP of the Wireless Controller. Here an Example:
Complete these steps in order to configure DHCP Option 43 for lightweight Cisco Aironet access points in the
embedded Cisco IOS DHCP server:
1. Enter configuration mode at the Cisco IOS CLI.
2. Create the DHCP pool, which includes the necessary parameters, such as the default router and server
name. This is an example DHCP scope:ip dhcp pool
network
default-router
dns-server
3. Add the Option 43 line with this syntax:option 43 hex
The hexadecimal string in step 3 is assembled as a sequence of the TLV values for the Option 43 suboption:
Type + Length + Value.
Type is always the suboption code 0xf1. Length is the number of controllermanagement IP addresses times 4 in hex.
Value is the IP address of the controller listed sequentially in hex.For example, suppose there are two controllers with management interface IP addresses, 192.168.10.5 and
192.168.10.20. The type is 0xf1. The length is 2 * 4 = 8 = 0x08. The IP addresses translate to c0a80a05
(192.168.10.5) and c0a80a14 (192.168.10.20). When the string is assembled, it yields
f108c0a80a05c0a80a14. The Cisco IOS command that is added to the DHCP scope is:
option 43 hex f108c0a80a05c0a80a14 -
How to grant admin access to a CDOT cluster via an Active Directory group
We have a new 4 node CDOT cluster that we are building out at this time. This is the first on our company as the rest are all running 7-mode.When I add execute the following commands on our new CDOT cluster, I am able to successfully login via putty or system manager:security login create -vserver vs1 -username DOMAIN\username -application ontapi -authmethod domain -role admin
security login create -vserver vs1 -username DOMAIN\username -application ssh -authmethod domain -role adminHowever, I need to provision security access via AD groups as we have a ot of admins that need access. If I use the following commands to provision security, the commands are accepted by ONTAP but AD credential sets will not grant access to putty or system manager.security login create -vserver vs1 -username "DOMAIN\AD Group" -application ontapi -authmethod domain -role admin
security login create -vserver vs1 -username "DOMAIN\AD Group" -application ssh -authmethod domain -role adminPlease provide comments if you have ideas on next steps.I have done it in 8.3 please see below for the steps Here are the steps to grant access after you have CIFS setup in your SVM (This portion has to be done before the below steps will allow access) my-fas8060> security login domain-tunnel create -vserver (nameofSVM) (gives SSH login)my-fas8060> security login create -vserver (nameofSVM) -username domain\group name -application ssh -authmethod domain -role admin (gives GUI login)my-fas8060> security login create -vserver (nameofSVM) -username domain\group name -application http -authmethod domain -role admin my-fas8060> security login create -vserver (nameofSVM) -username domain\group name -application ontapi -authmethod domain -role admin
-
How to manipulate users provisions in the planning application MSdatabase
Hi All.
I want to change user provisions in the Planning Application MSDatabase without using Hyperion planning .
How can I directly use msDatabase tables and change user provisions.
which tables must be used for this operation?İ am new in essbase and hyperion planning.
İn my test system there are alot of user. for example when i have to change some users provisions for accessing some dimensions or forms, i change provisions one by one for all specified users so it takes long times.
I want to learn that can i change provision options without using hyp planning?, forexample can i change users provisions using with my custom java apllcation.
And my system is test system so İ can restart it if it is necessary.
Maybe you are looking for
-
How can I have my app create components for all states on startup?
Hi All, I've got an application with 8 different states. When the user moves from one state to the next for the first time, there's a brief (but perceptible) delay while the Flash Player sets up everything on the next view (state). I would like to
-
Moving an iPhone to a new apple id
We have been using two iPhones, one iPad, and one iMac on one Apple ID before iOS5, but now after upgrading to iOS5 and iCloud, the phones think they are siamese twins, and I need to separate them. How do I do that? We have another windows macine if
-
Change Capitalization For Many Cells at Once
How can I change the captialization for many table cells at once. I can do it for one cell at a time by triple-clicking an choosing the capitalization menu within fonts, but if I select all the cells I want to change and then go to fonts>capitalizati
-
Hi, I have an ALV Tree (cl_salv_tree) that's works fine. But I need to export all data to excel. I am using OLE objects to do this. I would like to know if is possible group lines into excel. For example. Today works like this Level1 - Value 1 ---Lev
-
I can't do anything without fear that it will ask for me to restart or simply crash. I dont know what's wrong. Update load then say there is an error right before finishing, but it does this with most things. Every internet browser I have tried gives