Delegating rights to users

Similar Messages

• WDJ - Right click- User settings , not working at all times

  We are working on SAP Netweaver 7.4.
  We have developed WDJ applications in PO server and are displaying the application in SAP EP using the remote iview method.
  Our requirement: We need to show the users , right click ->User settings so that they can modify the view.
  Steps taken: The allowuserpersonalisation has been set to True.
  Issue:
  Not all of the remote WDJ application are showing the User settings.
  For e.g: If it is working for WDJ application A, it is not working for WDJ application B.
  Here is where it gets more confusing !!!:
  If role A contains WDJ application A and role B contains WDJ application B.
  then:
  1) if WDJ application B is assigned to the role A, then the User settings start working for it
  2) if WDJ application A is assigned to the role B, then the User settings still work for it
  3) if WDJ application B is assigned to the role C, then the User settings do not work.
  Can anyone please help?

  Hi,
  normal right mouseclick is disabled as of 710 I guess, I assume you mean the ctrl+alt+right mouse click, right?
  Also , I am not sure I fully understand your A-B-C example. Can you please elaborate it in a less abstract way? Can you show concrete examples what is not working regarding the end-user personalization? Are all wd java applications running in a non-standalone way when you test end-user personalization?
  Cheers,
  Ervin

• Definer rights vs. user rights

  I must be having a senior moment .... ;-)
  Trying to demo definer rights vs. user rights on execution of a procedure.. With apologies to Daniel, I created this test, and then in trying to find the answer to my question I found his nearly identical example at psoug.
  SQL> --
  SQL> conn system/halftrack@vmora01
  Connected.
  SQL> drop user bert cascade;
  User dropped.
  SQL> drop user ernie cascade;
  User dropped.
  SQL> drop role ernies_role;
  Role dropped.
  SQL> --
  SQL> create user bert identified by bert
    2  default tablespace users
    3  temporary tablespace temp
    4  quota 10m on users;
  User created.
  SQL> --
  SQL> grant create session, create table, create procedure to bert;
  Grant succeeded.
  SQL> --
  SQL> create table bert.berts_table (empid varchar2(15));
  Table created.
  SQL> --
  SQL> CREATE OR REPLACE PROCEDURE bert.user_test  AUTHID current_user IS
    2  v_empcnt number;
    3  BEGIN
    4   select count(*)
    5   into v_empcnt
    6   from bert.berts_table;
    7  END user_test;
    8  /
  Procedure created.
  SQL> --
  SQL> CREATE OR REPLACE PROCEDURE bert.definer_test  AUTHID DEFINER IS
    2  v_empcnt number;
    3  BEGIN
    4   select count(*)
    5   into v_empcnt
    6   from bert.berts_table;
    7  END definer_test;
    8  /
  Procedure created.
  SQL> --
  SQL> create user ernie identified by ernie
    2  default tablespace users
    3  temporary tablespace temp
    4  quota 10m on users;
  User created.
  SQL> --
  SQL> create role ernies_role;
  Role created.
  SQL> --
  SQL> grant create session to ernies_role;
  Grant succeeded.
  SQL> grant select on bert.berts_table to ernies_role;
  Grant succeeded.
  SQL> grant execute on bert.definer_test to ernies_role;
  Grant succeeded.
  SQL> grant execute on bert.user_test to ernies_role;
  Grant succeeded.
  SQL> grant ernies_role to ernie;
  Grant succeeded.
  SQL> --
  SQL> conn ernie/ernie@vmora01
  Connected.
  SQL> --
  SQL> -- this should succeed
  SQL> --
  SQL> execute bert.user_test;
  PL/SQL procedure successfully completed.
  SQL> --
  SQL> -- this should fail --
  SQL> --
  SQL> execute bert.definer_test;
  PL/SQL procedure successfully completed.
  SQL> spo offOk, the only rights ernie has are via ernies_role. So I would expect his execution of bert.definer_test to fail, but it didn't.

  mbobak wrote:
  Hi Ed,
  In the definer rights case, as long as ernie can execute the procedure owned by bert, he'll be able to successfully execute it, cause definer rights mean that the object (owned/defined by bert) executes w/ bert's rights, and the only object access in the procedure is on bert's objects. So, no problem there.
  In the invoker rights case, it works cause even though the proc is owned by bert, ernie is executing and so, rights have to be granted to ernie, and they are.
  I don't see a problem in either case. Am I missing something?
  My guess is, what you're overlooking is the fact that, in the case of invokers rights, it's ok for necessary privileges to be granted via a role. The restriction against roles, is only on a definers rights procedure.
  -Mark
  PS See here for more info:
  http://download.oracle.com/docs/cd/E11882_01/network.112/e10574/authorization.htm#DBSEG50010
  Ok, as I read the explanation in the linked reference, that makes sense. So now I'm having a hard time imagining the situation where inheriting privs via a role comes into play as a problem in dealing with pl/sql blocks.

• Disable the account delegation rights for EA and DA accounts.

  I need assistance with setting group policy to disable delegation rights for enterprise and domain admins accounts.

  Hello,
  that account groups are the highest admins in the complete forest(enterprise admins), means ALL domain in that forest and the domain admins are highest accounts in the domain.
  So whatever restriction you set. A member from that groups can revert every setting you make.
  Best regards
  Meinolf Weber
  MVP, MCP, MCTS
  Microsoft MVP - Directory Services
  My Blog: http://blogs.msmvps.com/MWeber
  Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
  Twitter:  

• Suppression rights to users in FR Reports

  Hi All,
  I want to give supression rights to my users while accessing FR Reports for zero value rows. Please let me know is it possible to give those righhts and if yes how? I am using Oracle Hyperion Financial Reporting Studio, Fusion Edition.
  It is pretty urgent as reports are ready but rights are pending to be provided.
  Thanks

  Hi,
  Basically the option of suppressing and showing zero values is set in FR studio where structure is defined,
  But its not possible when user will be running the report.
  If users want and If u feel proper to give them the authority to change this option of suppressing whenever they want , then I thing the only way is u have to give them rights to login to FR studio and train them to change the option of suppressing there itself and run the report.
  This I would not recommend in any condition, as users will have access to the whole report.
  what I can suggest: If its really important then
  If there are not many reports for this
  You can make two copies of a report : One with suppress Zero and other with unsuppressed zero
  Then user can access whichever report He want.
  If still something is in your mind, then u can share
  If the posts helps you,
  Please mark it as Answer/Helpful.
  J

• Delegated Admin and User Management in WLP 9.2

  Hi,
  I've made Delegated Administrator role and a user for it. The user is Delegated Admin for our users and groups. Still that user cannot create new users, only new groups.
  The error message that shows when creating new user is "The subject does not have access to the specified group".
  What should I do to make it work ?
  Regards,
  Tanja

  Unfortunately, you've run into a bug in the product. See CR282051 in the WLP 9.2 release notes.
  http://edocs.bea.com/wlp/docs92/relnotes/relnotes.html#wp1147925
  If you have a support contract, you might be able contact BEA Support to see if a patch might be available.

• How to assign rights to users?

  Hi All,
  I have created a group( Say BO User) BOE XI 3.0. Then I have created a user(User A). I have add this user A to BO User group.
  I have some reports in one folder(Say BO Reports) of CMC.
  Now i want that all user of this BO User group can access this folder in infoview.
  Plz help me how can i achieve this?
  Regards,
  Rishit

  Hi Rishit
  I would like to suggest following things:
  1) Log in to CMC using Enterprise Administrator.
  2) Please go to Folders >> Click on the "All Folders" >> Click on Manage >> Top-Level Security >> All Folders.
  3) Please add "BO Users" in the security list of "All Folders".Then grant right "View Objects" only to object and uncheck the box
  subobject for this right.
  4) Now come BO Reports folder >> Right Click on this folder >> Click on User Security >> Add BO User group to this folder's
  security list.
  5) Grant right "View Objects" to this group over the BO Reports folder for object and subobject. Keep the boxex for object,sub
  object selected.
  You would achieve the required result.
  Thanks
  Hrishikesh Parasnis

• Adding eDirectory Trustee Rights to users via Powershell

  Hello,
  I have to make several hundred subdirectories corresponding to certain users on an eDirectory volume and then add RW trustee rights for only the one corresponding user for each subdirectory. I have a powershell script which adds the subdirectories but assigning
  the rights is proving problematic. I though I had found a solution with command line program lrights.exe but cant get that to work. Does anyone have any ideas on how to solve this trouble. Here is the relevant part I have so far:
  #Create the array from the csv file selecting the columns you want in your array.
  $Sen_Opt_Array = Import-Csv $Senior_Options_CSV | Select First, Last
  #Check If Directory Empty.
  If (Test-Path -Path $Senior_Directory -PathType Container) {
  $directoryInfo = Get-ChildItem $Senior_Directory | Measure-Object
  #$directoryInfo.count returns the count of all of the files in the directory
  #Note.The 1 & 48 replace having to write out the [System.Windows.Forms.MessageBoxButtons]::OKCancel,[System.Windows.Forms.MessageBoxIcon]::Warning)
  #Portions of the [Windows.Forms.MessageBox] command
  If (!($directoryInfo.count -eq 0)) {
  $Dir_Check = [Windows.Forms.MessageBox]::Show("Warning.The Directory is Not Empty! Do You Want To Continue?","Attention",1,48)
  If (!($Dir_Check -eq "OK")) {
  Break
  for($i = 0; $i -le $Sen_Opt_Array.count -1; $i++) {
  $S_Name = $Sen_Opt_Array[$i]
  <#I need to force the evaluation of each value so I can display the data. To do this, I use a subexpression.
  A subexpression consists of a dollar sign and a pair of parentheses.#>
  New-Item -Path $Senior_Directory\$($S_Name.Last)$($S_Name.First.Substring(0,1)) -ItemType Directory -Force
  [Windows.Forms.MessageBox]::Show("$($Sen_Opt_Array.count) Files Created in $Senior_Directory Directory.","Attention", [Windows.Forms.MessageBoxButtons]::OK, [Windows.Forms.MessageBoxIcon]::Information)
  Break
  Thanks.

  This will get you closer to what you want.,  You cannot use "break" to stop a stream of code.  It only works in a loop.
  function CreateFolders {
  Param (
  [IO.FileInfo]$dirInfo = $Senior_Directory,
  [array]$Sen_Opt_Array
  if ($dirInfo.Exists) {
  if ('Ok' -eq [Windows.Forms.MessageBox]::Show('Warning.The Directory is Not Empty! Do You Want To Continue?', 'Attention', 1, 48)) {
  } else {
  # create folder ?
  # if not then exit
  return
  for ($i = 0; $i -le $Sen_Opt_Array.count - 1; $i++) {
  $folderName = '{0}\{1}' -f $Senior_Directory, $S_Name.Last, $S_Name.First.Substring(0, 1)
  Write-Host "Creating folder $folderName" -ForegroundColor green
  Try {
  $itm=New-Item -Path $folderName -ItemType Directory -Force -ea 'Stop'
  $acl= Get-Acl $itm
  # assign user as trustee
  $acl.SetOwner($trustee)
  Set-Acl $itm $acl
  } Catch {
  Write-Host "$_" -ForegroundColor red
  ¯\_(ツ)_/¯

• Delegated Admin- Adding user causes unhandled exceptions

  Now that I've finally settled on 05q1, Im trying to create accounts using the delegated admin GUI.
  I click on my domain, then on "New". I then fill out first, last name, role is Business OA, no postal address, assign no service package, change the loginId and two passwords. At this point, when I click "Next", I get a "Server Error" screen with this information:
  This server has encountered an internal error which prevents it from fulfilling your request. The most likely cause is a misconfiguration. Please ask the administrator to look for messages in the server's error log.
  The messages below show up in /opt/sun/webserver/https-imap.domain.com/logs/errors. I couldn't find any other error for ds, identity, admin server, etc. After this exception, I also have to log back in to DA. The messages are quite vague (from an administrative standpoint) so any help is appreciated!
  [11/Jan/2006:10:32:02] failure (18149): for host xx.xxx.xxx.xxx trying to POST /da/wizard/WizardWindow, service-j2ee reports: Ap
  plicationDispatcher[da] WEB2649: Servlet.service() for servlet jsp threw exception
  javax.servlet.ServletException
  at org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:536)
  at jsps.com_sun_web_ui._jsp._wizard._WizardWindow_jsp._jspService(_WizardWindow_jsp.java:559)
  at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:107)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
  at com.iplanet.ias.web.jsp.JspServlet$JspServletWrapper.service(JspServlet.java:687)
  at com.iplanet.ias.web.jsp.JspServlet.serviceJspFile(JspServlet.java:459)
  at com.iplanet.ias.web.jsp.JspServlet.service(JspServlet.java:375)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
  at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:772)
  at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:471)
  at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:382)
  at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:340)
  at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
  at com.sun.web.ui.view.wizard.CCWizard.handleNextButtonRequest(CCWizard.java:730)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:585)
  at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
  at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
  at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
  at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
  at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:760)
  at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
  at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
  at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
  at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
  at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
  at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
  at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:280)
  at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
  at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
  at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
  at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:209)
  at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
  at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:161)
  at com.iplanet.ias.web.WebContainer.service(WebContainer.java:580)
  ----- Root Cause -----
  javax.servlet.jsp.JspException
  at com.sun.web.ui.taglib.wizard.CCWizardTag.getWizardPageHTML(CCWizardTag.java:1577)
  at com.sun.web.ui.taglib.wizard.CCWizardTag.appendPageletBodyContentHTML(CCWizardTag.java:668)
  at com.sun.web.ui.taglib.wizard.CCWizardTag.appendWizardBodyHTML(CCWi
  [11/Jan/2006:10:32:02] failure (18149): for host xx.xxx.xxx.xxx trying to POST /da/wizard/WizardWindow, service-j2ee reports: WE
  B2798: [da] ServletContext.log(): [ERROR] Uncaught application exception
  com.iplanet.jato.NavigationException: Exception encountered during forward
  Root cause = [javax.servlet.jsp.JspException]
  at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:380)
  at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
  at com.sun.web.ui.view.wizard.CCWizard.handleNextButtonRequest(CCWizard.java:730)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:585)
  at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
  at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
  at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
  at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
  at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:760)
  at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
  at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
  at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
  at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
  at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
  at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
  at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:280)
  at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
  at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
  at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
  at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:209)
  at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
  at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:161)
  at com.iplanet.ias.web.WebContainer.service(WebContainer.java:580)
  Root cause:
  javax.servlet.jsp.JspException
  at com.sun.web.ui.taglib.wizard.CCWizardTag.getWizardPageHTML(CCWizardTag.java:1577)
  at com.sun.web.ui.taglib.wizard.CCWizardTag.appendPageletBodyContentHTML(CCWizardTag.java:668)
  at com.sun.web.ui.taglib.wizard.CCWizardTag.appendWizardBodyHTML(CCWizardTag.java:658)
  at com.sun.web.ui.taglib.wizard.CCWizardTag.getHTMLStringInternal(CCWizardTag.java:469)
  at com.sun.web.ui.taglib.common.CCTagBase.doEndTag(CCTagBase.java:114)
  at jsps.com_sun_web_ui._jsp._wizard._WizardWindow_jsp._jspService(_WizardWindow_jsp.java:260)
  at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:107)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
  at com.iplanet.ias.web.jsp.JspServlet$JspServletWrapper.service(JspServlet.java:687)
  at com.iplanet.ias.web.jsp.JspServlet.serviceJspFile(JspServlet.java:459)
  at com.iplanet.ias.web.jsp.JspServlet.service(JspServlet.java:375)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
  at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:772)
  at org.apache.catalina.cor
  [11/Jan/2006:10:32:02] failure (18149): for host xx.xxx.xxx.xxx trying to POST /da/wizard/WizardWindow, service-j2ee reports: St
  andardWrapperValve[WizardWinServlet]: WEB2792: Servlet.service() for servlet WizardWinServlet threw exception
  javax.servlet.ServletException: Uncaught exception
  at com.iplanet.jato.ApplicationServletBase.onUncaughtException(ApplicationServletBase.java:1415)
  at com.sun.comm.da.WizardWinServlet.onUncaughtException(WizardWinServlet.java:98)
  at com.iplanet.jato.ApplicationServletBase.fireUncaughtException(ApplicationServletBase.java:1164)
  at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:639)
  at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
  at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
  at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
  at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:280)
  at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
  at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
  at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
  at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:209)
  at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
  at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:161)
  at com.iplanet.ias.web.WebContainer.service(WebContainer.java:580)
  ----- Root Cause -----
  com.iplanet.jato.NavigationException: Exception encountered during forward
  Root cause = [javax.servlet.jsp.JspException]
  at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:380)
  at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
  at com.sun.web.ui.view.wizard.CCWizard.handleNextButtonRequest(CCWizard.java:730)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:585)
  at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
  at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
  at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
  at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
  at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:760)
  at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
  at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
  at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
  at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
  at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
  at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.

  Might it have something to do with having not assigned service package? I read in the 05Q4 notes that in 05Q1, a service package had to be defined. I just tried to allocate some service packages to the domain and I get the same "Server Error" page when I click "Next" on the page where I choose how many service packages to allocate (i.e. the screen right before the "Summary" page)
  At least the errors are a little more informative in the webserver error log (sample below)
  I chose 3 service packages and attempted to allocate 50 each, No anonymous logins for calendar server and put in a calendar server hostname. All other fields were left to default.
  [12/Jan/2006:15:14:13] failure (18149): for host 63.241.196.147 trying to POST /da/wizard/WizardWindow, service-j2ee reports: Ap
  plicationDispatcher[da] WEB2649: Servlet.service() for servlet jsp threw exception
  javax.servlet.ServletException: String index out of range: -15
  at org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:536)
  at jsps.com_sun_web_ui._jsp._wizard._WizardWindow_jsp._jspService(_WizardWindow_jsp.java:559)
  at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:107)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
  at com.iplanet.ias.web.jsp.JspServlet$JspServletWrapper.service(JspServlet.java:687)
  at com.iplanet.ias.web.jsp.JspServlet.serviceJspFile(JspServlet.java:459)
  at com.iplanet.ias.web.jsp.JspServlet.service(JspServlet.java:375)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
  at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:772)
  at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:471)
  at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:382)
  at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:340)
  at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
  at com.sun.web.ui.view.wizard.CCWizard.handleNextButtonRequest(CCWizard.java:730)
  at sun.reflect.GeneratedMethodAccessor37.invoke(Unknown Source)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:585)
  at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
  at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
  at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
  at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
  at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:760)
  at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
  at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
  at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
  at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)

• Rights to user just to execute project in ODI

  hello,
  please help me on this,I have Created the whole project in ODI and now i want to give just Execute right to a user on that project.
  how can I?
  your answer will be appreciated. thanks
  regards
  Steve.D

  And your answer is.. You are in the wrong forum.. This is the Application Express (APEX) Support forum..
  Happy Holidays,
  Tony Miller
  Ruckersville, VA

• CMC Rights to user Problem!

  Hi All,
  I am displaying reports through Java.
  I am using RAS.
  I created a user and using that user id I cannot retrieve the report.
  User do not access to refresh the report is the error message i am getting.
  How to give that right to the user?
  Thanks
  Saravanakumar.

  Please check is this issue with one report or multiple report for that user
  1) If its with that report then you can give rights on the report for the user by selecting the option Advanced.there you will get the option for refreshing the report
  2) You can also add this user to any group which has the rights to schedule reports
  Hope this helps

• Provide Rights to User Group through SDK

  hello all,
  Please help me to provide some rights or role to the User Group through using Business Objects SDK classes not using
  setting in CMC.
  please help me.
  Thanks,
  Prashant Joshi

  Hi Prashant,
  There are few samples available.
  The JSP sample below shows setting advanced rights on a user group for root folder using Enterprise SDK.
  https://boc.sdn.sap.com/node/18903
  Another sample in set_Rights folder in sample collection at following link. Similar to above samples but it sets rights on a user not a user group and also shows how to set permissions on subfolders.
  https://boc.sdn.sap.com/node/3211
  Tks
  Aasavari

• I want to revoke rights so users cannot schedule periodic jobs

  We do encourage users to run reports in Background but we want to prevent them from scheduling periodic jobs.
  We want to have more controll over periodic jobs as we observed that users schedule them and then forget about them.
  Morover this has become our audit recommendation.
  As far as I can see there is no standard way to do it.
  Has anyone managed to achieve it?

  Hi..
         while searching for the answer i have seen following interesting point.chk whether this will help you..
  A job is eligible to start when both of the following are true:
  The start condition specified for the job is met.
  The job has been released to run.
  No job can be run until it has been released, even those scheduled to start immediately. To monitor and control what jobs are submitted to run in background processing, the system can be configured so an administrator can check jobs before releasing them to run.
  The release requirement can also be turned off on a per-user basis. Trusted users can be given a special authorization (authorization object S_BTCH_JOB (Batch Processing: Operations on Batch Jobs), value RELE) which will automatically and immediately release any job scheduled by that user.
  http://help.sap.com/saphelp_nw2004s/helpdata/en/20/2d513897110872e10000009b38f889/content.htm
  thank you
  <b><removed_by_moderator></b>

• Limited Privilage rights to user on 2900 Series.3500 Series switches

  Hi..
  I am having about 200 switches in my Campus Area network.Access switches 2950/3524//3548/2924 Distribution switches 2912 & core 6506 I want to crate User with alimited acces to privillage mode of switchport enable of disable.Suggest me a solution for the same.
  With regards,
  Shailen

  Shailen,
  You can do it with 2 options :
  1. Enable AAA on your switches and have your access control policies defined on your ACS server.
  2. USe your switche's local database and define the priviledge levels based on the user polocies. For setting it up on switches please do the following :
  create a username and password and assign it a level.
  conf t
  username ABC priviledge 5 password ****
  privilege exec level 5 show run <- this command will allow the user to only run the " show run " command.
  privilege configure level 5 XXXX<--- This command will only allow to run the following command in global configuration.
  privilege interface level 5 XXXX <--- This will allow to run the command given after the Level 5, to run under the interface.
  I would suggest to first try this out in a Lab or on a free switch before imlpementing it as you need to give a lot of thinking to use and run the commands on diff modes. Always have another telnet session open to your switches when you implement it so that if you are knocked out of it, you are able to access it and revert the changes.
  HTH,
  -amit singh

• Iplanet delegated admin creates users under ou=people only

  hi,
  ldap tree has ou=people and ou=others under o=dom.com
  how can we create a new mail user using iDA (iplanet version) under ou=others?
  by default, the user in ida is created under ou=people.
  thx

  The "ou=people" branch is an accepted standard for holding user accounts. What you're doing will require that nearly EVERY application/utility you encounter will require some type of hack or custom configuration.
  I don't think iDA can search multiple branches like that. In fact, most apps I've seen can only search one branch. If you want iDA to only search/create users in "ou=others", I'm guessing thats a config parameter.. Where it is and what it's called, I don't know.
  HTH,
  Roger S.