Delete user's groups from OID

Hello,
I did have a problem when I did delete user from OIM, this user didn't get deleted from OID. I solved this by adding this to the undo task for Create User in OID User PD. However, one additional problem remains - users group memberships doesn't get removed when user is deleted from OIM. From the log file I can see:
DEBUG,19 Jun 2009 13:10:01,405,[XL_INTG.OID],OID:tcUtilLDAPOperations -> Parameter Variables passed are: pSearchBase = [cn=external,cn=users,dc=def,dc=star,dc=co,dc=us], pFilterExpression = [cn=cn=GROUPNAME,cn=XX,cn=Groups], pIsRelative = [false], pAttrNames = [null]
DEBUG,19 Jun 2009 13:10:01,408,[XL_INTG.OID],tcUtilOIDUserOperations -> Returning with code:USER_DOESNOT_EXIST
I think the problem is with pSearchBase -field values. Groups are not located in that LDAP-path and that's why it's returning USER_DOESNOT_EXIST. How I can tell to OIM where to look?
Thanks!
Or, maybe the problem is with "cn=cn=GROUPNAME". If so, where that extra "cn=" is coming from...?
Edited by: Jakru on Jun 19, 2009 1:52 PM

EDIT: didn't realize this was for CR.. my post was for boe.
Hey Bernard,
Here's what I do:
select SI_NAME, SI_USERGROUPS from CI_SYSTEMOBJECTS where SI_NAME = 'xyz' and SI_PROGID = 'CrystalEnterprise.User'
This will bring back the group ID's that user xyz is a member of.  The groups are in a nested property of SI_USERGROUPS, which I don't think you can query directly.  Once you have the ID's, however,  you can run another query to find out what the group names are.  Say the first query brought back three results, 123, 456 and 789.  Then you'd run:
select SI_NAME from CI_SYSTEMOBJECTS where SI_ID = '123' or SI_ID = '456' or SI_ID = '789'
Perhaps you could write some logic to parse the group ID's out of the first query and put them into the second query's where clause.
HTH,
Murray
Edited by: Murray Hachey on Jul 18, 2008 3:17 PM

Similar Messages

  • How to call OID delete user process task from AD process definition

    Hi All,
    I wanted to call OID delete user process task from AD process def. I have created a process task in AD Process def which will be integrated with OID Delete User adapter. How can i map OID related attributes to the adapter api?
    Expected inputs for OID delete api :
    root DN
    orgDN
    admin pwd
    server
    attr lookupcode
    XLOrgFlag
    sProcessInsKey
    UserID
    PDataOrg
    port
    AdminID
    SSLFlag
    here i cannot map some like : sProcessInsKey
    any pointers would be appreciated.
    Regards,
    Ashok

    OID delete user process task from AD process defWhy don't use call Revoke Resource API ?
    http://otndnld.oracle.co.jp/document/products/id_mgmt/idm_904/doc_cd/javadocs/operations/Thor/API/Operations/tcUserOperationsIntf.html#revokeObject%28long,%20long%29
    Use getObject API
    Iterate through resultset.
    If RONAME == OID User then call revokeObject

  • How do I delete a contact group from my iphone

    How do I delete a contact group from my iphone?

    Download Easy Group. It is totally free. Lauch it. Click on Edit. Click on red-cross next to your unwanted group. That's all. http://itunes.apple.com/fr/app/easy-group/id461469079?mt=8
    Rémi
    Note: As I am Easy Group developper, I may receive some form of compensation, financial or otherwise,from my recommendation or link.

  • How to create windows users and groups from Java

    Hi,
    Can any one please tell me, which Package/API will helps to create windows users and groups from Java.
    Thanks,
    M.Prem.

    You can't do it with pure Java, and it's not in the core API. You'd have to write a native function to do it, using whatever API Windows provides, and then call it with JNI. Or look for a third party native-based Java library that already does that.

  • Need to migrate Shared services users and groups from 9.3.1 to 11.1.2.2 ver

    Hi All,
    We need to migrate Shared services users and groups from 9.3.1 to 11.1.2.2 version. Any help would be appreciated. Can we use CSS import export utility?
    Thanks in advance!!

    Hi John, In my another environment I have to migrate the users and groups from Hyperion HSS 11.1.1.2 to Hyperion shared services 11.1.2.2. I am using LCM for that, when I export the users and gropus from 11.1.1.2, it exports fine but when i import it to my 11.1.2.2 using LCM, I am getting the below errors.
    Error when I try to import the groups:
    ErrorEPMIE-00051: Failed to perform operation on role. Could not locate role matching filter {0} and filter attribute {1}. Please ensure that a role exists matching the filter with filter attribute.
    EPMIE-00024: Failed to import all of the membership info for group test group. Invalid group members encountered. Please ensure the validity of members and its existence in their respective providers.
    Errors when i try to import the users:
    ErrorEPMIE-00051: Failed to perform operation on role. Could not locate role matching filter {0} and filter attribute {1}. Please ensure that a role exists matching the filter with filter attribute.
    EPMIE-00020: Failed to update user 04668162 during import. Invalid identity for user. Please ensure that the user is available in the system with the identity specified in the import file.
    Any idea?
    Thanks in advance.

  • Admin Console not displaying new Users and Groups from LDAP

    We created a new Realm in WebLogic, which specifies the location of the Netscape
    LDAP server. Our Weblogic application, called TGSLC, is able to find the ldap
    server to use for authentication. My problem is this- the Admin Console is not
    displaying the new users and groups from the LDAP server. Shouldn't the WebLogic
    Admin Console display any users and groups specified in the ldap server, which
    is referenced in the customized Realm?

    Hi Andy,
    I am not sure why you are unable to see the users and groups through the
    console., you should be able to. Can you post the config.xml?
    thanks,
    -satya
    Andy Levy <[email protected]> wrote in message
    news:3b700c36$[email protected]..
    >
    We're running WLS 6.0 Sp2 on Windows 2000 Professional.
    "Satya Ghattu" <[email protected]> wrote:
    Andy,
    Could you please tell us what Version of Weblogic you are running?
    thanks,
    -satya
    Andy Levy <[email protected]> wrote in message
    news:[email protected]..
    We created a new Realm in WebLogic, which specifies the location ofthe
    Netscape
    LDAP server. Our Weblogic application, called TGSLC, is able to findthe
    ldap
    server to use for authentication. My problem is this- the Admin
    Console
    is not
    displaying the new users and groups from the LDAP server. Shouldn'tthe
    WebLogic
    Admin Console display any users and groups specified in the ldap
    server,
    which
    is referenced in the customized Realm?

  • Deleting contacts or groups from address book impossible

    How can I delete contacts or groups from my address book? The corresponding menu items "delete contact" or "delete group" are greyed. Pressing the "delete" buttom only works for contacts. But the deleted contact isn't really erased. There remains an untitled contact at the end of the list that I cannot delete. Not very nice :-(
    Does anybody knows some help?

    I can't recreate that on my Mac, so I suspect something got corrupted in your preferences.
    Quit Contacts.
    Go to your Finder "Go" menu hold the option key to choose "Library".
    Then go to yor Preferences folder and and drag com.apple.AddressBook.plist to your Desktop.
    Relaunch Contacts and test.

  • Adding a user to group in OID based on provisioning of a generic connector

    Hi All,
    I have OIM 11g installed. Also I have created a generic connector and I provision it to the users. Now based on this, I was thinking of attaching a task in the process definition of the Generic connector I had created such that when the Create User happens, then I can get the task I created triggered so that I can add a user to a group in OID. I searched for some codes I could use for this but failed. Can someone please guide me as to what APIs and method calls I need to use to add a user in OID to a group. The group will be a static name and hence will not change over time. Say the name of the group is GenericConn so when I provision the generic connector to the user, in the OID the user's dn should be added as a Member to this GenericConn group present there. Please guide me.
    Thanks,
    $id

    I mapped the adapter variables as follows:
    User ID to Usr Key of User data
    orclguid to LDAP GUID of User data (I have LDAP Sync enabled in my OIM)
    PDataOrg to LDAP DN of User data
    GroupDN to literal value cn=GenericConn,cn=Groups,cn=new,cn=test,cn=com
    OrganizationDN to literal which is not populated with any value (same existed in the original AddUserToGroup task of OID Connector)
    And all other adapter variables apart from these to the Process Instance -> OID Server -> corresponding attribute details while mapping
    However when I provision the generic resource to the user, I get the task as rejected and the following error in the Resource History:
    Response:     DATA_ERROR
    Response Description:     Unknown response received
    Error Details
    Sep 12, 2012: Could not find IT asset value for Svr_key = 1985 and spd_key = 51.Setting task status... "DATA_ERROR" does not correspond to a known Response Code. >Using "UNKNOWN".In the OIM logs I see the following:
    com.thortech.xl.dataobj.util.tcAdapterTaskException: DATA_ERROR
         at com.thortech.xl.adapterfactory.events.tcAdpEvent.getITAssetParam(tcAdpEvent.java:1996)
         at com.thortech.xl.adapterfactory.events.tcAdpEvent.getRunTimeValue(tcAdpEvent.java:936)
         at com.thortech.xl.adapterfactory.events.tcAdpEvent.getRunTimeValue(tcAdpEvent.java:682)
         at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpOIDADDUSERTOGROUP.implementation(adpOIDADDUSERTOGROUP.java:57)
         at com.thortech.xl.client.events.tcBaseEvent.run(tcBaseEvent.java:196)
         at com.thortech.xl.dataobj.tcDataObj.runEvent(tcDataObj.java:2493)
         at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(tcScheduleItem.java:2919)
         at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(tcScheduleItem.java:553)
         at com.thortech.xl.dataobj.tcDataObj.insert(tcDataObj.java:602)
         at com.thortech.xl.dataobj.tcDataObj.save(tcDataObj.java:474)
         at com.thortech.xl.dataobj.tcORC.insertNonConditionalMilestones(tcORC.java:844)
         at com.thortech.xl.dataobj.tcORC.completeSystemValidationMilestone(tcORC.java:1162)
         at com.thortech.xl.dataobj.tcOrderItemInfo.completeCarrierBaseMilestone(tcOrderItemInfo.java:735)
         at com.thortech.xl.dataobj.tcOrderItemInfo.eventPostInsert(tcOrderItemInfo.java:172)
         at com.thortech.xl.dataobj.tcUDProcess.eventPostInsert(tcUDProcess.java:236)
         at com.thortech.xl.dataobj.tcDataObj.insert(tcDataObj.java:602)
         at com.thortech.xl.dataobj.tcDataObj.save(tcDataObj.java:474)
         at com.thortech.xl.dataobj.tcTableDataObj.save(tcTableDataObj.java:2906)
         at com.thortech.xl.ejb.beansimpl.tcFormInstanceOperationsBean.setProcessFormData(tcFormInstanceOperationsBean.java:710)
         at com.thortech.xl.ejb.beansimpl.tcFormInstanceOperationsBean.setProcessFormData(tcFormInstanceOperationsBean.java:426)
         at Thor.API.Operations.tcFormInstanceOperationsIntfEJB.setProcessFormDatax(Unknown Source)
         at sun.reflect.GeneratedMethodAccessor8619.invoke(Unknown Source)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
         at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
         at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
         at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
         at com.bea.core.repackaged.springframework.jee.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:37)
         at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
         at com.bea.core.repackaged.springframework.jee.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:50)
         at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
         at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
         at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
         at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
         at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
         at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
         at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
         at $Proxy377.setProcessFormDatax(Unknown Source)
         at Thor.API.Operations.tcFormInstanceOperationsIntfEJB_h6wb8n_tcFormInstanceOperationsIntfRemoteImpl.__WL_invoke(Unknown Source)
         at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
         at Thor.API.Operations.tcFormInstanceOperationsIntfEJB_h6wb8n_tcFormInstanceOperationsIntfRemoteImpl.setProcessFormDatax(Unknown Source)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:85)
         at $Proxy178.setProcessFormDatax(Unknown Source)
         at sun.reflect.GeneratedMethodAccessor8618.invoke(Unknown Source)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
         at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:198)
         at $Proxy376.setProcessFormDatax(Unknown Source)
         at Thor.API.Operations.tcFormInstanceOperationsIntfDelegate.setProcessFormData(Unknown Source)
         at com.thortech.xl.webclient.actions.DirectProvisionUserAction.handleVerifyProcessData(DirectProvisionUserAction.java:2077)
         at com.thortech.xl.webclient.actions.DirectProvisionUserAction.goNext(DirectProvisionUserAction.java:363)
         at sun.reflect.GeneratedMethodAccessor6536.invoke(Unknown Source)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:269)
         at com.thortech.xl.webclient.actions.tcLookupDispatchAction.execute(tcLookupDispatchAction.java:133)
         at com.thortech.xl.webclient.actions.tcActionBase.execute(tcActionBase.java:894)
         at com.thortech.xl.webclient.actions.tcAction.execute(tcAction.java:213)
         at org.apache.struts.chain.commands.servlet.ExecuteAction.execute(ExecuteAction.java:58)
         at org.apache.struts.chain.commands.AbstractExecuteAction.execute(AbstractExecuteAction.java:67)
         at org.apache.struts.chain.commands.ActionCommandBase.execute(ActionCommandBase.java:51)
         at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:191)
         at org.apache.commons.chain.generic.LookupCommand.execute(LookupCommand.java:305)
         at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:191)
         at org.apache.struts.chain.ComposableRequestProcessor.process(ComposableRequestProcessor.java:283)
         at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1914)
         at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:463)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:821)
         at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
         at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
         at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at com.thortech.xl.webclient.security.CSRFFilter.doFilter(CSRFFilter.java:78)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.iam.platform.auth.web.PwdMgmtNavigationFilter.doFilter(PwdMgmtNavigationFilter.java:122)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.iam.platform.auth.web.OIMAuthContextFilter.doFilter(OIMAuthContextFilter.java:108)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
         at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
         at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
         at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
         at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
         at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
         at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
         at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
         at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
         at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
         at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
    Please let me know if a mapping is wrong somewhere out of the above mappings.
    Thanks a lot,
    $id

  • How to assign hierachical groups from OID, in bpm human task.

    Hi,
    We have a group in OID like
    "cn=MED,cn=Reviewer,cn=NSTIP,cn=STU,cn=KSU,cn=groups,dc=kacst,dc=edu,dc=sa"
    and I am tring to assign the group to a human activity using the assignment tab of the human task.
    I am using the lookupGroup function under Identiy Service Functions as below
    ids:lookupGroup('cn=MED,cn=Reviewer,cn=NSTIP,cn=STU,cn=KSU,cn=groups,dc=kacst,dc=edu,dc=sa')
    The human task is not able to assign the user under the group MED present in myrealm and OID.
    Please suggest.
    Thanks,
    Tuku

    Hi Dear,
    Thanks for your reply.
    what you have suggested to use like ids:lookupGroup('MED') ,this is working fine and I had already tested it before, from jdev and aslo from bpm workspace administration link. But here our problem is we are having more then one 'MED' group with different hierachy . so using directly ids:lookupGroup('MED') will be a problem because we dont know which
    'MED'group it will be assigned.
    Another problem is ,when I am going to search from myrealm (jazn.com) it showing me 3 MED groups (that is present currently in our OID with different hierachy) but not the hierachy, so its also difficult to find out which MED group belongs to which hierachy.
    If we can find a solution to ids:lookupGroup('cn=MED,cn=Reviewer,cn=NSTIP,cn=STU,cn=KSU,cn=groups,dc=kacst,dc=edu,dc=sa') then there wont be any confution to assign the actual group.
    Regarding your question "Do you get like any error or is it that Task just can't get assigned. Have you tried assiging directly like from EM to make sure that Group and user in this group is all fine."
    I am not getting eny error message its just can't get assigned and goes to the end of the bpm process cathing the happy path.
    tested the groups using the url http://soahost:soaport/integration/services/IdentityService/identity here is the result.
    1 ) For group MED
    Result :
    <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><groupObject xmlns="http://xmlns.oracle.com/bpel/services/IdentityService"><name>MED</name><realmName>jazn.com</realmName><displayName>AGR Tech Grp</displayName><description>Weblogic Admin Group</description><guid>080E537A820740B894307B6A7F97C884</guid><uniqueName>cn=MED,cn=groups,dc=kacst,dc=edu,dc=sa</uniqueName><identitType>group</identitType></groupObject></env:Body></env:Envelope>
    we have already 3 MED groups but it gave the result cn=MED,cn=groups,dc=kacst,dc=edu,dc=sa.
    2)For 'cn=MED,cn=Reviewer,cn=NSTIP,cn=STU,cn=KSU,cn=groups,dc=kacst,dc=edu,dc=sa'
    Result :
    <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault><faultcode>env:env:Receiver</faultcode><faultstring/><faultactor/><detail><identityNotFoundError xmlns="http://xmlns.oracle.com/bpel/services/IdentityService"><faultInfo xmlns="http://xmlns.oracle.com/bpel/services/IdentityService">No Role found matching the criteria</faultInfo></identityNotFoundError></detail></env:Fault></env:Body></env:Envelope>
    Thanks
    Tuku

  • How to delete Users or Organinzations from oim

    Hi,
    I have deleted some users as well as organizations in OIM, and I got the message that they are successfully deleted.
    But when I try to reconile the same user from csv file using GTC connector or create the deleted organization from OIM I am getting the Error that user already exists and Organization cannot be created
    Do we have a way to completely delete the users or organizations
    Please help me

    This may be due to user logins are same for deleted user and newly coming user. Go to system properties and reuse use login property to true and retry reconciliation.
    Else
    You can remove from database but it'll be tedious as you would need to delete all reference as well.
    regards,
    GP

  • Creation of users in OIM from OID, where OID is target resource

    Hi,
    I am new to OIM. We have a scenario where we have OIM and OID. The users are being created in OID. Now we need to get these users to the OIM system to use the Change Password, Forgot Password functionalities of OIM. Can we have OID as the target resource for OIM and have a reconciliation done to get all the users from OID and have them created in OIM.
    Or this possible only when OID is the Trusted Source?
    Thanks in advance,

    Re: OIM's Trusted Source

  • Subject area security validating users and groups from external table

    Hi all.
    I don't have practice to put question here, but there is one problem, that seems don't work correctly in OBIEE.
    I'm trying to put users in groups within external table and this works fine.
    I put security on the subject area level like this:
    SA1 -> GroupA allow, Everyone not allow
    SA2 -> GroupB allow, Everyone not allow
    External table:
    User----------Group
    A---------GroupA;GroupB
    B---------GroupB
    Users A, B and GroupA, GroupB exists in the RPD, but I didn't put users inside them, I want this from table.
    From the init block, external table I'm taking users and join them in the group. Same name users and groups are also in the presentation service.
    When i connect with user A i don't see any subject area, when go to My Account i see in Group Membership/GroupA and GroupB, so it's readed from the external table.
    Why in this case the subject area permission is not working?
    It works if I explicitly put users in groups, in the RPD.
    I have read this blog entry http://kpipartners.blogspot.com/2009/07/groups-webgroups-and-delivers.html and it is said that this works, but I'm interested how.
    What should we have in the presentation part, administration, Manage Privileges -> Access within Oracle BI Answers option for those two subject area?
    This doesn't work or something is missing:
    Re: Security on Subject Areas
    Regards
    Goran
    http://108obiee.blogspot.com

    What should we have in the presentation part, administration, Manage Privileges -> Access within Oracle BI Answers option for those two subject area?Yes, you should remove Everyone and add the relevant groups to each Subject Area. You don't need to set privileges in the RPD, in fact that's probably why it doesn't work for you. Leave your RPD Presentation Catalog as "Everyone" = Read as you will controlling access from the Presentation Services and it should work.

  • Deleting Stubborn Contact Group from iPhone

    I created a new Group in my contacts on MobileMe and it was synced to my iPhone 3G just fine and it also appeared in my contacts on the Mac. I then deleted the Group on MobileMe and (there were no contact in it) and it was also deleted from my Mac. However, no matter what I do, I can not get that Group name to delete itself from the iPhone for some reason. Everything else is syncing just fine.
    Is there a way to delete contact groups directly from the iPhone? The group does not exist anymore on MobileMe or in my contacts on the Mac.

    Hi prosumer,
    One thing to try that might help out.
    Go to settings > mail, contacts, calendars > your mobile me account.
    Here you will be able to turn off contact syncing.
    This will remove the contacts and groups from your iphone.
    Wait for a few minutes, then turn contact syncing back on.
    It will take a few minutes to sync back, based on the amount of contacts you have.
    Hope this helps.

  • Import user and group from dump.txt to ACS Solution Engine 3.3

    I have export the user and group using the CSUtil -d on my acs v2.6. But ACS Solution Engine 3.3 does not have the CSUtil command to import the user and group database. Can anyone advise me?

    I'm trying to do the same thing with no luck so far.
    Documentation seems to indicate you can do this using RDBMS Synchronization but we haven't got it to work yet.
    I read the doco as saying you create a csv and place it on an FTP server and ACS will read from that file. When we've tried, it rights its own file with a different extension and says it can't find the one we place in that same directory.

  • Using users and groups from LDAP in ADF application

    Hi there,
    I'm using WebLogic Server 10.3.5.0 and JDev 11.1.2.3.0.
    I configured my WL server to use the users and groups defined in my LDAP server (they display when I select the Users or Groups tab). So this works fine (I think).
    Now I want to use 1 group, let's call the group ApplicationGroup, and all it's users to give them access to my ADF Application.
    But I can't find proper/up-to-date info about how to do this.
    I tried 2 major things:
    1) I configured ADF Security to use Authentication and Authorization. Defined an Enterprise Role with the same name as in my WL server (so ApplicationGroup) then defined a
    Application Role with a custom name and added the Enterprise Role to it. That Application Role I gave access to all my TF's and Web Pages. When I deploy this, It just doesn't work (Migrate Users and Groups is not checked).
    2) Used the Authentication option in the ADF Security and the rest is the same as in 1). This works +-, I can login with all users so the role mapping isn't configured right I guess?
    Any help or documentation that could help me?

    Since we aren't using EM I had to find an other way. And I found it.
    In web.xml ADF Security (I suppose) automaticly adds 'valid-users'. In my weblogic.xml I added my enterprise role as a principal to 'valid-users' and this works for me.
    Thanks for the help.

Maybe you are looking for

  • Troubles with virtual channels

    I programm my applications on an PC without any NI-Hardware. My problem ist, that I need virtual channels from the Measurement&Automation-Explorer. My first attempt was, to configure some channels without settings for hardware. Normally when I use an

  • Using the BT remote to operate the tv

    No doubt a childish question: I have configured the BT remote so that it works my Panasonic TV as well as the Vision box. However, while I can now turn on both pieces of equipment I still have to use the Panasonic remote to get on to the AV channel,

  • Advantages of connection object

    Could someone explain the advantages or rather difference in passing the Connection object from a JSP to a servlet instead of creating one (and returning to the pool) in the servlet itself? Thanking you

  • Clean install of Apps in Leopard

    I know I am probably missing something here, but here is what I think I want to do, just not sure how... My goal: Just received new Mac Pro Dual 2.8 (early 2008). It has Leopard installed on an included 320-Gig Hard Drive. I have a WD 750-Gig Hard Dr

  • Services on second Ethernet port on Xserve

    Hi, I have an Xserve that is working really well. On en0 (192.168.127.3), I have connected a D-Link wireless router/ADSL modem. This connects to the internet, and through this I can connect to the Xserve. The Xserve serves DNS, DHCP, Web (external an