Determine if user belongs to Authorization Group.

Similar Messages

• User belonging to multiple groups

  Hi,
  If a user belongs to multiple workgroups, Podcast capture should ask him in wich blog he wants to publish its sequence... but it doesn't seem to work.
  So my question is : how to deal with that ?
  Thanks for your help,
  Nicolas

  Hi
  I know only 2 ways to add some dynamic: posting to user's blog, which supposes to consider that there is only one user who is able to post, otherwise to duplicate workflows and change the target group in it ($$Group Short Name$$ replaced by custom properties or if posted through webUI defined by new field, but it's reliability depends of the human factor..).
  In addition, i may ask you what do you mean by "it doesn't seem to work"..? Is Pc Capture supposed to work this way and ask at any moment to which group's blog the podcast needs to be sent when a user belongs to multiple groups ? That would be a terrific news, but i guess they would have announced it..
  ju
  Message was edited by: JulienC

• Java portlet customization depending user belongs an OID group

  Hi
  I have developped a Java portlet with a customization display, depending user belongs a specific OID group or not.
  I used a preparedStatement to call the wwsec_api.is_user_in_group PL/SQL procedure.
  My problem is that it seems that OID does not close connections as our portal falls after 2 or 3 days when I install this portlet in production.
  Therefore I wonder if there is a bug in the API wwsec_api.is_user_in_group (if it close OID connection after returning the boolean result).
  Is there a more efficient way in a Java portlet to check if a user belongs an OID group ?
  Is there a bug in wwsec_api.is_user_in_group ?
  Thanks for your help,
  Best Regards,
  Jean-Christophe

  Hi Rajiv,
  I tried out the following code for getting the database reference which I got from some posts on net.
  tcDataProvider db;
                      tcUtilityFactory tcu;
                      ConfigurationClient.ComplexSetting config = ConfigurationClient.getComplexSettingByPath("Discovery.CoreServer");
                      final Hashtable env2 = config.getAllSettings();
                      tcu = new tcUtilityFactory(env2, "xelsysadm","Password");
                      tcBaseUtility mBaseUtil = (tcBaseUtility) tcu.getUtility("Thor.API.Base.tcUtilityOperationsIntf");
                      DBReference=mBaseUtil.getDataBase();
  But when I execute the code, I get an error :
  Error while getting utility Thor.API.Base.tcUtilityOperationsIntf[Ljava.lang.StackTraceElement;@619eeaaThis must be at the getUtility method call.
  Can you please guide me as to what I might be doing wrong here?
  Thanks,
  $id

• Users belonging to a group

  Hello,
  I want to make a (daily) job in which i send an email to application express users belonging to a certain group.
  Where in the database can i find the groups a user belongs to ?
  The users are in the APEX_WORKSPACE_APEX_USERS view, but where are the groups.
  When i run the following procedure on a sql*plus client on my machine, it doesn't give the groups; when i run this command from apex (sql workshop), it does ? What can be the reason for that ?
  declare
  regel varchar2(20000);
  cursor c_u is
  select *
  from APEX_WORKSPACE_APEX_USERS au;
  begin
  for l_u in c_u loop
  regel := APEX_UTIL.GET_GROUPS_USER_BELONGS_TO(p_username => l_u.user_name);
  dbms_output.put_line(l_u.user_name || ',' || l_u.email || ',' || regel);
  end loop;
  end;
  Regards, Sjang

  Sjang,
  APEX_UTIL.GET_GROUPS_USER_BELONGS_TO requires the workspace ID global package variable to be set, which is not the case in SQL*Plus, unless you set it.
  Try connecting as a schema that is mapped to the workspace you're interested in and do this:
  begin
  wwv_flow_api.set_security_group_id;
  end;
  If the schema is mapped to more than one workspace, you need to do it like this:
  begin
  wwv_flow_api.set_security_group_id(99999999999999999);
  end;
  ...replacing all those nines with the result of this query in SQL Workshop (connected in the appropriate workspace):
  select v('WORKSPACE_ID') from dual;
  Then try the query.
  You should be able to do that in your job as well.
  Scott

• Users belonging to multiple groups

  What will happen if I attempt to create a policy with two different groups each with different rights but a single user is a member of both groups? If I apply the policy to a document where one group cannot print and the other can, will the user that is a member of both groups be able to print? Will the Policy Server take the better of the two groups or whichever one it finds first?

  Hi Dave,
  Policy Server takes the union of all permissions that the user has as members of different groups, so it is additive. In the example you provided, the user would be able to print as long as there were a member of some group that had the print permission.
  Hope this helps,
  -Bill

• How to check logged in user belongs to particular group using workflow

  HI All,
  I have a list  and I want o implement row level security based on the list filed called Relevant group.
  I have a list filed called RelevantGroup , this filed is a choice filed and it has  couple of SharePoint site's groups that I have created. Now what I want to do is give current logged in user to edit the record based on his/her security group. For example
  if I logged in and if I m a member of  the current record RelevantGroup I can edit the record, if I m not a member of the RelevantGroup then the system shouldn't allow to edit the record. 
  I want to do this SharePoint designer workflow. Can someone please help me. Using SPD2013. 
  Thanks. 
  d.n weerasinghe

  Is the form being served up from livecycle? If not how is the form being served up to the user?

• Check user belongs to a particular sharepoint group in sharepoint 2013 designer workflow

  Hello, How to validate a user belongs to a particular sharepoint group in sharepoint designer 2013 workflow.

  You can make a REST call from workflow to determine if a user belongs to a group.
  REST API reference and samples
  Calling the SharePoint 2013 Rest
  API from a SharePoint Designer Workflow
  This post is my own opinion and does not necessarily reflect the opinion or view of Slalom.

• Any Simple Way to check wheter the user is belongs to SharePoint Group in Client object model

  Hi All,
  Generally we follow these steps to check whether user belongs to this perticular group:
  1.Get the "Group" object from the Group Collection based on the group name
  2.Get all UserCollection from the "Group" object
  3.Take a loop and check with each user object (eg User.ID="777473844")
  I am thinking this is time taking process( if group has more than 100 members).
  Do we have any shortway to check whether user is belongs to this perticular SharePoint Group?
  Thanks in Advance!
  Thanks,
  Mahesh Yamana
  Mahesh@SharepointSolutions

  Hi Mahesh,
  Below is a CSOM JS code to check whether a user belongs to a group. We get the current user object, and then the list of Groups which the user is part of. And then check if the required group is present or not in the collection.
  function retrieveWebSite() {
  var clientContext = new SP.ClientContext.get_current();
  this.oWebsite = clientContext.get_web();
  this.oCurrentUser = this.oWebsite.get_currentUser();
  this.oUserGroups = this.oCurrentUser.get_groups();
  clientContext.load(this.oUserGroups);
  clientContext.executeQueryAsync(
  Function.createDelegate(this, this.onQuerySucceeded),
  Function.createDelegate(this, this.onQueryFailed)
  function onQuerySucceeded(sender, args) {
  var Group1 = "Group Name One";
  var Group2 = "Group Name Two";
  var flag = false;
  var iCount = this.oUserGroups.get_count();
  for(var i=0; i<iCount; i++)
  oGroup = this.oUserGroups.getItemAtIndex(i);
  if(oGroup.get_title() != Group1 && oGroup.get_title() != Group2)
  flag=true;
  else
  flag=false; break;
  if(flag == true)
  //Write your logic here
  function onQueryFailed(sender, args) {
  alert('Request failed. ' + args.get_message() +
  '\n' + args.get_stackTrace());
  Ram Prasad Meenavalli | MCITP | MCTS SharePoint | MCPD SharePoint | http://www.spdeveloper.co.in

• Multiple Authorization groups to be used in OB52 for a single company code

  Hello All,
  I need help in creating and assigning authorization groups in Transaction Code: OB52 to control the postings of few users in one authorization group. That is i want some users  to post in 2 back  period and others in only 1 back period.I have tried from my side and it is still not working.
  I followed the following step:
  I have created 2 groups and assigned the users accordingly but the thing is i am only able to find 1 feild for entering authorization group
  If there is any thing i am missing or if i have done some thing wrong in this process please help me.
  Please Provide me the logic of how to use two authorization groups with one feild.
  Best Regards,
  Ravi
  Edited by: Ravi Eddhula Reddy Kumar on Apr 3, 2011 1:01 PM

  Hi,
  Try with this possibility
  In ob52 create two rows.
  Assign the required periods for Group A in Row 1
  Assign the required periods for Groub b in Row 2
  Regards
  Prasad

• Authorization Group in T-Code: OB52

  Hi,
  I need to maintain 2 Auth. Group in T-Code: OB52, my requirment is below:
  for some users (nearly 25) needs to post the transaction in June Month and for some users (nearly 10)should have to post for selected GL in the month of June.
  So we decide to create two roles and assign the Auth Group in F_BKPF_BUP Auth. group. But i need to know whether the system will allow to assign two Auth. Group for one Company code (ie., 2 Auth. Group and all common users)
  Please revert ASAP.
  Regards
  JS

  The help on AuGr field in OB52 is good.  Here it is
  Authorization Group
  The authorization group allows extended authorization protection for particular objects. The authorization groups are freely definable. The authorization groups usually occur in authorization objects together with an activity.
  Use
  A posting period can be made available to only a limited set of users using the authorization group.
  Procedure
  If only a limited set of users is to be able to post in a particular posting period, proceed as follows:
  Add the posting period authorization (authorization object F_BKPF_BUP) to the authorizations of the selected users. Assign an authorization group (e.g. '0001').
  Enter the account type '+' for the posting period variant to which the restriction is to apply. Enter the period(s) whose use is to be restricted in the first period, those which are available to all users in the second period, and the authorization group (e.g. '0001') in the last column.
  Examples
  A posting period can be successively restricted. If, e.g. 10 users have the posting period authorization with authorization group '0001', and 3 of these 10 users also with authorization group '0002'.
  If the period is only to be accessible to the 10 selected users the authorization group '0001' is entered in the posting period variant. Access can later be restricted to the remaining 3 users by entering '0002'.
  I guess your requirement can very well be met, as explained in the example above.  Also implement the following SAP Note to be able to assign the authorization group at document header level (account type '+') and at line item level in Transaction OB52.
  https://service.sap.com/sap/support/notes/891505
  Srikanth
  PS: I have seen in a reply above that AuGr controls only special periods, which is not a correct statement.  AuGr controls postings in the period specified in From per.1/Year To period/Year in OB52.

• Self-registration user assigned to anonymous group auto

  hi experts,
  how can i make the user self-registration user belong to anonymous group,not everyone group
  best regards
  zlf

  Normally self  registered users automatically assigned to everyone group. If client needs they should automatically assign to someother group , it is the only possibility in my point.
  Ulitimately when modifying standard groups, this consultant should think about it whether modification really needed ?
  It is just an idea
  Koti Reddy
  Edited by: Koti Reddy Chimalamarri on Feb 8, 2009 12:03 PM

• "Domain Users" group in Active Directory does not belong to any Group Membership in LC

  Active Directory user belonging to "Domain Users" group does not belong to any Group Membership in LC, why does it not belong to "Domain Users" group?
  Any way to correct this issue, without changing group membership on AD side?
  If Active Directory user is member of "Domain Admins" or "Users" then these show same group membership in LC.
  Thanks.

  If you want to use the Domain Users group for the purpose of representing all the users then you can use the "All principals in domain xxx" group which is created by UM.
  Coming back to Domain Users group. For determining group membership in AD UM uses "member" attribute of the group object. "Domain Users" group is treated differently by AD. It is the default primary group for all the users and normally members of the primary group are not specified using the member attribute.So when we sync the data from AD "Domain Users" membership does not get completed.

• Getting the Windows groups a user belongs to.

  I'm using the JAAS package, and have used the NTSystem class to get the current domain and user that is running my application. What I would like to do is determine if that user belongs to a specifically named windows group (i.e. Administrators, Users, Guests, oneIMadeUp). Using the JAAS package, I'm able to list the groupSIDs, which is just an unintelligble list of numbers.
  There must be a simple way to just list the groups a user belongs to, so I can check in my code against a specific group, and then allow/deny certain functions running.
  Any ideas?

  Resubmitting
  Hi,
  I want to write some code which will retrieve all the groups a user belongs in.
  The JAZNUserAdaptor class has a getGroups() method which returns a Set which I iterate through as follows;
  JAZNUserAdaptor jaznuser = (JAZNUserAdaptor)p;
  Set aSet = jaznuser.getGroups();
  Iterator anIter = aSet.iterator();
  Object myObject = new Object();
  while (anIter.hasNext())
  myObject = anIter.next();
  System.out.println(myObject.toString());
  The above produces the output
  [JAZNGroupAdaptor: RealmRole: jazn.com/pats_sit]
  [JAZNGroupAdaptor: RealmRole: jazn.com/guests]
  [JAZNGroupAdaptor: RealmRole: jazn.com/users]
  Is there a better way to do this? What type of object is returned from anIter.next()? Is it JAZNGroupAdaptor and where is this class defined?

• Problems to restrict access to a page when the user belong to more than 1 group

  I have realized that Dreamweaver on a coldfusion document only works fine when the user only belongs to a single group, this is because the code supplied by dreamweave when you use the option "Restrict access to a page" at "Server behaviors" it assumes that the user only have one group as you can see on this line created automaticly by dreamweaver:
  <cfif MM_Username EQ "" OR MM_UserAuthorization EQ "" OR ListFind("admin",MM_UserAuthorization) EQ 0>
  MM_UserAutorization has the value of the field assigned for the list of groups or levels, as you can see it could work if we reverse the parameters of the listfind function but the problem would be if we grant the access to more than one group because the sentence would be like this:
  <cfif MM_Username EQ "" OR MM_UserAuthorization EQ "" OR ListFind("Admin,Manager",MM_UserAuthorization) EQ 0>
  so both paramethers are lists therefore no user will get access to the page.
  I am trying to make a work around to fix this problem but I don't know how to get the name of the page since the Application.cfc so I can validate the access to this page against tables on my database.
  Does someone have a work around or a tip how to fix this problem?
  Thanks in advance.
  AG

  Seems like you have a problem with your group names.ctxLdap.modifyAttributes(groupName,member);Ensure that the value of your variable groupName is a a valid distinguished name.
  Note that an OU (organizationalUnit) is not a group. You do not add users to OU's, you create users in OU's.

• User has no authorization for function group SWRS

  Dear SRM Gurus,
  We are facing an issue u201CUser has no authorization for function group SWRSu201D.
  Hope the user has no authorization to access function group SWRS and this function group is saying that workflow substitution.
  Can you any one have any idea what scenario are we using Workflow substitution?
  Is there any Roles need to be assigned?
  I would be appreciating if you could let us know more detail on this.
  Thanks.
  Regards,
  Magesh Basavaraj.

  Hi,
     The authorization object is 'S_WF_SUBST' for substitute role..try to assign this object and check..
  Saravanan