Disable Account Factory Cache

Similar Messages

• User Factory Cache - Disable

  Hi,
  I would like to disable the User Factory Cache as this is causing problems where users attributes are cached and these parameters need to be dynamic as these can change from minute to minute.
  If anyone can point to me the location where this setting can be found.  I am aware this is going to cause a protential performance issue.
  Any useful answers will be rewarded with points.

  Hi,
  you can configure the UME Cache using the Config Tool and there in Global Service Configuration ->com.sap.security.core.ume.service.
  In the properties list you will find the property:
     ume.cache.user_account.default_caching_time
  with the value:
     3600
  According to the documentation the value should be seconds. As it says that the user account information will be refreshed every hour by default.
  I guess when you change the value to a value suitable for you and restart the cluster you can achieve your requirement.
  You will find also some other properties here which can be used to adjust the other factories and values of the cache. These are more or less self explanatory.
  However, I have not tested this yet. I only found these parameters lately because of an other issue with the UME cache.
  Hope it helps and best regards,
  Stefan Brauneis

• Jython or wlst script to enable/disable result set cache at BusinessService

  Hi,
  I am new to creating Jython or wlst script. Can anybody help me out and send me the wlst script to enable/disable businsess service cache in OSB. The script should be called by Proxy Service.
  Thanks

  You cannot change the role name. If you want to use the same account activation scheme as used by the console and the perl script command lines, you must use the exact same names for roles, etc.
  If you don't care about using the console or the command lines to manage roles, you can use any scheme you like, but you cannot mix and match the two schemes.

• My apple ID was disabled so i had to make a new apple ID, But the disabled apple ID  had all my games on it. Is there any way we could enable my disabled account

  My apple ID was disabled so i had to make a new apple ID, But the disabled apple ID had all my games on it. Is there any way we could enable my disabled account?????????????????????????

  If not this:
  Why do I see the message "This Apple ID has been disabled for security reasons” when I enter my password?
  This message means that someone was unable to sign in to this account multiple times. The Apple ID system will disable the account to prevent unauthorized people from gaining access to your information. You'll need to follow the instructions on My Apple ID to reset your password.
  Otherwise, contact iTunes:
  Apple - Support - iTunes - Contact Us

• Unable to view emails in disabled accounts

  hi all
  this is my first ever post to Mac discussion forum, after having been a Mac user for 20 years! Wish me luck!
  I have a number of accounts set up in Mail. Two of these accounts are no longer active, in that the mailservers no longer exist and I can no longer receive mail into them. This is fine.
  The trouble is that if I do the logical thing and disable those accounts in Mail account preferences, all the emails sent and received on those accounts effectively disappear. I know that they are still there, because if I search for them they come up in the list view, but I cannot view the contents, and if I enable the accounts again, there they are.
  Mail Help suggests this is intentional:
  "Disabled Mail accounts are marked Inactive in the list of accounts in Mail preferences. The disabled account’s mailboxes and messages are removed from the Mail viewer window until you enable the account again, at which point they reappear."
  However, I do not wish to leave the accounts enabled as I am prompted for my POP password everytime I collect my other mail, which is a nuisance.
  Is there any way around this? There must be a neater way to do it!
  thanks
  Tony

  You might actually try just making a new folder, and dragging the emails into it (in Mail's sidebar).
  There is another way around this. In Mail's "File" window, select "import Mailboxes". Navigate to ~/Library/Mail folder, and select the accounts you want to import. Do this for each one (the folder to select will start with IMAP or POP). Then, Mail puts these in an "Import" folder on the sidebar in Mail. Now, disable the accounts.

• How to filter disabled accounts out of Dynamic Distribution Groups/Lists?

  As far as I understand it, OPATH does not support bitwise and/or flags, so excluding disabled accounts from dynamic distribution lists is impossible, unless I am missing something super simple.
  Many have found what they believe to be a valid solution by using -not(UserAccountControl -eq 'AccountDisabled, NormalAccount') in their filter, but this only equates to "anything NOT with a UserAccountControl value of 514 (integer)".  Simply
  adding "password does not expire" option on the account breaks that filter even if the account is disabled.
  Further, it appears anytime you create an OPATH filter, Exchange does create an LDAP equivalent filter that can be read, however it seems you cannot directly edit the LDAPRecipientFilter.  If I could, I could put in the necessary bitwise operation needed
  for this, e.g.  (!UserAccountControl:1.2.840.113556.1.4.803:=2), but it doesn't seem possible.
  Unfortunately I cannot rely on the ExchangeUserAccountControl flag as that relates to just hiding from Address Lists, and I have disabled accounts that need to be in the GAL.  Further I have active mailboxes for disabled AD accounts so I cannot use IsMailboxDisabled.
  Is this by design?  If so I don't understand why.  Are there any options (even with Exchange 2013)?

  Hi Simon.  Thanks for your response.
  I'm not sure what additional information I can provide that I have not already regarding the my suggestion/requirement, short of re-stating my original query.
  With Exchange 2003, we could simply exclude disabled accounts from dynamic distribution lists via the use of an LDAP filter that used bitwise logic against the UserAccountControl attribute, e.g.
  (!UserAccountControl:1.2.840.113556.1.4.803:=2)
  With Exchange 2007, direct LDAP queries were deprecated in favor of OPATH.  Unfortunately as a result, we can no longer filter out disabled accounts because OPATH does not support bitwise logic -xor -xand, etc.  Because of this we can no longer
  effectively use the UserAccountControl flags to exclude disabled accounts.  We can use this attribute by specifying explicit combinations of flags, e.g.
  UserAccountControl -ne 'AccountDisabled, NormalAccount'
  But because this attribute is a culmination of bits representing many different account options, there are a large number of combinations of values that could include Disabled Accounts whereby a filter such as above would NOT work.  E.g. simply adding
  an option to not expire the password on the account renders the filter above invalid.
  Currently our only option is to use workarounds which are not very effective (e.g. using a different attribute to store information about disabled accounts and filter on that instead).  As accounts can be disabled simply with a right-click in ADUC,
  enforcing the use of an additional attribute is not effective.
  I would like to understand why OPATH excludes this functionality, e.g. is it a design decision?  Or is it simply an oversight?  Further I'd like to see this functionality added.

• I have two facebook accounts availible when I click the facebook icon in aperture it tries to log into the disabled account. It doesn't give me any option to continue making an album for the enabled account. Why?

  I have two facebook accounts availible when I click the facebook icon in aperture it tries to log into the disabled account. It doesn't give me any option to continue making an album for the enabled account. Why?

  I suppose I could delete it, but the whole point of multiple accounts is so I can post to either. One is mine, one is my wife's. If it is not enabled why would I need to log into it to post to my own account. The system has no problem associating existing albums with my account, I is only failing to allow me to choose only my account to create an new one. It is clearly designed to handle multiple accounts, but seems to have a bug directing it to ask for the password for a disabled account instead of allowing selection of and posting to the enabled one.

• Disabling the object cache for value OciObjects

  Hi.
  I have a program using OCIObjects as value objects to pass data from OCI to PL/SQL procedures. However in a multithreaded test there is a lot of mutex blocking occuring within the oracle client library (on OCIObjectNew, OCIObjectFree and others), which i am guessing is associated with the OciObjects being managed within the object cache.
  Is it possible to disable the object cache? Or maybe construct the value objects in such a way that they are ignored by the cache.
  Thanks for any help.

  Hi,
  thanks for your response.
  I did consider using OCI_ENV_NO_MUTEX but i would like the oracle OCI library to implement mutexing because i am assuming it does it efficiently and only where required. However it is not clear to me why mutexing would be required when creating/deleting value OCIObjects. I'm guessing it's because of the object cache. (The documentation doesn't explain.)

• Where is the Disable Read from Cache option ?

  I'm running Zenworks for desktops 4 and zenworks for servers 3 and I would
  like to try out the option Disable Read from Cache, but I'm unable to find
  it anywhere in the user or OU property pages.
  Where is it?
  Thanks!
  Oliver

  On Wed, 13 Dec 2006 08:03:17 GMT, [email protected] wrote:
  > Where is it?
  application launcher configuration
  Marcus Breiden
  If you are asked to email me information please change -- to - in my e-mail
  address.
  The content of this mail is my private and personal opinion.
  http://www.edu-magic.net

• Work Flow for Manually Disabling Account and Reporting on Disabling Account

  Hi All
  THis is my First Time To Create Work Flow for Idm Project Please Help me
  i want Work Flow for Manually Disabling Account and Reporting on Disabling Accounts
  Please Tell me How I will have to start, to create the code, I know how to configure but may be I will use BPEL or Through Netbeans and plugin I will use.
  please provide me sample code, so that I can start workflow work

  Thats configurable buddy ! ! And possible in 10G and 11G both versions.
  Functional Roles : These are the groups/roles in OIM 10g/11g with access policies attached at the backend.
  - Create a dummy resource and name it Request Role or anything as you like. Attach an Object Form to it and have form field for Role Name, this would be a lookup type field linked to all OIM groups (leave system values using lookup query). So a user can select any OIM Group in this request as per configuration. Have approval workflows defined on this dummy resource Request Role and in its Provisioning Process make user/s a part of the requested group.
  - Now once the user is made a part of the group, the associated access policy would be invoked automatically and thereby provisioning. The only thing you need to keep in mind is that create the access policy without approval (there is a check box). If you do this the approvals would never be invoked even if you assign a group manually to the user coz it suppresses all the approvals in this access policy.
  IT Roles : These would be linked to the resource and you can define individual approvals on the resources as required.These approvals would be required if someone raises a request for these resources individually.
  Thanks
  Sunny

• Disabling Accounts

  Hello all,
  As users move through the deprovisioning process, we have several stages we wish there accounts to go through. First we want to flag users as non-affiliatied with our organization. This will start a clock and they will have a window of time to continue to use the resources provisioned to them. After a certain amount of time, say a few months, we want to 'disable' their account. Disabling will deprovision their resources, but leave their account with unique id in the system. Further, after more time, say another few months, we will then remove their account from the system.
  We need to track disabled users, and record reason for their account being disabled. Any suggests on the best way to accomplish this? I thought that the deprovisioning form could be modified to include a textarea for comments. Put I'm not sure about how to flag an account as "disabled". Since we will want to query for disabled accounts, etc. Would a 'disabled' role be the most appropriate way? If I want to see the comments made during the de-provisioning, am I able to edit an associated audit report so that the comments are displayed?
  Thanks for any help!!

  We developed processes to handle this for us. Our solution may not be exactly what you are looking for, but I can tell you what we did. We established roles for access to certain resources. So when your account is initially claimed, you might get provisioned a role like "Email User". Then when a disabling event comes along, we remove that role, and add a disabled role, "Disabled Email User". The disabled email user role maintains that the email resource is provisioned, but changes an attribute on the resource to signify the account as disabled. At the same time we schedule a deferred task out in the future (how long depending on our business needs) to remove the disabled role. When we remove roles, we check to see if all roles are gone (including disabled ones). If they are, then we start the processes of deleting or remove the account from our systems.
  Hope this helps.
  Jim

• HT2589 How do you fix a disabled account?

  How do you fix a disabled account?

  Depending on why it's been disabled, you might be able to re-enable it via this page :http://appleid.apple.com
  Or you might need to contact Apple : http://www.apple.com/support/itunes/contact/

• Moving a KMS Server and Disabling KMS host caching

  I am moving my KMS server from a 2003 server to a 2012 R2 server. I have KMS installed on the new server, the host keys installed, and I have forced several clients to check in to the new server to reach the activation limits. Here are my questions.
  At one point (thru a vbs script) we forced quite a few clients to check into the old server. Now we want to make sure all clients check into the new server. Since the clients have cached the old KMS host (some forced and some thru auto discovery), will
  disabling KMS host caching on the old server and removing the DNS record force all clients to contact the new server? If not, what is the best way to accomplish this?
  Russ

  KMSclients which are configured for default auto-discovery, will re-discover via DNS in the event that they cannot contact the cached or discovered KMShost.
  You could also consider adjusting the priority of the DNS records for OLDhost vs. NEWhost, such that the NEWhost has a higher priority. You might also consider disabling DNS auto-publishing for the OLDhost, and then delete the DNS RR for OLDhost.
  For those clients which were "forced", if the OLDhost is statically configured in those clients, you'll need to reconfigure those clients, either back to auto-discover or statically repoint to NEWhost (whichever you prefer)
  KMS host caching is different to statically configuring clients.
  KMS host caching is intended to avoid excessive DNS queries, i.e. the client will cache the host name and only issue a query is that cached host is uncontactable.
  A static configuration of the hostname, at the client, completely bypasses/disables the DNSlookup/discovery.
  Don
  (Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
  This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!)

• Disabling Spatial data cache for one theme?

  How can I accomplish this. I have a crude editing application and this cache is preventing the updates from being seen in the ThemeBasedFOI under oracle maps. The ThemeBasedFOI.refresh() seems to have no effect.
  I have confirmed that disabling the entire cache resolves the problem, but I have another application that needs this cache on the mapviewer, so turning off the whole cache isn't a good option.
  So, can I mark a single theme to be ignored in this cache?

  You can set the caching mode for each geometry theme individually (NONE, NORMAL (default) or ALL). Using MapBuilder, go to the Advanced panel on the theme editor, and select NONE as caching mode.
  Joao

• "Disable account if failed attempts exceed x on" group object

  When setting up a group in ACS 4.1, how do you include the "disable account if failed attempts exceed x" on the Group object. I see there have been some topics on this for older ACS versions (3.x) where it was not possible. Just wondering if anyone knows if this is possible on ACS 4.1 or possibly 4.2?

  Hi,
  In newer version also 4.x, this can only be set on only user setup.
  Can't set this on group level.
  HTH
  JK
  -plz rate helpful posts.