DMS 5.1: Access-rights for category not inherited

Similar Messages

• Specifying access rights for page tabs

  Hello
  I have trouble with specifying access rights for tabs that are inside another tab.
  I have a group named "Customers" and a group for each of our customer companies. The company-groups are all members of the Customers group.
  Then i created a tab called "Customers" which i specified access rights to the Customers group.
  Under the customers tab, i created one tab for each customer and i've specified access rights to each tab.
  I want to accomplish that customers who log into the portal only are able to see theyr own tab, but this doesn't seem to work properly.
  Have anyone had this problem before?
  Regards
  Per-Jarle Sfther

  Per-Jarle,
  Are you sure that the users are not part of a group that is included in the group you gave access to on the tab?
  Rich

• Problems Managing User Access Rights for Web Gallery

  Has anyone else had issues changing the user access rights for a web gallery? It seems like the access is everyone or no one. Are the user rights handled per event in the gallery? I had issues adding events to the user's view/download rights in the publish settings.
  Also, can these settings only be set when an event is first published? Attempting to change the user access rights after the event is published seems to require a re-upload of the images.
  Any thoughts?

  Problem solved.
  I had to put the following lines in the specified "0000_any_80.my.website.conf" file:
          <Directory "/Library/WebServer/subdomain.domain">
                  Options All +MultiViews -ExecCGI -Indexes -Includes
                  AllowOverride None
                  # For Password protection
                  AuthType Digest
                  AuthName "Password Protection"
                  require valid-user
                  <IfModule mod_dav.c>
                          DAV Off
                  </IfModule>
          </Directory>

• Error while running Validation Data for category  not found in application

  Dear Experts
  While running Validation and IC Matching I am getting Error i.e. "Data for category  not found in application CONSOLIDATION"
  May some one tell me the reason and resolution.
  Thanks
  Ritesh

  Hi RItesh,
  I suppose your problem was solved in the meanwhile.
  Anyway we had the same issue, when running Validations against ICMatching App.
  That was because Method VALIDATION of Class CL_UJP_VALIDATE tries to relevant data in order to perform calculations (line 127), but if no data is found, ends raising an exception (with a misleading text line 143).
    read_trans_data_sqe( exporting i_application = d_application
                                   it_dim_list = dt_app_dim_list
                                   it_sel = lt_sel
                         importing
                                   er_t_data = lr_data
    assign lr_data->* to <lt_finance>.
    create data lr_data like line of <lt_finance>.
    assign lr_data->* to <ls_finance>.
    lr_data1 = lr_data.
    if <lt_finance> is initial.
  NO DATA FOUND -> EXCEPTION
      raise exception type cx_ujp_process_exception
            exporting textid = cx_ujp_process_exception=>ex_no_data_found
                      d_application = d_application
                      d_value       = l_value.
    endif.
  Hope it helps
  GFV

• Validation- RUN_LOGIC:Data for category  not found in application T_SALES

  In BPC NW 7.5...
  I set up the validation business rules to check that Account A = Account B. When I run the validation package through DM, I got the error that stating RUN_LOGIC:Data for category  not found in application T_SALES. I have 3 members in my Category dimension: ACTUAL, FORECAST and PLAN. The same error appeared even if I hardcoded the category member in the script logic:
  *RUN_PROGRAM VALIDATION
  CATEGORY = %T_CAT_SET%
  CURRENCY = %RPTCURRENCY_SET%
  OTHER = [ENTITY=%P_CC_SET%]
  TID_RA = %TIME_SET%
  *ENDRUN_PROGRAM
  Do you guys have any clue on the error?
  Thanks in all advances,
  Yen Li

  Hello,
  this error isn´t about category dimension.  The system checks if all needed dimensions exists, and if not it gives this error. You can use debug to seach for the dimension in fault.
  Best Regards,
  António

• Took away the access rights for harddrive - mac os x cant boot! pleasehelp!

  i took away the access rights for harddrive - mac os x cant boot! pleasehelp!
  thank you for any help

  wow! thank u a lot!!! it worked great!
  i did this:
  A1. If the disk in question is your Mac OS X startup disk and your computer stops starting up at the blue screen, restart with the Command and S keys held down, and enter the following commands:
  mount -uw /
  chown root /
  chmod 1775 /
  exit

• How do i change the access rights for every file in every sub-folder?

  I have an external drive that was shared between my PC and my iMac (running Snow Leopard 10.6.5).
  Some of the files created by my PC have the following access rights (privileges):
  Me: Custom
  staff: Custom
  everyone: Custom
  I want every file to have the following access rights (privileges):
  Me: Read & Write
  staff: Read & Write
  everyone: Read & Write
  I presume that I need to go into the terminal and run some command line program, but I have no idea what program or what options (or even where to look for such a program). Can someone tell me how to do this, so that every file in every sub-folder has the same access rights?

  Well, that's different. Most people do not install anything on their PC to read an HFS+ disk, so I assumed it was formatted for the PC. [See my above post|http://discussions.apple.com/thread.jspa?messageID=12843313#12843313].
  Note that it is the same as what you asked about, except with numbers instead of the letter equivalents.
  Posix permissions are for User;Group;Other (ugo) and each one can have read/write/execute permissions. Read = 4, Write = 2, and Execute = 1. So, for rwx you set 421=7.
  I try to make it safe by not typing in the file path. If you do what you posted, you will change the startup volume's permissions. The path to your external is /Volumes/ext hd mount point. If you start typing the path and accidentally hit return before finishing the full path, you could fubar something you didn't want to. So, I type the command, leave a space, and then drag the target to the Terminal window.
  You might also consider the GUI based permission changing program, [BatChmod|http://www.macchampion.com/arbysoft/BatchMod/Welcome.html].
  Message was edited by: Barney-15E

• Ironport S160 Access Policy URL Category not working

  I have created a custom URL category "Allowed Sites" and put some sites in there that I want the proxy not to block and ticked the "Allow" field in my Access Policy.
  Those sites also match the predefined URL category "Online Storage and Backup" which is blocked.
  When I try to access those websites, the proxy blocks them saying they belong to the above predefined category.
  Now, how can I allow those few sites, but not the whole predefined category??? Why is my custom category not being considered? URLs in there look like .example.com, .example2.com
  Any help appreciated,
  Kat

  Hi Kush,
  find attached the screenshot of the Access Policy with only the first few lines of the Predefined URL Categories. Also the category I created with "mozy.com" and others in it.
  This is the output of a policy trace for a user that is assigned to this Access Policy when testing the URL in question "mozy.com"
  URL Check
  WBRS Score: 6.5
  URL Category: Online Storage and Backup
  Policy Match
  IronPort Data Security policy: None
  Decryption policy: None
  Routing policy: None
  Identity policy: NTLM_Identity
  Access policy: exHSP
  Final Result
  Request blocked
  Details: Request blocked based on URL category
  Trace session complete
  I'll do the tail and later today.
  Kat

• Special access right for PA20 and PA30

  Hello Experts!
  I have a problem and was wondering how it would be configured in SAP, any help would be greatly appreciated.
  How to config the security access right, if the logon user is the member of specify role, he/she is not allow to access the detail of all HR staff by using PA20 and PA30 but he/she can access the details or other staff.
  Thanks in advance!!
  Antony

  Hello Antony,
  Yes. it is possible. But for that you will have to uniquely indicate the HR staff group to restrict their data access by a Security definition attribute.
  I suggest, you can maintain a seperate, Unique Org.Key - VDSK1 field in PA0001 (Organisational Assignment) infotype specific to HR staff. This can be used in Role Component "HR: Master Data" in the relevant role assigned to exclude the org.key specific to HR staff.
  Hope this information helps. Please let me know if you still have any questions.
  Best regards
  G Raj

• Access Right for Minimum stock level

  Hi all,
  I would like to know if there is a way to set access right to enalbe or disable user from modify the minimum stock level in the item master data.
  Thank you.
  Regards

  I would like to know if there is a way to set access right to enalbe or disable user from modify the minimum stock level in the item master data.
  as I have said, you can use SP_TN to disable some certain users to modify the minimum inventory level value. here is an example:
  IF @transaction_type IN ('A', 'U') AND
  @Object_type = '4'
  begin
  if exists (SELECT distinct t0.docentry FROM oitm T0 INNER JOIN oUSR T1 ON T1.internal_k
  = t0.usersign
  WHERE isnull(t0.minlevel,'') <> '0' and t1.user_code = 'manager')
  begin
  select @Error = 10, @error_message = 'Min level can not be updated by user manager'
  end
  end
  but I also said that you can use SDK code i.e. SAP B1 addon to disable the users to modify the minimum inventory level field. It is more complicated because you need to use programming language e.g. VB.Net to do that. The programming language will use the B1 DI API as project reference.
  You must have SDK development license to develop such addon.
  JimM

• How to retrieve access rights for an user/usergroup ?

  Hello everybody.
  I'm working on BO XI 3.1. And I have to develop with the .NET SDK package an application that retrieves the following data :
  - the access rights to WEBI application and properties for each user/user group.
  - the access rights to each folder and properties for each user/user group.
  etc
  The idea is to retrieve for an user/usergroup the access right on each property of WEBI application and softwares. and same thing for folders....
  I'm looking at the .NET SDK package contents but it takes me a lot of time, even too compared to my deadlines. So I'm looking for help.
  Does anyone have an idea about class of objects, properties and methods to use ?
  Thank you in advance for your help.

  Thanks for these samples.
  The list of user and usergroups is very interesting to audit CMC but my need is different : for example, I'm looking a method to retrieve the level access (full control, no access, ...) of an usergoup on each webi's property. The reason ? To know for example which usergroups have fullcontrol access on the right name "edit SQL" ?
  I think it's hard to retrieve but very interesting to audit CMC...

• Request proProcessing failed. (XLS 000009) You do not have data access rights for the connection.

  Hello,
  I have created a universe UNX on top of a sql table. and i used this UNX via query browser to create a dahsboard. when i run this dashboard with "administrator" the dashboard runs but when i run with any other user it shows the below error. I have checked the connections user security and the i have given "full rights" to the user group and also the universe user security has "full rights" but still i get this error. How do i solve this issue. Couldnt find where the authorization is missing. Please help

  Hi Arjit,
  I have object level security set in universe security for my universe folder in which i have all universes as below. "Everyone" is the user group i am trying to access which is showing error and administrator works fine.
  I also have set some universe security on the particular universe i am using as below:
  User security is set to full control for user group "everyone"..

• Right item category not getting copied while copying sales order

  Hi,
  We have a scenario where we are coping an existing order document and maintaining a new order document.
  The problem is that when we are copying the existing order, we ll not get the same item categories in the copied order as available in the original order.
  The Free of Cost item categories of the materials got changed to the normal item categories, which should not happen.
  Let me know if any configuration changes made in system can fix this issue.
  Cheers!!!
  Ajay

  Hi,
  This may be due to copycontrol between these two sales order. In copy controls, you are retriggering the item category determination.
  When you define the copy control from SO to SO, select the item category and keep the source and target item category as same. (Same for schedule line category also). Once this is done, your problem will be solved.

• How to check the access right for a specific SAP object like MaterialMaster

  Hi!
  How can I check if I have the right to change a specific object like a material or document in SAP vie RFC. I need a remote able function which tells me, if I have enough rights! Or, if such a function does not exist, how can I write my own ABAP code to do this?
  Thanks,
  Konrad

  Hi,
  When initiating a transaction, a system program performs a series of checks to ensure the user is authorized.
  1. The program checks whether the transaction code exists in table TSTC.
  2. The program checks whether the transaction code is locked by the administrator (transaction code SM01).
  3. The program checks whether the user has the authority to start the transaction. Authorization object S_TCODE (transaction start) contains the authorization field TCD (transaction code). The user must have the appropriate authorization for the transaction code to be started (for example, FK01, Create Vendor).
  4. The program checks whether an authorization object is assigned to the transaction code. If this is the case, the program checks whether the user has an authorization for this authorization object. The transaction code/authorization object assignment is stored in table TSTCA.
  Note: An SAP program controls steps 1 through 4. It displays an automatic message to the user if an authorization attempt fails in the step.
  5. The system performs authorization checks in the ABAP program using the ABAP statement AUTHORITY-CHECK.
  Regards
  Sudheer

• Listing Access Rights for all of our servers

  We are in the process of enforcing new security requirements that call for specific enforcement of user rights (Local Security Policy \ Security Settings \ Local Policies \ User Rights Assignment). We are trying to find a method of dumping rights configuration
  on every server so that we can identify those servers they can be quickly re-mediated with a base group policy, and those that will require extra work to ensure that servers with special rights considerations are preserved and documented. We are hoping to
  use the same script to validate that the settings we push out from group policy actually apply to the servers.
  I am not looking for someone to write the script. I just cannot find a way to dump the policy in an efficient way. We have tried two WBEM Classes (RSOP_PolicySetting and RSOP_UserPrivilegeRight). Both would be fine if they showed the local configuration
  as well as the domain propagated settings. We need the combined answer, not just the group policy based settings.
  I found a method of using PSEXEC to execute SECEDIT to dump the settings on a remote system, I would then need to script the recovery of the output and change SIDS to user / groups. The method is looking pretty kludgy. Is there a better way to get this data
  and compile it for review? Powershell or command line is fine as long as we can do it remotely. WinRM is not allowed at our site, so any method dependent on that wont work for our purposes.

  Are you asking how to get the rights of the local groups on a remote system?
  There are a number of utilities that display account rights as configured.   I don't think anyone would feel that using SECEdit is the way to do this.
  NTRights is an SDK utility.  WhoAmI will display the privileges assigned.
  WHOAMI /ALL
  Privilege Name                Description                         
  State
  ============================= ==================================== ========
  SeShutdownPrivilege           Shut down the system                 Disabled
  SeChangeNotifyPrivilege       Bypass traverse checking             Enabled
  SeUndockPrivilege             Remove computer from docking station Disabled
  SeIncreaseWorkingSetPrivilege Increase a process working set       Disabled
  SeTimeZonePrivilege           Change the time zone                 Disabled
  Even WMI can return rights/provileges.
  ¯\_(ツ)_/¯