Enable auditing for specific db user

Similar Messages

• How to enable commenting for Adobe Reader users--missing menu option?

  According to the help file, I can enable commenting in Acrobat Pro X so that Adobe Reader users can use annotation and commenting tools.  The help file says:
  "In an open PDF, choose Comments > Enable For Commenting In Adobe Reader, and then save the PDF.:"
  However, all is see on my menubar is:
  According to the help file, I *should* see something like the following:
  I have uninstalled and reinstalled Acrobat Pro X.  I have installed Acrobat Pro X on a machine that has never had Acrobat Pro installed on it.  Each time I see only the shortened version of menu options.
  So, why do I only see File, Edit, View, Window and Help?  Where are  the other menu items, such as Comments, Forms, Tools, etc?  Is there  something I need to do to enable them?

  *Thank you*.  That worked.  How odd that the help file was out-of-date with my version of Acrobat.  Thanks you again!

• Using mms.cfg file to enable Autoupdate for non-Admin users

  I need help in getting this to work.  So far it does not.
  Adobe Flash for windows 17.0.0.23
  Windows 7 Enterprise  - 5000 systems
  Users are not administrators on systems.
  The Non admin user gets prompted with a screen ( we do not want any prompts)
  Then the install fails because they are not an administrator.
  My mms.cfg file:
  AutoUpdateDisable=0
  AutoUpdateInterval=1
  SilentAutoUpdateEnable=1
  How do I use this or any other method to have Adobe Flash update automaticly for all users including non-admins
  and give no prompts?
  What are the next steps.  Is there an enterprise support site or method to use for mass distributions for Flash?
  Please Get back to me today before 12:00 EDT 13 Apr 2015.
  Gary Pearson
  401-233-6898

  Hi garyp81126656,
  The current mms.cfg file configuration will perform either a notification update or a background update. There are a few options to update non-admin users:
  Host the background update resources locally.  When using the Adobe servers for background updates there is no way to disable notification updates.  By hosting the background update resources locally users will never be prompted to update.
  Disable updates and deploy Flash Player updates via SCUP, SMS, or Group Policy.
  You can find the various deployment options are listed in Chapter 3 of the Flash Player Administrator's Guide.  The Admin Guide also contains information to license Flash Player for distribution within your organization, which is a requirement for any of the deployment methods described in the Admin Guide.  Additional information is available at An outline of Flash Runtime installation options
  Maria

• Outlook loses connection to exchange, pop up for credentials for specific internal users only

  2 load balanced CAS/web exchange 2010.
  "the connection to microsoft exchange is unavailable. outlook must be online or connected to complete this action"
  No one is experiencing this externally, only internally on terminal servers.
  Lync 2010 and Outlook 2010.
  They get the Lync MAPI conneciton prompt.
  Occasionally, after the above outlook error are prompted to enter credentials for exchange logon.
  When I go to connection status during this issue, the "outlook.domain.com" URL is "established" for mail, but referral, and 2 directory statuses are "disconnected" or "connecting".
  Address book service on 2 front ends are fine and started during this issue.
  This is only happening for one department in our environment. Of course, they are the only department that uses Lync internally on terminal servers.
  Lync config also says "EWS not deployed"
  Other departments testing Lync internally so far, "EWS ok".
  No other departments are having outlook issues.
  Departments differ from one another by OU and GPO.
  Josh

  Hi,
  According to your description, the issue may be related to your CAS array configuration.
  Thus, let’s check if there is a DNS entry pointing to
  Virtual IP Address of the CAS array and check load balancer's configuration.
  http://blogs.technet.com/b/omers/archive/2010/10/11/microsoft-exchange-2010-cas-array-steps-and-recommendations.aspx
  For the Lync issue, I recommend you ask for more professional help on our Lync forum:
  http://social.technet.microsoft.com/Forums/lync/en-US/home?category=ocs
  If you have any question, please feel free to let me know.
  Thanks,
  Angela
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Auditing a specific user for their session

  Is it possible to enable/disable auditing for a user in a way similar to enabling/disabling a role?
  What I'm trying to do is - enable auditing for a user when they login to an application (where the application enables it's roles via an application based role - (role identified using a package)) and - when the user logs out have auditing automatically 'disable'.
  I'm not sure if this is possible. Any insight/suggestions are greatly appreciated.
  Thanks!

  If I am understanding your question correctly, you can use fine grained auditing for this. As far as I know, you can't conditionally audit using regular constructs. You can do something like...
  begin
    dbms_fga.add_policy(object_schema   => 'YOUR_USER',
                        object_name     => 'YOUR_TABLE',
                        policy_name     => 'YOUR_TABLE_AUDIT',
                        audit_condition => 'sys_context(''userenv'',''os_user'') = ''howards''',
                        audit_column    => 'YOUR_COLUMN');
  end;
  /This will create an audit record in dba_fga_audit_trail whenever the os_user howards selects the given column from the given table. If the same database user executes the select while connected to os_user 'raymond', the select won't be audited.
  Some of the sys_context parameters are easily spoofed, but the idea should hold true no matter how you evaluate the session.

• Enable authentication for ASA

  hi,
  Im working on AAA authentication for an ASA (ASA 8.0(3) version) box thorough a TACACS+ server in ACS (4.2 version). The setup im working on includes several users in 3 classes: senior (privilege level 15), junior (privilege level 7) and monitoring (privilege level 0), user authentication and command authorization is working fine, however im having problems with enable authentication.
  When an user of junior class try to authenticate the enable password the authentication fails, according to the ACS's log "Tacacs+ enable privilege too low", however the privilege level in ACS for this class is set to level 7. Checking with a sniffer i have find out that the TACACS+ message for authentication sent by ASA is setting the privilege level as level 15, as you can see in the attached screenshot. Of course if the ASA is trying to authenticate enable for a level 15, the authentication will fail according to user's current level.I have local authentication configured in the ASA and it works fine including enable authentication.
  Anyone have had any issue with this or have any idea how resolve this issue?
  thanks all for your replies.

  Seems like you might be hitting bug CSCsh66748.
  Hope you have tried "enable " command to enter enable mode for specific users.
  BTW why are you using different privileges for enable when you already have command authorization in place.
  Regards
  Rohit

• Disable DSN for specific messages

  Hi,
  i have a problem, where i wish to disable DSN for specific internal users.
  Scenario :
  Interal User a sends a mail to special address c,
  if mail host of special address c is not available or anything else i wish that internal user a is never informed that c didnt recieve his mail.
  Can this be done ?
  i thought about doing this with sieve.. but i dont know if DSNs generated by the IMS Master itself are also checked by sieve mechanism....

  Please do notice that your bits do not support many of the features you want. And that later bits do. If you offer that to your company, perhaps you could update more often, or at least this time. We're not talking about a new package, here, but just an update to the one you have, that's not doing the job properly.
  Also, if you had asked for what you needed at the beginning, I could have helped you better.
  What you want is the sieve command, save-copy, or, perhaps monitor. Please see whitepaper, quoted below:
  Saving Messages for Document Retention
  If the reason you want to capture a copy of the message is for document retention, then you will want to take advantage of the new "capture" sieve action. You have to have iMS v5.2 or better to use this facility. The capture action can only be specified in a system or channel sieve; it is not available in user sieves. The general syntax is
  capture "monitoraddress"
  The monitor action is the same as the capture action. Users are encouraged to use the 'capture' instead of monitor as it best reflects the function being performed.
  This action sends a DSN containing the original message in its entirety to the specified capture address. Since this is a DSN it is effectively a completely separate message so there's little chance of it causing side effects that will alert anyone to the monitoring. In particular, no addresses from the original message appear in the DSN header so there's very little chance of the capture copy getting forwarded to the wrong person by mistake. And even though the original message is encapsulated, it is a MIME encapsulation which means the content is easily accessible in any MIME-compliant user agent.
  The capture action is nonstandard and undocumented. It was originally intended to be part of the habanero release, but the backporting of direct LDAP support to 5.2 means it is available in 5.2 as well. We certainly intend to support it in the future.
  Saving Messages for Replay
  There is an undocumented functionality in iMS for making a copy of messages for archival purposes. It's intended for saving sent messages in the event that they need to be replayed. We did this for folks who send mail via bad links to places where the mail may be received OK by an intermediate host but then subsequently lost on its way to the final destination.
  This is done with the MESSAGE-SAVE-COPY mapping table. Entries in that table have the form
  MESSAGE-SAVE-COPY
  out-channel|from-address|D|msg-filename result
  where
  out-channel -- name of the channel the message is flowing out
  from-address -- originator's address (envelope From: address)
  D -- the letter "D" (stands for "dequeue" )
  msg-filename -- name of the message file being dequeued.
  result -- where to rename the file
  Outbound Traffic
  To save only messages out to the Internet, do
  MESSAGE-SAVE-COPY
  tcp_local|*|D|/instance-root/queue/tcp_local/*/* (tab-or-space)$Y/msg_save/$1/$2
  Be aware that the archive isn't made until the message is actually dequeued from iMS (i.e., sent successfully or bounced). A rename operation is done (as opposed to a copy operation). As such, the message file has to remain on the same disk that the IMTA_QUEUE lives on.
  Inbound Traffic
  To capture inbound mail will want to have good control of what machines/pathways a message will take on its way into your systems. If your setup is such that mail always enters the site via an INBOUND relay and leaves the site via know outbound gateways, then inbound message flow is from INBOUND-MTA --> MsgStore machine.
  Since you can have multiple MsgStore machines behind any one INBOUND-MTA, you will want to make configuration on the INBOUND-MTA machine such that it will use a dedicated queue to talk to the MsgStore machines. For instance, on the INBOUND-MTA machine, you could setup a rewrite rule in your imta.cnf file for MsgStore-A, MsgStore-B, ... MsgStore-Z like:
  Node-A.store.domain.com.au $U%$D@tcp_to_store-daemon
  Node-Z.store.domain.com.au $U%$D@tcp_to_store-daemon
  and a corresponding 'tcp_to_store' channel which looks like:
  ! tcp_to_store
  tcp_to_store smtp mx single_sys subdirs 20 noreverse maxjobs 7 \
  pool SMTP_POOL maytlsserver allowswitchchannel \
  saslswitchchannel tcp_auth
  tcp_to_store-daemon
  This has the effect of routing all mail to any of your MsgStore machines through tcp_to_store channel. Transactions to other machines in your setup will take the tcp_intranet channel.
  With this in place you can then throw in a MSG-SAVE-COPY mapping table which reads:
  MESSAGE-SAVE-COPY
  *|*|D|/instance-root/imta/queue/tcp_to_store/*/* $Y/msg_save/tcp_to_store/$2/$3
  the net effect will be a number of queue files in the /msg_save/tcp_to_store directory which are ready for replay. Note the $2 in the sample represents the subdir that the message was already in. As such if you have 'subdirs 20' on your tcp_to_store channel, you will want to precreate the /msg_save/tcp_to_save/000 thru 019 subdirectories with the appropriate ownership and permissions.
  To initiate the replay, you want to simply move the /msg_save/tcp_to_store/### directories to the /instance-root/imta/queue/reprocess and issue the command 'imsimta cache -synch'. The MTA will start pushing out those messages to the store(s).
  If you want to have multiple replays happening you can kick off parallel runs of the reprocess channel by doing 'imsimta run reprocess &' a number of times.
  And, If you want to segregate the storage for each MsgStore machine, you can make new channel in addition to the one suggested 'tcp_to_store' channel. You would then have groups of rewrite rules directing traffic over those channels or you could have one rewrite rule per channel block that you setup. That way you can have distinct entries in your MSG-SAVE-COPY mapping table.
  Finally, since there is a rename operation taking place when you use the MSG-SAVE-COPY mapping table, you will want to make sure that at the first pass that /msg_save is on the same device that your queues live on.
  Short Term Arvchival
  You could setup a process in cron to move those files to a new device on a periodic basis. Better yet, schedule this via the job_controller. For instance, these lines at the top of your job_controller.cnf file:
  [PERIODIC_JOB=archive_mover]
  command=/usr/iplanet/sitescripts/arc_mover.sh
  time=/00:10
  will run the arc_mover.sh script for you every 10 minutes. Your arc_mover.sh could look something like:
  #!/bin/ksh
  # ***Script is untested - should generate some ideas though****
  DUMMY=`test -d /var/tmp/timestamp.dir || mkdir -p /var/tmp/timestamp.dir`
  cd /msg_save
  # First pass
  for dir in `find ./ -type d`
  do
  DUMMY=`test -d /real/storage/area/$dir || mkdir -p /real/storage/area/$dir`
  cd $dir
  for msgfile in `find ./ -type f -newer /var/tmp/timestamp.dir -name "*.00"`
  do
  mv $msgfile /real/storage/area/$dir/
  done
  cd /msg_save
  done
  touch /var/tmp/timestamp.dir
  # Second pass cause we do not know how long we took.
  for dir in `find ./ -type d`
  do
  DUMMY=`test -d /real/storage/area/$dir || mkdir -p /real/storage/area/$dir`
  cd $dir
  for msgfile in `find ./ -type f -newer /var/tmp/timestamp.dir -name "00"`
  do
  mv $msgfile /real/storage/area/$dir/
  done
  cd /msg_save
  done
  exit

• Enabling Audit in CC&B

  Hi ,
  I want to enable audit for a particular characteristics type of Char tables in CC&B. It is working fine for entire table/particular field of a table.
  But how can i use it for a particular characteristics type??
  Thanx ....
  Regards
  sunil

  Issue http://<server>:<port>/flushAll.jsp (case-sensitive)

• Audit specific objects for specific users

  audit statement has the option to choose audit by user list
  audit object has the option to choose audited objects
  now i need to audit specific objects, i.e. user A's tables accessed by a specific group of users, let's say ALL users other than A
  Is it a simple way to achieve this goal? (audit A's tables that accessed by all database users other than A)
  Thanks!

  sorry, the link works now. However, there is nothing new in 10G, same as I read from 9i document. See my highlight below in the quoted document text, my requirements is the combination of them ( specific users and specific objects). Thanks anyway.
  <quote
  Table 8-1 Auditing Types and Descriptions
  Type of Auditing (link to discussion)      Meaning/Description
  Statement Auditing      Enables you to audit SQL statements by type of statement, not by the specific schema objects on which they operate. Typically broad, statement auditing audits the use of several types of related actions for each option. For example, AUDIT TABLE tracks several DDL statements regardless of the table on which they are issued. You can also set statement auditing to audit selected users or every user in the database.
  Privilege Auditing
       Enables you to audit the use of powerful system privileges that enable corresponding actions, such as AUDIT CREATE TABLE. Privilege auditing is more focused than statement auditing, which audits only a particular type of action. You can set privilege auditing to audit a selected user or every user in the database.
  Schema Object Auditing
       Enables you to audit specific statements on a particular schema object, such as AUDIT SELECT ON employees. Schema object auditing is very focused, auditing only a single specified type of statement (such as SELECT) on a specified schema object. Schema object auditing always applies to all users of the database.
  Fine-Grained Auditing
       Enables you to audit at the most granular level, data access and actions based on content, using any Boolean measure, such as value > 1,000,000. Enables auditing based on access to or changes in a column.
  /quote>

• User login report in Active Directory for specific date and time

  I want to get User login report in Active Directory for specific date and time e.g user logged in at15-01-2015 from 8:00am to 4:00pm
  Is any query, script or any tool available?
  Waiting for reply please

  You can identify the last logon date and time using my script here: https://gallery.technet.microsoft.com/scriptcenter/Get-Active-Directory-User-bbcdd771
  If you would like to get back in time and see when the user did a logon / logoff then you need to have auditing enabled. Once done, you can records from Security log in the event viewer: https://social.technet.microsoft.com/Forums/windowsserver/en-US/98cbecb0-d23d-479d-aa65-07e3e214e2c7/manage-active-directory-users-logon-logoff-events
  I have started a Wiki about how to track logon / logoff and it can help too: http://social.technet.microsoft.com/wiki/contents/articles/20422.record-logon-logoff-activities-on-domain-servers-and-workstations-using-group-policy.aspx
  This posting is provided AS IS with no warranties or guarantees , and confers no rights.
  Ahmed MALEK
  My Website Link
  My Linkedin Profile
  My MVP Profile

• Limiting file access auditing to specific users

  I'd like to enable file system logging for specific users. Presently, under Advanced Audit Policy Config on the local file server (Win 2k8 R2 Std) I have enabled Audit File Share - but I get every users activity.  I want to limit it to a few users. 
  As a test, I have added auditing to the security properties of a specific share, only for specific users, but that does not work if the Audit File Share isn't enabled.  And if it is, I get all users activity.  Any way to limit logging to specific
  users?  Thanks.

  Hi Mike,
  Based on my research, there are no system access control lists (SACLs) for shared files/folders, so that once we enable file share auditing, access to all shared files and folders on the system is audited.
  More information for you:
  Audit Detailed File Share
  http://technet.microsoft.com/en-us/library/ee215206(v=WS.10).aspx
  Audit File Share
   http://technet.microsoft.com/en-us/library/dd772690(v=WS.10).aspx
  Detailed File Share Auditing not working properly (Applying to All Files)
  http://social.technet.microsoft.com/Forums/en-US/42618663-61cf-4c05-9659-80c162511cbf/detailed-file-share-auditing-not-working-properly-applying-to-all-files?forum=winservergen
  Best Regards,
  Amy

• How do I enable "Audit user account logons" using PowerShell, to improve security?

  With successful hacking attacks more often employing valid Active Directory user credentials, it is quite helpful when administrators can
  easily poll user logon events. Rather than query
  every domain computer for its logon events, one can alter the Default Domain Controller Policy GPO to enable "Audit user account logons" (Success and Failure) then merely poll
  only the domain controller -- quite efficient. PowerShell helpfully has its Group Policy Module, including the following two cmdlets.
  1) Get-GPO "Default Domain Controllers Policy" will retrieve the top-level GPO object, but how do I enable that specific setting?
  2) Set-GPRegistryValue might be the right tool, but I cannot find any documentation on the values I need to supply to its parameters (-Name -Key -ValueName -Type -Value) to enable "Audit user account logons" -- both Successes and Failures.
  One can manually modify this setting using the Group Policy Management console GUI on the domain controller, but I am trying to upgrade my professional work habits to use stored scripts, rather than unrecorded point & clicks, so that my actions are repeatable
  and documented.
  Any pointers to documentation or an example would be welcome. I originally posted this question in the TechNet PowerShell Forum this afternoon, but someone recommended I copy it to the TechNet Group Policy Forum.
  Jeffrey - New Orleans MCITP Enterprise Administrator, Virtualization Administrator

  Hi Jeffrey,
  >>One can manually modify this setting using the Group Policy Management console GUI on the domain controller, but I am trying to upgrade my professional work habits to use stored scripts, rather than unrecorded point & clicks, so that my actions
  are repeatable and documented.
  Before going further, although you have expressed that you don't want to use GPMC GUI to configure the audit setting, in fact, it's an easy and comparatively handy method to set the setting. Besides, based on the description, you
  want to use PowerShell to do this. However, as far as I know, PowerShell can configure registry-based policy settings and Group Policy Preferences Registry settings, but audit policy security settings are not registry keys.
  Nonetheless, if we really don't want to use GPMC console to do this, we can use Auditpol.exe to set the audit setting.
  Regarding this point, the following article can be referred to for more information.
  Auditpol
  https://technet.microsoft.com/en-in/library/cc731451.aspx
  Auditpol set
  https://technet.microsoft.com/en-in/library/cc755264.aspx
  In addition, regarding Group Policy Cmdlets in Windows PowerShell, the following article can be referred to for more information.
  Group Policy Cmdlets in Windows PowerShell
  https://technet.microsoft.com/en-us/library/ee461027.aspx
  TechNet Subscriber Support
  If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.
  Best regards,
  Frank Shen

• Firefox is not prompting to save password for specific user on specific site. How can I correct this?

  I am using saved passwords feature. The site in question is a common webmail site. I have more than one account for this site. Usernames and passwords for each account were stored in Firefox 'Remember Passwords' feature. I unintentionally deleted one entry from the dropdown list that is displayed when I go to the site's login page. Now, when I log in to this account, Firefox will not prompt to save the password. If I display my saved passwords list, there are entries for the other accounts on this site, but none for the user account in question. The Saved Passwords 'Exceptions' list is empty. How can I get Firefox to re-prompt to save the password for this user on this site? (Note: When I speak of 'user', I am not referring to user account on the PC or a specific Firefox user profile.)

  I am using Avast free version. Today I removed the LAN cable out of the 24 port switching hub and plugged directly into the router port. Now the program runs fast when checking for emails. Looks like all the emails are showing up. I do have other computers plugged into the switching hub with no problems. The hub is brand new. My thinking is the cable connector might be to blame. I will try re-crimping the wires. As for now, things are running good. I will keep investigating. Thanks

• How to apply Software Restriction policy for specific user in local group policy object ?

  I am working on implementing user based software restriction policy programmatically for local group policy object.
  If i create a policy through Domain Controller,i do have option for software restriction policy in user configuration but in local group policy editor i don't have option for that.
  When i look for the changes made by policy applied from Domain Controller in registry, they modifies registry values for specific users on path HKEY_USERS\(SID of User)\Softwares\Policies\Microsoft\Windows\Safer\Codeidentifiers
  They also have registry.pol stored in SYSvol folder in Domain Controller. When i make the same changes in registry to block any other application, application is getting blocked.
  I achieved what i wanted but is it right to modify registry values ?  
  PS:- I am using Igrouppolicyobject API

  I achieved what I wanted but is it right to modify registry values ?
  You also can modify a registry programmatically based policy. Check this:
  http://blogs.msdn.com/b/dsadsi/archive/2009/07/23/working-with-group-policy-objects-programmatically-simple-c-example-illustrating-how-to-modify-a-registry-based-policy.aspx
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Is there a way to find out whether my imessages are being received by a specific iphone user or if there is a problem with their phone? Cannot get in touch with an out of state friend for several days.

  I'm looking for a way to check and see if a specific iPhone user is receiving my imessages or if there phone is not working properly.  I cannot get in touch with an out of state friend for several days and the only number I have is to their cell (iphone).  Thank you.

  YYou can only get a read receipt, not if they only received it.
  http://m.imore.com/how-turn-and-read-receipts-imessage