End user Quarantine Access

Similar Messages

• Minimal access for the end users to access a page sharepoint.

  I have a list Projects which i have put in a different aspx page by the name ProjectPage.
  I have end users accesing that page where i have applied certian styles for dsplaying in a customized way.
  However, i need to configure their permissions in such a way that they should be able to access any page other than the project page.
  They should not even see the site actions bar and should not be able to access the _layouts/viewlsts.aspx page as well as settings page form the address bar.

  Hello,
  To restrict application page, either you can hide them from UI (but still be accessible by putting direct url) OR create a custom permission and uncheck "view application page" option. Refer this link for more info:
  https://social.technet.microsoft.com/Forums/office/en-US/bc3e9e2e-e606-47a1-ace3-94aadd860e44/is-there-any-way-i-can-disable-site-actions-menu-for-readonly-users?forum=sharepointgeneralprevious
  Hemendra:Yesterday is just a memory,Tomorrow we may never see
  Please remember to mark the replies as answers if they help and unmark them if they provide no help
  (On vacation from 16th Oct to 28th Oct 2014)

• End user releasing own emails based on Policy/Content

  Hiya all,
  New to this forum and my first post so hello to all
  We recently installed a couple of C360 and an M series and they all are working well.
  We have also setup Profanity based filtering and as a result many swear words are being rejected.
  This is setup using dictionaries.
  But we are also getting a high number of false positives and as a result our Techsupport team is inundated with requests to release emails.
  I know with SPAM Quarantine there is End-User Quarantine Access but I don’t see this with Policy Quarantine.
  The end result I want is for end users to release their own emails blocked based on profanity.
  Is this possible?
  My apologies if this has been asked in the past.
  Ivan.
  :D :D

  Welcome aboard Ivan!
  The main reason there is a separation between ironport spam quarantine(isq) and policy quarantine(aka system quarantine) is that ISQ is mainly used in conjunction with the anti-spam verdict/results. While policy quarantine is used as a result of administrative/company policy(e.g. like a profanity dictionary filter in your case).
  Another difference between the two is ISQ is accessible by the end user. Policy quarantine is accessibly only by the admin of the machine.
  Here is a KB article that goes over their diffs.
  What is the difference between IronPort Spam Quarantine and System Quarantine?
  http://tinyurl.com/233qkq
  Now, there is a way to tweak it so that the content filter sends it over to the ISQ. Now keep in mind by doing this, you're mixing profanity filter verdicts with anti-spam results. It may be confusing for the end user unless you preprend the profanity stuff with "[Contains profanity]" at the beginning of the subject line.
  This Cisco IronPort support portal KB article goes over how to send content filter results over to the ISQ.
  Can a Content Filter divert messages to the IronPort Spam Quarantine?
  http://tinyurl.com/coebj3
  Good luck and let me know if that doesn't address your concern.

• What is the tool to be accessed by End user in version 7

  Hi all,
  Could any body give a good ppt or explanation about the way the end users can access the BW Queries in version 7.
  Priror to version 7 we used to give access to Browser to the end users . Now what are the different options with EP and with out EP for that.
  With rgds,
  Anil Kumar Sharma .P

  hi Anil,
  in version 7, Portal is a must to run web templates, and the new bex tools WAD, query designer, report designer, bex web analyzer all will need Portal (and Java usage type), you can still use old 3.x bex tools and have the 3.x webtemplates run on bw's WAS.
  check Prakash's ppt 'publishing strategies'
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/70e18305-2356-2910-4bbe-9c1ebd751032
  and
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/a5067965-0901-0010-6f8a-bbf0b7424283
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/6fe0f064-0901-0010-d4b2-86ac9f952cc2
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/5f243d6d-0601-0010-2aae-abe0a4dcfadb
  hope this helps.

• End Users Accesses

  Hi,
  I was wondering if the end-users need access to save the reports as workbooks and views. We definetly do not want to give them access to create new queries or change them. Can we just give them authorization to save as workbooks and views. And I am not sure if giving auth. to save as views also gives them access to query change.
  Thanks
  Ace

  Hello!
  you can restrict the access of a user to work with Views and not with Queries. I think giving the authorization to display and change authorizations only to views is posible usinf RS_comp, rs_comp1.
  and regarding workbooks i am not able to understand exactly what you need. if you give authorization to work with views then users can not change the queries but can save the views in workbooks.
  hope it helps
  with regards
  ashwin
  <i>PS n: Assigning point to the helpful answers is the way of saying thanks in SDN. and you can assign points by clicking on the appropriate radio button displayed next to the answers for your question.yellow for 2, green for 6 points(2)and blue for 10 points and to close the question and marked as problem solved.closing the threads which has a solution will help the members to deal with open issues with out wasting time on problems which has a solution and also to the people who encounter the same porblem in future.
  BEx on linux</i>

• End User Rules

  Hi Experts,
  When I wanted the end users to have access to a Rule, I'm used to add the rule name to the endUserAccess Attributes in the SystemConfiguration object. And it works fine.
  But the FAQ page in Sun IDM partner space says that if you specify ur rule as follows,
  <Rule authType='EndUserRule'.....>that rule will be accessible by the end user. But this does not work for me. I'm getting the same error id. view access denied for subject blah blah.
  Did any body try this ? Or if you have any other idea to give the end users have access to rules please share it.
  Regards,
  Biju

  Make sure to set both the authType as well as the MemberObjectGroups. Here's an example:
  <Rule name='testRule' authType='EndUserRule'>
      <block>
          <s>Test</s>
      </block>
      <MemberObjectGroups>
          <ObjectRef type='ObjectGroup' name='All'/>
      </MemberObjectGroups>
  </Rule>

• How to restrict end-user from not using certain movement-types in MB1B

  Dear Gurus,
  My client wants that end user has access to only particular movement types in MB1B.i.e only to 311 and 412,421E.
  They do not want any other movement types to be access by end-users in MB1B
  How to go about this requirement?
  Thanks in advance
  Regards
  Ram
  Edited by: RAMKUMAR WARIYAR on Jun 27, 2009 2:14 PM

  hi,
  This is possible you can restrict and allow user for movement type which they can do through any t code.
  Contact yours BASIS consultant for that
  Regards,
  Vishal
  Edited by: VS on Jun 27, 2009 5:46 PM

• How to sign java applet policy to end user?

  i have putted my applet class on server, i want all end users can access it on server, how to sign the java.policy to there JRE?
  can anyone help me?

  I found this some where else. It shows how to sign an applet.
  START OF DOC
  How To Sign a Java Applet
  The purpose of this document is to document the steps required to sign and use an
  applet using a self-signed cert or CA authorized in the JDK 1.3 plugin.
  The original 9 steps of this process were posted by user irene67 on suns message forum:
  http://forums.java.sun.com/thread.jsp?forum=63&thread=132769
  -----begin irene67's original message -----
  These steps describe the creation of a self-signed applet. This is useful for testing purposes. For use of public reachable applets, there will be needed a "real" certificate issued by an authority like VeriSign or Thawte. (See step 10 - no user will import and trust a self-signed applet from an unkown developer).
  The applet needs to run in the plugin, as only the plugin is platform- and browser-independent. And without this indepence, it makes no sense to use java...
  1. Create your code for the applet as usual.
  It is not necessary to set any permissions or use security managers in
  the code.
  2. Install JDK 1.3
  Path for use of the following commands: [jdk 1.3 path]\bin\
  (commands are keytool, jar, jarsigner)
  Password for the keystore is any password. Only Sun knows why...
  perhaps ;-)
  3. Generate key: keytool -genkey -keyalg rsa -alias tstkey
  Enter keystore password: *******
  What is your first and last name?
  [Unknown]: Your Name
  What is the name of your organizational unit?
  [Unknown]: YourUnit
  What is the name of your organization?
  [Unknown]: YourOrg
  What is the name of your City or Locality?
  [Unknown]: YourCity
  What is the name of your State or Province?
  [Unknown]: YS
  What is the two-letter country code for this unit?
  [Unknown]: US
  Is CN=Your Name, OU=YourUnit, O=YourOrg, L=YourCity, ST=YS, C=US
  correct?
  [no]: yes
  (wait...)
  Enter key password for tstkey
  (RETURN if same as keystore password):
  (press [enter])
  4. Export key: keytool -export -alias tstkey -file tstcert.crt
  Enter keystore password: *******
  Certificate stored in file tstcert.crt
  5. Create JAR: jar cvf tst.jar tst.class
  Add all classes used in your project by typing the classnames in the
  same line.
  added manifest
  adding: tst.class(in = 849) (out= 536)(deflated 36%)
  6. Verify JAR: jar tvf tst.jar
  Thu Jul 27 12:58:28 GMT+02:00 2000 META-INF/
  68 Thu Jul 27 12:58:28 GMT+02:00 2000 META-INF/MANIFEST.MF
  849 Thu Jul 27 12:49:04 GMT+02:00 2000 tst.class
  7. Sign JAR: jarsigner tst.jar tstkey
  Enter Passphrase for keystore: *******
  8. Verifiy Signing: jarsigner -verify -verbose -certs tst.jar
  130 Thu Jul 27 13:04:12 GMT+02:00 2000 META-INF/MANIFEST.MF
  183 Thu Jul 27 13:04:12 GMT+02:00 2000 META-INF/TSTKEY.SF
  920 Thu Jul 27 13:04:12 GMT+02:00 2000 META-INF/TSTKEY.RSA
  Thu Jul 27 12:58:28 GMT+02:00 2000 META-INF/
  smk 849 Thu Jul 27 12:49:04 GMT+02:00 2000 tst.class
  X.509, CN=Your Name, OU=YourUnit, O=YourOrg, L=YourCity, ST=YS, C=US
  (tstkey)
  s = signature was verified
  m = entry is listed in manifest
  k = at least one certificate was found in keystore
  i = at least one certificate was found in identity scope
  jar verified.
  9. Create HTML-File for use of the Applet by the Sun Plugin 1.3
  (recommended to use HTML Converter Version 1.3)
  10. (Omitted See Below)
  -----end irene67's original message -----
  To make the plug-in work for any browser you have two options with the JDK 1.3 plugin.
  1) Is to export a cert request using the key tool and send it to a CA verification source like verisign.
  When the reponse comes back, import it into the keystore overwriting the original cert for the generated key.
  To export request:
  keytool -certreg -alias tstkey -file tstcert.req
  To import response:
  keytool -import -trustcacerts -alias tstkey -file careply.crt
  An applet signed with a cert that has been verified by a CA source will automatically be recognized by the plugin.
  2) For development or otherwise, you may want to just use your self-signed certificate.
  In that case, the JDK 1.3 plugin will recognize all certs that have a root cert located in the JDK 1.3 cacerts keystore.
  This means you can import your test certificate into this keystore and have the plugin recognize your jars when you sign them.
  To import self-signed certificate into the cacerts keystore, change directory to where the JDK plugin key store is located.
  For JDK 1.3.0_02: C:\Program Files\JavaSoft\JRE\1.3.0_02\lib\security
  For JDK 1.3.1: C:\Program Files\JavaSoft\JRE\1.3.1\lib\security
  Import your self-signed cert into the cacerts keystore:
  keytool -import -keystore cacerts -storepass changeit -file tstcert.crt
  (the password is literally 'changeit')
  Now, regardless of which method you use, the applet should be recognized as coming from a signed jar. The user can choose to activate it if he / she chooses. If your applet uses classes from multiple jars, for example Apache's Xerce's parser, you will need to sign those jars as well to allow them to execute in the client's brower. Otherwise, only the classes coming from the signed jar will work with the java.security.AllPermission setting and all other classes from unsigned jars will run in the sandbox.
  NOTE: Unless otherwise specified by the -keystore command in all keytool and jarsigner operations, the keystore file used is named '.keystore' in the user's home directory.
  The first time any keystore is accessed (including the default) it will be created and secured with the first password given by the user. There is no way to figure out the password if you forget it, but you can delete the default file and recreate it if necessary. For most operations, using the -keystore command is safer to keep from cluttering or messing up your default keystore.

• EAS link for end user

  Hi There,
  I would like to provide selected end users to access EAS link, so they can look at the dim structure. We use Share Serices for security, my quesitn is that what role or right I need to provide to end user, so they can only view the database structure (dimensions) from EAS.
  Thanks
  Don

  Hi Don,
  Does the user get "no access" error message if he/she right clicks on the outline and click on View?
  I created a test account, provisioned it with server access to the Essbase server and read access to the application. I got the same error message as you mentioned when I double clicked on the outline, but was able to open it with "View" option.
  Cheers,
  Mehmet

• How do I access the End User Licensing Agreement? I clicked on it and it gives me a message that I need to launch Adobe Reader, accept and close and reopen. Trouble is I can't get to an icon for file to launch. I am working on a Mac and have installed Mac

  I am using a Mac and have installed Adobe Reader for Mac, latest version. I cannot access the End User Licensing Agreement. I clicked on it and it gives me a message that I must launch Adobe, check that I agree, close and reopen. The problem is I can't find any way to launch Adobe because it appears nowhere on my launch pad, nor in my document files or on the control panel. Because of this, I cannot print bank statements nor can I get into my insurance companies billing department to make a payment. HELP!

  How about in your Applications folder?

• Is there a way for end users to give their manager access to change their Out of Office, without an admin involved?

  Our end users need to be able to give their managers access to enable their out of office. 
  question 1.  Can this be done without giving them full access?
  question 2.  If they need full access, can the end user themselves give this access? (I've tried giving another user "owner" rights, but the user still can't seem to open my calendar from OWA to adjust my out of office)
  question 3.  Can this be done without an Sys Admin being involved?

  You can create a RBAC role for each manager scoped to each of their employees that lets them run the Set-MailboxAutoReplyConfiguration cmdlet on the exchange server. Otherwise they will need full access to the users mailbox which an admin would have
  to grant, the end user can not grant this permission. Then they can open the other users mailbox in OWA and set the OOF
  DJ Grijalva | MCITP: EMA 2007/2010 SPA 2010 | www.persistentcerebro.com

• End User Rule View Access Denied

  Hi,
  This has been discussed here, but after trying all possible options it still doesn't seem to be working.
  I am using a rule in a end user task, which throws "View Access Denied to Subject on Rule" error.
  I've set the rule authType to "EndUserRule" and
  <ObjectRef type='ObjectGroup' id='#ID#All' name='All'/>
  for MemberObjectGroups.
  Still it would keep throwing same error. I even used:
  <RunAsUser>
  <ObjectRef type='User' id='#ID#Configurator' name='Configurator'/>
  </RunAsUser>
  Still not success.....??? Any idea what could be wrong?
  I am using IdM Version 5.5
  -Thanks

  Hmmm...
  Seems to be working now...all I did was a restarted the application server??? Tried the same steps again in a different environment, and worked without a restart. Must be something odd with one particular environment.
  -Thanks though for the reply!
  -\

• "Adobe Acrobat is blocked" - Where to I accept the end user agreement which will enable me to access Pdf documents on the web?

  I keep getting this message when trying to open documents from the web:
  "Adobe Acrobat is blocked" - 
  Where to I accept the end user agreement which will enable me to access Pdf documents on the web?
  The Adobe website recommends this: (did not solve the problem)
  Safari 7 and 6.1 block PDFs | Acrobat, Reader
  Thanks for any help solving this annoying problem!
  OSX 10.9.3
  Safari 7.0.4
  Acrobat Pro 11.0.0

  Hello Isakten:
  Thanks so much for your reply!
  I already have Adobe Reader 11.0.7 and Adobe Acrobat Pro 9 installed.
  Following your instructions, I then selected Reader as the desired Adobe product to open all PDFs. and save that choice. Still no difference, the same black screen and statement about the EULA shows up…
  http://www.nhgastro.net/patients.html
  BTW, this is the website that I was accessing……note the link to download and print the pdf which triggers the EULA page.
  and also downloaded the latest version of Reader via their link….but to no success…..
  This all started by itself months ago, I did no newer installs or settings changes, none……
  Any other thoughts?
  Thanks so much,
  Steve

• Appraisal - tcode access to core and end users

  Hi Experts,
  Please let me know which transaction code access is to be given to Super Users, Core Users and End users from the list below.
  And also, Please let me know if I have missed out any transaction codes related to Appraisals.
  T codes for PMS Basic Setting
  OOHAP_BASIC           Basic Appraisal Template Settings
  OOHAP_CATEGORY           Appraisal Category Settings
  OOHAP_CAT_GROUP     Category Group Settings
  OOHAP_SETTINGS_PA    PA: Settings
  OOHAP_VALUE_TYPE     Standard Value Lists
  T codes for PMS Process
  PHAP_ADMIN     Administrator - Appraisal Document
  PHAP_CATALOG     Appraisal Template Catalog
  PHAP_CHANGE     Change Appraisal Document
  PHAP_CREATE     Create Appraisal
  PHAP_PREPARE     Prepare Appraisal Documents
  PHAP_SEARCH     Evaluate Appraisal Document
  This is very urgent..Your immediate response is highly appreciated.
  Thanks!

  Hi,
  End users are authorized with
  PHAP_CHANGE Change Appraisal Document
  PHAP_CREATE Create Appraisal
  PHAP_PREPARE Prepare Appraisal Documents
  the T.codes
  where they can prepare appraisals, if mistakenly entered wrong appraiser or appraisee they can edit
  For other activities administrators must have autorization
  Regards
  Ratan Puli

• Accessing Work Items assigned to other users from end user page

  Hello Experts,
  We are using Sun IDM 6.0 SP1 at our client place. Most of the applications integrated with IDM are manually provisioned, in the sense, once after all the necessary approvals are received the request will be assigned to a group of provisioners, they will manually connect to the requested application and create the account in native system. There are more than 100 such provisioners in the organization.
  Current design is to assign a work item to all the provisioners (like Multi approval) and once a provisioner assigns the request to himself then the corresponding work item will be taken out from other provisioners approval queue. These provisioners login to end user page of Sun IDM to access their approval queue as only the end user page is SSO enabled.
  Because of the large number of requests in the system (more than 50k) and each request having 100 work items, the number of work items in the system is huge and thus the performance of the system is very poor so we are working to change the design to bring down the number of work items in the system.
  Customer is not convinced to have a dedicated person who can get all these work items in his queue and assign it to the appropriate provisioner, they are looking to have a solution something similar to the current one in which all the provisioner can see all the requests in the system and they can pick from it and assign to them.
  So we are thinking to create a generic id in the system and assign all the work items to that id, and make changes to the “end user work items list” file so that all the provisioner can see the work items that are assigned to them as well as that generic id.
  But for some reason I’m not getting the work items assigned to other users in the end users page. I have tried assigning all the capabilities to logged in user and tried some code changes in “end user work item list” page.
  Please share if you have any sample code which can list the work items assigned to other users in end user page. Also please let me know if there is any better alternate to this problem.

  Hi,
  There is a option to find and get other user's workitems. Please check the attestation and remediation tab. Use the form portion from attestation page and add it in the Work item list form. This will enable to the user to search for another user's workiteams and assign it to him/her manually. (The user needs to be assigned proper admin rights)
  To get all the workitems, in the system, you will need to query the repository for all the workitems.... but not sure it will be a good idea in your case as the volume is very high.
  Hope it helps
  Regards
  Arjun