GNS vip role without subdomain

Similar Messages

• SCCM 2012 R2 Cu1: Can I reinstall the Reporting Services Point role without delete or change the SSRS-DB?

  Hi, I have some issue with the reports,
  Can I reinstall the SCCM Reporting Services Point role without delete or change the SSRS-DB (just reset the SCCM SSRS function)?
  I have saved/backup the custom made reports.
  /SaiTech

  Yes you can remove and reinstall the Role.  I had to do this recently on our SCCM 2012 R2 due to an issue with the reports not loading.   Found out that the problem with reports was from the upgrade to R2 from 2012 SP1 and was able to run
  a command to re-register the reports with WMI.  I actually removed the role, uninstalled reporting services feature from SQL, deleted the report databases, reinstalled the SQL feature, configured the reporting databases again, added the role back, and
  ran the following command.
  mofcomp "C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqlmgmproviderxpsp2up.mof"
  This allowed all my reports to register as they should have and run without errors.  If you are having similar problems, you may be able to just run that command to get reports running without all the extra work I did.  For us we were getting an
  invalid Class error in the srsrp.log.
  Brian

• Can I install WSUS alongside Windows Essentials Experience Role without killing IIS & Remote web access?

  Can I install WSUS alongside Windows Essentials Experience Role without killing IIS & Remote web access?
  I have recently installed Windows Server 2012 Essentials R2, but I want to use WSUS on the same server.  Is this possible, if so how?  Last time I tried this I lost my Remote Web Access.
  I did post this in the Windows server 2012 essentials thread but didn't get any replies so thought I'd try posting it here to see if I got any hits here?
  Is there a way to get WSUS to install to different web ports i.e. 880 & 8443?  Or can I get it to install in a new site in IIS?  Its just I know that the Essentials Experience role sets up RWA in IIS and installing the WSUS on top just overwrites
  the RWA site & settings?  I assume this is also why Remote Desktop Services does the same?
  Thanks
  JK MCP

  Can I install WSUS alongside Windows Essentials Experience Role without killing IIS & Remote web access?
  http://blogs.technet.com/b/sbs/archive/2013/06/25/how-to-install-wsus-3-0-sp2-on-windows-server-2012-essentials.aspx
  Last time I tried this I lost my Remote Web Access.
  Remote Web Access uses the Default Web Site. If you install WSUS to the Default Web Site, it will break things. Install WSUS to the alternate "WSUS Administration" site on port 8530.
  Is there a way to get WSUS to install to different web ports i.e. 880 & 8443?
  No.
  Or can I get it to install in a new site in IIS?
  Just select the option during the installer to do that.
  Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
  SolarWinds Head Geek
  Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
  My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
  http://www.solarwinds.com/gotmicrosoft
  The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

• How to create SAP_ALL Display Role without HR Transactions.

  Hi,
  Can someone help mem create an SAP_ALL Display only Role without HR Transactions.
  It takes lot of time to create a New role with SAP_ALL Template and manually change the Activity to display and de-activate HR Objects.
  Please let me know if there is any faster way to do this.
  Regards,
  MASQ.

  > Please let me know if there is any faster way to do this.
  Nope, there isn't. Besides that, only changing activity fields will not result in a display-only role. As said, please use the search and browse through the sticky threads.

• Need to delet or assign individual roles without changing all existing role

  Hi
  I am looking for a way in order to delete or add single roles without touching all other roles a user has.
  I found various BAPI_USER_* , however they always change the entire role assignment.
  Does anybody got an idea or an associated BAPI`?
  Thanks a lot,
  Kind regards,
  Mingolo

  Hello Minima
  The corresponding BAPI is BAPI_USER_ACTGROUPS_ASSIGN. In to delete only specific roles you first have to read the assigned roles of the user using BAPI BAPI_USER_GET_DETAIL.
  Now here the procedure:
  (1) Read the assigned roles for a given user using BAPI_USER_GET_DETAIL. The roles are returned in TABLES parameter  ACTIVITYGROUPS.
  (2) Delete the role you want to unassigned from ACTIVITYGROUPS.
  (3) Change the user using BAPI_USER_ACTGROUPS_ASSIGN with the modified list of roles (in ACTIVITYGROUPS).
  The logic behind this is as follows:
  - the BAPI BAPI_USER_ACTGROUPS_ASSIGN compared the imported list of roles with the currently assigned roles.
  - If one is missing, it is unassigned.
  - If one is new, it is assigned.
  - All others role assignements remain.
  Regards
     Uwe

• Role without Tcode but with customized "Z" Object only

  Hi all,
  Please help my querry is that with a Single Role as while seeing that role in PFCG in Menu Tab no Tcode is assigned and in the Authoriztion Tab -> change authorization tab just a single(one) Z auth object is maintained with Display actvt and i am not able to understand how this is going how the user are able to access the the Role without TCODE assigned but with just a Z authobject. please tell How this is going and working .
  Your help will be greatly appreciated and pleas tell how this Z auth object are created.
  Thanks,
  Chandresh.

  >
  > You need to provide more infos (from the system) and just asking on site is a good idea (as mentioned by Alex).
  >
  > Cheers,
  > Julius
  I agree that asking onsite could give more insight into the Z-Object usage. I can explain the probable reason of having the Z-Object as a stand alone authorization
  In a role inheritance scenario, when you have roles with 100+ transactions (role A, B,C, .......) which act as the master roles and the derived roles being A1,A2,A3...... depending on the number of inherited roles you have in the set-up, authorization objects like customer authorization group or vendor authorization group can be a tough task (as these are not called in the organization level values) - in this situation as the authorization groups would have to maintained individually in the inherited roles and can be a time consuming task with the additional risk of passing down the values of the master role every time it is generated and inherited - a better option could be to maintain a non-existent value in the master role , inherit it so the non-existent value is passed down to the inherited roles. To give access on the specific authorization groups , create a role with only the object F_KNA1_BED or F_BKPF_BED as might be the case and maintain organization specific values in these object and assign it to the users who need it
  My guess would be that the Z-object the operator mentions is something that is developed to address such an issue

• Creation of Business role without allow user the possibility of personaliz.

  Hi
  I'm new in SAP. and I'm in need. Is it possible create Business Role (in CRM) without the possibility (for the user) to personalize the assignment block and the general setting?
  Thanks for your future help!
  Stefano

  Hi,
  this is possible by assigning the Function Profile 'PERSONALIZATION' with value 'ALL_DISABLED' to your business Role in the Business Role Customizing.
  Kind regards,
  Carl

• Create a role without becoming a member...

  I looked all over and couldn't find the answer....I'm 99% sure it's possible....Just cannot remember for the life of me.
  What I'm trying to do is create a role (Create Role TestRoleABC) without becoming a member of it or having the admin ability attached to the ID I'm creating the role with.
  So, example being. Using ID "AppID123", I issue "Create Role TestRoleABC". After creation, the ID "AppID123" is now a member of "TestRoleABC" and has the ability to grant it. I only want accounts that have the "Grant Any Role" priv to be able to do so....
  Thanks.

  Topher34 wrote:
  I looked all over and couldn't find the answer....I'm 99% sure it's possible....Just cannot remember for the life of me.
  What I'm trying to do is create a role (Create Role TestRoleABC) without becoming a member of it or having the admin ability attached to the ID I'm creating the role with.
  So, example being. Using ID "AppID123", I issue "Create Role TestRoleABC". After creation, the ID "AppID123" is now a member of "TestRoleABC" and has the ability to grant it. I only want accounts that have the "Grant Any Role" priv to be able to do so....
  Thanks.when all else fails Read The Fine Manual
  http://docs.oracle.com/cd/E11882_01/server.112/e26088/statements_6012.htm#i2066772
  "If you create a role that is NOT IDENTIFIED or is IDENTIFIED EXTERNALLY or BY password, then Oracle Database grants you the role with ADMIN OPTION. However, if you create a role IDENTIFIED GLOBALLY, then the database does not grant you the role. A global role cannot be granted to a user or role directly. Global roles can be granted only through enterprise roles."

• Creating/Mapping security roles without authentication

  Hello all, I am new to WebLogic 9.1, and I appreciate your help in advance.
  I have an HTTP header pre-populated with the roles a logged-in user has (these roles are defined outside websphere), and the user has already been authenticated.
  I want to map each role from my header to a URI configured in weblogic, so it can authorize/deny access to that page within the container, based on the role in the header.
  What would be a good approach to doing this? I have been looking through the security documentation, and I am a bit overwhelmed, I'm not sure where to begin.
  Thanks

  Hi,
  1) as said, nothing prevents you from building a JAAS LoginModule that does what you need - e.g. authenticate a user against LDAP, then connect to the database and query for his/her user roles. You can't have container managed authorization without authentication though.
  There will be a change in API in JDeveloper 11 (and most likely in JDeveloper 10.1.3.4 - upcoming) that allows you to set a Subject into the OC4J context, in which case you don't need container managed autehntication. However, I don't have it tested yet and can't tell to what extend this would be useful
  3) Sure, you can build a JAAS LoginModule that doesn't care for authentication. However, this doesn't work with container managed security. As far as I am aware, the only option to not show a login dialog is to use certificates. And certificates are not yet to use with custom LoginModules. So the above mentioned API - that is available as a backported patch for 10.1.3.1 - might do the trick
  Frank

• How to use a query in two different roles without copying it

  Hi,
  The report I try do should display only data that concerns only Controlling area (0co_area) of the user (there is need for two groups of users)).
  So far I created an authorization where I wrote down "0co_area = 1002" condition.
  then I created a role connected with that authorization.
  In that role I have a query with variable processing by authorization.
  Then I intend to create similiar authorization and role connected to it for users of 0co_area=1000.
  Now I think the only way is to create a copy of the query and copy it to the role for 0co_area=1000.
  The problem is that I dont wan't to have two querries instead of one.
  Any answers appreciated, 
  Regards, Leszek 

  Hi,
  After fixing the error in the role I noticed that all I should do is to publish the querry in a new role.
  From that moment a user that is tied to new role can read the old report using the rights associated in a new role.
  Thanks for help.
  Regards. Leszek

• Reg:Auto Approve Roles without Approvers for GRC 10.0

  Hello,
  Is anyone using this option on GRC 10.0 as according to my understanding , if someone selects a role and it has no approver then the role has to be assigned to the user automatically but it is not happening in my system..The request is going to decision pending and it is still looking for role approver.
  Can someone provide their expertise on this issue .
  Thanks
  Uday

  Hi Uday,
  I have not used that functionality myself, as I find it too risky if a SOD or Critical risk would be introduced by assigning that role.
  I would have thought that by setting the correct values in SPRO would have enabled this functionality. It might be worth checking the settings again and resaving it.
  However, if you are purposly leaving the approver value blank for non-risky roles, as an alternativethe document below is worth a consideration for implementing via BRF+ in GRC 10. (I know the document is more GRC 5.3 related, but the concept is valid).
  Link: [http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/203d2716-ef84-2d10-3f81-a6f6643e308d?QuickLink=index&overridelayout=true]

• Publisher Role without Admin privledeges

  I would like to know if it is possible to allow someone other than an Admin to publish reports (move from say Dev to UAT to Prod).  It seems it would be more efficient to have my developers move the reports without having to wait for a Sys Admin person.  Can anyone tell me if this is possible and what steps must be done to accomplish this. 
  Thanks for any help in advance.

  Alan,
  Thanks so much for your reply.  We are on version XI R2, is there any way we can accomplish this even if it means not using the wizard? 
  Happy Holidays, Lois

• ERM overwrites backend role without warning.

  We are on version 5.3 - SP13.
  I have uploaded roles to our ERM installation. The upload was performed with the bulk download file collected via the /VIRSA/RE_DNLDROLES - program in backend in combination with the role information file which we have maintained with relevant role attribute data. The Org-level file is not relevant for us since our security concept does not include derived roles.
  When we took the tool into use we discovered that even though the upload was completed successfully there are examples of roles which are created with non-identical content (authorization objects and field values) from the actual backend roles.
  When we started performing changes to those roles, not identical in ERM and backend, via ERM, the system did not give a warning of the inconsistency but just directly overwrote the backend role with the incorrect ERM version of the role. 
  Anyone else with experience with the same error?

  Thanks Raghu and Frank for your replies!
  What I did was:
  1. Yes: I imported roles into ERM.
  I made the assumption that the roles would be created correctly contentwise in ERM since the upload is done from a file which is directly downloaded from the backend system. I probably have some issues in this department as you have both already pinpointed.
  Maybe the lack of including the OrgData file in the upload is the source for the error...?
  Sorry about my stupid question Raghy, but how do I maintain the Org Data file? I see that the data columns are:
  Rolename - Derived Org Level - From value - To value
  Do I really have to maintain this manually when I do not have derived roles....?
  (I see that there is a lot of org level values included in the system already from the initial upload.)
  Do you have any general advise on how I can easily verify that my roles are created with correct content in ERM compared with the backend system?
  2. Yes/No: I agree that if you generate a role from ERM, then you must know what you do and expect the backend role to be overwritten.
  What I did was that I opened PFCG from ERM to make changes to the role.
  I have in earlier test scenarios received a system messages at this point in the process asking me if I really want to overwrite the backend role. To my understanding this message is supposed to appear in any case when the ERM role is different from the backend role. Then I have the possibility to cancel the opening of PFCG and synchronize the role from backend to ERM before I continue with actually opening PFCG and performing the role changes.
  I do not know why I get this message sometimes, but not always.....
  Best regards
  Kari

• How to assign roles without Sap*

  Hi
  I have created an administrator account and I forgot to assign him roles...
  My Sap* user id is desable on top of that
  I have tried to modify the ume.superadmin.activated=true but its still not working.
  any ideas??
  JF

  Hi
  the config tool is working but I am running a different version that the course I took not so long ago.  In the config tool, they can switch to the configuration editor mode and I don't have it...
  Anyway, I had a ghost of my server so I did a restore, (its quicker that way)
  thanks
  JF

• Assigning iViews to Roles without Pages

  I have created several "SAP Transaction" iViews that rely on HTML GUI and would like to add these to my Portal.  When I assign them to a page, and then add that page to a role, the iView height does not display automatically.  The iView is only about 80 pixels high. 
  I have also tried assigning the iView directly to the role, and in this case it displays correctly. 
  Is there any purpose to using "Portal Pages" if an iView is the only content being displayed for that Top Level or Second Level navigation choice?
  Are there any problems with assigning iViews directly to roles?
  Thanks for any answers you provide.
  Best regards,
  Bryan

  Bryan
  You are correct, this concept didn't exist in EP5. In EP6 a Page and an iView are basically the same object, which is why it doesn't matter which one you assign to a role. The other thing is that if you do use a page, then the pagebuilder tends to include a lot more resources into the output, which increases the size (and potentially time) of the page downloaded to the client. If you only have transactional iviews, then I would forget about the page. If you decided to try and use the pages, then the things that can cause this problem are: -
  1) Domain of the iView is different to the domain of the portal and when the portal tries to re-size the page it can't access the size of the content and therefore can't resize it
  2) I would check things like the maximum and minimum page size attributes on the page. They may have default values in an iView but not a page
  I hope this helps
  D