Grant access to built-in administration portlet

I need to create a user (or group) ADMIN that can create and manage portal users and groups using the built-in User, User Profile, Group and Group Profile Administration portlets. I do not want to grant Portal Administrator to this user.
I have created a page that contain just the above four portlets however when I log as ADMIN I can see only three of them, the User portlet does not show. I have granted Manage on All User Profiles and All Groups Privileges to this user.
Is it any way to grant the user access to the User portlet?
Regards,
Anna

If the schema2.package_name has been successfully compiled using defining user authorization (default) and not current user authorization then yes all any other username requires to use the package and perform any DML activity defined in the package is an "execute" grant on the package.
In the case of current user authorization then the executing user would also need DML grants on the referenced objects.
HTH -- Mark D Powell --

Similar Messages

  • After enabling the Built-in Administrator account, it is not shown on Welcome screen

    Hello,
    I have Windows 7 Starter SP1.
    I have previously successfully enabled and then logged on, to the built-in administrator account,  and then when I had finished using it, disabled it again.
    Unfortunately today, I found that when I enabled the built-in administrator account, it no longer appears on the Welcome screen.
    I went through the process of enabling it by doing:
    Start/Search "CMD"/right-click CMD/Run as administrator.
    net user administrator active:yes
    It confirms: "The command completed successfully."
    However, when I log off and log back on (or do shut down and restart), the Welcome screen does not display any option for the Built-in Administrator account.
    I have also tried doing the above in Safe mode, and also using Command Prompt from a Rescue disk.
    As background information:
    The reason why I wanted to access this account today, was because I attempted to defrag a partition listed as "(1% fragmented)" and after Defrag appeared to complete while at "Pass 2",  the partition is still shown as 1% fragmented.
    I would appreciate advice how to resolve the issue with the built-in administrator account.
    Regards,
    Robert339

    Hello Niki Han,
    Thank you for your response. I have not yet had an opportunity to look into what you have written  but wish to thank you for that information.
    Meanwhile, I would like to discuss the possible cause for this issue. I know the date when I last successfully accessed the built-in Administrator account, which was April 18, 2012. 
    Since I was last able to use that account on April 18, 2012, I have made no changes to the system other than install all Important Microsoft Updates through Windows Update.
    A full scan with Windows Defender finds no threats.
    A full scan with Avast finds no threats.
    I beleive Microsoft may wish to ensure that this issue has not been caused by any of the following  30 updates. If it has been caused by one of these updates, then Microsoft should consider issuing a further update to correct this.
     - - -  Extract from Windows Update History for period April 18, 2012 and the date I noticed this issue of May 18, 2012, Starts: - - - -
    Definition Update for Windows Defender - KB915597 (Definition 1.125.1635.0)
    Installation date: 13/05/2012 19:31
    Security Update for Microsoft Silverlight (KB2636927) 
    Installation date: 10/05/2012 15:44
    Windows Malicious Software Removal Tool - May 2012 (KB890830) 
    Installation date: 09/05/2012 22:51
    Update Rollup for ActiveX Killbits for Windows 7 (KB2695962) 
    Installation date: 09/05/2012 22:45
    Definition Update for Windows Defender - KB915597 (Definition 1.125.1373.0) 
    Installation date: 09/05/2012 22:45
    Security Update for Microsoft Silverlight (KB2690729) 
    Installation date: 09/05/2012 22:45
    Security Update for Microsoft Office 2007 suites (KB2596880) 
    Installation date: 09/05/2012 22:33
    Security Update for Microsoft Office Excel 2007 (KB2597161) 
    Installation date: 09/05/2012 22:32
    Security Update for Microsoft Office Word 2007 (KB2596917) 
    Installation date: 09/05/2012 22:31
    Security Update for Microsoft Office 2007 suites (KB2596672) 
    Installation date: 09/05/2012 22:31
    Security Update for Microsoft Office 2007 suites (KB2597969) 
    Installation date: 09/05/2012 22:29
    Security Update for Microsoft Office 2007 suites (KB2597162) 
    Installation date: 09/05/2012 22:28
    Security Update for Microsoft Office 2007 suites (KB2596792) 
    Installation date: 09/05/2012 22:27
    Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2604115) 
    Installation date: 09/05/2012 22:16
    Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2656405) 
    Installation date: 09/05/2012 22:16
    Security Update for Windows 7 (KB2688338) 
    Installation date: 09/05/2012 22:12
    Security Update for Windows 7 (KB2660649) 
    Installation date: 09/05/2012 22:12
    Security Update for Windows 7 (KB2659262) 
    Installation date: 09/05/2012 22:11
    Security Update for Windows 7 (KB2676562) 
    Installation date: 09/05/2012 22:11
    Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2656411) 
    Installation date: 09/05/2012 22:11
    Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2604121) 
    Installation date: 09/05/2012 22:11
    Security Update for Windows 7 (KB2690533) 
    Installation date: 09/05/2012 22:04
    Security Update for Windows 7 (KB2658846) 
    Installation date: 09/05/2012 22:04
    Definition Update for Windows Defender - KB915597 (Definition 1.125.1137.0) 
    Installation date: 06/05/2012 14:54
    Definition Update for Windows Defender - KB915597 (Definition 1.125.1090.0) 
    Installation date: 03/05/2012 23:48
    Definition Update for Windows Defender - KB915597 (Definition 1.125.886.0) 
    Installation date: 02/05/2012 15:09
    Definition Update for Windows Defender - KB915597 (Definition 1.125.655.0) 
    Installation date: 28/04/2012 23:55
    Definition Update for Windows Defender - KB915597 (Definition 1.125.402.0) 
    Installation date: 25/04/2012 01:08
    Definition Update for Windows Defender - KB915597 (Definition 1.125.146.0) 
    Installation date: 20/04/2012 16:10
    Definition Update for Windows Defender - KB915597 (Definition 1.123.1936.0) 
    Installation date: 18/04/2012 15:55
    - - - - End of Extract from Windows Update History - - - -

  • Grant Access at Portlet Level

    I've read in some documentation (afair) that access can be granted at a lower level that the page level i.e. it's possible to grant access to a portlet to certain users/groups.
    I cant seem to find any docs that show me how to change the permissions/access on each portlet though (I'm assuming that this should be possible for all types of portlets including HTML Portlets). I'd be grateful if someone could point me in the right direction.
    Thanks,
    WG

    You cannot do that directly.
    A possible workaround: add the portlet(s) to a dummy page, specify the access privileges for the dummy page, and add the dummy page to your real page as a portlet.

  • Granting Access in custom portlets

    Hi,
    I'm deploing some portlets using PLSQL. Those portlets work's fine. Now i want to grant restricted access to this portlets. The best i can do is function is_runnable return false to users that i don't want to show my portlet.
    Example:
    if wwctx_api.get_userid!= 'PORTAL30' then return false;
    else return true;
    end if;
    Can i use portal funcionality of grant access to, by example applications components or pages or content areas to restric access to my portlets ?
    Thanks
    Pedro Ribeiro

    I realize that this is an old thread, but on the chance there are others like me looking into how to restrict access to custom porlets, I thought I would venture a reply.
    I looked at the current online docs for for Portal Security Services. If you have a need to get down in the weeds these docs will show you what you need to know. But there is a very SIMPLE way to restrict access to your new portlet.
    After you have your new PL/SQL or JAVA porlet in place, just create a new Portal Page using the wizard. Make it a plain page, no banner. Add your custom portlet to the new page. Then PUBLISH THIS NEW PAGE AS A PORTLET. Instead of adding your original portlet to other pages, add this "wrapper page" instead. You can use the grant access tab for the wrapper page to restrict access of the portlet to specific users and groups.
    pmw

  • Enabling Windows Server 2008 R2 Built-In Administrator Account

    The properties box for my Windows Server 2008 R2 built-in administrator program says the account is disabled.  Even the primary user account has virtually no priveliges.  How can I, with a mere primary user account available at logon, enable
    the built-in administrator account, or otherwise grant my primary user account administrator priveliges?  Windows Server 2008 R2 denies my primary user account access/permission for nearly all changes to accounts, programs and OS features. 
    Stephen W Plunkett

    The properties box for my Windows Server 2008 R2 built-in administrator program says the account is disabled.  Even the primary user account has virtually no priveliges.  How can I, with a mere primary user account available at logon,
    enable the built-in administrator account, or otherwise grant my primary user account administrator priveliges?  Windows Server 2008 R2 denies my primary user account access/permission for nearly all changes to accounts, programs and OS features. 
    Stephen W Plunkett
    In some of the organisations, default admin accounts on member servers are purposefully locked/disabled through group policy for security reasons.
    If you know the password for locked out/disabled admin account then there is a possibility of unlocking/re-enabling the account without using any third party tools.
    To do that,
    Restart the server
    Press F8 and select Safe Mode Without
    Networking
    Log on to the server with locked out/disabled admin account with its password.
    If you could successfully log on to the server then you will have option to unlock and enable the built-in admin account !
    Most of the downtime's are caused because of SysAdmin's curiosity ! - Santosh

  • A very simple question on granting access.

    Hi All,
    I created a very low-level user in portal. I have added the Oracle built-in Favorites portlet to the user?s page. But when the user logs in, she still can't see the Favorites portlet. I usually go to the Navigator, Applications, and the Application and would grant the user access to the Application to the portlet I want to add. This works fine except you can't do for the Oracle built-in Favorites portlet. My question is how do I grant access to the Favorites portlet for a user. I'm sure it is something very easy that I'm missing.
    Many Thanks,
    Tom

    Never mind this question, because I'm an idiot. I had a different page defaulting then I thought. Please disregard this question, and sorry for wasting the forum's space.

  • Sql server grants access to specific login to database.

    i have created website for intranet and hosted it on server. for that i needed to create login "IIS APPPOOL\hi" in sql server 2008 for my application
    to access my "reportdb" database. "IIS APPPOOL\hi" has sysadmin and public server roles in sql server 2008. And i have default login"sa" same
    as "IIS APPPOOL\hi". these are working correctly. Now I want these two logins to access"reportdb" for all
    operations in database and remaining all logins should be denied to access"reportdb". My Sql Server 2008 is having mixed mode (windows authentication and Sql authentication). plz help me

    I think what Tauseef is requesting is to keep access for the 2 sysadmins & deny access to everyone else, correct?
    As Uri mentioned, by being part of sysadmin role, “IIS APPPOOL\hi” & “sa” would have access to everything in the server, and nobody else should have access to the DB unless explicitly being granted access.
    If you would really deny anyone else access to the database, you can potentially deny connect to public, and only sysadmins (who override permissions) would be able to connect; although I would strongly recommend against such practice.
    Something else I would like to recommend against is the usage of sysadmin for what may not be a DBA role (IIS appPool). Following the least-privilege principle, I would recommend having a non-administrator user for applications that has enough capabilities
    to perform the tasks needed.
    The main risk is that a SQL injection (SQLi) bug in your application would lead to a complete compromise of your SQL server.
    If there are app tasks that would require elevated permissions, I would recommend encapsulating the logic in a stored procedure and either use impersonation or digital signatures to accomplish a controlled elevation of privileges instead. If you have any
    question on this topic I will be glad to assist.
    I hope this information helps,
    -Raul Garcia
     SQL Server Security
    This posting is provided "AS IS" with no warranties, and confers no rights.

  • Factory set password for Windows Vista built-in administrator account?

    I am attempting access the Vista built-in administrator account, which normally is not passworded unless the user does so. Mine, however, has a password that was set 11/20/2010 at 9:57:24 PM.
    Was this p/w set by Toshiba? I assume so, as it was purchased directly from Toshiba. If so, any idea what that p/w would be?  I need to use this account to recover my own admin account due to this error: The User Profile Service failed the logon. User profile cannot be loaded.
    Machine is a Satellite P300 S/N 29020124W, Part # PSPC8U-01G00Q.
    Thanks.

    Satellite P300-ST3712
       You receive a "The User Profile Service failed the logon” error message
        How to Fix the Error "Your user profile was not loaded correctly! You have been logged on with a tem...
    Was this p/w set by Toshiba?
    No. But some programs like the Google Updater (if you added the Google Toolbar, Chrome or Google Earth) have been known to cause this problem. 
    -Jerry

  • Built-in administrator account

    Dear All,
        I was searching for the best way to secure the Built-in Administrator account on Active Directory and found the below two options suggested from Mircosoft. I would appreciate your help in recommending the best option:
    1. rename account
    http://technet.microsoft.com/en-us/library/cc700835.aspx
    2. disable its access
    http://technet.microsoft.com/en-us/library/dn535492.aspx
    Regards,
    Elham
    Hiam

    Hi,
    I would say renaming the account and generate a strong password would be a good choice.
    Rehards,
    Calin

  • !!Still unresolved error #2123: BitmapData.draw(), videosampleaccess, No policy files granted access

    Hello,
    I have looked all over the forums, google etc. and not found any reliable and working solution to be able to retrieve the stream bitmapdata from RTMP  or HTTPDynamicStreaming source. Please find the details below.
    I have tried everything:
    NetStream.checkPolicyFile = true
    Security.loadPolicyFile(...);
    /applications/live/main.asc has the code below:
    application.onConnect = function( client )
        client.videoSampleAccess = "/";
        this.acceptConnection(client) ;
    The Application.xml has the tag:
    <Client>
         <access>
              <VideoSampleAccess enabled="true">/</VideoSampleAccess>
         </access>
    </Client>
    But constantly, I receive this error ( both on FMS3.5 and FMS4.0 RTMP & HttpLiveDynamicStreaming):
    securityerror:Error #2123: Security sandbox violation: BitmapData.draw: http://localhost/xxyy.swf cannot access rtmpt://localhost:1935/live. No policy files granted access.
    The problem persists wherever the player.swf is placed.
    Since I'm using OSMF the video display object had to be retrieved in the way like this:
    var mediaDisplayObjectTrait:DisplayObjectTrait;
    mediaDisplayObjectTrait = media.getTrait(MediaTraitType.DISPLAY_OBJECT) as DisplayObjectTrait;
    v = new Video(mediaDisplayObjectTrait.mediaWidth,mediaDisplayObjectTrait.mediaHeight);
    loadable.netStream.checkPolicyFile = true;
    v.attachNetStream(loadable.netStream);
    The new Video part is a must because when using ( the only working http - vod setup ) the BitmapData of the DisplayObject defaults to 320x240 even though the mediaWidth and mediaHeight properties are set fine and the video itself has much higher resolution. I must note at this point its far weird and worths another post.
    Seems like the player simply doesn't know anything about where and how to obtain any kind of policy information from the stream.
    I think this issue must be resolved once and for all, it's simply not acceptable to have this poor documentation floating around an essential feature without any professional help involved.

    You don't need crossdomain policy files, you need to do the following;
    1)      Edit the Application.xml file in the host folder, within install directory/conf/... , edit the client tag, adding the attribute override=”yes”
    <Client override=”yes”>
    In a default install of Flash Media Server, the Client class is set to prevent overriding values in the application folder. This was why the settings we were trying were not holding.
    We do not need to alter anything else of the conf Application.xml
    2)      Add the client/access nodes to the root Application.xml within the content folder  ( we have already done this as far as I am aware ).
    <Application>
      <Client>
       <Access>
        <VideoSampleAccess enabled="true">/</VideoSampleAccess>
        <AudioSampleAccess enabled="true">/</AudioSampleAccess>
       </Access>
      </Client>
    </Application>
    3)      Restart the Media Server by using the administration console. This will enable the client>access values to be overridden to true.

  • Progress Reporter. I can't access,not granted access for direct login

    I am trying to Access to Progress Reporter.
    Web Access is running correctly and I got access with "admin" user. But when I am trying to use the admin user for Progress Reporter I got this message:
    Logon denied for[admin]. You are not granted access for direct login,please contact your administrator. Please choose 'OK' to make corrections or 'Cancel' to exit tha application.
    I don't know how to create user for Progress Report if that is the problem. Please help me......I will appreciate your help a lot.
    Thanks

    I have the same problem (p6v7), but the diference with the case mentioned, I have all checkbox marked correctly and all permision to users.
    When I tried to loggin appear the same error
    Have someone any tip???
    Thanks

  • Wwsbr_api.add_folder and grant access/

    I created a folder with the API
    wwsbr_api.add_folder, which worked fine.
    Now i want to grant VIEW access to a specific user for that folder, using an API. I used:
    wwsec_api.set_user_acl
    (p_person_id=>v_personid
    ,p_object_type_name=>'FOLDER'
    ,p_name => 'STOREMANAGER2'
    ,p_privilege=>'VIEW'
    But it didn't help. The user can still not see this folder? Any suggestions?
    Thanks,
    Anja
    null

    Jerry,
    sorry for replying so late, but i can read my email only at the hotel in the evening.
    Thanks for the script, but it didn't help.
    Here is more information:
    Running
    Declare
    c Varchar2(100);
    Begin
    c := wwsec_api.get_granted_user_privilege
    p_user_id =>10,
    p_object_type_name=>'FOLDER',
    p_name=>'2227'
    dbms_output.put_line(c);
    End;
    for my specific user, it returns VIEW:
    SQL> @getgranteduserpriv.sql
    VIEW
    PL/SQL procedure successfully completed.
    However, if i navigate through the UI with
    another user that has admin privileges:
    - i click Edit Folder
    - Administration
    - Folder (Edit Content Area)
    - Access tab
    Here i don't see my user "10" in the ACCESS list.
    I do see another user "7" which has VIEW privileges. That's what the UI shows.
    However, if i run wwsec_api.get_granted_user_privilege for user "7" i don't get anything back.
    Am i using the right API?
    Is wwsec_api.set_user_acl
    matching the UI's GRANT ACCESS/CHANGE ACCESS interface?
    Thanks for you help,
    Anja
    null

  • Update to IOS 6 has been a nightmare. Facebook would allow me to save pictures unless I granted access to my foto album. Does this mean my pictures are going be planted all over the web? The safari keeps crashing and loading is slow.

    update to IOS 6 has been a nightmare. Facebook would allow me to save pictures unless I granted access to my foto album. Does this mean my pictures are going be planted all over the web? The safari keeps crashing and loading is slow. Most infuriating is that YouTube was deleted from my entertainment apps and I now have to pay for it if I want it back!! This is a bloody disgrace.

    Back up all data.
    Boot into Recovery by holding down the key combination command-R at the startup chime. Release the keys when you see a gray screen with a spinning dial.
    Note: You need an always-on Ethernet or Wi-Fi connection to the Internet to use Recovery. It won’t work with USB or PPPoE modems, or with proxy servers, or with networks that require a certificate for authentication.
    When the OS X Utilities screen appears, follow the prompts to reinstall the OS. You don't need to erase the boot volume, and you won't need your backup unless something goes wrong. If your Mac was upgraded from an older version of OS X, you’ll need the Apple ID and password you used to upgrade, so make a note of those before you begin.

  • Unauthorized Access: please contact the administrator. for BI publisher rep

    Hi experts,
    I am able to see the BI publisher as admin.But when i login with user it is giving the following error:
    Unauthorized Access: please contact the administrator.
    But analysis reports are working.only problem with BI publisher reports.any extra setting required for BI publisher reports
    for implementing the object level security ?
    Regards
    Birudu

    Verify whether your userid is added in the developer group. Ask the person who has admin proviledges or tech Arch team.
    Thanks,
    Biindu H

  • Grant access to all the views created in user schema to another schema

    How to grant access for all the views created in own HAGGIS schema to comqdhb schema on the HAGGIS database.
    Oracle Grant Privileges
    ===============
    Object privileges assign the right to perform a particular operation on a specific object
    I read that we can use select 'grant select on' ||view_name||'HAGGIS' user_views where owner='COMQDHB'
    Is this right
    Oracle System Privileges
    ===============
    System privileges should be used in only cases where security isnt important,because a single grant statement could remove all security from the table
    Role based security
    ============
    Role security allows you to gather related grants into a collection-since the role is a predefined collection of privileges that are grouped together.privileges are easier to assign to users.
    [http://www.dba-oracle.com/art_builder_grant_sec.htm]
    can we grant select update to all the views at a time to the other schema.
    Are there any other ways to secure the data other than creating users and assigning roles.
    Thank you
    Edited by: Trooper on Dec 23, 2008 9:24 AM

    I think what was suggested was that you use SQL to generate the grants on each and every view, that is, you use SQL to generate SQL where the SQL being generated is "grant select on view_name to role'"
    If you users to connect to Oracle you have to create usernames for them though if the users only connect via an application the application might run just as one user and access to the application is controled via application security. The control on the application can be via Directory Services such as OID or MS Active Directory. User access to Oracle can also be controlled via OID.
    To connect to Oracle you can use OS authenication (not recommended), usernames with passwords, or via Advanced Security Option which supports single sign-on products like Kebros or Oracle Internet Directory etc....
    Example using SQL to generate SQL
    How do I find out which users have the rights, or privileges, to access a given object ?
    http://www.jlcomp.demon.co.uk/faq/privileges.html
    HTH -- Mark D Powell --

Maybe you are looking for