Grsecurity management on untrusted exec and trusted groups

Similar Messages

• Management Consolidation-Moving PC and PC Group

  Hi,
  We want to do Managemet Consoliation based on Profit Centers. Would like to understand how movement of Profit Center and Profit Center Group is handeld in Managemetn Consolidation? These change are purely management requirement and does not affect legal ownership.
  Kindly advise.
  Best Regards,
  UR

  The biggest challenge is reconciling PCs with LEs.
  I agree that this is challenge. But if the management where UR works would be interested in automatic reconciliation they would consider the matrix consolidation - the manual reconciliation would go away.
  Otherwise (without a matrix and only PC CU) such consolidation will worth nothing just taking into account how much manual work it will take to really reconcile the data.

• V I Engineering, Inc has immediate needs for Systems Engineers (Contract) and Senior Systems Engineers (Contract) (reporting to the Test Software and Integration Group Manager)

  Company: V I Engineering, Inc.
  Locations: Various - USA
  Salary/Wage: $negotiable
  Status: Hourly Contractor
  Relevant Work Experience: 5+ years system integration (LabVIEW/TestStand experience required)
  Career Level: Intermediate/Experienced
  Education Level: Bachelor's Degree
  Residency/Citizenship: USA Citizenship or Greencard required
  Driving Business Results through Test Engineering
  V I Engineering, Inc. has a vision for every client we engage. That vision is to achieve on-time and on-budget program launch more efficiently that the competition. To realize this vision, customers need to achieve predictable test systems development, eliminate waste in test information management, and drive increased leverage of test assets. An underlying requirement for all of these areas is metrics tracking and measurement based decision making.
  Job Description
  Ready to make a difference? Bring your experiences and skills to the industry leading test organization. Help us to continue to shape the way the world views test. We are seeking a talented Systems Engineer Contractor to be responsible for technical execution of successful projects in the Medical, Military, Transportation, Consumer Electronics and Aerospace Industries. The position will have very high visibility to customers and vendors. This is a very fast paced team with close customer contact and strong career development opportunities. A large part of the position is to identify, own and drive technical design, development and installation of test systems. You will work alongside other like-minded and equally talented engineers, and be creative in a fast-paced and flexible environment that encourages you to think outside the box. You will be available to spend extended periods at our customer sites to complete system installations.
  Required
  5+ years of Systems Integration experience
  3+ years LabVIEW experience
  1+ years TestStand experience
  Experience in Implementation and Delivery of Test Systems, including integration
  Experience in ATE usage and development
  Experience in building and Integrating Mechanical Fixtures
  Experience in Understanding the design of Circuit Boards as they relate to a total system, and their fault-finding
  Experience in Taking Part in Technical Teams throughout All Phases of Project Lifecycle
  Experience in Interfacing with Sub-vendors and Customers
  Ability to Multitask
  Comfortable Working on Various Team Sizes
  Excellent Communication Skills
  Desired
  Requirements generation and review experience
  National Instruments Hardware knowledge
  Experience with Source Code Control (SCC)
  Experience executing verification and validation for projects
  Experience generating and/or reviewing cost proposals
  RF Technology (DAQ, General RF Theory)
  FPGA (with LabVIEW)
  Professional software engineering processes and metrics experience
  TortoiseSVN
  V I Package Manager (VIPM)
  Experience with Projects for Regulated Industries
  MS Project
  Formal Education
  Technical degree (BS Engineering, Computer Science, Physics, Math)
  National Instruments Courses a plus
  National Instruments certification a plus
  Notes:
  Expected Travel Time is up to 50%.
  V I Engineering, Inc. offers a dynamic work environment and the flexibility of a small company.
  The Test Software and Integration Group values innovation, out-of-the-box thinking, high-tech toys and a fun / amazingly collaborative working environment. We're a National Instruments Select Integrator, and we're the closest you can get to playing with all the pre-released and new NI toys without joining the NI R&D team - and we get to play with them in the real world.
  To apply for this position, email a cover letter and resume to [email protected] with the subject "TSIG Systems Engineer (Contract) employment application".
  Copyright © 2004-2015 Christopher G. Relf. Some Rights Reserved. This posting is licensed under a Creative Commons Attribution 2.5 License.

  Edit
  Jeff

• V I Engineering, Inc has immediate needs for Systems Engineers and Senior Systems Engineers (reporting to the Test Software and Integration Group Manager)

  Company: V I Engineering, Inc.
  Locations: Positions available in our Farmington Hills, MI Office
  Salary/Wage: $negotiable
  Status: Full Time, Employee
  Relevant Work Experience: 5+ years system integration (LabVIEW/TestStand experience preferred, but not required)
  Career Level: Intermediate (Non-Manager)
  Education Level: Bachelor's Degree
  Residency/Citizenship: USA Citizenship or Greencard required
  Driving Business Results through Test Engineering
  V I Engineering, Inc. has a vision for every client we engage. That vision is to achieve on-time and on-budget program launch more efficiently that the competition. To realize this vision, customers need to achieve predictable test systems development, eliminate waste in test information management, and drive increased leverage of test assets. An underlying requirement for all of these areas is metrics tracking and measurement based decision making.
  Job Description
  Ready to make a difference? Bring your experiences and skills to the industry leading test organization. Help us to continue to shape the way the world views test. We are seeking a talented Systems Engineer to be responsible for technical execution of successful projects in the Medical, Military, Transportation, Consumer Electronics and Aerospace Industries. The position will have high visibility to customers and vendors. This is a very fast paced team with close customer contact and strong career development opportunities. A large part of the position is to identify, own and drive technical design and development of test systems. You will work alongside other like-minded and equally talented engineers, and be creative in a fast-paced and flexible environment that encourages you to think outside the box.
  Required
  5+ years of Systems Integration experience
  Experience in Design and Implementation of Test Systems, including integration
  Experience in ATE usage and development
  Experience in reviewing of Mechanical Fixtures
  Experience in understanding the design of Circuit Boards as they relate to a total system
  Experience in Taking Part in Technical Teams throughout All Phases of Project Lifecycle
  Experience in Interfacing with Sub-vendors and Customers
  Ability to Multitask
  Comfortable Working on Various Team Sizes
  Excellent Communication Skills
  Desired
  Requirements generation and review experience
  National Instruments Hardware knowledge
  LabVIEW/TestStand experience
  Experience with Source Code Control (SCC)
  Experience executing verification and validation for projects
  Experience generating and/or reviewing cost proposals
  RF Technology (DAQ, General RF Theory)
  FPGA (with LabVIEW)
  Professional software engineering processes and metrics experience (statement coverage, code size, reuse measurement, etc)
  TortoiseSVN
  V I Package Manager (VIPM)
  UML
  Experience with Projects for Regulated Industries
  MS Project
  Formal Education
  Technical degree (BS Engineering, Computer Science, Physics, Math)
  National Instruments Courses a plus
  National Instruments certification a plus
  Notes:
  Expected Travel Time is up to 25%Re
  location assistance is possible.
  V I Engineering, Inc. offers incredible opportunities to grow and advance your career, a dynamic work environment and the flexibility of a small company.
  The Test Software and Integration Group values innovation, out-of-the-box thinking, high-tech toys and a fun / amazingly collaborative working environment. We're a National Instruments Select Integrator, and we're the closest you can get to playing with all the pre-released and new NI toys without joining the NI R&D team - and we get to play with them in the real world.
  To apply for this position, email a cover letter and resume to [email protected] with the subject "TSIG Systems Engineer employment application".
  Copyright © 2004-2015 Christopher G. Relf. Some Rights Reserved. This posting is licensed under a Creative Commons Attribution 2.5 License.

  Edit
  Jeff

• Cisco Prime 4.2, Inventory group management and reports group

  Hi
  I have created some groups under Inventory > Group Management > Device.  This works fine.
  Then I want to create a monthly report for Reports > Performance > Device > Availability.  Here I guessed I would find my groups created under inventory.
  But I can se the groups, one group is duplicated, but all groups are empty.  Under all devices, I can only see 6 og th devices but it should have been 122. Under the different subnet groups, there's no devices.
  Should'nt I've seen the groups created under inventory when I want to make a report? Under the device list for quick report.
  Br
  Geir

  Hm.... strange  I've been looking around under Report, and looked at Inventory and Performance reports.
  Inventory > Detailed Device shows all the devices and my groups.
  Performance > Device > Availability show just 6 out of my 122 devices.
  Under Inventory > Group Managment > Device I have a group called Datasenter.
  Under Performance > Device > Availability I can see 2 of these groups, but their both empty.
  When i delete this group, one of them dissapeer from Under performance.  WHen I create it again, it comes back but empty.
  Something must be corrupt.
  Geir

• How to export "Managed by" field of Distribution and Security groups and import with new values? (Exchange 2010, AD 2003)

  My Active Directory environment is 2003 functional level and we have Exchange 2010.
  I am trying to find out the best way to do a mass edit for the "Managed by" values of our security and distribution groups.
  I know we can export the "managed by" field by csvde but I am not sure this is the correct way to do it. Also in the case that there are multiple users assigned to be managing a distribution group it only shows one value. Also powershell from Exchange
  2010 can be used with "get-distribution" but as our AD environment is 2003 is this correct also?
  Finally once the data is exported to csv can it be edited to then reimport and udpate the existing group managed by fields with new values?
  Not really sure that the best way to go about this is.
  Summary - We have 2003 AD with Exchange 2010 and I am trying to export a list of all our Distribution/Security groups showing the group name and managedby values so we can edit and update the
  existing managedby values with new ones. In some cases we have multiple users as the owners.
  Appreciate any advice on how this can be best achieved. Thank you.

  Hi,
  We can use the following command in Exchange 2010 to export "Managed by" field of Distribution and Security groups:
  Get-DistributionGroup | Select-object Name,@{label="ManagedBy";expression={[string]::join(“;”,$_.managedby)}},Primarysmtpaddress | Export-Csv
  C:\export.csv
  After you changed the Managed by field in export.csv and saved it as a new file named import.csv, we can run the following command to set with new value:
  Import-Csv C:\import.csv | Foreach-Object{ Set-DistributionGroup –Identity $_.Name –ManagedBy $_.ManagedBy}
  Hope it works.
  Thanks,
  Winnie Liang
  TechNet Community Support

• How to export "Managed by" field of Distribution and Security groups and import with new values?

  My Active Directory environment is 2003 functional level and we have Exchange 2010.
  I am trying to find out the best way to do a mass edit for the "Managed by" values of our security and distribution groups.
  I know we can export the "managed by" field by csvde but I am not sure this is the correct way to do it. Also in the case that there are multiple users assigned to be managing a distribution group it only shows one value. Also powershell from Exchange
  2010 can be used with "get-distribution" but as our AD envronment is 2003 is this correct also?
  Finally once the data is exported to csv can it be edited to then reimport and udpate the existing group managed by fields with new values?
  Not really sure that the best way to go about this is.
  Summary - We have 2003 AD with Exchange 2010 and I am trying to export a list of all our Distribution/Security groups showing the group name and managedby values so we can edit and update the
  existing managedby values with new ones.
  Appreciate any advice on how this can be best achieved. Thank you.

  Hi Barkley,
  You can also refer to Official Scripting Guys forum to get a script solution:
  http://social.technet.microsoft.com/Forums/scriptcenter/en-US/home?forum=ITCG&filter=alltypes&sort=lastpostdesc
  Best Regards,
  Amy Wang

• Adding sites to compatibility mode and trusted sites, IE10 and Server 2008

  We're having a challenge with configuring a GPO to add several sites to Compatibility View Settings as well as adding several others (the same sites, plus some others) to Trusted Sites.  We are currently running VMware's Persona Management/floating
  pools (thin provisioned linked clones), with the appdata folder redirected to the Persona server.  Clients are running IE10, DCs are running Server 2008 R2 with IE8.
  gpresult/r shows the GPO listed under Applied GPOs on the User Settings side (and all the settings are user settings); however, compatibility and trusted sites settings do not apply.
  From prior research on the topic, I seem to recall that I needed to install the IE10 IEAK; however, I cannot install that without having IE10 installed first, and I cannot install IE10 without installing the pre-requisite elements, which I cannot install
  (either through Windows Update or the IE10 standalone installer).  When the IE10 install fails, it refers me to a Microsoft KB article that won't open.  If I open the article on a workstation PC, I find links to five separate prerequisite files. 
  If I download all five files and attempt to install them, they say they're not applicable to my computer.  I can't post links in this article yet (account hasn't been verified), but a Google search for "MS KB 2818833" leads to the page with
  the links.
  64-bit Server 2008 R2.
  Any thoughts?

  Hi,
  Before going further, how did we configure the settings? Since Windows 8, the IEM settings have been deprecated.  As a result, IEM settings won't apply to IE10 or above. However, in this situation, we should be able to use administrative templates
  to configure the settings we want.
  Regarding how to add web site to Compatibility View List via GPO, the following article can be referred to as reference.
  How to add web site to Compatibility View List via GPO
  http://blogs.msdn.com/b/asiatech/archive/2013/10/23/how-to-add-web-site-to-compatibility-view-list-via-gpo.aspx
  Regarding how to Internet Explorer security zone sites via native policies, the following article can be referred to for more information.
  How to configure Internet Explorer security zone sites using group polices
  http://blogs.msdn.com/b/askie/archive/2012/06/05/how-to-configure-internet-explorer-security-zone-sites-using-group-polices.aspx
  Best regards,
  Frank Shen

• Sales Office and Sales Group Automatic Determination based on the Sold to P

  Hello every one
  We need determine sales office and sales group based on sold to party master data in Activity Management in SAP CRM 2007.
  I want to know if there is a way to do it when we save the document.
  Any ideas???

  hi, the sales org, office, group determination can be configure in Organization Determination.
  You can choose Org Determine rule for your CRM document.
  And if you feel the rule can't match your requirement,  you can create a new rule, and create customize function module for the rule, you can add your determine logic in the function module to realize your requirement.

• Creation of new employee groups and sub groups

  Hi All,
  What all the steps should I follow to create new employee groups and sub groups? and  How many structures should I create for this?
  Its urgent pls.......
  Good replies will be rewarded!!!!
  Regards,
  Sita

  Hi
  You can create the employee groups depending up on your clients requirement, Eg: Permanent, Temporary, Seasonal, Trainee, Advisor etc
  And define the employee subgroups and assign them to the employee groups Like
  Enterprise structure>Definition>Human Resource Management-->Employee Groups & Employee Groups
  Enterprise structure>Assignment>Human Resource Management-->Assign employee subgroup to employee group
  you can create employee subgroups depending up on your requirement like asst manager, manager, GM, MD, VP ETC an assign them to the employee subgroups ok.
  Ensure that certain empployee subgroups may not be assigned to employee group based on requiremen, but create all the employee sub groups which is existing in the organization.
  Regards

• Free license and isolation groups

  Hello,
  We have just installed CPS in our Solution Manager 7.1. The CPS release is Build: M28.17-35130.
  The license keys - free -  are:
  CPS-Basic ProcessServerService.SAP.ApplicationsAPI true  
  CPS-Basic ProcessServerService.SAP.SolutionManager true  
  CPS-Basic ProcessServerService.SAP.XBPExternal true  
  CPS-Basic ProcessServerService.SAP.limit 0  
  CPS-Basic System.NamedUsers.limit 10  
  CPS-Basic System.Production true  
  CPS-Basic company.contract CPS-Basic  
  CPS-Basic company.name xxxxxxxxxxxxxxx
  CPS-Basic product.name SAP Central Process Scheduling by Redwood  
  CPS-Basic signature 3  
  CPS-Basic system.id SAP:SOL_00  
  I have read in the Administratio guide and in other posts that in the free license i cannot define more that one sap system client per isolation group, but I have the doubt of how can I monitor more than one sap system or even more that one client in the same sap system?
  Thanks and best regards,
  Ana.

  Hello Ana,
  you can monitor SAP CPS jobs across Isolation Groups from your SAP Solution Manager. That's a special feature of the SAP CPS integration into SAP Solution Manager.
  Just import your (Solution Manager) user into all relevant isolation groups (same user name in SolMan and SAP CPS) and then run job filters or custom queries from the Job Management Work Center.
  See the second part of my blog /people/martin.lauer/blog/2009/05/28/monitoring-job-chains-with-sap-cps-by-redwood-and-sap-solution-manager for more information how to call CPS filter and customer queries from the Job Management Work Center.
  As a prerequisite you will have to setup the connectivity between SAP CPS and SolMan. See the following notes: 1122497, 1054005, 1129030, 1037903.
  If you have any issues in setting up this scenario, please do not hesitate to contact me.
  Kind regards,
  Martin

• Freelist and freelist groups

  Hi,
  I was reading about buffer busy waits (based on oracle 10g), and i came across two terms i was unfamiliar about... freelist and freelist groups . Can somebody explain the meaning of these two terms and how it is related to objects ?? I am more interested in single instance database and not about RAC..
  Is this relevant to current version of oracle database(11g) as well???
  Thanks in advance.

  Freelist is a part of the object and are maintained to define the candidate blocks which are available for the DMLs. The parameters PCTUSED, PCTFREE are going to be making the blocks go in and out of the freelist. Its a linked list whose starting point is the segment header block and that's what is the cause of the issue is what you have mentioned, buffer busy wait. Buffer busy wait is just a cummulative wait event and does have many of the reasons. What is going to be caused by the freelist is going to be the buffer busy wait for the segment header. Since the segment header is going to be pinned each and every time the scan for the free list is requested, its going to come under contention under a very heavy OLTP enviroment. That's why Oracle introduced, in 9i, ASSM which is Automatic Segment Space Management, a more optimized, bitmap based functionality , which removes the use of freelist altogether* . So even in 11g, the concept remains if you want to make the segment space management manual.
  I would not suggest you to read that link which you have quoted but would suggest to read this MOS note,
  MOS doc id 157250.1, "Freelist Management with Oracle 8i" by Stephan Haisley .
  I don't think freelist are explained anywhere better than what is there in the above document. Please note, you need to have valid CSI to login to MOS.
  HTH
  Aman....
  * ASSM is not really a very nice thing actually but that is another topic to discuss so let's leave it for the moment.

• Grant access to help desk users to add members to distribution and security groups

  Hello,
  I am trying to create a set of help desk users that has full access to add or remove members from distribution and security groups as well as update users.  We want it to bypass owner approval and essentially allow this group to add or remove members
  in the FIM Portal and flow it down to ADS.
  This obviously works fine if one is a member of the Administrators set, but we want a second tier of power users with limitied rights compared to FIM Admins.  We have added the help desk team to the  Security Group Users and Group Users set as
  well as MPR "Security group management: Users can read selected attributes of group resources".
  The help desk users can update users in the Portal with no issue.  The can search groups with no issue but when they try to add members to a group they get the error "Access Denied".
  Any help is greatly appreciated.
  Thanks!

  I'm having very similar problem - I have users with delegated right to modify group membership only. User can add someone to group and it works fine, but when the same user is trying to remove and user from a group (even if this is the same user
  which was added a minute ago) he gets Access Denied:
  The
  request included members which the requestor is not authorized
  to add and/or remove from this group."
  It is caused by default MPR:
  Group management workflow: Validate requestor on remove member
  Question is how this activity validates this request - any insight?

• StoreFront : Payment and Shipping group relationships are missing for some orders

  Hi Team,
  In our application, we are able to see relationship between payment and shipping group for some orders. But we are not able to find these relationships for some orders.
  We are verifying in "dcspp_payship_rel" table. We are wondering why this behavior is happening for some orders.
  Could you please suggest to move further ?
  Regards,
  Babji...

  Hello.
  First of all you must ensure that you are properly using transactions when you create/update the orders.
  There are best practices to update the orders in ATG that must be followed to avoid loss of information.
  Like this steps below:
  Acquire a write lock using the ATG lock manager.
  Start the transaction.
  Synchronized on the Order object.
  Update the Order.
  End the synchronization.
  End the transaction.
  Release the lock.
  Here are some links that should help you understand the steps to be followed to make a correct update of an order:
  https://atgoasis.wordpress.com/2014/08/28/best-practices-for-updating-an-order-in-atg-commerce-applications/
  http://www.digitalsanctuary.com/tech-blog/java/atg/design-pattern-for-updating-an-atg-order.html
  http://sumangalavijay.blogspot.com.br/2011/10/atg-update-order.html
  Oracle ATG Web Commerce - Managing Transactions in Oracle ATG Web Commerce
  Hope it helps you! =)

• Primary Group and Additional Group in Solaris 10

  hi!
  We've just freshly installed a Solaris 10 system. I'm very new in Solaris. There's something i noticed, and i'm not sure whether is that normal.
  In the user screen in solaris management console, i notice that i'm not able to see the Primary group and additonal group list. What i can see is only the Primary group in ID format. I'm able to see it only the first time when i launch the Solaris management console or switch from one workplace to another. After right clicking on the user properties for the second time, it disappear and show only the primary group id in integer. On the left hand side of the screen, it says "The group cannot be listed. You can change the primary group 10 to another valid integer. Because of error or oversight, group membership cannot be found. You can enter a number for the primary group, but cannot choose from a list of groupnames. Also you cannot choose Seconday Group until the group info is available". "Check group files, NIS maps, or load for possible corruption. If you have not already populated appropiate files or maps, See administrator guide, Naming and Directory Services(DNS, NIS, LDAP) or docs.sun.com for LDAP see also Solaris Management console help, about the toolbox editor to manage LDAP"
  Is that normal? What could be wrong here? Please advise. Thanks.

  hi! Anyone can provide advise on the issue i encountered?