How are users provisioned?

Similar Messages

• How are user groups defined in Mac OS 10.x

  Thus far, my guess is that Mac OS determines which users are members of particular pre-defined groups.
  For example, if I want to give other users in my home network read and write permissions to a particular folder, I might add the pre-defined group 'netuser' to group in the get info window and give the group right and write permissions.
  I am correct in this?
  I used to administer a Windows NT server and workstations and could give permissions to domain users, as opposed to local users on the various machines.
  I imagine it might be pretty much the same if I had Macintosh server software installed or whatever.
  My chief concern is understanding permissions in relation to Qmaster distributed processing with a home network.
  Advice and clarifications are most welcome.
  --Cris

  Thanks for the link to the ars tecnica site article on permissions and acl's.
  Actually, I am quite happy with Unix group limitations. I am just still trying to understand how to create a group, and users to the group, and to control how new folders and files are given permissions inside their parent folders.
  Can you recommend an article that explains how to create new groups, and associate users with groups?
  I now have a case where I am trying to figure out how to use QMaster for distributed processing. I was observing problems writing to the second computer, a service node. Even when the first machine, client and cluster controller, was not listed in the upper pane of QAdmin as belonging to the cluster, cluster storage would default to the first machine. So, I made the second machine a cluster controller and service node as well, and sent a job from my first computer, the client, to a cluster that only had the second computer. This worked. Only problem, is that the new folders and file written in the cluster storage assigned to a folder on the second computer have ownership and group changed to the user which is my log in (admin) on the first computer. That in itself wouldn't necessarily be a problem save that I cannot delete the files from the first machine as my account doesn't have necessary permissions. Perhaps that is because earlier, in a botched effort to get Qmaster to work for me, I had created a local account on the second machine with the same name as my admin account on the first machine. That account is now deleted, and I have reset Qmaster preference many times since then, so this is may be a red herring.
  The Apple document "Distributed Processing Set-up" says:
  "All the computers in a cluster need Read and Write access to any computers (or storage devices) that will be specified as output destinations for files."
  I'm just not sure how to go about that.
  Thanks,
  Cris

• How are users associated to service principals?

  Hello,
  I am trying to implement Kerberos authentication on a Windows machine and have trouble understanding how users are mapped to service principals.
  I understand that the ktpass or Setspn tools are used to associate a service principal to an Active Directory account because a service that is being secured by Kerberos needs to be mapped to an Active Directory account(e.g. account X). So, when executing a command from either one that account X only is mapped to the service principal.
  Now, say user user1 having account Y tries to access the service corresponding to the above service principal.
  My question is how does Kerberos know that account Y is allowed to access the secured application? How can I associate account Y with the above principal?
  Thank you,
  Savvas.

  savvas.andreas wrote:
  right..I think I see what you mean. So, it is true then that any user who has logged on to his/her windows account can access any application on the domain they've logged on to because they are authenticated against that domain?Yes, that is correct if no further action is taken.
  One thing that still confuses me though is why does that second phase in Kerberos authentication needs to be applied? What I mean is that from what I was able to read, at a very generic level, Kerberos employs a two-phase process:In the first phase the client authenticates itself through the "Authentication Service" of the "Key Distribution Centre" and receives back a Ticket Granting Ticket (TGT). But then, in the second phase the same client requests a "Service Ticket" from the "Ticket Granting Service" of the "Key Distribution Centre" by presenting the TGT acquired earlier. If any authenticated user is allowed to access any resource why is that second phase (specific to the service for which access is requested) necessary? wouldn't just the first authentication phase suffice?
  I appreciate your solution and it's something we also considered initially but we were hoping Kerberos would provide this process for us :)No it wouldn't. After the first phase the client is only known to the KDC. No service is aware of any client. With the creation of a specific service ticket the service knows that the user is seriously trustworthy. Kerberos is based on a shared secret which means only the KDC knows that the client and user are real. The KDC acts as a trusted 3rd party. That's why all import authn goes thru it. Read this artice for further clarification: [http://simple.wikipedia.org/wiki/Kerberos_%28protocol%29]

• How are user-entered MIME applications defined to open certain file types. This used to be standard in browsers.

  In the not-terribly-recent past, browser Preferences allowed users to create associations between a file type (really, a file extension indicating its type) with an application used to run that type of file. Firefox seems to have buried this (on the Mac) in ~/Library/Application Support/Firefox/... ;in which seem to be an xml file.
  Is it possible to edit this xml file directly, and if so, where in the xml file should a new entry be placed, and what is the explicit syntax of an entry (other than obviously copying present entries)?
  These used to be called MIMEs.

  I am trying to use a rather older programming language called Mozart, an extension of OZ. I installed it as a binary, but instead of storing its component binaries in a place like /usr/local/oz/bin/. they are all enclosed inside the /Applications/Mozart.app/Contents/Resources/bin/. which cannot be opened nor can a soft link be made to it located outside the Mozart.app wrapper.
  The only alternative is to try to edit the mimeTypes.rdf files, and give it the full path name to the inside of Mozart.app were the program used for web applications is stored. It is stored in ~/Library/Application Support/Mozart/, which can only be accessed in more recent Mac OS X by going to finder and holding the Option key while opening the Go menu; this will make the ~/Library visible and accessible.

• How OIM user provisioning automatically

  Hi,all
  I have integrated OIM with OID by OID connector,now I want to implement that OIM user is provisioned automatically to oracle ldap as soon as i create a user account through OIM admin console,what should i do?could u give me some detailed instrution?
  Thanx in advance.

  Hi,
  Go to design console->Resource Management->Rule Designer
  .Give the Name of Rule
  .Select General as Type
  .Click on Add Rule and then slelect the user profile data and give the value on which you want auto membership.
  You can define your rule there.For example
  Organization Name= IT
  Please let me know if you have clarification.
  Regards
  Nitesh
  .

• How are users getting the flashback virus

  I don't have a virus, but I sure don't want to expose my computer.  So how is the virus downloaded?  What do I watch out for?

  Mac OS X versions 10.6.7 and later have built-in detection of known Mac malware in downloaded files. The recognition database is automatically updated once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders. In most cases, there’s no benefit from any other automated protection against malware.
  The most effective defense against malware is your own intelligence. All known malware that affects an up-to-date Mac OS system takes the form of trojans that can only operate if the victim is duped into running them. If you're smarter than the malware attacker thinks you are, you won't be duped. That means, primarily, that you never install software from an untrustworthy source. How do you know a source is untrustworthy?
  Any website that prompts you to install a “codec,” “plug-in,” or “certificate” that comes from that same site, or an unknown site, merely in order to use the site, is untrustworthy.
  A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim.
  “Cracked” versions of commercial software downloaded from a bittorrent are likely to be infected.
  Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. No intermediary is acceptable.
  Disable Java (not JavaScript) in your web browser(s). Few websites have Java content nowadays, so you won’t be missing much. This setting is mandatory in Mac OS X 10.5.8 or earlier, because Java in those versions has bugs that make it unsafe to use on the Internet. Those bugs will probably never be fixed.
  Follow these guidelines, and you’ll be as safe from malware as you can reasonably be.
  Never install any commercial "anti-virus" products for the Mac, as they all do more harm than good. If you need to be able to detect Windows malware in your files, use ClamXav — nothing else.

• How are user points calculated? I'm missing some.

  Recently I noticed that my user points is at 0, which odd because I've been around for a bit, and I know I've made at least one contribution to the community. So I looked up a discussion I was on where I had given a correct answer. I also took a screenshot. Its pretty funny, because something just doesn't add up at all.

  There is/was a known bug during the change-over from AD to ASC. Several of us actually LOST points! On the last day of AD, Friday April 15, 2011, I had 515 points. On Saturday night, April 16th, when ASC went live, I now had only 505 points! Anyway, I've earned a further 30 points in the last month, so I'm now at 530. There is a thread on this:  https://discussions.apple.com/thread/3002188
  Since you answered the question while we were still under AD, the suggestion that you marked your own post as "Correct" is invalid as that was impossible to do under the AD system. That ability was added as part of ASC but it does not earn you points.
  So what can you do? Well, hopefully a host will see this and correct it, but don't hold your breathe. I'm STILL waiting to hear back from them myself about my missing 10 points.

• How to manipulate users provisions in the planning application MSdatabase

  Hi All.
  I want to change user provisions in the Planning Application MSDatabase without using Hyperion planning .
  How can I directly use msDatabase tables and change user provisions.
  which tables must be used for this operation?

  İ am new in essbase and hyperion planning.
  İn my test system there are alot of user. for example when i have to change some users provisions for accessing some dimensions or forms, i change provisions one by one for all specified users so it takes long times.
  I want to learn that can i change provision options without using hyp planning?, forexample can i change users provisions using with my custom java apllcation.
  And my system is test system so İ can restart it if it is necessary.

• How many users are there of Logic?

  does anyone know where I can find out how many users there are globally of Logic Pro. I'm doing an assignment on this and I can find sales figures for DAW software anywhere....

  You can or can't find sales figures?
  It is also rumoured that there are many non legitimate users out there too. Please note however, I am not one of those.
  Anyway, what is the assignment for? ie What's the gist, requirements and subject matter? Just interested.
  Regards,
  Matt

• How to see how many users are working on a Dynpro application?

  Hello,
  Is it possible to see somwhere at the portal or on the WAS how many users are currently working with my Web Dynpro application?

  Hi Roy,
  I know it isn' exactly what you want but if you got to:-
  System Administration->Support->Web Dynpro Test Tools->User Management
  you can at least see the users currently running Web Dynpro applications (I think!)
  At least its a start!
  Cheers,
  Gareth.

• How many users world wide are on Skype?

  Hi, How can you see how many users world wide that are registrered om Skype today?

  Hi,
  Typing  /users  in a chat field should do the trick.
  Hth
  On ne regarde pas l'avenir dans un rétroviseur !
  IMac Intel Core i3 3.2 GHz - RAM 12 GB - OS 10.10.3
  Skype 7.8.391
  Logitech usb headset or Jabra 250 bt

• How many users are working on EBS

  is it possible to find out how many users are currenlty at the same time working on EBS.
  Like how many payable users, mfg uers OTL users.

  Hi,
  Below sql will find how many users are currently working on EBS,
  SELECT distinct icx.session_id, icx.user_id, fu.user_name, fu.description
  FROM icx_sessions icx, fnd_user fu
  WHERE disabled_flag != 'Y'
  AND icx.pseudo_flag = 'N'
  AND ( last_connect + DECODE (fnd_profile.VALUE ('ICX_SESSION_TIMEOUT'),
  NULL, limit_time, 0, limit_time, fnd_profile.VALUE ('ICX_SESSION_TIMEOUT') / 60 ) / 24) > SYSDATE
  AND icx.counter < limit_connects
  AND icx.user_id = fu.user_id
  order by 4;
  Thanks,
  Amogh

• How many users are supported on a Cisco Aironet 1141N? 30?

  I have a client that wants to upgrade his Aironet 1131 APs with 1141N.  How many users are supported on a Cisco Aironet 1141N?

  Yes, you could have 30 clients on the AP. 
  Client density all depends on what the client is doing, really.
  So if you have clients that are just web surfing and pulling email 30+ isn't a problem.  If they are all streaming video, then you want to plan for less clients per AP, and more APs.
  Steve

• Need to find out how many users are using Siebel Application

  Hello all,
  I need to find out how many users are using Siebel Application?
  Is there a way I can find out?
  Thanks.
  yasun

  Hi,
  Read the following:
  http://docs.oracle.com/cd/B40099_02/books/SysDiag/SysDiagSysMonitor30.html
  http://docs.oracle.com/cd/B40099_02/books/SysDiag/SysDiagSysMonitor17.html
  For full information about server status and statistics red:
  http://docs.oracle.com/cd/B40099_02/books/SysDiag/SysDiagSysMonitor.html
  T.Abed

• How to get real time information about how many user are logged in and thei

  I use tomcat as my server platform in Ubuntu for a war file.
  I know in order to get real time information about how many user are logged in, we can count how many active sessions exist by a SessionCounter code. However, I have to permit HttpSessionListener in web.xml of tomcat. From other users' experiences, the configuration is complexed and has some errors.
  Here's the link:http://www.stardeveloper.com/article...1112001&page=1
  In order to get users' ip, in jsp, use request.getremotehost() or
  request.getremoteaddress() by editing the jsp file.
  I wonder if there's some open source software to use for these two purposes.
  Thank you!

  That url is missing a few bits. The ... in the middle doesn't help.
  we can count how many active sessions exist by a SessionCounter code.
  However, I have to permit HttpSessionListener in web.xml of tomcat.
  From other users' experiences, the configuration is complexed and has some errors.And have you tried it? The configuration isn't that complex.
  What errors do you mean? Errors in tracking people, variance in the count? Probably related to internet issues and nothing you can do will alleviate them.