How can point single user to multiple groups in ACS

Similar Messages

• How can HelpDesk manage users in multiple Organizations in OIM R2

  Hi All,
  I looking to satisfy a requirement for OIM 11g R2 where a helpdesk administrator can only manage users that belong to a particular institution. However, there are approximately 50% of users that belong to more than one institution, where helpdesk staff from each institution should be able to manage the user. Customer is currently
  doing this in Waveset by assigning users to orgs dynamically through rules which allows multiple virtual orgs. OIM unfortunately has no way to assign a user to multiple orgs, making OOTB authorization management very difficult.
  How can a administrators from different org manage same User. If that user belongs to different org?
  How to achieve this in OIM R2?
  Thanks
  Akshat

  Hi Adr,
  I know the OIM Authorization is around the Organization, and a user can present in only one org in OIM.
  I wanted to know, can we force the authorization based on Department/Institutions rather than Org. I am thinking in reagards of OES Authorization policies.
  OIM unfortunately has no way to assign a user to multiple orgs, making OOTB authorization management slightly difficult.
  I am looking to determine the best approach to accommodate this requirement. Due to the high number of users that reside within multiple institutions, leveraging organizations will not work. Asa far i know OES APM should be able to accommodate this, but could not find any solid guidance in the Oracle training or Oracle by Example documentation.
  Any thoughts?
  -Ak

• How can i restrict user through material group

  Dear Guru's
  We have two business process CDMA and GSM
  Two purchase organisations, different document types and  different material groups
  our user  is procuring a materials for CDMA using GSM materials codes.
  How can i restrict him.if he selects GSM purchase organisation he should procure only for GSM using GSM materials codes.
  IS it possible to restrict  through material groups
  Regards
  subhash

  Hi Ha Tran,
  Thanks for your suggestion.
  But the problem is that we have two business CDMA and GSM business.
  The enitity and reporting will be in the same company code.
  So we came up with two purchasing organisation because the first purchase organisation was already assigned to company code.
  and the business want different material groups for difeerent business.
  Ex: one material   100000000  DESC : Switching  with material group  NWTR
  the same material  with different number 1000000001 Desc: Switching  material group : GNWTR
  Now the user while  creating purchase order for GSM ,he is using CDMA material.
  I want to restict the users that if he selects document type and purchasing organisation of GSM. System should allow only GSM materials.
  Regards
  Subhash

• N how many macs can a single user install acrobt9 pro - macOS?

  On how many macs can a single user install acrobt9 pro - macOS?

  Same as with any Adobe software: 1 license = 2 activations.
  Mylenium

• HT4798 I'm seeing the above problem, how can i open "Users&Groups" if i can't login?

  I'm seeing the above problem, how can i open "Users&Groups" if i can't login?

  If the system is associated with an Apple ID, and you know that account password, the Apple ID can be used to reset your user account password.
  Otherwise, boot into Recovery by holding down the key combination command-R at startup. Release the keys when you see a gray screen with a spinning dial.
  When the OS X Utilities screen appears, select Utilities ▹ Terminal from the menu bar.
  In the Terminal window, type this:
  resetpassword
  That's one word with no spaces. Then press return. A Reset Password window opens.
  Select your boot volume if not already selected.
  Select your username from the menu labeled Select the user account if not already selected.
  Follow the prompts to reset the password. It's safest to choose a password that includes only the characters a-z, A-Z, and 0-9.
  Select  ▹ Restart from the menu bar.
  You should now be able to log in with the new password, but you won't be able to unlock the Keychain. If you've forgotten the Keychain password (which is ordinarily the same as your login password), there's no way to recover it. You’ll need to reset your keychain in the preferences of the Keychain Access application.

• ACS USER IN MULTIPLE GROUP

  Dear all
  I have an ACS running 4.2 ver.We have integrated this with AD as well.
  We had created some groups in acs for vpn and its is dynamically mapped with respective department.Its working fine know.
  We have designed wireless implementation here with dynamic vlan assignment.
  This is not working beacause user is already a member of one group in acs.I know that i can edit that group and do the wireless parameter settings.
  But i would like to know wheather the user can be a member of multiple group or user will be associated with first  group.
  If we have an option for the user to be in a multliple group how can we do this.
  If any one has faced this issue pls reply me at the earliest.
  regards
  -Danish

  Its a bit long winded, but by using multiple Network Access Policies (NAP) in ACS 4.2 you can create specific windows group mappings per NAP.
  The NAP is selected dynmically by NAS IP, or NDG or any content within the incoming RADIUS packet. So usually its possible to match on something. NAPs may also have chunks of re-usable RADIUS attributes (Shared Radius Authorisation Components) which can be used instead of setting RADIUS attributes at group level - can reduce the management overhead.
  Its not a perfect solution, but should get to where you need to be without having to upgrade.
  Facing an ACS audit? Find out how aaa-reports! can help at www.extraxi.com

• How can I get width that multiple selected items?

  How can I get width that multiple selected items? (Not grouped.)
  //---------- source code ----------
  var mm = 2.83464566929134 //unit conversion. (point->milimeter)
  var W = docRef.selection[0].width/mm;
  alert(W);
  //---------- source code ----------

  That's right Carlos
  @kimDino8,
  my script in Carlos link creates a green rectangle around the selected items. If you don't need this rectangle than you can remove this lines:
  var newRGBColor = new RGBColor();
  newRGBColor.red = 0;
  newRGBColor.green = 255;
  newRGBColor.blue = 0;
  and replace this:
  var aRectangle = aDoc.pathItems.rectangle(vBounds_Ob, vBounds_Li, vBounds_Re - vBounds_Li, vBounds_Ob - vBounds_Un);
  aRectangle.strokeColor = newRGBColor;
  aRectangle.strokeWidth= 2;
  aRectangle.filled = false;
  aRectangle.stroked = true;
  aDoc.selection = null;
  with this:
  var mmFactor = 2.83464567;
  alert("width = "+ (vBounds_Re - vBounds_Li)/mmFactor);
  alert("height = "+ (vBounds_Ob - vBounds_Un)/mmFactor);
  Further you only have to do: create a function for rounding of the result.

• IWork Licensing -Is Retail License for a single user or multiple users

  I have a a Retail Version of iWork '08. How do I determine if this is for a single user or multiple users?
  Thank you

  So the next question is can I "unregister" this from my iMac thus allowing me to either reistall it on another machine or perhaps sell it?
  Yes, you can. Apple doesn't "track" serial numbers, but you are doing the right thing by removing iWork '08 & it's registration. The file that keeps the serial number is the com.apple.iWork08.plist found in HD > Library > Preferences. This is the Library on the first level of your HD, not your user Library.

• How can all the users in my computer (my kids) have access to all the photos I have in I Photo?

  How can all the users in my computer (my kids) have access to all the photos I have in I Photo? My photos only appear when I (the administrator) log into the computer. I want my kids to be able to access them also.

  For iPhoto 09 (version 8.0.2) and later:
  What you mean by 'share'.
  If you want the other user to be able to see the pics, but not add to, change or alter your library, then enable Sharing in your iPhoto (Preferences -> Sharing), leave iPhoto running and use Fast User Switching to open the other account. In that account, enable 'Look For Shared Libraries'. Your Library will appear in the other source pane.
  Any user can drag a pic from the Shared Library to their own in the iPhoto Window.
  Remember iPhoto must be running in both accounts for this to work.
  If you want the other user to have the same access to the library as you: to be able to add, edit, organise, keyword etc.
  Quit iPhoto in both accounts. Move the Library to the Users / Shared Folder
  (You can also use an external HD set to ignore permissions, a Disk Image or even partition your Hard Disk.)
  In each account in turn: Double click on the Library to open it. (You may be asked to repair the Library Permissions.) From that point on, this will be the default library location. Both accounts will have full access to the library, in fact, both accounts will 'own' it.
  However, there is a catch with this system and it is a significant one. iPhoto is not a multi-user app., it does not have the code to negotiate two users simultaneously writing to the database, and trying will cause db corruption. So only one user at a time, and back up, back up back up.

• How can I tell what Software Update Groups are members of Deployment Packages?

  I have a single SCCM 2012 SP1 CU4 server running on Windows Server 2012.
  I am trying to clean things up a little bit and I am curious:
  How can I tell which Software Update Groups use
  which Deployment Packages?  I don't see it on the Properties of either one.
  Thanks!

  Funny thing is that you can't see from the software update (in the software update group) in which deployment package(s) it exists. Your only options are manually comparing every single update (not really an option), or use PowerShell and do something
  like this:
  http://myitforum.com/myitforumwp/2014/05/12/matching-configmgr-software-updates-to-a-deployment-package-with-powershell/
  My Blog: http://www.petervanderwoude.nl/
  Follow me on twitter: pvanderwoude

• How to identify a user across multiple pages

  Hi,
  I'm doing a homebanking and I would like to know how to identify a user across multiple pages.
  I have already take a look at HTTPSESSION, but I didn't understand.
  Can someone help me.
  I'm send the servlet Logon.
  import java.io.*;
  import java.sql.*;
  import java.util.Date;
  import java.util.*;
  import javax.servlet.*;
  import javax.servlet.http.*;
  public class Cons_logon extends HttpServlet
       private Connection conexao = null;
       Login1 login1;
       public void init (ServletConfig cfg) throws ServletException
            super.init(cfg);
            try
                 Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
                 conexao = DriverManager.getConnection("jdbc:odbc:bank");
            catch (Exception e)
                 System.out.println(e.getMessage());
       public void doPost (HttpServletRequest req,
  HttpServletResponse res)
  throws ServletException, IOException
            String Suser, Spassword;
       PrintWriter out;
            res.setContentType("text/html");
  out = res.getWriter();
  String opcao = req.getParameter("log");
  Thanks

  I would recommend using the authentication mechanism that's guaranteed by the servlet spec. If you do that, you can just call
  request.getRemoteUser()
  to get the user name across multiple pages.
  If you want to use your own login scheme, you can create a new session object and map it to a user name somewhere in your app. Or you can just put the name of the user on the session. But the preferred way is to use the default authentication scheme defined by the spec.

• What are user parameters? and how can i add user parameter

  Hi Experts,
  what are user parameters? and how can i add user parameter and how can i add a user parameter
  HR_DISP_INFTY_NUM with value X?

  user parameters are used give reference grps and counntry grouping use SU3 tcode as amite said

• How to delete single row from multiple

  Hi:l
  This is my query which provides duplicate rows in my table:
  select count(*),CUSTMAST_REQUEST_SRNO,ACTIVITYMAST_SRNO,STATUSMAST_SRNO from REQUEST_TRANS having count(*)>1 group by CUSTMAST_REQUEST_SRNO,ACTIVITYMAST_SRNO,STATUSMAST_SRNO;
  O/p:
  2 |M984 | 74 |M6
  2 |M985 | 74 |M6
  2 |M987 | 74 |M6
  2 |M992 | 74 |M6
  2 |M995 | 74 |M6
  2 |M998 | 74 |M6
  Here output shows that CUSTMAST_REQUEST_SRNO M984 having two same rows. And now i want
  to delete any one of row from that. So, how can i apply it for multiple rows ?
  Can any body help-out me in that?
  Thank You,
  Anup Desai
  Edited by: user11688398 on Feb 13, 2013 10:39 PM

  If you want to delete all Duplicates and retain Only One row then Below:
  delete from REQUEST_TRANS a
  where rowid < ( select max(rowid) from REQUEST_TRANS b where a.CUSTMAST_REQUEST_SRNO = b.CUSTMAST_REQUEST_SRNO and a.ACTIVITYMAST_SRNO = b.ACTIVITYMAST_SRNO ... )

• How can i read user input value to my User exist

  Hi Guru's,
  I am facing one problem in Variables in BPS.
  I am calculating days from Month/year .I have one variable it is for Days,Second variable it is for Month/Year.
  First variable is user exist (for calculating the days),Second varible is user defined variable(this is a Input to the first variable).
  When i am giving the Month/Year(02/2008)variable i am getting the 29 days from the first variable.again i am changing the value of Month/Yera(03/2008) i am not getting the desired value.
  my doubt is my user exist not able to read current value of variable(month/year).how can i pass my value to user exist because this value is user input value based on this value i am calculating the days and dynamically displaying the layout.
  Here is the my sample code..
  seq = '0000'.
  ind = 0.
     i_area = 'ZTEST1'.
     area_var = 'ZVar2'.
  PERFORM instantiate_object USING    i_area
                                      area_var
                               CHANGING lsr_var.
  PERFORM get_current_value_of_variable
                          USING lsr_var
                          CHANGING lto_value.
  READ TABLE lto_value INTO lso_value index 1  .
  i_month = lso_value-low.
  iv_month = i_month+4(2).
  iv_year = i_month(4).
  concatenate iv_year iv_month '01' into iv_date.
  begindate = iv_date.
  below bracket code calculating the leap year
  ( IF iv_date+4(2) = lc_feb.
      lv_hlp_date_year = iv_date+0(4).
      lv_hlp_rest      = lv_hlp_date_year MOD 4.
      IF lv_hlp_rest = 0.
        EV_DAYS = lc_days_29.
        lv_hlp_rest = lv_hlp_date_year MOD 100.
        IF lv_hlp_rest = 0.
          lv_hlp_rest = lv_hlp_date_year MOD 400.
          IF lv_hlp_rest NE 0.
            EV_DAYS = lc_days_28.
          ENDIF.
        ENDIF.
      ELSE.
        EV_DAYS = lc_days_28.
      ENDIF.)
    ELSE.
  below bracket code calculating the days
  (   CASE iv_date+4(2).
        WHEN lc_jan. EV_DAYS = lc_days_31.
        WHEN lc_mar. EV_DAYS = lc_days_31.
        WHEN lc_may. EV_DAYS = lc_days_31.
        WHEN lc_jul. EV_DAYS = lc_days_31.
        WHEN lc_aug. EV_DAYS = lc_days_31.
        WHEN lc_oct. EV_DAYS = lc_days_31.
        WHEN lc_dec. EV_DAYS = lc_days_31.
        WHEN lc_apr. EV_DAYS = lc_days_30.
        WHEN lc_jun. EV_DAYS = lc_days_30.
        WHEN lc_sep. EV_DAYS = lc_days_30.
        WHEN lc_nov. EV_DAYS = lc_days_30.
        WHEN OTHERS.   CLEAR EV_DAYS.
      ENDCASE.)
    ENDIF.
  data: st_date(2) type c.
  st_date = '01'.
  ind = 0.
  ind = ind + 1.
  here i am passing the low value and high value.
  yto_charsel-chanm = '0CALDAY'.
  yto_charsel-seqno = 1.
  yto_charsel-sign  = 'I'.
  yto_charsel-opt   = 'EQ'.
  yto_charsel-LOW = st_date.
  yto_charsel-chanm = '0CALDAY'.
  yto_charsel-seqno = 1.
  yto_charsel-sign  = 'I'.
  yto_charsel-opt   = 'BT'.
  yto_charsel-high = ev_days.
  INSERT yto_charsel INTO sto_charsel INDEX ind.
  ETO_CHARSEL = sto_charsel.
  lto_value = sto_charsel.
  How can i pass user input value to read this exist ,some where again i have to write code or else??
  This is very urgent can you help me..

  Hi,
  Instead of two perform statements, use single perform.
  PERFORM get_value USING i_area
                            i_variable
                       CHANGING lw_varsel.
  Take the values from lw_varsel-low.
  FORM statement for this perform is as follows.
  DATA: li_varsel TYPE STANDARD TABLE OF upc_ys_api_varsel,
          lv_varsel TYPE REF TO cl_sem_variable.
    FORM get_value USING p_area TYPE upc_y_area
                         p_variable TYPE upc_y_variable
                   CHANGING
                         p_lw_varsel TYPE upc_ys_api_varsel.
      CALL METHOD cl_sem_variable=>get_instance
        EXPORTING
          i_area       = p_area
          i_variable   = p_variable
           I_CREATE     =
        RECEIVING
          rr_variable  = lv_varsel.
         EXCEPTIONS
           NOT_EXISTING = 1
           others       = 2
      IF sy-subrc <> 0.
        EXIT.
      ENDIF.
      REFRESH li_varsel.
  ****Getting the Value*********
      CALL METHOD lv_varsel->get_value
        EXPORTING
          i_user     = sy-uname
          i_restrict = 'X'
        RECEIVING
          rto_value  = li_varsel.
      CLEAR : p_lw_varsel.
      READ TABLE li_varsel INTO p_lw_varsel INDEX 1.
      IF sy-subrc <> 0.
        EXIT.
      ENDIF.
    ENDFORM.                    "get_value
  Try this code.
  Bindu

• In ADF how can i insert data in multiple table if they have foreign key

  I have started working on ADF and can anybody inform me in ADF how can i insert data in multiple table if they have foreign key,please?
  Thnak you very much.

  Hello,
  Still no luck.I am surely doing silly mistakes.Anyway,Here are my workings-
  1> student_mst (id(pk),studentname) and student_guard_mst(id(fk),guardianname)
  2> created EO from both of the tables,made id in both EO as DBSequence and an association was also generated.
  3> i made that association composite by clicking the checkbox
  4> i created 2 VO from 2 EO.
  5> put those VO in Application Module.
  6> dragged and dropped 2 VO on my jspx page and dropped them as ADF Form.
  Now what to do please?