How to exclude user account for auditing.
I would like to know how to exclude user account from the audit policy, such as below.
AUDIT SELECT TABLE BY ACCESS WHENEVER NOT SUCCESSFUL ;
thanks in advance.
May
Security team request to reduce the amount of the audit data based on the user account. Can I use FGA to implement it?possible as it lets you specify the conditions necessary for an audit record to be generated:
FGA policies are programatically bound to the object (table, view) by using the 'dbms_fga' package. It allows you to create any desired condition,
for example: Audit an event only when the following conditions are true:
A table is accessed between 6 p.m. and 6 a.m. and on Saturday and Sunday.
An IP address from outside the corporate network is used.
A specific column has been selected or updated.
A specific value for this column has been used.
more detail available on Oracle by example
http://www.oracle.com/technetwork/articles/idm/fga-otn-082646.html
Similar Messages
-
How can i set up multiple user accounts for my new ipad mini?
How can i set up multiple user accounts for my new ipad mini?
The iPad mini is basically a one user device. There are no Accounts. You can set up restrictions so that only you can do certain things.
-
I have created separate user accounts for my 2 boys on my macbook. How do i get my itunes library onto their new ipods?
They can't. Which came first - the chicken or the egg? Actually, that's a bad comparison but a sync must come first.
The library is actually part of iTunes and it contains everything. iTunes is then configured so that you (or they) determine which portion of everything will be synced to each iPod (identified by a unique name, see below for an example of an iPod and an iPad). iTunes can't make that decision until AFTER it knows which iPods exist.
By the way, I (you, they) can very easily change the name of each device to whatever I (you, they) wish to call it. -
So... I have amassed loads of documents, videos, music, photos, etc. onto my MacBook Pro all under the admin user account I set up for myself. I am the only one who uses the MacBook. I now work virtually and am online at different free wifi spots, and I want to access all of my stuff under a non-admin user account for security reasons.
I attempted to uncheck the "allow this user to administer this computer" box under my admin user account, but it is greyed out and I cannot.
Is there an easier way to fix this than backing up all of my stuff and then moving it to a non-admin account?There is only one solution: create a new Standard user account and set it as your auto login account, if you use that feature.
Using what you describe is mostly a false sense of security. Were someone to hack into the computer they could hack into the standard account, so you would not wish to keep any sensitive data in that account. Other things to consider:
Turn on your Firewall in Security & Privacy preference panel.
Use software to mask your online presence such as ProxyCap 2.03, MacProxy, Proxifier, or Hotspot Shield. -
I am trying to set up a user account for my 3 year old so that when she goes into her account, only her games show up on her desktop. How??
yes -- I think I am setting it up right, but when I go into her account to check it, it doesn't work.
-
How to use User exit for MM_MATBEL
Hi
I want to exclude some material documents while archiving a range of material document through archive Object MM_MATBEL.
Can you please suggest how to use user exit for this to exclude the material document while archiving.
Please brief me details.
Thanks,
DebadattaHi Debadatta,
Welcome to SDN.
Have you looked report program <b>RM07MAAU</b> (Report for Material Document Archiving)?
Hope this will help.
Regards,
Ferry Lianto -
How to find USER-EXIT for tcode - F110
I am new in USER-EXIT Please help how to find USER-EXIT for F110
ASAPHi,
Enhancement/ Business Add-in Description
Enhancement
RFFOX074 Frame for user exit RFFOX074 (in program RFFOCH_U)
RFFOX075 Frame for user exit RFFOX075 (in program RFFOCH_U)
RFFOX081 Frame for user exit RFFOX081 (in program RFFOF__T)
RFFOX082 Frame for user exit RFFOX082 (in program RFFOF__T)
RFFOX100 Frame for user exit RFFOX100 (in program RFFOUS_T)
RFFOX101 Frame for user exit RFFOX101 (in program RFFOUS_T)
RFFOX102 Frame for user exit RFFOX102 (in program RFFOUS_T)
RFFOX103 Frame for user exit RFFOX103 (in program RFFOUS_T)
RFFOX104 user exit
RFFOX105 Frame for user exit RFFOX105 (in program RFFOUS_T)
RFFOX200 Frame for user exit RFFOX200 (in program RFFONZ_T)
RFFOX210 Frame for user exit RFFOX210 (in program RFFOAU_T)
RFFOX211 Frame for user exit RFFOX211 (in program RFFONZ_T)
RFFOX230 General program for user exit RFFOX230 (in program RFFOJP_L)
RFFOX240 Enhancement for User Exit 240 (RFFOAT_P)
RFFOX250 Enhancement for User Exit 250 (RFFODK_E)
RFFOX901 Framework for user exit RFFOX901 (in program RFFOM100)
RFFOX902 Framework for user exit RFFOX902 (in program RFFOM100)
FDTAX001 Enhancement to Transaction FDTA (event after the download)
FEDI0002 Function exits for EDI DOCS in FI - Incoming pyt adv.notes
FEDI0003 Function exits for EDI docs in FI - Save PEXR segments
FEDI0004 Function exits for EDI docs in FI - particular events
FEDI0006 Function Exits for EDI-docs in FI: Save IDCR Segments
RFFOX003 Frame for user exit RFFOX003 (in program RFFOM100)
RFFOX041 Framework for user exit RFFOX041 (in program RFFOBE_I)
RFFOX042 Framework for user exit RFFOX042 (in program RFFOBE_E)
RFFOX043 Framework for user exit RFFOX043 (in program RFFOBE_D)
RFFOX061 Frame for user exit RFFOX061 (in program RFFOCH_P)
RFFOX062 Frame for user exit RFFOX062 (in program RFFOCH_P)
RFFOX063 Frame for user exit RFFOX063 (in program RFFOCH_P)
RFFOX064 Frame for user exit RFFOX064 (in program RFFOCH_P)
RFFOX065 Frame for user exit RFFOX065 (in program RFFOCH_P)
RFFOX066 Frame for user exit RFFOX066 (in program RFFOCH_P)
RFFOX071 Frame for user exit RFFOX071 (in program RFFOCH_U)
RFFOX072 Frame for user exit RFFOX072 (in program RFFOCH_U)
RFFOX073 Frame for user exit RFFOX073 (in program RFFOCH_U)
Business Add-in
FI_BSTM_MC_EXIT FI Account Statement: Exit from MultiCash Conversion
FI_F110_SCHEDULE_JOB F110: Check before scheduling a proposal/update run
No.of Exits: 36
No.of BADis: 2
Arunima -
Locking user account for 3 unsuccessful logins using JOSSO
How the an user account can be locked after 3 unsuccessful logins in Java Open Single Sign On ?
Please provide me a solution. Thanks in advance.We ran into that ourselves, courtesy of our <SARCASM>friends</SARCASM> Sarbanes and Oxley. Based on our research and statements from Sun engineers, the only ways to do it in Solaris 9 are:
* Write a PAM module to do it
* Log all failed attempts to a file and have a process scan it for successive login failures
* Go to something like Directory Server (LDAP) which has account lockouts built into it
We decided to go with the last option - and yours truly was responsible for doing everything. Two months of hell, but it's done and much easier to manage than files or NIS. -
Tacacs authentication fails for one user account for only one switch
Hi,
I am having an scenario, where as Tacacs authentication fails for one user account for only one switch.
The same user account works well for other devices.
The AAA configs are same on every devices in the network.
Heres the show tacacs output from the switch where only one user account fails;
Socket opens: 157
Socket closes: 156
Socket aborts: 303
Socket errors: 1
Socket Timeouts: 2
Failed Connect Attempts: 0
Total Packets Sent: 1703
Total Packets Recv: 1243
Expected Replies: 0
What could be the reason ?
No errors on ACS server; same rights had been given to the user account.
Thanks to advise.
PraseyHi there,
Does the user get authenticated in the ACS logs?
reports and activity----> failed attempts
ro
reports and activity-----> passed authentications
That will help narrow it down.
Brad -
Error while getting the ORACLE user account for your concurrent request
Hi ,
When I am submitting the Concurrent Program from OAF page Iam getting
Error
Encountered an error while getting the ORACLE user account for your concurrent request. Contact your system administrator.
When we will face this error.
Not able to submit the Request
KrishnaKrishna
Try like this
public int submitCPRequest(String shipmentId) {
System.out.println("into submitCPRequest");
try {
OAApplicationModule am = pageContext.getApplicationModule(webBean) ;
OADBTransaction transaction = am.getOADBTransaction();
Connection conn = transaction.getJdbcConnection();
ConcurrentRequest cr = new ConcurrentRequest(conn);
cr.setDeferred();
String applnName = new String("XXAPL"); //Application that contains the concurrent program
System.out.println("ApplName"+ applnName);
String cpName = new String("SHIP_REQ"); //Concurrent program name
System.out.println("Concc Name"+ cpName);
// String cpDesc = new String("Shipping Request"); // concurrent Program description
// Pass the Arguments using vector
// Here i have added my parameter headerId to the vector and passed the
//vector to the concurrent program
Vector cpArgs = new Vector();
cpArgs.addElement(shipmentId);
System.out.println("Args"+ cpArgs);
After this it is going into exception
// Calling the Concurrent Program
int requestId = cr.submitRequest(applnName, cpName, null, null, false, cpArgs);
System.out.println("Req Id"+ requestId);
tx.commit();
return requestId;
catch (SetDeferredException e)
throw new OAException("SetDeferredException " + e.getMessage(),OAException.ERROR);
catch (RequestSubmissionException e) {
System.out.println("Into Exception");
OAException oe = new OAException(e.getMessage());
oe.setApplicationModule(this);
throw oe;
}Thanks
AJ -
hi. i bought iphone 5 witch was locked, i made factory reset and now phone asking apple ID and pasword witch i dont know. i was writing to seller but he is not answering me. how to set new account for my iphone 5 what i could use it?
The iPhone has a feature called "Activation Lock" described here:
http://support.apple.com/kb/PH13695
Without that Apple ID, you will not be able to use that iPhone. -
How to exclude sales office for combination sales order type/division?
Hi experts,
I would appreciate if you could advise: How to exclude sales office for combination sales order type/division in ECC 6.0 ?Hi
Standard SAP functionality would not be able to cater to this. Ideally create a Z table with sales order type and sales office combination. Put in entries for combinations that are allowed. In Sales order program MV45AFZZ use the exit USEREXIT_MOVE_FIELD_TO_VBAK. In this exit write down the logic passing the sales office determined and the order type and check if the entry is there or not. If the entry is there then it should go on to the next step. If it does not then pass an error message. You need to use the help of your ABAP er for this.
Thanks
Indranil -
Data Buffer error USER_AUTH_FAILED: User account for logonid "SYSTEM"
All, I have the following errors on both the Quality and the Production system in our data buffer job.
com.sap.security.api.NoSuchUserException: USER_AUTH_FAILED: User account for logonid "SYSTEM" not found!
These entries will not process because they are generating an error about the loginid for the Username SYSTEM is not found.
So I am thinking that somehow the MII system is not capturing the correct username when they are being added into the Data Buffer Jobs, or there is something I am overlooking when I set up the databuffering.
Other entries that were in the data buffer jobs were listed as using the RS1000SVC-QMUSBATCH, RS1630SVC-PMIIBATCH User accounts. These are the accounts that our scheduled tasks run under.
Those entries process OK out of the data buffer jobs.
I did notice a similarity between the data buffer jobs in the quality and production systems as it pertains to the following transactions.
Production MII ver 12.0.7 (Build 20)
Muscatine%2FIntegration%2FSAP%2FPROD_CONFIRMED_INPUT_InsertQuery
Which is called from the MIIC1043_IDOC Message Processing Rule.
Muscatine%2FIntegration%2FSAP%2FHEADER_InsertQuery
Which is called from the MIIC1043_Control_Recipe_Download Message Processing Rule.
Quality MII 12.0.11 (Build 14)
Muscatine%2FIntegration%2FSAP%2FPROD_CONFIRMED_INPUT_InsertQuery
Which is called from the MIIC1043_IDOC Message Processing Rule.
So the commonality is that these transactions are being initaiated by the Message processing rules.
Are there known issues with data buffering from transactions initiated with Message Processing Rules?
Is anyone sucessfully using data buffering of transactions called by message processing rules?
Any help is appreciated.
BobJeremy, Thanks for your reply.
There doesn't seem to be much detailed information on the use of Catagories with Processing rules in Help or in the forums. So let me see if I understand your suggestion correctly.
On the MII server create a processing rule for the message using a category instead of using a transaction, The message received by the message listener will be placed in a buffer. I am assuming these messages whould show up in the message monitor and not in the Data Buffer jobs/entries.
So in my transaction which normally processes this data I could add logic to access the message data; using the Message Service (Query, Read, Update and Delete) action blocks. I could pare down the selection by selecting messages based on the MessageCategory that I defined in the message processing rule. This will allow me to access the stored message data.
Finally use a scheduled Job to execute the transaction. The scheduled job would be run with a valid userID and Password so if it connection to the external database failed the enteries would be placed in the data buffer jobs with a valid userID credentials.
Does this sound like what you had in mind? -
Use of Authorizations Tab in User Account for Version 10
Whats the use of Authorizations Tab in User Account for Version 10. Please find the snapshot attached.
Hi Pawan,
SAP Sourcing 10 allow custom script and query-based web services which support OAuth authentication so
client consumer application will consume this web service and if the OAuth handshake is done successfully, then we can verify by going to the Authroizations tab of the User Account of the user that signed on to Sourcing/CLM and allowed the external program to access the particular webservice.
For more insights please refer the Web services cookbook of SAP Sourcing 10.
Hope it helps to some extent.
Best,
Kushagra A -
AR - How to split receivable account for several accounts.
Has enyone know how to split Receivable account for transaction in distribution window on 3 diffrent accounts
eg.
Total amount for transaction line is 5000
I have to create accounting as follow:
1st Receivable account Dt: 2000
2nd Receivable account Dt: 2000
3rd Receivable account Dt: 1000
1st Revenue account Ct: 500
2nd Revenue account Ct: 1000
3rd Revenue account Ct: 3500Hi
This could be possible in R12 using SLA (Sub Ledger Accounting) and not in previous versions
Regards
Sivakumar
Maybe you are looking for
-
Retrieving content via CM tags
This is a newbie question, but I could not find the answer in any documentation, and I've been stuck on this for a while! In retrieving content using content management tags (WL8.1 SP5), do my JSPs have to be in the same WL application as the Portal
-
How do you change the battery in an Apple TV remote
How do you change the battery in an Apple TV remote
-
How to create new country and cities under country?
hello, i am using 11.5.5 apps version, want to create new country and cities under that country, please tell me what is the procedure for that. i am using demo vis: operations as user. Thanks yash
-
Is it possible to do this in Motion?
Hi..I recently watched a clip on YouTube and I was wondering if it was possible to do something like this in Motion? http://www.youtube.com/watch?v=N4jwfpCut9o The first one is at :25. You see more of them throughout the video. I'm think this is Af
-
Is anyone else having this issue?