How to include group access level in a ws call

Similar Messages

• New Group - Access Level

  Hi,
  In CMC ->Users and Groups ->Group Hierarchy, I right-click and create New Group.
  Then righ-click on the newly created Group ->User Security, I can see the Administrator is appears in there (in Add Principle).
  Why? Does it mean this newly created Group has adminstrator right?
  I just want to create a Group (with Display access so that user can execute the crystal report in CMC etc), how to do this?

  Hi,
  You can see the "Administrator" in the user security page, because "Administrator " group has some set of permission to that . It does not mean that the group you have created has Administrator rights.
  Answer for your 2nd question:
  Create a new group and grant the required permission for the newly created group. If the folder contains only crystal reports then you can handle it in folder level rights.
  Regards,
  Ravi

• How to inherit group access privileges?

  Hi,
  there is a button called "Pass on privileges" in access control window. That is good, but I have another problem with it:
  * how to make this passing on thing permanent or sticky?
  Problem is that newly created groups do not inherit it's parent permissions. I have to always manually press this "pass on privileges button" and this is annoying.
  Regards,
  Lauri

  Hi Lauri,
  yes your right - but that's the only way within the actual version - sorry and looking for this functionality as well
  Dirk

• How to include Group of Org Structure Views in DropDown - Reminder of Dates

  Hi
  I need to include a drop down at the top of the Reminder of Dates iView so that I the managers can select whether to see Directly Reporting Employees / All Employees.
  Could someone please show me how I can do this?
  Thanks in advance
  Anton Kruse

  Hi
  I need to include a drop down at the top of the Reminder of Dates iView so that I the managers can select whether to see Directly Reporting Employees / All Employees.
  Could someone please show me how I can do this?
  Thanks in advance
  Anton Kruse

• How to Integrate Oracle Access Manager 11g with Siebel Call Center 7.8

  I need to change the DB authentication to SSO for Siebel Call Center 7.8. I just found a document about integrationg OAM 10g with Siebel 7 (http://download.oracle.com/docs/cd/B28196_01/idmanage.1014/b25347/siebel.htm#Siebel). However, because it's mandatory to use OAM 11g, I don't know whether this doc is suitable for Siebel 7.8. In addition, is it the right way to configure Siebel SSO? I know, in this way, I need to install WebGate. Please give me some expertise. Thanks.

  This should work as long as your web server and operating system support 11g. There may be some differences in how to set up OAM and the WebGate in 11g versus 10g (that is not my area of expertise), but from the Siebel side the integration is the same. You would pass in the user's Siebel ID (pulled from the LDAP directory) as an HTTP header. Then you just need to tweak a few of the parameters in Siebel:
  For the Security Adapter Profile (LDAPSecAdpt most likely) you are using, set:
  SingleSignOn = True
  TrustToken = HELLO (or whatever value you choose)
  In eapps.cfg or eapps_sia.cfg in the virtual directory section for the specific application object manager (e.g. [sales_enu]) set:
  UserSpec = SIEBEL_USER (or whatever HTTP header name you set up in OAM)
  UserSpecSource = HEADER
  SingleSignOn = TRUE
  TrustToken = HELLO (or whatever value you selected for the Security Adapter profile TrustToken parameter)
  ProtectedVirtualDirectory = /sales_enu
  The protected virtual directory will normally be the same as the virtual directory (in this example /sales_enu) unless you are using customer facing applications with anonymous browsing capabilities (for example a catalog that goes to a shopping cart at some point in the process).
  Also in the [SWE] section of the eapps.cfg file the IntegratedDomainAuth parameter should be set to False.
  Hope this information is helpful.
  Best regards,
  Stevan

• How to include balance level reporting currency in a ledger set.

  Hi,
  I was trying to use ledger set for consolidation purposes in GL to generate FSG report. I read on the following meta link that i can do so:
  http://docs.oracle.com/cd/E18727_01/doc.121/e13425/T348488T348495.htm#T385474
  But when i am trying to define ledger set, balance level reporting currencies are not available. Can anybody help?

  To resume with a little progress made:
  I have a Section
  * with Access Level == Edit for Credential == Instructor@...${IDENTIFIER} with no Group Access Label, and also
  * with Access Level == Download for Credential == Student@...${IDENTIFIER} with Group Access Label == Student.
  I'm doing ws calls to add a Course including an identifier. This is successful, and I can then go into the iTunes client as Instructor@...${IDENTIFIER} (substitution made) and manually add Groups and change Access to each individually. (I'm adding Groups "Download", "Shared Uploads", and "Drop Box", changing the Access Level accordingly for Group Access Label "Student".
  But naturally I want to do the manual part programmatically, to save n instructors from having to learn how to do this same thing and then to do it.
  So I'm trying to change my ws call to add the Groups, including Permissions. Schema http://deimos.apple.com/rsrc/xsd/iTunesURequest-1.1.xsd doesn't include Group Access Label for Permission. What does this mean?
  I've tried the actual Credential == Student@...${IDENTIFIER} (with IDENTIFIER substitution made before the call) and also Credential == Student (to see if I'm supposed to match the Group Access Label, instead).
  For either of these trials, the ws call successfully adds the Groups and a ShowTree includes the Permissions for the Groups. But in the iTunes client user interface, it's as if I gave no Permissions in adding the Groups.
  Am I approaching this wrong or is there a bug here?
  (I haven't tried yet a separate call to add the Group Permissions, not wanting to suffer the processing wait of getting handles for the three Groups.)
  Anyone else doing this? (successfully or not ) Thanks.

• Custom Access Level/User groups in BOBJ XI

  Experts,
  We are currently implementing BOBJ XI 3.1. Up on go-live, it will be handled by the Operations team from BOBJ CMC. We do not want to give administrator group for the operations users in CMC. Instead, we want to create custom groups with custom access levels.
  Ex. one for basis who will set up authentication, licenses etc
        one for the functional folks to maintain universes, export universes and set up security.
  Is there a way to set up user groups like this. We were able to successfully restrrict access just to folders, universes by creating a custom access level. But we were not able to do it on other items listed in CMC. Has anyone done this level of access before for the operations or even with in the development team instead of using administrator group>
  Appreciate your response
  Thanks
  Kee

  Hi,
  We can assign different rights to a group by creating custom access levels.
  Create a new group ,and also create custom access level and assign it to the new group.
  you can provide access to different objects to the group by adding rights to the access level.
  Under the access level > click  Included Rights > Add and Remove Rights > Under the Rights Collection > click on System.
  You  could find all the CMC object access rights can be assigned.
  Regards,
  Rameez

• RDS 2012 R2 - How do I lockdown access to Local Computer Management and Windows Backup via Group Policy

  Greetings all,
  I am needing assistance in how to lockdown access to Local Computer Management and Windows Backup via Group Policy for users that access RDS service. I have followed this awesome guide - h t t p://w w w.it.ltsoy.com/windows/lock-down-remote-desktop-services-server-2012/
    - but it is missing two important resources that I would like to lock down.Currently, I have successfully locked down Control Panel for users via Group Policy, but I cannot find any group policy or guide on how to restrict user access
  to Computer Management (different to Server Manager). When using Win-X shortcut to open the 'Administrator's shortcuts' near the windows icon, I have locked down everything except Computer Management. Computer Management gives direct access to Disk Management,
  Shares etc, which are locked down for users. But Windows Server Backup is still accessible. Can someone please guide me on how to restrict access to both Computer Management and Windows Server Backup.
  Thanks in advance.
  Terry.

  Prevent running of Windows Server Backup
  Computer Configuration\Policies\Windows Settings\Security Settings\File System
  Right click on File System - Add File - Drill down to \System32\wbadmin.msc
  On the Database Security ACL that pops up - Remove Creator Owner, Remove Users and check Adminstrators have Full Access.
  On the Object window - choose Propagate inheritable permissions to all... (Default)

• How to include all the child OU groups of a master OU group in LDAP authentication

  Dear All,
  I am using Apex 4.2 on windows server 2012 on internet explorer with database 11g R2 all 64 bit.
  we are using Microsoft Active Directory Authentication in our domain.
  I have created two protals, Staff Portal and Student Portal
  I have two groups, Staff and Students. these two groups coming under HCT group.
  I want to configure LDAP authentication for these groups, so that student cannot login to staff portal and vice versa.
  I had created on authentication schema in apex.
  inititally I configured as below
  for example I have a group ETC, inside ETC I have CSS in active directory,
  DN String=cn=%LDAP_USER%,dc=hct,dc=org
  Use Exact distinguish name=YES
  LDAP Username edit function=
  return apex_escape.ldap_dn (
               p_string => :USERNAME,
               p_escape_non_ascii => false ) || ',ou=users,ou=css,ou=etc,ou=staff,ou=hct'   ;
  Username Escaping=NO ESCAPING
  and it is working,
  now I have another group under ETC, which is ESS. how to include ESS also? I mean how to include all the child groups of a master group?
  because I will then only include the STAFF ou and the rest of the ou which coming under staff will come automatically.
  please refer to this thread for more details.
  Re: Re: Different LDAP authentication for Student and Staff Active directory groups
  Thank you.

  Powershell (or vbscript if you want to be old school).
  You can trigger a powershell script which will remove the offending user(s) easily enough with out resorting to a TOLDAP pass.  Nearly any script type thing would work but powershell is preferred.  It can be triggered separately from the TO AD stuff and will take multiple objects to run in one pass if you can construct the command line (or create a text file and feed it in).
  Otherwise, TOLDAP is the way to write to AD...
  Peter

• How can I get low level access to netstream using OSMF?

  Hi
  I'm trying to gain access to the low level netstream underneath the hood of OSMF so that I can access its netstream.info property for reading metrics.
  I find that I am able to do this for MP4 videos but not for F4M dynamic streaming videos.
  For MP4, I was successfully able to create a VideoElement that used a CustomNetLoader class which overrided the createNetStream method to return a netstream object.
  However, for F4M, I have to use either the MediaFactory.createMediaElement(element) method or the F4MElement. The F4MElement does not allow a CustomNetLoader to be used and it seems to only accept a F4MLoader class.
  Any advice on how I can access either the netstream object or the metrics of F4M videos?
  Thanks

  ok, I finally got access to the direct netstream object - someone from Akamai gave me the answer.
  Seeing how I wasn't able to find this answer anywhere on Google, I'm going to post the solution here as there's no way I would have known this solution without someone who knew how to get direct access to the netsteam object in OSMF.
  There's a hidden class that won't show up in the code hint called org.osmf.net.NetStreamLoadTrait that you have to import.
  1) First, your media player playing controlling your MediaElement has to listen for a LoadEvent.LOAD_STATE_CHANGE event after you load the MediaElement into the media player
  mediaPlayer.addEventListener(LoadEvent.LOAD_STATE_CHANGE, onLoadStateChange);
  2) Upon LoadEvent.LOAD_STATE_CHANGE, check for a org.osmf.traits.LoadState.READY - you can only access the NetStream object when it is LoadState.READY or the netstream object will return as null.
  private function onLoadStateChange(e:LoadEvent)
                                if(e.loadState == LoadState.READY)
  3) Once the LoadState.READY is true, you can create a datatype of NetStreamLoadTrait and type cast it from a Load trait:
  private function onLoadStateChange(e:LoadEvent)
    if(e.loadState == LoadState.READY)
       var nsLoadTrait:NetStreamLoadTrait = mediaPlayer.media.getTrait(MediaTraitType.LOAD) as NetStreamLoadTrait;
  4) Once you successfully type cast the Media Load Trait from your media into NetStreamLoadTrait, you can access the property netstream from the NetStreamLoadTrait object.
  private function onLoadStateChange(e:LoadEvent)
    if(e.loadState == LoadState.READY)
       var nsLoadTrait:NetStreamLoadTrait = mediaPlayer.media.getTrait(MediaTraitType.LOAD) as NetStreamLoadTrait;
       var ns:NetStream = nsLoadTrait.netStream;
  Hope this helps someone out there.

• How can we provide access/provide permissions to a user/group for group of folders at single step??

  Hi Nico, Thaks you so much for your reply,, Can you please advice or give me some steps to write script pelase? Regards,Kareem

  Hi All, How can we provide access/provide permissions to a user/group for group of folders  at single step?? I can able to provide access for a single folder at a time. I want provide access to a list of  folders( more than 30 ..) at single step?? Regards,Kareem

• How to change lookup code  with Access Level as 'System'

  Hi,
  I need to append new lookup codes in a lookup type having access level as 'SYSTEM'. Is there any standard way to do the same or just updating the customization level column will do ? Please let me know if you have any solution for this.
  Regards
  Girish

  You can also change the meaning on that value to something like "*** DO NOT USE***". This will make it obvious to the user that he/she should not choose it.
  You can try to add a when-validate-record personalization to show error if someone selected a disabled value.
  You can also try to modify the list of values associated with the field using personalizations.
  If nothing else works, you can use a SQL to uncheck the enabled flag. The risks involved in this are well known.
  Hope this answers your question
  Sandeep Gandhi
  Independent Consultant
  513-325-9026

• How  to  include  any enhancement  on characterstics   in reporting level

  how  to  include  any enhancement  on characterstics   in reporting level

  What does this mean? Plz expalin i abit more.
  Thanks..
  Shambhu

• Can anyone tell me how to allow 3 groups access to use a specific brand and model USB, dissallowin all other brands in AD 2008 R2 and Linux enviroments

  We currently do not allow users to use USBs of any kind, but I need to allow admins and 2 other groups to be able to use a specific brand and model USB. I think this might involve writting some scripts, and or modifying the Master Schema in AD. But frankly
  I dont know where to begin, can anyone help me with this.

  I presume group policy can't be really applied to non windows OS where as for windows OS, you can either import the adm or use the current gpo settings.
  http://blogs.technet.com/b/danstolts/archive/2009/01/21/disable-adding-usb-drive-and-memory-sticks-via-group-policy-and-group-policy-preferences.aspx
  http://social.technet.microsoft.com/Forums/windowsserver/en-US/f1bcf487-57fe-4d60-aa7a-18eb714242ab/how-to-use-group-policy-to-block-thumbdrive-by-brand?forum=winserverDS
  Awinish Vishwakarma - MVP
  My Blog: awinish.wordpress.com
  Disclaimer This posting is provided AS-IS with no warranties/guarantees and confers no rights.

• Restrict certain function based on access level

  I'm working through an approval process with Office 365 SharePoint Lists and Infopath, and I want certain people to be able to submit items in a Sharepoint list on behalf of someone else. So, the boss might have her assistant post news for her,
  but her name will be on it. I only want certain people with a higher access level to be able to do this. Most people will just be able to submit news on their own behalf. I'm not sure how to do this other than to actually have a separate list that only certain
  people can access to support this one function.
  Currently I have lists for...
  Draft Items
  Submitted Items
  Published Items
  and I might create a fourth one for "Drafts Items on behalf of." Can you think of a better way than to actually create a fourth list?

  Hi  ,
  According to your description, my understanding is that you want to three permission level for a list: unable submit and unable approval, able submit and unable approval, able submit and able approval.
  If you just want to restrict  for a list, you can try to stop inheriting permissions for the list.
  For the above permission level, it can be reflected to the SharePoint default permission level: read, edit, approve. So for achieving your demand, you can add the users  into  suitable permission
  group (Site Visitors, Site Members, Approvers).
  Then you can go to the list ->List Settings ->Versioning Settings, select “Yes” for Require content approval for submitted items.
  Best Regards,
  Eric
  Eric Tao
  TechNet Community Support