Implement strategy for ASA on TACACS w/ restricted read-only access

Similar Messages

• Implementation strategy for non sap sources

  hai friends,
              could anyone help with the
  'implementation strategy for non sap sources'.

  Hi,
  Its the same as with R3 sources.Only difference is you'll have different underlying interfaces. Non SAP systems can either be flat files, ETL systems or legacy systems using ETL connection, Oracle or Java systems XML, etc.
  But your stategy would remain the same only per your non sap source system, the transactions and the ways you configure your datasources would differ.
  Cheers,
  Kedar

• Restrict read/edit access for a Manager, when Manager Visibility is enabled

  Customer wants to restrict read/edit access for a Manager on his/her subordinates' owned record, if manager Visibility is enabled at the company level.
  For example: If SM1 is a manager of SR1 and SM1 owner profile says that he has Edit Access on his owned records then, he will get Edit Access
  on the records owned by his sales rep.
  Current requirement here is Manager should not be able to edit the records of his sales rep but should able to only View. And manager also
  need the Edit/Read access on the records which they owned.
  Is there a possible workaround ?

  I have devised this to our customer:
  First, create a custom text field named "Reports To" on the object, say, Accounts.
  Second, user JoinFieldValue to set a default value for the "Reports To" field: equal to the "Reports To" User field value for the current owner.
  Third, add a new value named "Manager Read-Only" to 'Account Type' picklist. make sure that this picklist value is active.
  Fourthly, add a new page layout marking all Account Fields as 'read-only' and name it "Account Read-Only layout".
  Fifthly, create a new Account Dynamic Layout and set "Account Read-Only layout"
  for Field Type = "Manager Read-Only".
  Sixthly, create a new workflow rule condition for Account object ( before modified record saved ). Use the workflow rule condition similar to UserValue('<Alias>') = [<ReportsTo>] and set the workflow action to update 'Account Type' picklist value to
  "Manager Read-Only".
  This is just an example. Customer needs to improvise on this.
  Any more suggestions please ?

• Read only access for bpel console in SOA Suite 10.1.3.5.1(weblogic)

  Hi
  For SOA Suite 10.1.3.5.1 on weblogic, Is there any way to restrict certain users to some pages in bpel console.. e.g. read only access to bpel console.
  I have found articles on web regarding this but they all are for SOA Suite 10.1.3.3 (and 3.4) on Oracle app server. Article provides a hack by using servlet filters.
  How to do a similar thing in SOA Suite 10.1.3.5.1 on weblogic ?
  Can somebody provide step by step instructions?
  Thanks

  Hi James,
  I have already seen this link and several refined versions of it but it wont work for weblogic. For example
  There is no j2ee/oc4j_soa/applications/orabpel/console directory (i looked into home directory as well but could not found orabpel/console dir).
  So question is where to put filter class and how to make changes in web.xml as this file is not present in j2ee/oc4j_soa/applications/orabpel/console/WEB-INF/
  I checked deployments in weblogic admin console and seems BPELConsole is deployed as a module under BPELPM ear.
  Any idea?
  Thanks.

• Category for service desk message to be read only

  Dear Friends,
  Do you know how to do the customizing that if the category is initial, this can be maintained, otherwise it will be read only?
  Thanks and best regards,
  Anders

  Hello Anders;
  this is quite simple. In order to do this you ll have to implement a Standard Badi CRM_ORDER_FIELDCHECK
  Using parameter CRM_ORDER_FIELDCHECK of type CRMT_INPUT_FIELD_NAMES; you ll be able to set value of 'changeable' to 1 for 'fieldname' you want to become read only (category)
  This will definitely solve your pb
  Regards
  Khalil

• How to create a read only access for database

  I am developer but willing to lear some of the dba tasks. I would like to know the steps that i need to take to creat a read only access database that is going to be used for the report development.
  I really appreciate if you tell me all the steps I need to create that. I have a full right to do this in the develpment database. thanks

  thank you for your reply but it does not tell me how i can set up a read only access acccount for the user. Do i need to create a role and assign the role to the users?

• Read only access for objects in application designer

  I want to apply read only access to all the objects in application designer. I would like to know how we can do this.
  Jayaprakash Tedla

  Jayaprakash,
  On 8.48 :
  1. Create a PERMISSION LIST
  1.1 leave empty the navigator homepage
  1.2 leave unchecked Can Start Application Server? and Allow Password to be Emailed?
  1.3 On Pages tab, leave it empty
  1.4 On PeopleTools tab, check Application Designer Access, then click on Definition Permissions, Tools Permissions Miscellaneous and Permissions, and put there the rights as well as you want. You can put Read Only on all component in one shot by clicking on the button, or one by one by choosing in the listbox for each type of components.
  1.5 leave all other tab blank
  2. Create a ROLE, and add the permission list created on step 1.
  3. Create the user, and give the role created on step 2.
  4. Open Application Designer, connect there with the new user, and enjoy on read-only access.
  Hope this help,
  Nicolas.

• How to assign read only access for a database to a single user?

  Hi All,
  I have created a login for one of the user , and i used deny view to deny that user access to any of the databases to be shown.Now, he cannot see any databases in the explorer window.
  My question is now i want to give this user permission ( read-only) to a single database. How can i do that? I have googled around and found some solutions but nothing is working.
  Can someone please help me with any suggestions.
  Thanks a lot for your time and suggestions in advance.
  Thanks

  Hi Bhanu,
  Thanks for your reply, I am not sure i got it. I have a user created with the name of 'msam_test' and if i login into management studio with this userid and password i dont see any databases showing up because i used the DENY View command to hide which is
  working fine.Now i just want to see only 1 database named 'suresh3_test' with a read only access to this database.
  I tried using your code in the below way
  USE [suresh3_test]
  CREATE USER [<msam_test>] FOR LOGIN [<msam_test>] WITH DEFAULT_SCHEMA=[dbo]
   exec SP_ADDROLEMEMBER 'DB_DATAREADER','<msam_test>'
  But i receive an error saying
  Msg 15007, Level 16, State 1, Line 3
  '<msam_test>' is not a valid login or you do not have permission.
  Msg 15410, Level 11, State 1, Procedure sp_addrolemember, Line 75
  User or role '<msam_test>' does not exist in this database.
  Can you please help me on this.
  Thanks

• Role for system data dictionary read-only access

  [NOTE: this is for 9i]
  What grants must a role have to have read-only access to
  the system data dictionary tables (e.g.: ALL_SOURCE,
  ALL_OBJECTS, ...)?
  Or, is there somewhere in the docs that talks about this
  kind of role?
  Thanks in advance,
  Robert

  Well, the answer to your explicit question would be that it would need SELECT on each of the data dictionary views that do not have SELECT granted to PUBLIC. To find out what those are, you could do:
  SELECT table_name, privilege
  FROM dba_tab_privs
  WHERE grantee = 'SELECT_CATALOG_ROLE'however, it would probably be easier just to grant it SELECT_CATALOG_ROLE :-)
  John

• Read only access to few users & RW to others for Web Dynpro App in EP

  HI All,
  I am creating few Iviews using custom development and able to display on the EP fine.. Now customers want to have red only to few users and read/write access to few users.. Can any one point me to the right documentation or the steps to be performed to acheinve this.
  Thanks
  Rajeev

  Hi Rajeev,
  Please create role/group for WD applciation which you want to assign read/read & write to the users. Access the role/group in WD application and restrict the access to UI Element properties.
  Refer to below documents for protecting Access to the Web Dynpro Application Using UME Permissions.
  [help.sap.com|http://help.sap.com/saphelp_nw04/helpdata/en/f3/a64d401be96913e10000000a1550b0/content.htm]
  [Exmaple|http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/297f35cf-0201-0010-00b2-fe2f3e23d360?QuickLink=index&overridelayout=true]
  Hope it will helps
  Regards
  Arun

• Read Only access for a Maintenance view

  Hi All,
  I have a requirement like this.
  There is a Z Maintenance View (namely ZVHR_GRD_TARGET), for this i have to maintain the status as Read Only, and have to create a transaction code for this view with only SE16 access.
  I am doing like this.
  In the Z view, in the tab "Maint. Status", i have selected the radio button "Read Only" and saved it.
  I have created a transaction code for this view with SE16 access with the inputs
  Transaction                                                           SE16
  Selected the check box "Skip Intial Screen"
  Selected the check box for GUI status
  Name of the Screenfield                                          DATABROWSE-TABLENAME
  value                                                                      ZVHR_GRD_TARGET (i.e, view name)
  But the transaction code is not executing.
  So can any help me out in the requirement
  Regards
  Srinivas Kodukula

  Anchorage,
  Please refer to the following link:
  Read Only Schema in Oracle APPS 11i
  http://oracle.anilpassi.com/read-only-schema-in-oracle-apps-11i.html
  You may also search this forum as the same topic was discussed here many times before.

• Easy read-only access for noobs

  Lightroom is a great product for the photographer, but for his spouse it's not so easy.  I'd like an easy way to copy an image to the clipboard or export it to iPhoto to be used in other apps like iWeb.
  My photos are stored on a server.  It should be easy for my wife to go through the collection in read-only mode and use photos for blogs, emails, slideshows, etc without having to learn how to sync the directory tree, export from Lightroom and manage those temporary files.  Currently the best process I can find is:
  Use Bridge to browse the photos since only Adobe products can see the Develop settings for the RAW images.
  Select the image and right-click Open-With Camera Raw
  In Camera Raw Save the file as a JPEG into a temporary folder
  In Finder, find the temporary folder, open the JPEG with Preview or drag the file to iPhoto
  If It's in Preview, Copy the image to the clipboard for pasting into an app like Mail or iWeb.
  It seems like we could eliminate several steps here if Adobe Bridge had a convert&copyToClipboard option that would convert a RAW with Develop settings into a JPEG and then copy that JPEG into the clipboard for pasting into an application.
  If anyone has a better approach, let me know.
  Besides the cost overhead, it's not realistic for her to use Lightroom from her computer because Lightroom won't dynamically see folder tree changes without a Sync.  Using Bridge she also loses out on virtual copies.
  Thanks,
  -Ryan.

  Pete,
  Good point... that's true. I shouldn't say there aren't any programs that support XMP... there certainly are!
  I don't know, though, of any application that can read - and more importantly *use* - the XMP data that's specifically related to the Lightroom Developer metadata.
  An application can say that it has read/write support for XMP (which is actually not only for LR, but also for Photoshop and even PDFs), but that doesn't mean the application has to recognize - and honor - every piece of metadata contained within that XMP file. I think a lot of the applications listed on Adobe's website only support a subset of the Lightroom metadata: EXIF, IPTC, geocoding... that kind of thing.
  So it's one thing to say that an app supports XMP, and it's another to say that an application fully supports XMP. If an image editor supported every XMP tag, it could take a RAW + Lightroom XMP file, pick up where you left off in Lightroom, save its own changes back to XMP, and Lightroom would recognize the other editor's changes. I don't think even Photoshop supports XMP to that level!
  I don't know of any app that will read Lightroom's Developer metadata and display the same image that you see in Lightroom, which is what the OP was asking for and  what I was addressing in  saying there aren't apps that support XMP.
  But, you're right, I was an over-sweeping generalization.  So, let me restate more accurately
  The XMP data is developed by Adobe, but it's a published standard so in theory anybody who wanted to COULD read the Lightroom Developer XMP/DNG data. But nobody does.
  Of course, all this is a little academic because even if an organizer (e.g. Picasa) could honor all the Lightroom metadata and display the image "correctly", it wouldn't matter. The ultimate goal of the OP is to use the image in blogs, emails, etc. which is unfortunately still going to require a JPG. Maybe one day DNG and XMP will be as widely supported as JPG (which I think is Adobe's goal)!
  Thanks for keeping me honest

• Read only access for a Database!

  Hi All,
  I need to create a user for my database who can have readonly access to the database and can work as *"Read Only Apps".*
  Senario:-* I want to give access to development team through TOAD/ SQL* but that user can not delete/update any thing from apps schema.
  Thanks,
  Anchorage

  Anchorage,
  Please refer to the following link:
  Read Only Schema in Oracle APPS 11i
  http://oracle.anilpassi.com/read-only-schema-in-oracle-apps-11i.html
  You may also search this forum as the same topic was discussed here many times before.

• Database open for read-only access ORACLE

  while building a universe with a dblink betweens oracle databases, i try to create a derived table in the form
  select field1 from table@db_to_db2
  but i get the following message:
  Exception: DBD, ORA-16000: database open for read-only acces State N/A.
  I understand the statement "Set Transaction for read only"  must be set before any transaction during the session, but still dont know how to trigger it in bo universe designer.
  Can someone know how to solve it?

  I suggest you fill-in the BEGIN_SQL parameter on the Universe to turn on the read-only transaction.
  Here is an excerpt from the Universe Designer guide:
  The BEGIN_SQL parameter allows you to prefix SQL statements with the same parameters each time a SQL statement is generated.
  1. Open the "Universe Parameters" dialog box in Designer.
  2. Click the Parameter tab.
  3. In the "Parameter" list, select the BEGIN_SQL parameter and enter the
  appropriate prefix commands.
  4. Save the settings.
  5. Save the universe.

• Exported spreadsheet for windows is sent out as read only.

  Hi there,
  I am trying to export two spreadsheets. I export and send both of them ok. The second one for some strange reason once received by the other person who uses Windows is as read only and the person is not allowed to make changes.
  I would like to know if it is some weird glitch or of there is some button tab where I can set the properties or unmark this option. I am sending both to the same person and the prob is with the second one.
  Thanks
  E

  Thanks GKaiseril
  I found this in the forums from a previous post by try67
  It works perferctly.
  However in his post he left off the last bracket }
  for (var i=0; i<this.numFields; i++) {
  var f = this.getField(this.getNthFieldName(i));
  if (f!=null && f.type!="button") f.readonly = true;
  Ron A