LDAP Connection - users in more than one group

Similar Messages

• Having a user in more than one group makes them choose a group at login..

  hello
  osx server 10.5.6
  xserve quad core xeon
  when a user is in more than one group in OD they are made to choose which group they want to log in to when logging in.
  all groups have home folders that are automounted on login under groups->preferences->login->items->add group share point
  and then also under groups->preferences->dock->dock items->documents and folders->add group folders is checked and the group folder is added as well under here.
  when they are in a single group and they log in, their group folder is automatically added to the dock. it's great.
  my question is, how do i have someone in multiple groups have all the group folders show up on the dock? why do they have to choose a group when they log in? it's very constricting.
  any ideas?

  Hi Jakelh, I'd be looking at Tips and Tricks
  especially pages around page 80 seem to come close to what you want.
  Cheers

• ACL and user with more than one group

  I have a (simple) question, but I coudn't find answer in docs :(
  My problem is:
  I want to have in Tuxedo users, which belong to more than one ACL group. Each
  of this group have some special rights, i.e. group A could execute services K,L,M
  and group B could execute services M,N,O. If my user belongs to A and B group,
  which rights it have? Your rights are sum of rights of group or common part of
  them ? I will be very greatful for link to docs talking about it ....
  Best regards
  Dominik Michniewski

  user3715462 wrote:
  Hi All,
  it's just a question
  we're using R12 12.1.3 db: 11Gr2 on OUL5x64
  is it possible for an oracle user that can have more than one email address?
  i add 2 email addresses in E-MAIL box
  and it did not seem to work.
  Thanks in advance.
  Regards,What email addresses are you referring to? Is this at the OS level or the database/application level? Please elaborate more.
  Thanks,
  Hussein

• Auto creation of child requests when parent request has more than one group

  Hi,
  I have created a request dataset which has a child form for AD Group. While raising a request, if I add more than one group, how to process the approval flow. Because I will be having different different approvers for different different groups. Is there any way to create child requests automatically when we submit a request with more than one group? I am using OIM 11.1.1.5.0.
  I know in OIM 11g, whenever user raises request for more than one beneficiary/target-resource then OIM breaks that request into Child Requests. But this is not happening when I add more than one group in the same resource. Do I need to write my own code for DataValidator to split parent request into child requests upon validating child form? If so, is it going to impact the existing feature which is creating child request when parent has more than one user/resource.
  Please let me know.

  No not possible OOTB in current version. Check {thread:id=2318652} for more information.
  -Bikash

• How do I share my contacts with more than one group? I really don't want to have re-type them into a different group. Help!

  How do I share my contacts with more than one group without having to re-type them into each group?

  Without "pretending" to be yourself on the other phone (change settings) there's nothing else you can do.
  iOS devices are meant to be single user and can't view iCloud.com the same way a Mac or PC can do.
  You need to find a desktop or laptop machine (Mac or PC) to log in at iCloud.

• Can I install 'Cisco connect' software on more than one PC in the network?

  Can I install 'Cisco connect' software on more than one PC in the network? Do multiple installs conflict? Who did try this before?

  yes you can
  SAP

• How to create new user with more than one default folder

  hi
  A new user created in OCS has only one default folder(Inbox).
  I want to create new user with customized default folder.
  for example:
  a new user has more than one default folder(Inbox,Outbox,Draft,Dustbin...)
  And also I want to automaticly enable the functions:
  When sending messages, place a copy in Outbox
  Keep message drafts in Draft
  Move deleted messages to Dustbin
  who know that?
  thanks

  The same reason that Apple and 3rd Party vendors put multi-size templates in one file I expect. I am trying to construct an in-house standard template for use in our company, and it is easier to manage if there is only one file to send to people rather than many - both initially and for subsequent edits / updates to the template.
  Of course it would be possible to create several templates (one for each size). But since it is clear that templates can be combined, it appears sensible to do this - unless the doing of it is horridly complicated

• ACS - users in more than 1 group

  Hi,
  is there an option to set users in more than 1 group on the ACS..for example an user in tacacs group and wireless group and citrix group. if so how do i go about doing it ?
  Thanks

  Does this relate to ACS 5?
  In ACS 5 can defined additional attributes for users that can be used in policy decisions

• More than one group in ias-web.xml role-impl?

  Hello,
  iAS 6.0 SP3 Solaris 8.
  According to the ias-web DTD, it possible to map more than one LDAP group
  or user to a role; i.e. it should be possible to say something like
  <role-mapping>
  <role-name>sales</role-name>
  <role-impl>
  <group>directsales</group>
  <group>salesmanagement</group>
  </role-impl>
  </role-mapping>
  When I do this, the 'roles' tab in ksvradmin shows both groups, so that's
  promising. However, when I actually try it, only users in the first group
  (directsales in the example) have the 'sales' role. Users in the second
  (and subsequent) groups do not have the role.
  What gives??
  Jan.
  ==============================================================
  Jan de Visser Digital Fairway Corp.
  tel. (416) 628 7525 [email protected]
  <Enter any 12 digit prime to continue>
  ==============================================================

  Hi,
  Just check the roles in kregedit. You will find the roles in
  SOFTWARE\iPlanet\6.0\J2EE-modules. Please check it. And do th emapping if
  neccessary. You need to restart the server after doing role mapping. see if
  it helps.
  Jan de Visser wrote:
  Hello,
  iAS 6.0 SP3 Solaris 8.
  According to the ias-web DTD, it possible to map more than one LDAP group
  or user to a role; i.e. it should be possible to say something like
  <role-mapping>
  <role-name>sales</role-name>
  <role-impl>
  <group>directsales</group>
  <group>salesmanagement</group>
  </role-impl>
  </role-mapping>
  When I do this, the 'roles' tab in ksvradmin shows both groups, so that's
  promising. However, when I actually try it, only users in the first group
  (directsales in the example) have the 'sales' role. Users in the second
  (and subsequent) groups do not have the role.
  What gives??
  Jan.
  ==============================================================
  Jan de Visser Digital Fairway Corp.
  tel. (416) 628 7525 [email protected]
  <Enter any 12 digit prime to continue>
  ==============================================================--
  thanks.
  parsu

• IT 0105 subtype 0001. Assign one System user to more than one person?

  Hello, Gurus!
  We are maitaining Hr master data (infotype 0105 - Communication, subtype 0001 - System User name). We have two person: person A and person B. Person A have communication with system user C. When we communicate person B with same system user C, we gettin error:
  "ID/number already used for person A".
  The time constraint is set to 3 (Record may include gaps, can exist more than once"
  Is it possible to assign one system user more than one person?
  This condition is checked by FM CHECK_USRID. We assume, what the result of this checking can be changed from "Error" to "Alert", if we will change one record in table T77S0:
  Current value:
  GRPID=MAIL
  SEMID=SAPSY
  GSVAL=0001
  Table record after modification:
  GRPID=MAIL
  SEMID=SAPSY
  GSVAL=0002 (or any digital value, which is iffer from "0001"
  Should we expect negative consequences of similar modification?
  Please, advice.

  Thanks for explanation.
  But there is a little moment, that I can not understand ((
  We check PAI module of CHECK_USRID (include MP010530, screen 2000) and find folowing fragment of ABAP code:
    CALL FUNCTION 'RH_GET_HR_USER_SUBTY'                       "YRAK040203
         EXPORTING                                                     "YRAK040203
               mandt                 = sy-mandt                     "YRAK040203
          IMPORTING                                                     "YRAK040203
               hr_subty              = hr_subty                         "YRAK040203
          EXCEPTIONS                                                    "YRAK040203
             SUBTYPE_NOT_AVAILABLE = 1                                "YRAK040203
               OTHERS                = 0.                               "YRAK040203
      IF p0105-usrty = hr_subty.                                        "YRAK040203
      MESSAGE E900 WITH  PA0105-PERNR.                           "YRAk028906
        MESSAGE e900 WITH object_found double.                     "YRABEWERBER
      ELSE.                                                                  "YRAK040203
      message W900 with pa0105-pernr.                                 "YRAK040203
        MESSAGE w900 WITH object_found double.                     "YRABEWERBER
      ENDIF.                                                                 "YRAK040203
  where p0105-usrty=0001 and hr_subty is equivalent field GSVAL=0001 in table T77S0. In other terms, when we are
  maitain subtype 0001, the first condition (marked bold) is always executed.
  For what the "else" condition is used, if it never be executed? If we will change value GSVAL from 0001 to 0002, theoretically, we will get "warning" instead "error", because p0105-usrty = hr_subty=false and code MESSAGE w900 WITH object_found double will be executed.
  Any ideas?
  Regards.

• Connecting iPod to more than one computer

  Is it possible to connect a iPod Nano to more than one computer? I downloaded itunes on my home computer and set my ipod up just fine. Then i wanted to connect it to my office computer because i have a bunch of music on it that i would like to put on my ipod. Every time i try to connect to my office computer I get an error message "iTunes has detected an ipod in recovery mode. You must restore this ipod before it can be used with itunes.
  Any ideas or information would be appreciated.

  *Is it possible to connect a iPod Nano to more than one computer?*
  Yes it is. If you want to connect and use an iPod on more than one computer you need to change the update preference in the iPod Summary tab to "Manually manage music and videos" and click Apply. In this mode you can directly access the content of the iPod and play it through iTunes and you can drag and drop whatever you want to the iPod from either library:
  Using iPod with Multiple computers
  Managing content manually on iPod
  iPod 101: Fill 'er Up
  Something else to be aware of when using an iPod in manual mode is that the "Do Not Disconnect" message will remain on the display until you physically eject the device. In that case use Safely Remove Hardware icon in the Windows system tray on your desktop or check this link: Safely Disconnect IPod
  *Every time i try to connect to my office computer I get an error message "iTunes has detected an ipod in recovery mode. You must restore this ipod before it can be used with itunes*.
  Have you had a chance to look at this troubleshooting page? If not, have a look at the bottom section and try changing the drive letter allocated to the iPod in Windows:
  iTunes has detected an iPod in recovery mode - Use iTunes to restore
  Windows confuses iPod with network drive

• Users have more than one profile for the same role

  Hello,
  As I said in my earlier post I'm rather new to SAP.
  I'm doing now the security audit of my SAP system. In particular, I'm checking whether business users have access to DEBUG functionality.
  I have run report 'Users by complex selection criteria' and found certain number of such users. Then I looked further and discover that all these users have role X assigned to them. The profile P2 of the role X displayed in PFCG has DEBUG functionality deactivated. After second look I discovered that all these users have earlier profile P1 for the same role X assigned to these users. This profile P1 contains the functionality in question.
  I solved the issue by revoking the role X from the users and assigning it again. Both P1 and P2 profiles were removed from the users and only P2 was reassigned again.
  I used to think that role may have only the profile that is displayed in PFCG? Also, I used to think that if the role profie is regenerated the newly generated profile automatically replace the old one assigned to users. Am I wrong?

  Hi Pavel
  In simple and short ..
  Role contains authorization objects..
  Maximum limit of authorization objects for a role is 150 .
  So a role can accommodate 150 authorization objects.
  New Profile ABC is created , when ever you create a new role. 1-1 relation.
  But if a role has more than 150 authorization objects .. then automatically a new profile ABC01 will be created and it will also be aligned to that role .
  if role has 400 auth objects, then profiles will be ABC ,ABC01 ,and ABC02
  i hope this helps you
  Cheers
  Pavan M

• User access more than one application

  how can i give user access on more than on apex application

  >
  Welcome to the forum: please read the FAQ and forum sticky threads (if you haven't done so already), and update your forum profile with a real handle instead of "984229".
  When you have a problem you'll get a faster, more effective response by including as much relevant information as possible upfront. This should include:
  <li>Full APEX version
  <li>Full DB/version/edition/host OS
  <li>Web server architecture (EPG, OHS or APEX listener/host OS)
  <li>Browser(s) and version(s) used
  <li>Theme
  <li>Template(s)
  <li>Region/item type(s) (making particular distinction as to whether a "report" is a standard report, an interactive report, or in fact an "updateable report" (i.e. a tabular form)
  With APEX we're also fortunate to have a great resource in apex.oracle.com where we can reproduce and share problems. Reproducing things there is the best way to troubleshoot most issues, especially those relating to layout and visual formatting. If you expect a detailed answer then it's appropriate for you to take on a significant part of the effort by getting as far as possible with an example of the problem on apex.oracle.com before asking for assistance with specific issues, which we can then see at first hand.
  how can i give user access on more than on apex applicationSee +{thread:id=515240}+ for the basic technique, and these Oracle Magazine articles for extended examples:
  <li>Creating Custom Authentication
  <li>Build a Menu Framework
  Note that APEX has a built-in publish-and-subscribe model. You create a "master" application to contain publishable components like authentication schemes, LOVs and templates. Theme templates are created, maintained and published through this application, and other applications reference the standard templates by subscription from the master application. Changes can be pushed out from the master application to all subscribing applications.

• Can a user have more than one RBS value?

  In our current environment, we have our RBS structure setup similar to our University organizational chart. Many of these groups collaborate with each other on projects and this structure does not allow for one user to see projects from multiple departments.
  For instance, our Admissions office collaborates on projects with our IT group. If Admissions enters a project in PWA, the IT group will not see the project proposal until an IT resource is assigned. But, since we are just at the proposal stage, we would prefer
  to not assign resources until the project is approved. As it stands with our current RBS structure, if a user in Admissions is the project owner, the IT group cannot see the project.
  Would like to avoid setting individual project permissions when collaborating with multiple departments.
  So, Admissions needs to have the project show on their project list (for planning and portfolio purposes) and IT needs for it to show on their project list, for the same reasons. How can we accomplish this setup?
  Thank you for any help you can provide.

  SycamoresPM,
  A single user cannot have two RBS values at the same time.
  Your best bet in this scenario would be to rather depend on the "project Team". So, whoever is part of the team could see the project, rather than the RBS itself.
  In this case, regardless of the department, the resource could be added to the schedule and once published, will be seen the team member. That should solve your issue, in my opinion.
  Cheers,
  Prasanna Adavi, Project MVP
  Blog:
    Podcast:
     Twitter:   
  LinkedIn:
    

• Can Enterprise Users have more than One Shared Schemas ???

  Hi Everyone,
  I just want to know whether is it possible for Enterprise Users ( Schema-Independant users) able to access different shared schemas using the same user credentials.
  A typical example is :
  User1, User2 & User3 were Enterprise users who works for same project has been assigned to a shared schema (project1)
  which works fine with the enterprise user security by assigning them Project1 schema as default schema.
  But User2 also works for another project ( Project2) and should be logged into schema project2 using his user credentials . Is this possible ???
  Thanks
  Venu

  Oracle object privileges are generally best managed via the use of ROLES.
  One way to have multiple end users access one schema might be to use the PROXY connection feature.
  Both subjects are convered in the official documentation.
  HTH -- Mark D Powell --