MBAM and BitLocker - How to do it in Best Practice

Similar Messages

• How to check verison of Best Practice Baseline in existing ECC system?

  Hi Expert,
  How to check verison of Best Practice Baseline in existing ECC system such as v1.603 or v1.604?
  Any help will be appriciate.
  Sayan

  Dear,
  Please go to https://websmp201.sap-ag.de/bestpractices and click on Baseline packages then on right hand side you will see that On which release is SAP Best Practices Baseline package which version is applicable.
  If you are on EHP4 then you can use the v1.604.
  How to Get SAP Best Practices Data Files for Installation (pdf, 278 KB) please refer this link,
  https://websmp201.sap-ag.de/~sapidb/011000358700000421882008E.pdf
  Hope it will help you.
  Regards,
  R.Brahmankar

• SAP and BOBJ XI 3.x Integrated Security Best Practice

  I am trying to find any information around SAP and BOBJ XI 3.x Integrated Security Best Practice.
  So far i think it is uninversally agred that you should :
  1. Utilise the Business Objects platform security model to secure applications, folders and reports.
  2. Use BEx queries as the data source for Business Objects Universes and keep the number BEx queries to a minimum
  3. Use SAP authorisations over the BEx queries to secure report data at a row level.
  Has anyone seen any formal SAP Best Practice document or have any info to add ?
  Andrew

  Hi,
  those three items are all correct. In terms of security you can find lots of material in the standard BW help.
  in terms of query design / universe:
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/008d15dc-f76c-2b10-968a-fafe5a121129
  https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/b0320722-741c-2c10-afab-93b5c0fc7e96
  ingo

• MBAM and Bitlocker to Go

  Just need to clear up a couple of points re: MBAM and BTG
  1.  When I edit the GPO for removable drives using the MBAM node, I see that the Bitlocker node is populated with these settings.  I imagine this is 'by design'?  Just have not seen it documented anywhere, and the Technet Guidance is pretty
  clear about not having the Bitlocker nodes populated.
  2. When encrypting a removable drive, I see the recovery key populated in AD, but not in the MBAM SQL database.
  This may just be a misconception on my part.  Should the recovery key be available in the MBAM database?
  And just how do you recover a USB drive using the recovery key (in either AD or MBAM)?
  Thanks in Advance.

  OK, I think I sussed it out,  The fixed drive encryption is working fine, so the agents are talking back to the MBAM server with no problem. 
  My issue was that I was NOT seeing the keys via the portal.  However, I took a usb drive encrypted on one machine, and inserted it into another, and chose "Forgot Password".  Bitlocker then presented me with the 8 character recovery string. 
  I plugged that into the "Drive Recovery" in the MBAM portal, and got the Recovery Key.
  So BTG IS working, and storing the keys in the database.  As a note, to get removable drive encryption to work I had to:
  1. Create a new GPO.  Verify NO settings populated on the Bitlocker node(s).
      As mentioned above, once the MBAM Removable drive options are configured, they will also
      show under the Bitlocker node.
  2. Configure the MBAM removable drive recovery node:
      A: Enable DRA and Store in AD both enabled.
  3. The machine is known good talking to the SQL server as the fixed drive encryption has been configured, agent installed, and machine encrypted.
  Hope this helps.

• How to Down load SAP Best Practices

  Hi
  How to download SAP Best Practices with S user Id .
  While Downloading system throwing error message - No download authorization  and Please refer to the SAP Note 1037574 .
  Kindly Help.
  Thanks
  ravi

  Hi
  While Downloading the scenario presentation PPT files from SAP Best practices system is throwing below message .
  High security alert!!!
  You are not permitted to download the file "200_Scen_Overview_EN_US.ppt".
  URL = http://help.sap.com/bp_serv603/BBLibrary/Documentation/200_Scen_Overview_EN_US.ppt
  Please help
  Thanks
  Ravi

• Some basic questation about mbam and bitlocker

  Sorry for questation . What doing options Auto-unlock ?
  allow auto-unlock and require auto-unlock .
  and exist some construction betwen setting fixed drive and os drive . If I disable encrypting fixed drive or set only read fixed drive it mean that os drive is set to ?
  and about bitocker:
  exist solution how i enforce encrypting ? 
  thank you
  Falcon

  Recovery key and the PIN are two different protectors. PIN is something you set to unlock your machine at boot. It provides an additional protection. You can always change the PIN choosing option, bitlocker drive encryption option from control panel.
  Recovery key is to log in the machine if your machine goes into the recovery mode. If you will not be able to access your OS Drive how you will be able to boot. TPM string is called as the Ownership Hash password which is different from the recovery string
  of the OS Drive which is a 48 digit numerical password.
  Gaurav Ranjan

• GarageBand, backups and External Hard drives... Best Practice?

  Currently GB saves my files in a folder on my macbook system HD. This is growing quite quickly and so I want to back these up for safe keeping. I am not sure what to do. Should I manually move each project file to the external HD once finished? or can I/should I move the actual folder that GB saves to to the ext hd?
  How do other people organize their files for access and safe keeping? Any tips would be appreciated.
  Cheers. G.

  When you drag the folder from your internal drive to your external drive it will actually copy the folder and its contents to the external drive. You will end up with the original folder on your internal and a copy of it on your external. Once you do the initial drag of the folder and it is copied to your external drive you can then just drag new GB .band files to the external instead of the folder again.
  Because you are keeping the original files on your internal drive you can use GB anywhere you go with your macbook.

• Physics Engine: How to handle object collisions / best practices?

  Right now I'm trying to find out by examining all methods and comparing to other engines like box2D how to get information about colliding objects.
  I thought I could use i.E. the "checkCollideWith" method of the btRigidBody instance, but it always returns true.
  Then, there are several interesting methods in the collisionDispatcher class, but also they don't yield any satisfying results.
  I could set a "nearCallbackFunction", but then, the collision wasn't handeled internally anymore.
  Has anyone found out how to get reliable information about colliding objects?
  Also the Pellet-Engine looks really "ported from C++", not like a typical AS3 project. I could imagine that Adobe would refactor the whole thing at a given time to make it fit more into their AS3 environment. Then, there would also be "real" events for things like that.

  Well I answered it myself. I should have noticed that "Pellet" sounds familiar. Like the physics engine used in Blender3D, "Bullet".
  And when I looked at the wiki, I found out that Pellet was a clone of Bullet so I could easily port these lines of code to AS3:
  // inside onAnimate method of BasicScene
                 var numManifolds:int = _dynamicsWorld.getDispatcher().getNumManifolds();
                 for (i = 0; i < numManifolds; i++) {
                      var contactManifold:btPersistentManifold = _dynamicsWorld.getDispatcher().getManifoldByIndexInternal(i);
                      var obA:btCollisionObject = contactManifold.getBody0();
                      var obB:btCollisionObject = contactManifold.getBody1();
                      var numContacts:int = contactManifold.getNumContacts();
                      var j:int;
                      for (j = 0; j < numContacts; j++) {
                           var pt:btManifoldPoint = contactManifold.getContactPoint(j);
                           if (pt.getDistance() < 0) {
                                // const btVector3& ptA = pt.getPositionWorldOnA();
                                // const btVector3& ptB = pt.getPositionWorldOnB();
                                // const btVector3& normalOnB = pt.m_normalWorldOnB;
                                trace ("yay, dingdingding! => " + obA + ", " + obB+ " collided!");
  I just used the code described here:
  http://www.bulletphysics.org/mediawiki-1.5.8/index.php/Collision_Callbacks_and_Triggers
  You can get the full documentation here:
  http://www.bulletphysics.org/mediawiki-1.5.8/index.php?title=Documentation
  Probably everything will also work in Pellet this way, you've just port the code to AS3, no need to even change variable or method names, it seems to be all the same in Pellet.

• How to establish the connection - Best Practice

  Following is my code for database connection
  import java.sql.Connection;
  import java.sql.DriverManager;
  import oracle.jdbc.driver.OracleDriver;
  public class DBConnect
       private static Connection connection = null;
       static
            try
                 DriverManager.registerDriver( new OracleDriver() );
                 String url = "jdbc:oracle:thin:@dbserver:1521:ORCL";
                 connection = DriverManager.getConnection( url, "user", "password" );
            catch ( Exception e )
       private DBConnect()
       public static synchronized Connection getConnection()
            return connection;
  }Tell me the Best Practice to establish the connection.
  Edited by: shashiwagh on Feb 1, 2010 11:25 AM
  Edited by: shashiwagh on Feb 1, 2010 11:26 AM

  First, handle your exceptions properly.
  Second, you should not normally create static database connections.
  Third, hardcoding connection data like that is not a good idea.

• I cannot seem to use yahoo games....does anyone know why and/or how to fix it?

  I cannot seem to use yahoo games......does anyone know why and/or how to fix that?

  Best to post in the iMovie forum where those experts are.

• Best Practice in V7.0 : Issues with Sales Planning and Reporting

  I am trying to install the SAP Best Practices for BPC 5.1 on SAP PBC 7.0 SP 04 I have done this as I cannot find any Best Practice documents for version 7 as yet.
  I have managed to get through the Administration setup and most of the BPC -Administration Configuration Guide, however I am having a problem with 7.4 Running a Data ManagementPackage - Import on page 32 of 36. This step involves you uploading a data file Demo_Revenue_Data.txt into BPC.
  The file says that it has failed due to Ínvalid dimension ACCOUNT in lookup.
  I believe that this error may be driven by a previous step 6.4 Creating Script Logic where the logic for BP_Sales Application was required.
  My question is twofold in that I need to determine:
  1. Has anyone else tried the BestPractices for BPC 5.0 in BPC 7.0?
  2. Does anyone know how to overcome the error when uploading the Demo Revenue into BPC?
  Edited by: Kevin West on Jul 8, 2009 2:03 PM

  Hi,
  BPC best practices document from 5 is working fine also for 7.0 because 7.0 is just an update for 5.x.
  Running Import involve logic just if you are running the package with option enabled (Run Default Logic).
  Your issue seems to be related to maping which means you have to check Transformation and Conversion file.
  Any way the best practices document will not provide you information about how to build Transformation and Conversion files.
  You have to follow an SAP BPC training and that it will help you to build your applicatioon easier and faster.
  Regards
  Sorin Radulescu

• Best Practice in maintaining multiple apps and user logins

  Hi,
  My company is just starting to use APEX, and none of us (the developers) have worked on this before either. It is greatly appreciated if we can get some help here.
  We have developed quite a few applications in the same workspace. Now, we are going to setup UAT and PRD environments and also trying to understand what the best practice is to maintain multiple apps and user logins.
  Many of you have already worked on APEX environment for sometime, can you please provide some input?
  Should we create multiple apps(projects) for one department or should we create one app for one department?
  Currently we have created multiple apps for one department, but, we are not sure if a user can login once and be able to access to all the authenticated apps.
  Thank you,
  LC

  LC,
  I am not sure how much of this applies to your situation - but I will share what I have done.
  I built a single 700+ page application for my department - other areas create separate smaller applications.
  The approach I chose is flexible enough to accomdate both.
  I built a separate access control application(Control) in its own schema.
  We use database authenication fo this app - an oracle account is required.
  We prefer to use LDAP for authentication for the user applications.
  For users that LDAP is not option - an encrypted password is stored - reset via email.
  We use position based security - priviliges are based on job functions.
  We have applications, appilcations have roles , roles have access to components(tabs,buttons,unmasked card numbers,etc.)
  We have positions that are granted application roles - they inherit access to the role components.
  Users have a name, a login, a position, and a site.
  We have users on both the East Coast and the West Coast, we use the site in a sys_context
  and views to emulate VPD. We also use the role components,sys_contexts and views to mask/unmask
  card numbers without rewriting the dependent objects(querys,reports,views,etc.)
  The position based security has worked well, when someone moves,
  we change the position they are assigned to and they immediately have the privileges they need.
  If you are interested I can rpovide more detail.
  Bill

• New Best Practice for Titles and Lower Thirds?

  Hi everyone,
  In the days of overscanned CRT television broadcasts, the classic Title Safe restrictions and the use of larger, thicker fonts made a lot of sense. These practices are described in numerous references and forum posts.
  Nowadays, much video content will never be broadcast, CRTs are disappearing, and it's easy to post HD video on places like YouTube and Vimeo. As a result, we often see lower thirds and other text really close to the edge of the frame, as well as widespread use of thin (not bold) fonts. Even major broadcast networks are going in this direction.
  So my question is, what are the new standards? How would you define contemporary best practice?
  Thanks for your thoughtful replies!
  Les

  stuckfootage wrote:
  I wish I had a basket of green stars...
  Quoted for stonedposting.
  Bzzzz, crackle..."Discovery One, what is that object?
  Bzz bzz."Not sure, Houston, it looks like a basket...." bzzz
  Crackle...."A bas...zzz.. ket??"
  Bzzz. "My God, It's full of stars!" bzz...crackle.
  Peeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee eeeeeeeeeep!

• Error Handling in OS 10gR3: How To's, Approaches, best practices

  I am trying to do error rhandling within OSB 10gR3 and looking for some guidance as to best practices and how to carry out the error handling based on my use-case as -
  Consumers ---> GenericProxyExt(WSDL based) ---> GenericProxyInt(Any SOAP) ---> Proxy (Any XML) ---> Business Service --------------> Target Service
  Since target web service will pass error in the SOAP:fault, where in the OSB should this error be handled? Also, how can I pass the custom error messages (instead of the one returned from the target service). Do I have to write error handlers in each of the proxy services?
  Any insight, sample code, approaches will be helpful
  Thanks,
  -J

  user2629959 wrote:
  I am trying to do error rhandling within OSB 10gR3 and looking for some guidance as to best practices and how to carry out the error handling based on my use-case as - Some customer has documented related info www.insemble.com/CustomExceptionHandlingwithOracleServiceBus.pdf
  >
  Consumers ---> GenericProxyExt(WSDL based) ---> GenericProxyInt(Any SOAP) ---> Proxy (Any XML) ---> Business Service --------------> Target Service
  Since target web service will pass error in the SOAP:fault, where in the OSB should this error be handled? Also, how can I pass the custom error messages (instead of the one returned from the target service). Do I have to write error handlers in each of the proxy services?Not sure if I understood your point of using that many proxies for invoking a Target Service.
  Since BS throws soap fault, and the last Proxy is AnyXML. You need to do bit of manipulations. First of all for AnyXML services, you have to manually copy $fault into $body. Reason behind this step, is For Any XML there is no concept of $fault being returned and reply with failure. Subsequent proxies will receive the $fault as originated in Target Service. If we want to control the $fault received by the consumers, we have to use error handlers and populate $fault accordingly.
  >
  Any insight, sample code, approaches will be helpful
  Thanks,
  -J

• Best Practice, naming conventions and Ownership of accounts NEWBIE

  Hi Guru's please be gentle with me, I'm a sales manager in the UK and have been asked to check for best practices in naming accounts and who should own accounts in CRM 2011?For example I have Accounts with several sites and many contacts? How should I name
  these and who should own these? The office manager or the sales account manager that handles sales directly?
  Please help, I'm getting stressed. I think these are very simple for such a bunch of super gurus...

  Hello iBrummie,
  Regarding the Accounts and their sites, you can always use accounts and sub-accounts. To achieve this you should create the main Account in CRM and afterwards you can create the sites using the account entity as well and afterwards linking them with the
  main account using the "Parent Account" lookup field.
  About the ownership, CRM's security model works essentially with:
  Business Units
  Teams
  Users
  Security Roles
  This depends entirely on the way your company works but what I would do (assuming that the accounts information is shareable in your company) is to make the sales accounts the owners of the records and provide read/write access at a business unit level to
  the office managers.
  Here is some more info on the matter: 
  Security concepts for Microsoft Dynamics CRM
  How role-based security can be used to control access to entities in Microsoft Dynamics CRM
  Please mark as answer if I managed to help you.
  Regards,
  Pedro