Multiple logon trigger for a user

Similar Messages

• Is it possible raise a trigger for particular user

  hi,
  i have oracle user zil,i want to write trigger for this user..
  with out writting trigger for each table .
  for ex:
  i have 2 tables in this user
  1.emp
  2.audit_log
  suppose i m inserting values into emp table at the same time insert into audit_log with action as insert,like that suppose i m updating any row in emp then insert one row into audit_log with action as modify,
  my question is is it possible to write a trigger for the user zil,not for table emp
  so i can maintain audit_log..
  pls give me a solution
  regards
  singh

  It depends upon how you are connecting to the Oracle database, if you are connecting through CITRIX then it is difficult to identify the user or the other option for you is to have a field USER in each table and pass the user name form the front end.
  To captures the changes in the table EMP and insert into the AUDIT table you may need to write a trigger in the EMP table and before you INSERT into AUDIT check the user.
  Or why dont you use AUDITING provied by Oracle.
  Thanks

• Trigger for blocking user using third party tool !

  Dear Friends ,
  I have to block the users from using sqlplus, TOAD, PLsldev etc (Except SYSTEM user) from client end using the below trigger :
  create or replace trigger check_logon
  after logon on database
  declare
  cursor c_check is
  select
  sys_context('userenv','session_user')
  username,
  s.module,
  s.program
  from v$session s
  where
  sys_context('userenv','sessionid')=s.audsid;
  lv_check c_check%rowtype;
  begin
  open c_check;
  fetch c_check into lv_check;
  if lv_check.username in ('SYSTEM')
  then
  null;
  elsif upper(lv_check.module) like
  ('%SQL*PLUS%') or
  upper(lv_check.program) like
  ('%SQLPLUS%')  or
  upper(lv_check.module) like
  ('%T.O.A.D%') or
  upper(lv_check.program) like
  ('%TOAD%')    or
  upper(lv_check.program) like
  ('%PLSQLDEV%')    or
  upper(lv_check.program) like
  ('%BUSOBJ%')    or
  upper(lv_check.program) like
  ('%EXCEL%')
  then
  close c_check;
  raise_application_error(-
  20100,'Banned! Contact with Database Admin!');
  end if;
  close c_check;
  end;
  It works fine all normal user cannot access the database using above third party tools .
  But the problem is , user with DBA privileges can access the database with generating an trace file . Is there any way to restrict DBA Privileged user ? or is there any mechanism to create a log/trace file so that If there any  DBA Privilege user acess to the Database , then we can get the information from that specified log/trace file ? 
  Waiting your kind reply ... ...

  Hi,
  If the DBA users has the DBA role granted to them so they will by passes the logon trigger. For example, the SYSTEM user has the DBA role and the DBA role has the ADMINISTER DATABASE TRIGGER privilege. The ADMINISTER DATABASE TRIGGER by pass the logon trigger. If you want to restrict the access to a DBA user, then you need to revoke the ADMINISTER DATABASE TRIGGER privilege from the DBA role or grant individual privileges except the ADMINISTER DATABASE TRIGGER privilege to the DBA users.
  Cheers
  Legatti

• Windows 7 very slow logon, Waiting for the User Profile Service, winlogon event 6006

  Hello,
  Every so often one of our Windows 7 clients which is not normally having any delay at logon will take a very long time to login. This may be 10 or 20 minutes or up to an hour in some cases.
  Typically the event log will contain entries like
  The winlogon notification subscriber <Profiles> took 572 second(s) to handle the notification event (Logon).
  There is no further information available from Event Log Online Help, nor any additional detail as to why the logon event was so slow. During the delay the user will just see "Waiting for the User Profile Service" on their screen.
  We first started seeing this problem with Windows Vista and if anything the situation has not improved since then. It has never happened with any of our Windows XP users.
  We are currently planning a migration of computers to Windows 7 but stuff like this which has not been resolved in Windows over a 2 year period will stall that migration. The least improvement is to increase the event notification to give a lot more
  information on why the user profile processing has stalled.

  Hi,
  When did the issue begin to occur? Did it occur after installing certain application or applying certain policy?
  To troubleshoot the issue, please perform the following step.
  1. Restart the machine in Safe Mode with Networking to check whether the system can login quicker.
  2. Type “gpedit.msc” in Search box and press Enter. Navigate to the following location:
  Computer Configuration->Administrative Templates->System->Logon
  Please double click “Always wait for the network at computer startup and logon” policy and disable it.
  3. Perform a
  Clean Boot to check the result.
  Thanks,
  Novak

• ORA-01017: invalid username/password; logon denied FOR SYS USER

  Hello,
  I was usually login through the same password for sys user to log on to the database as sysdba, but last time i used " / as sysdba" to connect using local system administrative account which is connected very well and still connecting in the same way. The initializing parameter file set with the following parameter:
  remote_login_passwordfile=EXCLUSIVE
  Now if i use to connect the database server remotely using sys user, it gives me "ORA-01017: invalid username/password; logon denied" error and if i use the same login credentials on DB server machine using other local user accounts it is giving me "Insufficient Privilige" error. I can only connect now using local administrator account from DB server machine using " / as sysdba" statement.
  Kindly guide me the issue.

  When you use " / as sysdba" locally on server, you are using OS authentication which will bypass the password file and user/pass authentication.
  Looks like you have discrepancy between the password you use and real password. You can login " / as sysdba" and change your SYS password to a new one.
  When was last time you successfully login using password? What has changed since then?

• Do I need Open Directory for multiple email addresses for Calendar users?

  Hey all,
  I have a single mac mini which I use simply as a calendar server for +/- 20 users. One day I might use Profile Manager to manage their iOS devices too. On the initial installation, we enabled Open Directory, although I'm not sure that it's required, and we have no plans re using it to manage network logins etc aside from existing calendaring.
  I'm working through a migration from a Lion Server.app install to Mavericks, and due to some data corruption issues, we'll probably just rebuild the server and reimport the users calendars.
  On my existing Lion Server installation, I can still use workgroup manager to assign multiple email addresses to calendar users, so that when a user invites another user to a calendar event using any of their email addresses (we have several variations), the invitation still gets pushed to the correct calendar user.
  On Mavericks, without installing Open Directory, it seems I can't do this (I've downloaded Workgroup Manager for Mavericks, but it obviously can't connect to a local open directory). If Open Directory is optional, I'd rather not install it, to avoid overhead and complexity, but I still need a way to manage these multiple email addresses (aliases doesn't cut it).
  Any ideas / suggestions?
  Thanks,
  D

  For Calendar server to send actual email invitations to an attendee, two things must happen:
  First, you need to configure Server.app > Calendar > Enable invitations by email.  Enabling that will bring up a wizard dialog that will step you through the IMAP and SMTP account settings.  The default values in that wizard will tell Calendar server to use the local Mail server (which you then would have to configure to use the appropriate SMTP relay, etc.).  Or you can change the wizard settings to refer to an external IMAP and SMTP server.  It is wise to use a dedicated IMAP account for Calendar server's use -- don't go using someone's personal IMAP account because there might be some "undesirable interactions", let's say.  If you need help configuring this for, say, a Gmail account, I can help with that.
  Second, the email address for the attendee must *not* be known to Calendar server, i.e. it should *not* be in the Directory.  As you probably found out, if Calendar server sees that the attendee has an email address that is in the Directory, the attendee is considered to be "local" and the invitation will be delivered directly to the attendee's calendar client.  If you simply leave those other email variations out of the Directory, Calendar server will consider that attendee "remote" and will send an actual email with a special attachment that calendar clients can understand. 
  Hope that helps.

• Edit The Logon Page for anonymous user

  HIII frnds.
  I am working on concept of anonymous user. For this I have created a Anon user group and it is working succesfully . Now i have to design a  Logon page for this group of users.
  Pls anybody help me out , becoz i have no idea that  how to edit a logon page for a particular user .
  Thanks in advance
  regards,
  Mayank Saxena

  Hi
  The portal provides a form of anonymous logon with u2018namedu2019 anonymous users. Named anonymous users are users that exist either in the user data store or as service users. You configure the names of these users in the UME properties. These users are automatically assigned to the group Anonymous Users. You can assign roles containing anonymous content to the users individually or to the group Anonymous Users.
  Here is the reference link request you to go tru:
  http://help.sap.com/erp2005_ehp_03/helpdata/EN/cd/1aad4abcb98c4597f9e395a6b62f43/frameset.htm
  Here is the link for Configuring Anonymous Logon with Named Anonymous Users:
  http://help.sap.com/erp2005_ehp_03/helpdata/EN/cd/1aad4abcb98c4597f9e395a6b62f43/frameset.htm
  Rajnikanth

• Last Logon Date for Deleted Users

  Hi,
  How can I checked to see last logon date for a deleted user-SAP ECC 6.0?
  -Wes

  > ... chekcing USR02 the TRDAT field has been reset.
  In lower releases you could easily have made a big mistake doing that.
  In all releases the security audit log (SM20) is the correct tool for this, but you cannot retro-fit it.
  If the SM20 log is not activated for logon events, then there are several other ways of reconstructing parts of the information but they are all incomplete and a big effort.
  Cheers,
  Julius

• Multiple logon Page for single portal.

  Hi Experts,
  I am trying to have two logon pages for the same portal with diffrent URL
  eg:-   url-http://SALES-A.company.com/portal
               http://SALES-A.company.com/portal 
  The code i have used is
  <%
  String strReqURL = request.getRequestURL().toString()==null?"" :
  request.getRequestURL().toString() ;
  //String strReqURL = " http://SALES-A.company.com/portal ";
  int iSlash = strReqURL.indexOf("//") ;
  int iDot = strReqURL.indexOf(".") ;
  System.out.println("iSlash: "+iSlash);
  System.out.println("iDot: "+iDot);
  * out-put for the below substr is '//SALES-A'.Check with this to switch
  between
  * the TWO LOGIN pages. One for the SALES-A Portal and other for the SALES-B.
  strReqURL = strReqURL.substring(iSlash+2,iDot) ;
  System.out.println("strReqURL: "+strReqURL);
  * Sample URL : " http://SALES-A.company.com/portal "
  if ( strReqURL != null && strReqURL.toUpperCase().startsWith( "retepdev") )
  System.out.println("Inside if of strReqURL");
  %> <jsp:forward page="/umLogonPageA.jsp"/>
  <% } else { %>
  <%
  System.out.println("Inside else of strReqURL");
  %>
  <jsp:forward page="/umLogonPageB.jsp"/>
  <%
  %>
  This does not display anything but a blank page.
  Please help its really very urgent.
  Points would be awarded to helpful answers.
  Regards,
  Sanjyoti.

  hi All,
  the problem is solved.
  Thank you for reading my query.
  Regards,
  Sanjyoti.

• Multiple PLD option for a User

  Hello Experts,
  Can we give an option of having multiple PLDs to user to select the PLD from list, when it selects the PLD, it will opened.
  One option is to choose the the PLD from Layout Designer windows, as we can make it default and then open it. I don't want to give right to user to make any PLD default ....
  But I am looking for option as it ask me at run time when I press the Preview button.
  Help Required...
  Thanks

  Hi Muhammed
  There is no such option currently, other than changing the default per user of BP. This should be achievable with SDK development, though it could be quite tricky. There is a DI API object called DefaultReportParams which would effectively have to be used to change the default in the "background" and will not be visible to the user. Best is to speak to a developer.
  Kind regards
  Peter Juby

• Logon Trigger to stop user logging in (Oracle 9i)

  Hi,
  In 9.2.0.8, how can i stop a user logging into my database if it connectes through a user let say "A" using program "EXECL.EXE". I found a trigger code on the net but it uses SYS_CONTEXT to find out the module which user is using to login but in 9i, this functionality is not available. any other method?
  Thanks
  Salman

  An easier way might be to ensure that the ODBC software is not installed on the user's pc, although the TYPICAL end user probably wouldn't think of renaming Excel before running it. On the other hand if they have an application for accessing the database, make sure that all other means such as SQL*Plus are disabled by if nothing else not installing the software and possibly having a trigger that checks that the name of the application which has connected to the database is your application.

• ASA and ACS 5 multiple VPN profiles for one user

  Hi there
  I have a question about ACS 5.3 and ASA VPN profile authorization. I am not sure if it is possible to allow one single user for a set of VPN profiles on ASA, let's make an example:
  ACS 5.3 group hierarchy:
  - VPN users global
  -- VPN users A
  -- VPN users B
  ASA VPN profiles:
  - VPN profile A
  - VPN profile B
  - VPN profile Z
  VPN authorizations:
  1. VPN users global should have access to VPN profiles A, B and Z (here we create an authorization profile with no class an no lock attributes, so the group is allowed for all VPN profiles)
  2. VPN users A should have access to VPN profile A (here we create a authorization profile with class and lock attributes for profile A)
  3. VPN users B should have access to VPN profiles B and Z (is this possible and how does the authorization profile have to look like?)
  Thanks a lot in advance and best regards
  Dominic

  Hi Dominic,
  first of all, let's clarify that on the ASA you have tunnel-groups (named connection profiles in ASDM) and group-policies. These often, but not always, have a one-to-one mapping.
  The Tunnel-Group (TG) is either selected by the user (either from a drop down list or by entering a specifiv group-url), or automatically selected by a certificate map (i.e. based on a certain field in the user cert, the user is mapped to one TG or another). The TG mainly specifies what kind of authentication is used.
  The Group-Policy (GP) by default is the one specified in the TG, but it can be overridden by e.g. Radius.
  So from the ASA's standpoint itself your posibilities are rather limited: the ASA will just apply whatever group-policy you push from Radius (in IETF attribute 25 aka "Class"), and in addition it will deny access to a user if the TG he selected does not match the value of the group-lock attribute. Group-lock can only contain one TG name, so you cannot do something like "allow both B and Z".
  In other words you can not achieve your goal if the Radius server has a "static" set of attributes per user.
  However, as of ASA 8.4.3 the ASA now sends 2 vendor-specific attributes in the Access-Request:
  vendor ID = 3076, attribute 146 is "Tunnel Group Name" (string).
  vendor ID = 3076, attribute 150 is "Client Type" (integer)
  0 = No Client specified  1 = Cisco VPN Client (IKEv1)  2 = AnyConnect Client SSL VPN  3 = Clientless SSL VPN  4 = Cut-Through-Proxy  5 = L2TP/IPsec SSL VPN  6 = AnyConnect Client IPsec VPN (IKEv2)
  So if you can configure the Radius server to "dynamically" permit/deny access based on the TG attribute I suppose you could achieve what you want.
  If/how ACS can do this, I personally don't know; I suggest you ask in the AAA forum if you need help with that part.
  hth
  Herbert

• Multiple database instance for one user in Oracle XE

  Hello,
  I would like to know if there is a way to create more than one database/schema for the same user in Oracle XE.
  Thanks.

  And i say...
  yes, indeed.. you can find out some info here..
  http://www.oracle.com/technology/pub/articles/cunningham-database-xe.html

• Multiple email accounts for different users

  Hi
  I own a Z2 Tablet. LTE and Wifi.
  My wife and i both use the tablet. Is there a way to have both our email accounts configured on the device? 
  Our email accounts are both gmail but they must be private and not synchronised together in one app.
  how can i do this?
  thanks a mil

  You can both use Gmail nd swith users or use the gmail app and another email app
  "I'd rather be hated for who I am, than loved for who I am not." Kurt Cobain (1967-1994)

• Get Support at Logon Page for ABAP User Management.

  Hi,
  Just want know that is it possible to have Get Support feature at Portal Logon page when portal is configured as User Management of Application Server ABAP as Data Source.
  Basically, the password reset functionality should work from Get Support link when Porta UME is User Management of Application Server ABAP as Data Source.
  If Possbile, please let me know what configuration needs to be done..
  Thanks in advance.
  Regards,
  Aditya Metukul
  Message was edited by: aditya metukul

  Hi,
  Try <portalschema>.wwv_redirect.url('<portalschema>.home');
  Please replace portalschema with the name of your portal schema.
  Thanks,
  Sharmila