Non-Application users in Discoverers

Hi all, Thanks for being providing answers.
I have got a question on Discoverer users:-
Can we setup non-application users in Discoverer and share workbooks/worksheets etc.?
I can only think of creating database users as the other option. There may be a way to create Discoverer exclusive end-users that are neither application nor database users to run existing workbooks via Viewer or Plus.
Any responses would be greatly appreciated.
--Srinu

Thanks Roelie for your quick response and valuable information.
--Srinu

Similar Messages

Grants for non-apps user to view APIs in oracle application module browser

Hi,
Im trying to make a connection with E-Business Suite using the Oracle Applications Adapter and the Enterprise Service Bus. I follow all the steps for creating the connection pools, connection data sources and connection factories using the standar apps user. After setting up the environment I can drag the oracle applications adapter to a ESB project and choose from all the modules available the especific functionality I want.
The problem comes when I try to use a user different from apps. When I try to set the connection with other user no E-Business Suite modules are display in the Adapter wizard.
Are there any specific privileges I should set up to this database user (non-apps) to give him acces to API, XML Gateways, Tables/views,Business Events, etc??.

Could you let me know the procedure/steps to assign privileges and/or responsibilities for new oracle apps userI understand this is for an application user.
when I am trying to import a journalAgain, you have to run this as an application user.
Same import is working fine with default Oracle applications 11i "APPS" user.APPS is a database user (NOT an application user). So, the Application user you want to create and assign him responsibilities has nothing to do with the database user. If you assign the same responsibilities which the other user has (the one which you use to import journals) to the new application user, then you should be able to do the task successfully.

Borland C++ Delphi application is not able to connect to SQL Server as Non Admin user

Hi,
I am working on a Borland C++ and Delphi application. This application connects to SQL Server and returns database queries results. Once we migrated to windows Server 2003 we have started facing an issue.
1. IF we login to client application as admin user then this connects properly with SQL Server and returns database queries.But if we connect using Non- Admin users then application is not able to connect SQL Server.
SQL Server 2008
Windows Server 2003.
Can anybody help on this.
Thanks in Advance.
Rakesh

This application is written in Borland C++ and Delphi running on Windows 2003 Server. This is a Windows GUI based small tool. Basic functionality of the tool is : 1) Once we invoke the tool it connects to DB(SQL Server 2005) and populates a list of
all the tables present in DB. 2) If we select any table from the list populated in step (1) and provide query parameters, this will return results from Database.
Issue: IF we login to the Windows machine as Administrator this application runs perfectly .This application populates the DB tables correctly and returns results from database when queries executed as in step (2)
But if we login as some other user (like hubapp) then this populates some different set of table which are not from the same database instance .Also the queries does not return any results. In the logs we get following error message : (TiltData is the instance
name for our Database)
Msg:Application Exception : Cannot locate or connect to SQL server.Unable to connect: SQL Server is unavailable or does not exist. Specified SQL
server not found.Alias:
TiltData1 occurred in main thread.
As for the connection string
'DATABASE NAME=tiltdata'
'SERVER NAME=SDV3'
'USER NAME=sa'
'OPEN MODE=READ ONLY'
'SCHEMA CACHE SIZE=8'
'BLOB EDIT LOGGING='
'LANGDRIVER='
'SQLQRYMODE=SERVER'
'SQLPASSTHRU MODE=NOT SHARED'
'DATE MODE=0'
'SCHEMA CACHE TIME=-1'
'MAX QUERY TIME=300'
'MAX ROWS=-1'
'BATCH COUNT=612'
'ENABLE SCHEMA CACHE=FALSE'
'SCHEMA CACHE DIR='
'HOST NAME='
'APPLICATION NAME=QueryTool'
'NATIONAL LANG NAME='
'ENABLE BCD=FALSE'
'TDS PACKET SIZE=65535'
'BLOBS TO CACHE=64'
'BLOB SIZE=32'
'PASSWORD=jstart')
Any help is appreciated. I have spent a lot of time on this issue with no results.
Regards
Rakesh

Non admin user - changes not saved (Safari settings, system prefs, etc.)

iMac, 2 users, one is administrator and other is standard user. Recently, in the non-admin user account, it has become impossible to make any changes. For example, adding an application to the the Dock, after logging out and back in next time, the application is not in the Dock any more. Also, making changes to the prefs in Safari, changes are not saved.
I noticed this after installing FireFox v4. I installed it as admin whilst in the non-admin users account. However, I don't believe that the installation of FF has anything to do with the problem, it just highlighted it. I've checked the permissions for the various directories that hold prefs info such as user/libraries/application prefs/etc. etc. and also Safari prefs. Nothing I can see that has changed in system prefs.
Any ideas on what has caused the problem (kids are known to fiddle from within the non-admin account) and any ideas on how to fix it?
Thanks

Hi PPRuNe,
You could try making the standard user an Admin too. To do this, make sure you are logged in to the standard user, go to System Preferences > Accounts > Standard user (you may have to unlock the padlock) > Allow user to administer this computer
This will allow changes to be made without being prompted for a password all the time.
However, if you had Parental Controls on, they probably won't work on an admin account because as an admin you have complete control over a computer, so the computer thinks there is no point in having the controls turned on. And if the kids are known to "fiddle," just think carefully!
Hope this helps you.
Chris.

"Unable to check revocation" error while checking CDP from non-domain user account

Hi!
I use 3-tier PKI infrastructure:
Stand-alone offline Root CA: RootCA;
Stand-alone offline Intermediate subordinate CA: SubCA;
Enterprise CA: EntSubCA.
In certificate we have three CDP point for CRL check:
ldap:///, http:// and file://
I have Windows 2008 R2 server joined to domain.
I use command certutil –verify –urlfetch <filename.cer> >check.txt for revocation checking of certificate.
When I use domain user account for revocation checking, all OK.
I have access to any CDP and all fine.
But when i use local server user account, I haven't access to ldap:/// and process failed although all other links is OK.
My question is "why check fail with non-domain user accout while other CDP point succesfully verifed"?
Here is the logfile from local user:
Issuer:
CN=EntSubCA
DC=DED
DC=ROOT
Subject:
CN=servername.domain_name
Cert Serial Number: 5a896145000300006ee2
dwFlags = CA_VERIFY_FLAGS_ALLOW_UNTRUSTED_ROOT (0x1)
dwFlags = CA_VERIFY_FLAGS_IGNORE_OFFLINE (0x2)
dwFlags = CA_VERIFY_FLAGS_FULL_CHAIN_REVOCATION (0x8)
dwFlags = CA_VERIFY_FLAGS_CONSOLE_TRACE (0x20000000)
dwFlags = CA_VERIFY_FLAGS_DUMP_CHAIN (0x40000000)
ChainFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN (0x20000000)
HCCE_LOCAL_MACHINE
CERT_CHAIN_POLICY_BASE
-------- CERT_CHAIN_CONTEXT --------
ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
ChainContext.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
ChainContext.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
ChainContext.dwRevocationFreshnessTime: 5 Days, 23 Hours, 15 Minutes, 48 Seconds
SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
SimpleChain.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
SimpleChain.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
SimpleChain.dwRevocationFreshnessTime: 5 Days, 23 Hours, 15 Minutes, 48 Seconds
CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=1000040
Issuer: CN=EntSubCA, DC=DED, DC=ROOT
NotBefore: 05.02.2015 20:03
NotAfter: 05.02.2016 20:03
Subject: CN=servername.domain_name
Serial: 5a896145000300006ee2
SubjectAltName: DNS Name=servername.domain_name
Template: Machine
70 e4 6b 16 05 a1 62 e3 6d 24 96 ff 44 74 ee a2 3e ce df 18
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
Element.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
Element.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
---------------- Certificate AIA ----------------
Failed "AIA" Time: 0
Error retrieving URL: Logon failure: unknown user name or bad password. 0x8007052e (WIN32: 1326)
ldap:///CN=EntSubCA,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=DED,DC=ROOT?cACertificate?base?objectClass=certificationAuthority
Verified "Certificate (0)" Time: 0
[1.0] file://\\ca\crl\EntSubCA.crt
Verified "Certificate (0)" Time: 4
[2.0] http://webserver/crl/EntSubCA.crt
---------------- Certificate CDP ----------------
Failed "CDP" Time: 0
Error retrieving URL: Logon failure: unknown user name or bad password. 0x8007052e (WIN32: 1326)
ldap:///CN=EntSubCA,CN=ca,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=DED,DC=ROOT?certificateRevocationList?base?objectClass=cRLDistributionPoint
Verified "Base CRL (018d)" Time: 0
[1.0] file://\\ca\crl\EntSubCA.crl
Failed "CDP" Time: 0
Error retrieving URL: Logon failure: unknown user name or bad password. 0x8007052e (WIN32: 1326)
[1.0.0] ldap:///CN=EntSubCA,CN=ca,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=DED,DC=ROOT?deltaRevocationList?base?objectClass=cRLDistributionPoint
Old Base CRL "Delta CRL (018d)" Time: 0
[1.0.1] file://\\ca\crl\EntSubCA.crl
Old Base CRL "Delta CRL (018d)" Time: 4
[1.0.2] http://webserver/crl/EntSubCA.crl
Verified "Base CRL (018d)" Time: 4
[2.0] http://webserver/crl/EntSubCA.crl
Failed "CDP" Time: 0
Error retrieving URL: Logon failure: unknown user name or bad password. 0x8007052e (WIN32: 1326)
[2.0.0] ldap:///CN=EntSubCA,CN=ca,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=DED,DC=ROOT?deltaRevocationList?base?objectClass=cRLDistributionPoint
Old Base CRL "Delta CRL (018d)" Time: 0
[2.0.1] file://\\ca\crl\EntSubCA.crl
Old Base CRL "Delta CRL (018d)" Time: 4
[2.0.2] http://webserver/crl/EntSubCA.crl
---------------- Base CRL CDP ----------------
Failed "CDP" Time: 0
Error retrieving URL: Logon failure: unknown user name or bad password. 0x8007052e (WIN32: 1326)
ldap:///CN=EntSubCA,CN=ca,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=DED,DC=ROOT?deltaRevocationList?base?objectClass=cRLDistributionPoint
OK "Base CRL (018d)" Time: 0
[1.0] file://\\ca\crl\EntSubCA.crl
Failed "CDP" Time: 0
Error retrieving URL: Logon failure: unknown user name or bad password. 0x8007052e (WIN32: 1326)
[1.0.0] ldap:///CN=EntSubCA,CN=ca,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=DED,DC=ROOT?deltaRevocationList?base?objectClass=cRLDistributionPoint
Old Base CRL "Delta CRL (018d)" Time: 0
[1.0.1] file://\\ca\crl\EntSubCA.crl
Old Base CRL "Delta CRL (018d)" Time: 4
[1.0.2] http://webserver/crl/EntSubCA.crl
OK "Base CRL (018d)" Time: 4
[2.0] http://webserver/crl/EntSubCA.crl
Failed "CDP" Time: 0
Error retrieving URL: Logon failure: unknown user name or bad password. 0x8007052e (WIN32: 1326)
[2.0.0] ldap:///CN=EntSubCA,CN=ca,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=DED,DC=ROOT?deltaRevocationList?base?objectClass=cRLDistributionPoint
Old Base CRL "Delta CRL (018d)" Time: 0
[2.0.1] file://\\ca\crl\EntSubCA.crl
Old Base CRL "Delta CRL (018d)" Time: 4
[2.0.2] http://webserver/crl/EntSubCA.crl
---------------- Certificate OCSP ----------------
No URLs "None" Time: 0
CRL 018d:
Issuer: CN=EntSubCA, DC=DED, DC=ROOT
33 af 4d be 0e 35 45 94 bc 8b 3f d9 c1 60 e7 0c c4 83 17 b6
Application[0] = 1.3.6.1.5.5.7.3.2 Client Authentication
Application[1] = 1.3.6.1.5.5.7.3.1 Server Authentication
CertContext[0][1]: dwInfoStatus=102 dwErrorStatus=0
Issuer: CN=SubCA
NotBefore: 13.11.2014 19:12
NotAfter: 13.11.2017 19:22
Subject: CN=EntSubCA, DC=DED, DC=ROOT
Serial: 6109015b000100000008
Template: SubCA
9b 04 17 9f c5 fe 52 ca a5 58 49 6c c6 18 fa db 13 b3 92 9e
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
---------------- Certificate AIA ----------------
Failed "AIA" Time: 0
Error retrieving URL: The network path was not found. 0x80070035 (WIN32: 53)
file://\\sub_ca\CertEnroll\sub_ca_SubCA(1).crt
Verified "Certificate (0)" Time: 0
[1.0] file://\\ca\crl\SubCA.crt
Verified "Certificate (0)" Time: 4
[2.0] http://webserver/crl/SubCA.crt
---------------- Certificate CDP ----------------
Verified "Base CRL (32)" Time: 0
[0.0] file://\\ca\crl\SubCA.crl
Verified "Base CRL (32)" Time: 4
[1.0] http://webserver/crl/SubCA.crl
---------------- Base CRL CDP ----------------
No URLs "None" Time: 0
---------------- Certificate OCSP ----------------
No URLs "None" Time: 0
CRL 32:
Issuer: CN=SubCA
8d a9 9d 51 65 a3 8e 77 02 22 40 57 62 70 e8 f6 c5 2e 60 1e
CertContext[0][2]: dwInfoStatus=102 dwErrorStatus=0
Issuer: CN=RootCA
NotBefore: 28.05.2008 12:09
NotAfter: 28.05.2058 12:19
Subject: CN=SubCA
Serial: 616bd19f000100000004
Template: SubCA
06 d2 47 e7 dc 8f a7 97 a2 b8 c3 92 03 19 24 0c 47 45 22 14
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
---------------- Certificate AIA ----------------
Verified "Certificate (0)" Time: 0
[0.0] file://\\ca\crl\RootCA.crt
Verified "Certificate (0)" Time: 4
[1.0] http://webserver/crl/RootCA.crt
---------------- Certificate CDP ----------------
Verified "Base CRL (1c)" Time: 4
[0.0] http://webserver/crl/RootCA.crl
Verified "Base CRL (1c)" Time: 0
[1.0] file://\\ca\crl\RootCA.crl
---------------- Base CRL CDP ----------------
No URLs "None" Time: 0
---------------- Certificate OCSP ----------------
No URLs "None" Time: 0
CRL 1c:
Issuer: CN=RootCA
dc 98 2f 8d 16 9c 64 6e b2 74 89 95 9a 6c 1b 77 fd 58 63 fb
CertContext[0][3]: dwInfoStatus=10c dwErrorStatus=0
Issuer: CN=RootCA
NotBefore: 27.05.2008 16:10
NotAfter: 27.05.2110 16:20
Subject: CN=RootCA
Serial: 258de6fbd3bbab92460530e9e9f10536
5d e4 56 38 13 0a 52 aa 66 51 25 61 19 33 c9 d7 a2 c7 dd 38
Element.dwInfoStatus = CERT_TRUST_HAS_NAME_MATCH_ISSUER (0x4)
Element.dwInfoStatus = CERT_TRUST_IS_SELF_SIGNED (0x8)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
---------------- Certificate AIA ----------------
Verified "Certificate (0)" Time: 0
[0.0] file://\\ca\crl\RootCA.crt
Verified "Certificate (0)" Time: 4
[1.0] http://webserver/crl/RootCA.crt
---------------- Certificate CDP ----------------
Verified "Base CRL (1c)" Time: 0
[0.0] file://\\ca\crl\RootCA.crl
Verified "Base CRL (1c)" Time: 4
[1.0] http://webserver/crl/RootCA.crl
---------------- Base CRL CDP ----------------
No URLs "None" Time: 0
---------------- Certificate OCSP ----------------
No URLs "None" Time: 0
CRL 1c:
Issuer: CN=RootCA
dc 98 2f 8d 16 9c 64 6e b2 74 89 95 9a 6c 1b 77 fd 58 63 fb
Issuance[0] = 1.2.700.113556.1.4.7000.233.28688.7.167403.1102261.1593578.2302197.1
Exclude leaf cert:
5b 8d 96 39 f8 a3 6f af f3 89 bc 8d 78 e2 da 53 21 b8 ff aa
Full chain:
ca 99 30 47 9b ad ab ce 97 cc 70 80 a5 4e 11 b3 1a 83 98 78
Verified Issuance Policies: None
Verified Application Policies:
1.3.6.1.5.5.7.3.2 Client Authentication
1.3.6.1.5.5.7.3.1 Server Authentication
ERROR: Verifying leaf certificate revocation status returned The revocation function was unable to check revocation because the revocation server was offline. 0x80092013 (-2146885613)
CertUtil: The revocation function was unable to check revocation because the revocation server was offline.
CertUtil: -verify command completed successfully.

What you have discovered is the reason to *not* use LDAP URLs for CDP and AIA extensions in your PKI. To access those URLs, the account must access to the URLs. In your output, it is quite clear that the local account does not have necessary permissions
(you also use FILE URLs for publication, which again is not recommended).
The best practice is to use a single URL for the CDP extension. It should be an HTTP URL that is hosted on a highly available (internally and externally accessible) Web cluster.
For the AIA extension, it should contain two URLs: one for the CA certificate - again to an internally and externally accessible, highly available Web cluster and one for the OCSP service - also
an internally and externally accessible, highly available Web cluster.
the other issue is that the root CA is *not* trusted when run by a non-domain account. How are you adding the trusted root CA. It is recommended to do this by running
certutil -dspublish -f RootCA.crt.
This will ensure that the computer account trusts the root CA. In your output, the root CA certificate is not trusted.
Brian

App is getting damaged when I replace it as non-administrative user

Hey people,
When I want to update e.g. VLC Player, as an administrator, it is simple: I just download the dmg, mount it and drop the new version of the VLC.app into the Applications folder to replace the old VLC.app. Few days ago I created a new admin account and changed my old account to normal user. If I want to install new software that I did not use before, everything works as expected: when I drop an .app package into the Applications folder, I need to type in the admin login and password to allow this operation, then the package will be copied and I can start the new app.
My problem:
If I want to update the software by replacing the app as non-administrative user, the system first will promt me to keep both files, replace an older one or to stop - so far so good. BUT, when I select to replace, the copying process actually begins before the administrator prompt and it results in corrupted file. I also tried to create a new user account. So then I need first to remove the broken app (admin prompt once again) and then to install the new one (3rd admin prompt).
I attached some screenshots to visualize the issue. I have the same issue on two different macs with different user/admin names. I hope you have any idea how can it be fixed.
1. I download the package:
2. Mount the package:
3. Drag the VLC app to the Applications folder (selecting >Authenticate in the prompt)
4. Copy prompt (>Replace):
5. Authenticate with administrative user
6. Error message:
7. Corrupted file:

Thanks, you helped me. I had gotten hung up on '--user = <vboxuser>' in the ExecStart line, which works for one of my other services, but not this one.

NetworkManager applet doesn't prompt for VPN secret for non-root user

I'm using NetworkManager in GNOME DE. When logged in as non-root user, I'm unable to connect to a vpnc profile.
* As non-root, I am able to add/remove/alter/connect to WiFi network profiles with no trouble.
* As non-root, I am also able to add/remove/alter vpnc profiles.
* However, the VPN group key and VPN user password do not appear to store properly when adding/editing the profile as non-root. I can enter them, but when I bring the dialog back up, they are always blank. Even so, I can see an entry for vpnc in the Gnome keyring.
* When I slide the on/off switch to try to connect with the vpn profile, there is no prompt for the VPN group key or password. The switch just slides back to Off immediately and I can see the text 'authentication required' flash briefly where it shows the connection status. After that flashes, the connection status is back to 'Not connected'. No error message displays.
* If I sign in as root, there are no problems. The VPN 'secrets' will save properly in the dialog, and also if I leave them blank, I'm prompted for them when I activate the connection.
* Creating the connection as 'root' is not an option, as this doesn't appear in profile list when signing on as non-root.
Any ideas on where to look or what to check? As mentioned above, non-root can maintain WiFi connections through NetworkManager just fine, so the problem appears localized to VPN 'secrets'. Also other applications (i.e. Evolution) have no trouble in dealing with authentication.
I do have polkit installed:
extra/polkit 0.110-2 [installed]
Application development toolkit for controlling system-wide privileges
extra/polkit-kde 0.99.0-2
Daemon providing a polkit authentication UI for KDE
extra/polkit-qt 0.103.0-2
A library that allows developers to access PolicyKit API with a nice Qt-style API
community/polkit-gnome 0.105-1 [installed]
PolicyKit integration for the GNOME desktop

Update/more information on this...
My typical/preferred setup for my VPNs is to save the VPN group key, but to be prompted for my VPN user password on each connect. So, this is how I was trying to setup in the applet. Interestingly, I have found that if I save BOTH of the 'secrets' to the keyring, then I can connect!
The behavior is still as above in the dialog -- both secrets are blank if I edit the connection, although they are present in the Gnome keyring. As long as they are BOTH there, I can connect fine. But, if I have either of them set to 'Always Ask', then I am not prompted for them and the connection fails.
Although I can work with this, I would certainly still like to figure out what is going on and fix it, as it does bother me that it works that way:
* Why can't the dialog redisplay my secrets when I edit a connection as non-root?
* Why doesn't Always Ask work to prompt me for secrets when running as non-root?
Any ideas? I've used the Gnome/NetworkManager/vpnc combination on other desktops (this is my first Arch), and I have never seen anything like this.

Calling ctx_snippet() from non-owner user returns error

Hi,
I created a full text index in owner schema A for documents stored in BFILE datatype, and tested the snippet query, worked like dream.
The query is something like:
SELECT doc_id, ctx_doc.snippet('A.IDX_DUMMY',rowid,'keywords')
FROM A.documents
WHERE contains(document,'keywords')>0
But, when I run the same query from an application user, I got error:
ERROR at line 1:
ORA-20000: Oracle Text error:
DRG-50857: oracle error in drstldef
ORA-22286: insufficient privileges on file or directory to perform FILEEXISTS
operation
ORA-06512: at "CTXSYS.DRUE", line 160
ORA-06512: at "CTXSYS.CTX_DOC", line 1297
ORA-06512: at line 1
If I SQL*Plus using application user account, and run DBMS_LOB programs, the document BFILEs can be accessed without any problem.
I also tried log in as sys, the query return the same error.
I also specifically give directory read privilege to application user, CTX_SYS, all did not work.
Any clue here?
Thx,
-Haijun

Solved!!!
The reason is that, initially, the directory read privilege was granted to index owner user as well as the non-owner user by sys as dba, without "with grant option"
Now, I grant directory read privilege to the index owner user "with grant option", then the index owner grant the privilege again to the non-owner user. Now, things work! The privilege flows through.
Thx,
-Haijun

Can Non SRM users approve SRM task from UWL ?

We have a requirement where certain task approvers who do not belong to SRM application hence they can not access SRM directly. But task item is available for there approval in Universal Work List. Can they approve the task from UWL. If not what we need to do so that non SRM users can approve task from portal Universal Work List
Thanks and Regards
Sudhir

Answered in SRM - Shopping Cart Forum.

Statspack: Segregation of non-application workload

Hello,
Oracle 10.2.0.5.0 (32 bit)
Windows 2003 R2 Standard Edition
I have statspack running at 30 minute interval on this database. I am interested in finding details of the "physical write total bytes" part.
Statistic                                      Total     per Second    per Trans
physical write bytes                      25,444,352       14,135.8      2,276.7
physical write total bytes               121,980,928       67,767.2     10,914.5As one can see, the difference is huge (I am assuming the unit for "Total" column, for these statistic, is bytes).
The documentation (http://docs.oracle.com/cd/B19306_01/server.102/b14237/stats002.htm) says
<quote>
Physical write total bytes
Total size in bytes of all disk writes for the database instance including application activity, backup and recovery, and other utilities. The difference between this value and "physical write bytes" gives the total write size in bytes by non-application workload.
<quote>
Since the non-application workload seems to be higher than the application workload, I am curious if we can get an actual break down of the number of bytes (operation wise) for all non-application related operations.
Thanks in advance,
Regards,

Satish,
Logminer, Listner log, auditing, Tanel Podder's [url http://tech.e2sn.com/oracle-scripts-and-tools/session-snapper] snapper , triggers can be used to get an idea how much redo (no. of blocks and bytes) has been generated for a given transaction; something like suppose I wish to get how much redo will generate if I says : update scott.emp set empno=somevalue where empno=queryvalue. If this is your question, which seems correct to me, because the value of redo generation per transaction; I think Its application workload on db. I am sure, you all these knows, but just re-mentioning in the light of question or something rephrasing the question please.
While googling with "application workload analysis for oracle database", I thought there may be another, but totally different and separate tools of either oracle and/or third party by which we can capture actual workload analysis data by chart, html pages, something like Oracle 12c Enterprise Manager. I am reading [url http://www.oracle.com/technetwork/oem/pdf/511991.pdf] this pdf, which is saying "
"Capturing Application Workload Using RUEI
In order to capture the application workloads, Oracle Application Replay uses Oracle Real User Experience Insight (RUEI). RUEI is a Web-based utility for monitoring and reporting on real-user’s experience with your Weband packaged applications. It measures the response times of pages, issues users are experiencing, if issues are application or network related,user flows and much more.. It provides you with powerful analysis of your network and business infrastructure, while an insightful diagnostics facility allows application managers as well as IT technical staff to perform root-cause analysis."
But yes, I think Oracle should incorporate an option/switch to segregate the total application bytes in statspack in next release/patch or a portion in which we can see the application workload and non-application workload something like this :
Application Name     Total Blocks      Total Bytes      CPU Consumption%      SGA Usages%
App1.Exe
App2.ExeRegards
Girish Sharma

Application user RMCM was found to be deleted from CUCM but agents unable to log into ACD queue was reported 2 weeks later

Hello All, During an investigation Application user RMCM was found to be deleted from CUCM as per CUCM logs but the first issue of agents unable to log into ACD queue was reported 2 weeks later following a publisher reboot, I am trying to understand what could have caused this ? The reboot obviously could not have made any changes but the logs says RMCM users deleted on 09 May but issue was reported on 20 May and in the meantime services were said to be working without interruption . Can i have some suggestion to understand this to explain customer ?

The RMCM user being deleted might not have triggered a JTAPI update on the UCCX side. The publisher reboot which restarted CTIManager would have definitely triggered the update and forced UCCX to re-authenticate with the now non-existent user.

Majority of reports missing for non admin users

I have followed the instructions here (SCCM 2012–Reporting in console for non-admins (Reporting User Role) v2) to allow non admin users the ability to view
reports in the console. So far, so good. However, when viewing the reports with the non admin user, only about 100 of the 400+ reports appear.
Am I missing something here?

The custom reporting one in the link I provided, and also modified versions of the following:
OS Deployment manager (removed rights to All driver related items (drivers and driver packages), Boot image packages (except read access), Operating system installation packages).
Application Administrator (removed Application>Approve; Distribition Point>Set Security Scope; Distribution Point Group>Set Security Scope; Global Condition>Set Security Scope)
The reports missing we care about primarily are Software ones (companies and products and files).

Install Directory 5.2P4 as non root user.

I want to install Sun Directory Server 5.2 p4 on solaris 9 as non root user?
Is there a supported way of doing this. I dont want any of the files for directory owned by root.
The reason is that there is a very strict access control method implemented in their environment.
The message i get is
$ ./setup
arning: You are not logged on as root. Unless you are logged on as root,
information required to upgrade or uninstall this product will not be saved in
the system registry. This will adversely affect future upgrades/reinstalls as
well as the ability to perform a successful uninstallation. Manual cleanup
after uninstallation may be required in certain cases.
Press Enter.

If you just want as said:
I dont want any of the files for directory owned by root.then its possible with DS5.2 P4 on solaris:
1. become root user and start setup to install the DS5.2P4 software.
2. When the setup application asks for server uid /server group id, give the non-root userid and group.
When the setup is finished ns-slapd process is started automatically. The only problem is that you have to be root user to re-start the ns-slapd daemon from the command shell. But the files are owned by the non-root user always as you required.
However this will not work if you want to restart the DS from the java GUI console. (however there is a workaround to do this).
Regards
Randip

Non-root user can't start Apache on port 443

Today I've been attempting to get SSL working for my Oracle Applications 11i (11.5.10.2) installation and I just hit a small problem. I've followed all of the Oracle literature I've come across, which instructed me to create a new (non-root) user to own the database tier and the applications tier. I've also followed the instructions for configuring SSL ([Doc 123718.1|https://metalink2.oracle.com/metalink/plsql/f?p=130:14:6976756808231635106::::p14_database_id,p14_docid,p14_show_header,p14_show_help,p14_black_frame,p14_font:NOT,123718.1,1,1,1,helvetica]) and the SSL wizard in OAM defaults to the standard HTTPS port (443). However, because 443 is a privileged port, a non-root user cannot bind to it. In other words, the Oracle literature itself has led me to an impossible situation. This is what I see in the Apache error log:
[Fri May 15 15:05:03 2009] [crit] (13)Permission denied: make_sock: could not bind to port 443
At this point, I see two choices:
1. Run the application tier services as root.
2. Change the SSL port to something greater than 1024 (i.e. 4443).
I'm leaning towards option #2, since option #1 negates the advantage of using a non-root user to begin with. Does anyone have any other suggestions? Does Oracle have any recommendations for this scenario?

Hi,
You just need to start Apache as root (not all the application services). For Option 1, the application tier files should be owned by applmgr/oracle user (not root), and for Option 2, you do not need to change the port (though it is valid option). Just follow the steps in the following document.
Note: 356080.1 - How to run Apache on Port 80 in Apps 11i
https://metalink2.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=356080.1
BTW, this is mentioned in the document "if you have chosen port 443 (or any port under 1024) for your SSL port, you will have to start Apache as root".
Regards,
Hussein

Running as non-root user

How do I run the application server instance as non-root user on port <= 1024?
I am using Sun One Application Server 7.0
Thanks in advance
Sri.

Two options:
1) Start an instance using the root user, but configure the instance to switch to a non-root user upon startup. Use the "User" directive in the init.conf file of an instance to specify the user
http://docs.sun.com/source/816-7155-10/crinit.html#17116
You should also see the "Run As" setting of an instance in the administrative GUI.
2) Via the ndd command, you can set the smallest non-priveleged port number. See ndd documentation concerning the following setting:
tcp_smallest_nonpriv_port
Once you make the ndd setting, you can use a non-root user to listen on a port number that is equal to or greater than the value of the tcp_smallest_nonpriv_port setting.
Chris

Non-Application users in Discoverers

Similar Messages

Maybe you are looking for