Prompt @ Universe - Access restrictions
Hi all,
Can we apply the Access restriction for Universe level prompts?
Requirement :have 2 prompts at Universe level based on user i need to restrict any one of the prompt at report level
Best regards,
reddeppa k
Hello,
If I understood you clearly what you want is if you have two filters defined at universe level e.g. Filter1 & Filter2 so you want user1 to see Filter1 and User2 to see Filter2.
You will not be able to restrict filter like this but you can: -
1. Create a new object with same definition as per your filter and then using "Manage access restriction" set restriction for these objects.
2. If you have these user accounts in DB, you can use @variable ('BOUSER') in your where clause and direclty restrict the data fetched from database.
Thanks,
Vivek
Similar Messages
-
Create access restriction in designer using script
Hello,
I am looking for a way to automate the creation of access restriction within universe.
I looked in the API universe reference and it seems that there is no entries for such an object
For information I use Business Objects XIR2 with SP3
Thanks for any help or answerCreation/Modification of Universe Access Restrictions is not part of the Universe Designer SDK, but part of the BusinessObjects Enterprise SDK.
It requires sending requests to the CMS using the SDK to get User and UserGroup information.
For the COM-based version of the Enterprise SDK, the object is known as Overload, and described here:
[http://devlibrary.businessobjects.com/BusinessObjectsXIR2SP2/en/en/BOE_SDK/boesdk_com_doc/doc/boesdk_com_doc/CrystalEnterpriseOverloadPluginLibrary.html#1351377]
Sincerely,
Ted Ueda -
@prompt used as part of Access Restriction
We are struggling with implementing this, and wanted to check to see if this we can accomplish this. We need to use an @prompt as part of an access restriction applied to the everyone group in order to force all users to select Group A, B or C at run time. We've added the prompt into an access restriction, but we cannot get the query to finish processing. Does anyone have a thought about this?
Tony,
If you are using BOE XI 3.x, I suggest you create a predefined filter that includes the prompt definition in the universe and set it as "Compulsory applied on universe".
Thus will prompt any user to answer to the prompt you will define in this predefined filter.
Hope this helps.
Didier -
Access restriction in Universe
Hi All,
In our environment we have 2 domain (US and Europe) and most of the user have id created for both the domain. We have 2 identical databases one in US and other in Europe. US database holds US information and Europe holds Europe data.
In our BO environment we have set the ad groups to create new id for each user Alias i.e if the user abcd has access in both US and Europe domain BO creates 2 separate ids for each domain (bo internally creates abcd and abcd0). We have only one universe and set of reports which has connection switching based on the domain user logs into BO (access restriction at connection level). This works absolutely fine, switches database connection depending on the domain user logs in.
Now we are hearing from our users that they can access the personal reports created under Europe login in US login (this because users has abcd and abcd0). So we decided to create enterprise id and alias the users from AD group (abcd --> alias AD abcd), if we do this the change the connection swap is not happening as the BOUSER always returns abcd as user and universe restriction is only picking the default connection.
Thanks
SrinivasHi,
As you have mentioned in the post that OS is solaris. so for Solaris LAFix has been released by PG for this issue.Below are the details:
VERSION: XIR3.0 LAFix0.18
PLATFORMS: Solaris Solaris 10
LANGUAGES: English
ADAPT ID: ADAPT01099598
Synopsis: Universe connection override does not work u2013 Error WIS 10901
WARNING: This LAFix has not been through a full regression test cycle but it has been deemed to fix the problem reported by the customer. Inadvertent introduction of an unforeseen issue can however not be fully excluded. Before providing this LAFix to the customer, Customer Assurance must perform their own tests to confirm customer issue is solved.
ADDITIONAL INFORMATION
Installation Instructions :
1. Stop all BO Enterprise services, e.g <BOE_DIR>/bobje/stopservers
2. Gunzip and Untar XI3.0_RHEL_LAFix0.18.tar.gz
3. Change directory to <EXTRACTED_LOCATION>/LAFix0.13/DISK_1
4. Run install.sh
5. Re-start all BOE services, e.g ./startservers
Uninstall Instructions :
2. Run uninstallpatch.sh from your system.
New Behavior :
The above issue is now resolved.
Limitations :
No known limitations
Component(s):
libuum.so
Note: LAFix is released on top of XI 3.0
To download the or get the LAFix you need to contact to your Sales Account Manager of BusinessObjects.
Cheers,
Deepti Bajpai -
Document Universe Overloads/Access Restrictions
Is there a good way to document universe overloads/access restrictions? I can't seem to find anything. We have a ton of universe objects which are restricted for certain users/groups, and we need to re-work this list. Ideally, I'd love to have these listed out by restriction name - restricted object, or restriction name - row-level restriction.
Any help is much appreciated!Hi Kunal,
Yep, that's exactly what I did. The query I used was:
Select SI_NAME, SI_OBJECTS
from CI_APPOBJECTS
where SI_KIND like '%OVERLOAD%' and SI_PARENT_CUID = '<universe ID>'
This worked fairly well, but it would be great if SAP would give us an ability to output these queries to Excel to make them more manageable.
Thanks!
Bill -
[BO3.1]How can I copy access restriction to another universe
Hi experts,
I have an old universe which contain a very complex access restriction setting. It is time consuming if I create it again in a new universe.
I tried to delete all objects from the old universe and then create the new objects on this cleaned universe, however this method creates some serious bugs.
Therefore how can I copy the access restriction from the old universe to the new universe?
Thanks,
GordonDear Antony,
If the old universe are upgraded from previous version (eg: from R2 to 3.1)
You should not remove the contents in the old universe and then build some new objects in this universe. It will create some unexpected bugs.
You should rebuild a new universe from the beginning.
If the old universe are not upgraded, you can remove the contents in the old universe and then build some new objects in this universe so that we can keep the access restriction.
Thanks & Regards,
Gordon -
"access restrictions" did not work sometimes when using 3-tier DeskI.
My customer found that "access restrictions" did not work sometimes when using 3-tier DeskI.
But this issue can be solved by logging on from another machine, or restarting the DeskI.
For I can reproduce this issue, so I just want to know that:
1.What is it probably related to?
2.If this issue happens again, what can I suggest my customer for tracking it?
For example, get some log files from servers etc.
Thanks!Hi Sarah,
Also you can try the following solution.
1. Import the universe.
2. Go to manage access restrictions
3. Remove the restriction .
4. Again create the rescrition and unchecked the " limit size of result set to"
5. Now assign it to the unlimited results group ( this is the name of
the group we have given to those users who should be able to retrieve
more than X rows)
6. Now we save the universe. (Dont export the universe).
I hope this will help you.
Regards,
Sarbhjeet Kaur -
My steam keeps on asking for universal access
My steam keeps on asking for universal access but i gave it access and it keeps on asking for it!!!!!! help me please!!!!
Run the following from a terminal window before booting steam on OSX.
sudo sqlite3 /Library/Application\ Support/com.apple.TCC/TCC.db "REPLACE INTO access VALUES('kTCCServiceAccessibility','com.valvesoftware.steam',0,1,1,NULL);"
This will reset the values in the Overlay settings for Steam to be "Allowed Access" and "Access Requested" then finally resets the application fingerprint (csreq) to null, which is then filled in later. Something in the way the steam binaries interact with OSX with the fingerprint resets messes with some of these fields. If you have the above settings in place, you can boot without being prompted.
THIS is the actual solution! It works perfectly, in one second and without re-installng anything.
Thanks! -
Setup more than one policy in one day using Access Restriction
Anyone can tell me how to set up two policys in one day using Access Restriction ?
For example:
For Weekdays, before 6pm, no restriction to use internet. after 6pm, internet ok, but certain web site or ports need to be blocked.
I can set up policy for after 6pm but then before 6pm, the router consider no-internet access period.
Any advise ?what you just need to do is to set the policy to allow from 6PM upto the time you wanted your router to give internet access... and just set the status to enable.. type in the LAN mac adress of your router in the edit PC list, then save the settings
"a helping hand in a community makes the world a universe" -
Migrate Universe Security restrictions
Hi,
I have modified Access Restrictions in a universe and added a Group using CMC, in Development region.
Now I need to migrate these changes to Validation region.
I've been doing report and universe migration from Dev to Validation using Import Wizard.
For the access restrictions to get reflected in Validation is it enough to migrate the Universe.
Please could someone help me out in this regard.
Many Thanks,
VaiHi,
you have to migrate simultaneously also the user groups you applied the restrictions for. Add them along with the universe in the list of the objects to transfer.
Regards,
Stratos -
How to migrate "Access Restrictions" from One Environment to another Env
Hi ,
Can anyone suggest regarding the "Access Restrictions" , we need to move the "Access Restrictions" from one environement to another environment .
Thanks & Regards
Venkat.hi,
When using Import wizard,
while importing Universe, Please check the below option to migrate Access Restrictions.
"Keep Universe Overloads for imported Users and Groups"
Regards,
Vamsee -
E3000 Deny Access Restrictions not releasing
I've just recently purchased a Cisco E3000 router.
I've set up 3 Access Restriction - Deny policies using IP addresses. Unless someone has a better idea I found I needed two policies to Deny from late at night (say 10.00pm) till first thing the next morning. As this spans two days I needed a Deny policy from 10pm till midnight, and another for the next day from midnight till say 7.00am.
Now to my problem, the laptops get 'Deny'ed exactly as they should within a few minutes of the set time, problem is they do not reconnect the next morning after the Deny time has passed.
Cisco help wasn't any help, and wanted me to use Cisco Connect. However the overly simplistic options it provides are next to useless for me. The web option has more flexibility, if only it'd work.
Do I need to need to force an Allow to override the Deny but establishing a fifth policy just for this purpose? Don't know if this'll work but I've got no other ideas.
All help greatly appreciatedAnyhow, I'll answer my own question based on one nights experience.
Made the 5th (and last, don't know why all the reviews say you can have 10 policies, there are only 5) an Allow policy for the previously restricted IP addresses with the parameters of Allow everyday for 24 hours.
Last night the Deny policies as the first in the list worked correctly and the two restricted laptops had access back again at the set time. So on a test of one night it's all working correctly.
The trick was the inclusion of a universal Allow policy as the last policy to force a release of the Deny policies. I'll post again if it doesn't work at some point in the future. -
Can someone help me?How do I take the zoom feature off my MacBook Pro? I have already went to System Preferences and turned "zoom" off in the Universal Access. I saw where someone said to use THREE fingers to double click... ??? Double click what? And 3 fingers?
What really cheeses me off here is that Apple isn't allowing users enough customization. With each update of iTunes (and the OS and iOS) we're forced to give up something that worked well for the way we want to use the app and make do with fewer (and lamer) options. If Apple keeps this up, they're going to start losing customers fast. I mean if this isn't fixed soon, I'm pretty sure I'm going to give up on iTunes, and then I'll probably go ahead and get a Galaxy when I need to replace my iPhone.
What I don't understand about how they won't let users delete the list of available podcasts now is why? How is this making it a better program? I can understand that not all users are capable enough to right-click on a feed and select "Show all available episodes", so I can see why they want the complete list to be the default (and, surprise, it already was). But to not give users the option to delete that list? It's inconsiderate because it makes navigating feeds with a large back catalogue really frustrating. I'm flabbergasted that no one at Apple considered all the podcast feeds that keep hundreds of episodes available when they removed this feature. It smacks of rank incompetence.
What improvement were they trying to make here anyway? There was nothing wrong to my mind about how podcasts were managed in previous versions. Whatever improvement they were trying to make here, they should have realized that many users would at least want the option to keep things the way they were.
And reverting to a previous version is no solution. I can't sync my iPhone with the new iOS without this update, and (while I do have some issues--specifically how you can't play podcasts in the Music app anymore) I do like the new iOS. -
WRT54G2 and WRT54G locks-up (freezes) when blocking web sites using Access Restrictions
I am convinced that a few Linksys routers such as WRT54G2 and WRT54G have a major issue when blocking web sites using Access Restrictions (Internet Access Policy). After a few hours of internet access by 15 wired users the Linksys locks-up and blocks all internet web access. The only solution is to restart the power on the router.
We are currently using a Linksys WRT54G2 v1 (firmware 1.0.04). We upgraded the WRT54G2 v1 firmware to the latest 1.0.04 version which did not resolve the issue. NOTE: We were previosuly using a a Linksys WRT54G v1.1 (firmware 4.21.1) until the power supply blew a week after we started blocking web sites using Access Restrictions (Internet Access Policy).
Basically, we have a T1 internet connection and a hub connected to the Linksys router. We are trying to block several web sites such as facebook, myspace, etc. for 15 wired users. We do not use wireless connections.
This is the 2nd time it happened with 2 different models.
Please help ASAP.
Thank you,
Lance
(Mod note: Edited post. Some parts off topic.. Thanks!)Also, you have already upgrade/re-flash the firmware of your Linksys Router you need to reset and reconfigure your router from scratch. Press and hold the reset button for 30 seconds...Release the reset button...Unplug the power cable from your router, wait for 30 seconds and re-connect the power cable...Now re-configure your router...
-
How to configure CLI/DNIS based access restriction in 5.3 ?
Hi,
does anybody have an idea how the setting
define CLI/DNIS-based access restrictions which is defined in ACS v. 4.2
can be configured in acs 5.3 ?
in v. 4 for every user in a group with 40 members a different CLI is defined for each. How can I configure that in version 5.3 ?
any help as always much appreciated!The equivalebt to NAR functionality can be found at:
Policy Elements > Session Conditions > Network Conditions > End Station Filters
Can then define an object with a set of CLI values
These objects can then be used in policy conditions. So can create a condition with a set of CLI values and then match in authorization policy for values that are included in this set and set authorizations accoridngly
Not sure if this is your use case but hopefully may be a start
Maybe you are looking for
-
I have managed to lose the space bar on my keyboard. How do I get it back?
Just got my ipad for Xmas. It really is great, but I have a lot to learn. Somehow when exploring the keyboard I have managed to replace the keyboard with various other exclamation marks etc. I can't get the space bar back. Please help a poor beginner
-
3gpp file association in Bridge CS5 Production Premium
Hello, To make the issue really simple, I have a video camera on my phone that outputs video to a .3gpp file extension. I am trying to associate Quicktime to open it as the default for Bridge. The .3gpp or .3gp file extension is not listed in the fil
-
Another Flickering Blue Screen: When clicking on Video Links
Ok, so i recently took my computer into the apple store to have my screen replaced because of a discolored spot. when i got it back i saw on the receipt that they replaced my motherboard because of an accidental damage. that was about a month ago. it
-
My iPhone V will not connect to a Microsoft Exchange server. It says that the User Name or Password are incorrect even though they're not and I can log on directly to Exchange with the same parameters using the web browser. I bought the phone when it
-
This could be very interesting IF ...
... you guys take this towards being a modern hypercard-like tool. This means being able to do more scripting within the tool rather than messing with the generated javascript post facto. That is, extend the scripting beyond simple formulae. I get