Providing authentication for standard MDM we bservice.

Hi,
We are calling mdm web service from portal. Can any one tell me how to authenticate user when calling standard web service.
Regards,
Sandeep Reddy.

Hi Sandeep,
For a particular user to use a particular webservice say for eg Search Webservice.You need to provide that particular MDM user authentication to the webservice i the Visual Administrator configurations.
The MDM user must be defined in MDM Console with proper Roles and Authorizations.When you give this MDM user access to the Search Webservice for eg then this user can login and run the search webservice.
To know about the configuration required to work with MDM 5.5 Webservices then view the below link;
https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/20e06073-f485-2910-adb1-9a197bf98994(MDM webservice webinar)
If you are working with MDM 7.1 then the features are little more advanced, you can view the below link to know more on MDM 7.1 webservice
https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/a04e6281-b9d4-2b10-f1b3-ee7884e720c3 (Webservice 7.1)
Hope It Helpes
Thanks & Regards
Simona Pinto

Similar Messages

  • Providing image for Standard Buttons on Application Forms

    I've seen some postings on changing the standard buttons used in forms. Does anyone know if this has changed at all in Release 2? I want to put my own image for a button instead of the standard gray button and before doing the workarounds recommended, I want to know if this has been addressed in the new release.
    Thanks.

    I am afraid, the new release does not include changes where you can replace buttons with images.

  • Translation for Standard BAPI error messages

    Hi All,
    We are calling a standard BAPI in our report program. This BAPI has return table of type BAPIRET2.
    When i logon in Spanish Language, still the BAPI returns error messages in English.
    Any pointers to get the messages from Standard BAPI's in Logon language.
    Thanks,
    Best regards,
    Prashant

    Hi,
    Since these messages are Standard SAP  Messages, i assume that SAP would maintain the translations for them.
    If i go to message class & check translations for these standard messages, i dont see the translations.
    Are we expected to manually maintain translations for Standard SAP Messages ?
    I feel SAP would be providing translations for Standard SAP message.
    Best regards,
    Prashant

  • Standard MDM iView for Creation of Record

    Hi All,
    We have requirement to create a record in MDM through Portal.
    Are there any standard iViews available in Portal content of MDM, which can create or update a record in MDM repository?
    In the Portal content we have found following two SCA
    BPMDMAPPLI04_0.SCA
    BPMDMTECHN04_0.SCA
    We have deployed them on the portal server, we are able to see search and itemdetail iViews for standard repository.
    But we are not able to see iViews for creation of record.
    In one of the document it has been given that SP 04 extended (imporved) functionality offers Data Entry and Maintenance (CURD operations) can also be performed.
    But availability of the iViews not mentioned anywhere.
    Anyone has already implemented such kind of functionality or scenario?
    Thanks and regards,
    Shruti.

    Hi Mandar,
    I have followed the same PDF also.
    But I am not able to find out the SCA's which are mentioned in the above document for GP and CAF.
    I tried searching on service market place also.
    In portal Contenet of SP 04 i have found only two SCA's
    BPMDMAPPLI04_0.SCA
    BPMDMTECHN04_0.SCA
    I am not able to find following SCA files.
    H2G_GuidedProcedures.sda
    H2G_SourceCode.zip
    Can tell me how do i get those SCA's?
    Thanks in Advance
    Shruti.
    Edited by: Shruti Shah on Mar 12, 2008 6:19 AM

  • Best Practice : Creating Custom Renderer for Standard Component

    I've been reading the docs and a few threads about Custom Renderers. The best practice seems to be to create a Custom Component where you need a Custom Renderer. Is this the case?
    See [this post|http://forums.sun.com/thread.jspa?forumID=427&threadID=520422]
    I've created several Custom Renderers to override the HTML provided by the Standard Components, however I can't see the benefit in also creating a Custom Component when the behaviour of the standard component is just fine.
    Thanks,
    Damian.

    It all depends on what you are trying to accomplish. Generally speaking if all you need is for the user interface output to be changed then a renderer will work just fine. A new component is usually made in order to provide some fundamental change in server side functionality not related to the user interface. - Ponderator

  • OLEDB provider VFPOLEDB for linked server returned message "Invalid path or file name"

    Hello,
    I'm hoping someone can shed some light on this.  I'd researched this error for days, reading all the post in this forum, however none of them address my issue.
    We use VFP 9 .dbf tables (free tables).  I setup a linked server to query the tables.  As first we were not able to view the tables in SQL Server Mgmt Studio (MSMS) until I sorted out the permissions.  I can query the tables if I copy over
    to the server so they are local tables.  However, across the network I am continually getting the error above and the following error:
    "Cannot initialize the data source object of OLE DB provider VFPOLEDB for linked server XXX."
    Here are the steps I've performed...
    Installed a 32 bit instance of SQL Server Express 2008 R2 using Windows Authentication on server 2 (the 64 bit instance could not see the VFP OLE DB provider, as we all know, because the provider is only 32 bit)
    Installed the latest VFP OLE DB from http://www.microsoft.com/en-us/download/details.aspx?id=14839.
    In the VFPOLEDB provider, I enabled Nested queries, Level zero only, Allow inprocess, and Supports 'Like' operator.
    Setup a linked server using the following query:
    EXEC master.dbo.sp_addlinkedserver
    @server = N'LinkedAC',
    @srvproduct = N'Visual FoxPro 9',
    @provider = N'VFPOLEDB',
    @datasrc = N'"\\server1\share\TIW\KOKAC"',
    @provstr = N'VFPOLEDB.1'
    At first I could not view the tables when expanding default>Tables, it failed due to a "catastrophic failure".  That can't be good ;-).  After digging around, I surmised it was because I'd set the SQL Instance to run as NT Authority\NetworkService.
    I created a new user, LinkedVFP, and added to the SQL Instance (using Windows Authentication), mapped the user to the master database with the db_datareader role.  I also added the LinkedVFP user to the network share.  I was then able to browse
    the tables in MSMS and query the data when local, but still not across the network.
    I'm using Crystal Reports to try and query the data from my local workstation using SELECT * FROM OPENQUERY(mylinkedserver, 'select * from table1').  This produces the two errors I mentioned above.
    To clarify, the VFP tables are on server 1 and the linked server is on server 2.  I've read about service account delegation, but unclear if this is the issue.  I went into our domain controller (neither server 1 or 2), AD User and Computers, and
    for server 2 I enabled 'Trust this computer for delegation to any service (Kerberos only)'. 
    Can anyone shed some light on this for me?
    Thanks!
    Aaron McVanner

    Hi Aaron,
    Thank you for your question. I am trying to involve someone more familiar with this topic for a further look at this issue. Sometime delay might be expected from the job transferring. Your patience is greatly appreciated. 
    If you have any feedback on our support, please click
    here.
    Regards,
    Elvis Long
    TechNet Community Support

  • How to get F4 help for Standard Text Key of a operation based on Order type

    Hi Experts,
      How to get F4 help for Standard Text Key (STK) of a operation based on Order type entered in selection screen. The F4 help should give the STK of related order type. At the same time the F4 help for Task Types based on Notification type. How to acheive the above two. Please provide the table names or any search help name if exists or Function modules...
    Thanks in Advance.
    Regads,
    Bujji

    Hi Guys,
       Any help on this...
    Regards,
    Bujji
    Edited by: Bujji on Dec 22, 2008 12:42 PM
    Edited by: Bujji on Jan 5, 2009 2:00 PM

  • ABAP API  MDM  vs Standard MDM !!!

    Maybe the expression that I am using is not the best one and hope that someone can give me any clarifications.
    What I am intending is to know:
    1)     If using ABAP API is the best way to implement MDM purposes or if he’s an alternative to implement MDM using ABAP API?
    2)     In the proof of concept that I am implementing, I only use the principal components of MDM (Import, Data Manager, Syndicator and Console) in order to find the solution of our enterprise business.
    3)     Using ABAP API, I have to use programming method, implement by myself some functionalities in ABAP to connect and resolve my MDM purposes.
    4)     If am not using ABAP API (The way that I am proceeding right now) , I have to use the standard software component (enterprises services ) of the  R3 Systems in order to connect MDM with client systems.
    Thanks guy for your assistance. We just want to know the best way to proceed with MDM .

    The best method for implementing MDM depends on the requirements of each scenario.  For example, if you have a program in R/3 that needs to pull some data from MDM for analysis then perhaps using the ABAP API would be the best route to take.  If you need to transfer materials or vendors from MDM to various R/3 systems, perhaps using XI would be the best route to take.  I would recommend looking at the <a href="https://websmp106.sap-ag.de/~sapidb/011000358700004656452006E">IT Scenario Configuration Guide</a> to get a better understanding of SAP's recommended practices given different scenarios

  • Need Seeburger BIC Mapping names for standard Msg types - EANCOM2002

    Hi All,
    I need Seeburger Bic Mapping names for standard Msg types.
    <b>Orders
    ORDRSP
    DESADV
    Note that they are in EANCOM2002 format.</b>
    Kindly provide them asap.
    Can anyone pls send the document to [email protected] if you have the Seeburger mapping names for EANCOM2002 and ANSIX12.
    Thank You.
    Regards
    Seema.

    Hi Marcos,
    >> IF they have been deployed in your system the names will be:
    >> See_E2X_ORDERS_UN_D96A
    >> See_X2E_ORDERS_UN_D96A
    >> See_E2X_DESADV_UN_D96A
    >> See_X2E_DESADV_UN_D96A
    R u sure of we can use these mappings for EANCOM2002 format.??
    R u sure EANCOM2002 is equavalent to UN D96A???
    -Seema.

  • Enhancement to add userdefined  fields for standard definition in  cj20n

    Hi all
    sub:enhancement to add userdefined  fields in a user defined screen tab for standard definition in t-code cj20n
    can anyone provide an idea how to write the logic for retriving the data from the standard table into the user defined screen added into the project definition using the t-code cj20n( project system module)
    thanks
    sirisha

    I think you may need to implement enhancement 'CNEX0007'
    CMOD==> Enhancement==> Componet==> Get the Screen area.
    Go to SE41 ==> Give the Screen program and number==> add your WBS tab there. The values will be available to screen
    Hope this is helpful for your answer.
    Cheers,
    TM.

  • Radius authentication for the browser-based webtop

    Hiya all,
    With help of the radius-authentication module for apache (http://www.freeradius.org/mod_auth_radius/) and web-authentication it is possible to use radius-authentication for the classic-webtop. Has anyone got Radius authentication working for the browser-basedwebtop?
    SSGD version:
    Sun Secure Global Desktop Software for Intel Solaris 10+ (4.30.915)
    Architecture code: i3so0510
    This host: SunOS sgd1.<removed> 5.10 Generic_118855-36 i86pc i386 i86pc
    I have the radius-module running for authentication of a single directory with the apache-config-lines:
    SetEnvIf Request_URI "\.(cab|jar|gif|der)$" sgd_noauth_ok
    <LocationMatch "/secure">
    Order Allow,Deny
    Allow from env=sgd_noauth_ok
    AuthName "Radius authentication for SGD"
    Authtype Basic
    AuthRadiusAuthoritative on
    AuthRadiusCookieValid 540
    AuthRadiusActive On
    Require valid-user
    Satisfy any
    </LocationMatch>
    When changing the line <LocationMatch "/secure"> to <LocationMatch "/sgd"> the browser asks for a authentication and then a 'Not Found' page is being displayed.
    When using the config-lines from http://docs.sun.com/source/819-6255/webauth_config_browser.html the login-page is being displayed normally and SSGD works.
    The main difference I can find between the location /secure and /sgd is: /secure is a simple directory and /sgd is a JkMount to Tomcat.
    Changing the JkLogLevel to debug gives the following info in the JkLogFile:
    Radius authentication:
    [Wed Jun 06 09:31:20 2007] [22647:0000] [debug] map_uri_to_worker::jk_uri_worker_map.c (449): Attempting to map URI '/sgd' from 5 maps
    [Wed Jun 06 09:31:20 2007] [22647:0000] [debug] map_uri_to_worker::jk_uri_worker_map.c (461): Attempting to map context URI '/examples/*'
    [Wed Jun 06 09:31:20 2007] [22647:0000] [debug] map_uri_to_worker::jk_uri_worker_map.c (461): Attempting to map context URI '/axis/*'
    [Wed Jun 06 09:31:20 2007] [22647:0000] [debug] map_uri_to_worker::jk_uri_worker_map.c (461): Attempting to map context URI '/sgd/*'
    [Wed Jun 06 09:31:20 2007] [22647:0000] [debug] map_uri_to_worker::jk_uri_worker_map.c (461): Attempting to map context URI '/axis'
    [Wed Jun 06 09:31:20 2007] [22647:0000] [debug] map_uri_to_worker::jk_uri_worker_map.c (461): Attempting to map context URI '/sgd'
    [Wed Jun 06 09:31:20 2007] [22647:0000] [debug] map_uri_to_worker::jk_uri_worker_map.c (486): Found an exact match tta -> /sgd
    With the password-authentication file:
    [Tue Jun 05 13:55:29 2007] [12123:0000] [debug] map_uri_to_worker::jk_uri_worker_map.c (449): Attempting to map URI '/sgd/' from 5 maps
    [Tue Jun 05 13:55:29 2007] [12123:0000] [debug] map_uri_to_worker::jk_uri_worker_map.c (461): Attempting to map context URI '/examples/*'
    [Tue Jun 05 13:55:29 2007] [12123:0000] [debug] map_uri_to_worker::jk_uri_worker_map.c (461): Attempting to map context URI '/axis/*'
    [Tue Jun 05 13:55:29 2007] [12123:0000] [debug] map_uri_to_worker::jk_uri_worker_map.c (461): Attempting to map context URI '/sgd/*'
    [Tue Jun 05 13:55:29 2007] [12123:0000] [debug] map_uri_to_worker::jk_uri_worker_map.c (475): Found a wildchar match tta -> /sgd/*
    [Tue Jun 05 13:55:29 2007] [12123:0000] [debug] wc_get_worker_for_name::jk_worker.c (111): found a worker tta
    [Tue Jun 05 13:55:29 2007] [12123:0000] [debug] wc_maintain::jk_worker.c (301): Maintaining worker axis
    [Tue Jun 05 13:55:29 2007] [12123:0000] [debug] wc_maintain::jk_worker.c (301): Maintaining worker tta
    [Tue Jun 05 13:55:29 2007] [12123:0000] [debug] wc_maintain::jk_worker.c (301): Maintaining worker examples
    It seems that the JkMount is not being evaluated correctly after using the radius-authentication.
    Any help will be usefull since I am allready stuck on this problem for a couple of days :(
    Thanks,
    Remold | Everett

    I got response from the Fat Bloke on the mailing list.
    Adding the following line in the apache httpd.conf seams to help and resolved my problem:
    Alias /sgd "/opt/tarantella/webserver/tomcat/5.0.28_axis1.2final_jk1.2.8/webapps/sgd"
    Thanks The Fat Bloke !!
    - Remold
    These instructions are for a 4.2 SGD installation using SGD's third
    party web authentication with mod_auth_radius.so (www.freeradius.org).
    With 4.2 Sun didn't distribute enough of the Apache configured tree
    to enable the use of axps to build the mod_auth_radius module, 4.3 is
    better - Sun now install a modified axps and include files, I haven't
    tried this with 4.3 yet though.
    I built the mod_auth_radius module for Apache 1.3.33 (shipped with 4.2)
    So, this is how we got this working with Radius (tested with SBR
    server and freeradius.org server.)
    Install SGD in the usual way.
    Enable 3rd party authentication:
    According to:
    http://docs.sun.com/source/819-4309-10/en-us/base/standard/
    webauth_config_browser.html
    Configure the Tomcat component of the Secure Global Desktop Web
    Server to
    trust the web server authentication. On each array member, edit the
    /opt/tarantella/webserver/tomcat/version/conf/server.xml file. Add the
    following attribute to the connector element (<Connector>) for the
    Coyote/JK2 AJP 1.3 Connector:
    tomcatAuthentication="false"
    # cat /opt/tarantella/webserver/tomcat/5.0.28_axis1.2final_jk1.2.8/
    conf/server.xml
    <!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 -->
    <Connector port="8009" minProcessors="5" maxProcessors="75"
    tomcatAuthentication="false"
    enableLookups="true" redirectPort="8443"
    acceptCount="10" debug="0" connectionTimeout="0"
    useURIValidationHack="false"
    protocolHandlerClassName="org.apache.jk.server.JkCoyoteHandler"/>
    "By default, for security reasons, Secure Global Desktop
    Administrators can't
    log in to the browser-based webtop with web server authentication.
    The standard
    login page always displays for these users even if they have been
    authenticated
    by the web server. To change this behavior, run the following command:"
    # tarantella config edit --tarantella-config-login-thirdparty-
    allowadmins 1
    Without this, after authenticating via webauth, the user will be
    prompted for a
    second username and password combination.
    # /opt/tarantella/bin/tarantella objectmanager &
    # /opt/tarantella/bin/tarantella arraymanager &
    In Array Manager:
    Select "Secure Global Desktop Login" on left side and click
    "Properites" at bottom
    Under "Secure Global Desktop Login Properties"
    cd /opt/tarantella/webserver/apache/
    1.3.33_mod_ssl-2.8.22_openssl-0.9.7e_jk1.2.8/conf
    edit httpd.conf:
    ### For SGD Apache based authentication
    Include conf/httpd4radius.conf
    at the end of httpd.conf add:
    Alias /sgd "/opt/tarantella/webserver/tomcat/
    5.0.28_axis1.2final_jk1.2.8/webapps/sgd"
    # cat httpd4radius.conf
    LoadModule radius_auth_module libexec/mod_auth_radius.so
    AddModule mod_auth_radius.c
    # Add to the BOTTOM of httpd.conf
    # If we're using mod_auth_radius, then add it's specific
    # configuration options.
    <IfModule mod_auth_radius.c>
    # AddRadiusAuth server[:port] <shared-secret> [ timeout [ : retries ]]
    # Use localhost, the old RADIUS port, secret 'testing123',
    # time out after 5 seconds, and retry 3 times.
    AddRadiusAuth radiusserver:1812 testing123 5:3
    # AuthRadiusBindAddress <hostname/ip-address>
    # Bind client (local) socket to this local IP address.
    # The server will then see RADIUS client requests will come from
    # the given IP address.
    # By default, the module does not bind to any particular address,
    # and the operating system chooses the address to use.
    # AddRadiusCookieValid <minutes-for-which-cookie-is-valid>
    # the special value of 0 (zero) means the cookie is valid forever.
    AddRadiusCookieValid 5
    </IfModule>
    <LocationMatch /radius >
    Order Allow,Deny
    AuthType Basic
    AuthName "RADIUS Authentication"
    AuthAuthoritative off
    AuthRadiusAuthoritative on
    AuthRadiusCookieValid 5
    AuthRadiusActive On
    Require valid-user
    Satisfy any
    </LocationMatch>
    SetEnvIf Request_URI "\.(cab|jar|gif|der)$" sgd_noauth_ok
    <LocationMatch /sgd >
    Order Allow,Deny
    Allow from env=sgd_noauth_ok
    AuthType Basic
    AuthName "RADIUS Authentication"
    AuthAuthoritative off
    AuthRadiusAuthoritative on
    AuthRadiusCookieValid 5
    AuthRadiusActive On
    Require valid-user
    Satisfy any
    </LocationMatch>
    Put appropriate mod_auth_radius.so into
    /opt/tarantella/webserver/apache/
    1.3.33_mod_ssl-2.8.22_openssl-0.9.7e_jk1.2.8/libexec
    # mkdir /opt/tarantella/webserver/apache/
    1.3.33_mod_ssl-2.8.22_openssl-0.9.7e_jk1.2.8/htdocs/radius/
    # cat /opt/tarantella/webserver/apache/
    1.3.33_mod_ssl-2.8.22_openssl-0.9.7e_jk1.2.8/htdocs/htpasswd/index.html
    <HTML>
    <HEAD>
    <TITLE> Test Page for RADIUS authentication </TITLE>
    </HEAD>
    <BODY>
    <B> You have reached the test page for RADIUS authentication.
    </BODY>
    </HTML>
    I hope this helps!
    -FB

  • External authentication for Essbase 7.1.6.

    Hi all,
    We are trying to set up external authentication for Essbase 7.1.6. We have a customized version of Essbase which does not use DLL. we do not have a Hyperion Hub or any CSS set up. All we have is an authentication module from the vendor to be used instead of the DLL. As per the documents provided to us all we have to do is change the cfg file to include the AUTHENTICATIONMODULE setting. Does anyone has any experience with this? What all parameters do we need to pass to Active Directory for this to work? Please help.
    Thanks.
    Vish.

    You could create a maxl script that replaces the filters, when you call the maxl script you could pass in a variable such as YR08 and use that variable in the script.
    Cheers
    John
    http://john-goodwin.blogspot.com/

  • How to preview standard MDM Webdynpro Components ?

    Hi
    As we know, we can create standard MDM Webdynpro components from CE 7.1 SP 04 onwards.
    Suppose I have created a project using MDM WD configurator and added a search component, a resultset component and an itemdetails component. We can preview the individual components using the preview button provided in the configurator. But in order to see the consolidated project containing all the 3 components, we need to embed them as used components in a custom WD component. Then through the custom WD component we can preview the 3 standard components.
    My question is, is there any way in which we an preview all the 3 standard MDM WD components together without putting them in a custom WD component ?
    Is there a way we can directly assign an iview to a project created with MDM WD configurator ?
    Thanks
    Sayan Ghosh

    Found the sloution. Can be launched in the browser with the following url giving the component details :
    http://<hostName>:<portNumber>/webdynpro/dispatcher/sap.com/tcmdmwdcompsmasterwd/MASTER?proj=<Project_Name>&rs=<ResultSet_Name>&s=<Search_Name>id=<ItemDetails_Name>

  • Javascript error in Standard MDM IViews on portal

    Hello Xperts,
    I have deployed standard MDM IViews on my  portal.
    In standard Resultset IView, there is a provision of saving results by using My Bags option. When I click on My Bags option and then New Bag, it throws javascript error.
    Details of systems are as below.
    MDM API version 5.5
    Portal Version EP 7 SP07.
    Appreaciate any inputs for this.
    Ashutosh

    Hi Anu,
    Thanks for the reply.
    we are able to login to Data Manager with Mapped ID's and I even tried creating new IViews. Nothing worked.
    As you suggested, will try restarting the portal server.
    Thanks
    Satish

  • ASA - cut through proxy authentication for RDP?

    I know how to set this up on a router (dynamic access-list - lock and key)... But, I'm having trouble understanding how to setup OUTSIDE to INSIDE cut through proxy authentication for RDP.
    OUTSIDE to INSIDE RDP is currently working.
    I have 2 servers I want RDP open for..
    [*]OUTSIDE 1.1.1.1 to INSIDE 10.10.70.100
    [*]OUTSIDE 1.1.1.2 to INSIDE 10.10.50.200
    What's required for OUTSIDE users  to authenticate on the ASA before allowing port 3389 opens? I was hoping for is a way to SSH into this ASA, login with a special user, then have the ASA add a dynamic ACE on the OUTSISE interface to open 3389 for a designated time limit. Is this possible?
    Here is my current config.
    [code]
    ASA Version 8.2(5)
    hostname ASA5505
    names
    name 10.10.0.0 LANTraffic
    name 10.10.30.0 SALES
    name 10.10.40.0 FoodServices
    name 10.10.99.0 Management
    name 10.10.20.0 Office
    name 10.10.80.0 Printshop
    name 10.10.60.0 Regional
    name 10.10.70.0 Servers
    name 10.10.50.0 ShoreTel
    name 10.10.100.0 Surveillance
    name 10.10.90.0 Wireless
    interface Ethernet0/0
    description TO INTERNET
    switchport access vlan 11
    interface Ethernet0/1
    description TO INSIDE 3560X
    switchport access vlan 10
    interface Ethernet0/2
    shutdown
    interface Ethernet0/3
    shutdown
    interface Ethernet0/4
    shutdown
    interface Ethernet0/5
    shutdown
    interface Ethernet0/6
    shutdown
    interface Ethernet0/7
    shutdown
    interface Vlan1
    no nameif
    security-level 50
    no ip address
    interface Vlan10
    description Cisco 3560x
    nameif INSIDE
    security-level 100
    ip address 10.10.1.1 255.255.255.252
    interface Vlan11
    description Internet Interface
    nameif OUTSIDE
    security-level 0
    ip address 1.1.1.1 255.255.255.224
    ftp mode passive
    clock timezone PST -8
    clock summer-time PDT recurring
    dns domain-lookup OUTSIDE
    dns server-group DefaultDNS
    name-server 8.8.8.8
    name-server 4.2.2.2
    domain-name test.local
    access-list RDP-INBOUND extended permit tcp any host 1.1.1.1 eq 3389
    access-list RDP-INBOUND extended permit tcp any host 1.1.1.2 eq 3389
    pager lines 24
    logging enable
    logging timestamp
    logging trap warnings
    logging device-id hostname
    logging host INSIDE 10.10.70.100
    mtu INSIDE 1500
    mtu OUTSIDE 1500
    ip verify reverse-path interface OUTSIDE
    icmp unreachable rate-limit 1 burst-size 1
    asdm image disk0:/asdm-645.bin
    no asdm history enable
    arp timeout 14400
    global (OUTSIDE) 1 interface
    nat (INSIDE) 1 LANTraffic 255.255.0.0
    static (INSIDE,OUTSIDE) tcp interface 3389 10.10.70.100 3389 netmask 255.255.255.255
    static (INSIDE,OUTSIDE) tcp 1.1.1.2 3389 10.10.50.200 3389 netmask 255.255.255.255
    access-group RDP-INBOUND in interface OUTSIDE
    route OUTSIDE 0.0.0.0 0.0.0.0 1.1.1.1 1
    route INSIDE LANTraffic 255.255.0.0 10.10.1.2 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    timeout floating-conn 0:00:00
    dynamic-access-policy-record DfltAccessPolicy
    aaa authentication ssh console LOCAL
    aaa authentication http console LOCAL
    http server enable
    http Management 255.255.255.0 INSIDE
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 4608000
    telnet timeout 5
    ssh 10.10.70.100 255.255.255.255 INSIDE
    ssh Management 255.255.255.0 INSIDE
    ssh 0.0.0.0 0.0.0.0 OUTSIDE
    ssh timeout 5
    ssh version 2
    console timeout 0
    threat-detection basic-threat
    threat-detection scanning-threat shun
    threat-detection statistics access-list
    threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
    webvpn
    username scott password CNjeKgq88PLZXETE encrypted privilege 15
    class-map inspection_default
    match default-inspection-traffic
    policy-map type inspect dns preset_dns_map
    parameters
      message-length maximum client auto
      message-length maximum 512
    policy-map global_policy
    class inspection_default
      inspect dns preset_dns_map
      inspect ftp
      inspect h323 h225
      inspect h323 ras
      inspect ip-options
      inspect netbios
      inspect rsh
      inspect rtsp
      inspect skinny
      inspect esmtp
      inspect sqlnet
      inspect sunrpc
      inspect tftp
      inspect sip
      inspect xdmcp
    service-policy global_policy global
    prompt hostname context
    no call-home reporting anonymous
    call-home
    profile CiscoTAC-1
      no active
      destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
      destination address email [email protected]
      destination transport-method http
      subscribe-to-alert-group diagnostic
      subscribe-to-alert-group environment
      subscribe-to-alert-group inventory periodic monthly
      subscribe-to-alert-group configuration periodic monthly
      subscribe-to-alert-group telemetry periodic daily
    Cryptochecksum:1e9d278ce656f22829809f4c46b04a07
    : end
    [/code]

    You're running ASA 8.2(5). In 8.4(2) Cisco added support for what they call Identity Firewall rules. That is, you can make access-lists entries specific to users (or object groups containing users).
    There's an overview document on this posted here. It's a bit dated but I believe the only change is that Cisco is now preferring use of the more current Context Directory Agent (CDA) - a free VM they provide - vs. the deprecated AD agent (software service that runs on your DC).

Maybe you are looking for