Read Only Account ACS 5

Similar Messages

• DBMS - Data not visible to read only account users.

  I have created below view to know the status of my batch jobs which run on server every sunday.
  CREATE OR REPLACE VIEW CAFDB_REFRESH AS
  SELECT
  log_id,
  owner,
  to_char(log_date, 'DD-MON-YY HH24:MI:SS') TIMESTAMP,
  job_name,
  status,
  ERROR#,
  run_duration,
  instance_id,
  additional_info
  FROM user_scheduler_job_run_details;
  it is working fine and i am able to get the information.
  now to make it visible to read only account users - using "grant select " i have given access and also created public synonym.
  but it is showing only column names in read only account not the data.
  how to make this visible to read only account?
  please guide.

  USER_ views will only have the objects owned by the user running the query..In your case it will have only the schedules done by the user.
  You will have to ue ALL_ or DBA view (all_scheduler_job_run_details)

• Using iTunes Library with a read-only account...

  Hi! I use my HD connected to my AEBS and to create some accounts in which people can use information on the shared folder that is created when the account preference is chosen. I later copied my iTunes library in the same folder so that everybody had access to it. Most of the users I created have restricted access (meaning read-only access). The ones that have full acces had no problem but the ones that have read-only access, when they try to choose the iTunes library, recieve a message saying "The folder "iTunes" is in a locked disk or you do not have write permissions for this folder.". I clearly understand what the problem is and why it is not letting those users acces it but does anybody has an idea on how I can make the iTunes library accessible to the "read-only users"? Thanks!

  Hi! I use my HD connected to my AEBS and to create
  some accounts in which people can use information on
  the shared folder that is created when the account
  preference is chosen. I later copied my iTunes
  library in the same folder so that everybody had
  access to it. Most of the users I created have
  restricted access (meaning read-only access). The
  ones that have full acces had no problem but the ones
  that have read-only access, when they try to choose
  the iTunes library, recieve a message saying "The
  folder "iTunes" is in a locked disk or you do not
  have write permissions for this folder.". I clearly
  understand what the problem is and why it is not
  letting those users acces it but does anybody has an
  idea on how I can make the iTunes library accessible
  to the "read-only users"? Thanks!
  iTunes was NOT built for multi-user "write" access. Allowing write access to more than one user of iTunes "concurrently" is a recipe for disaster: sooner or later your iTunes database will get corrupted. You have been warned.

• Read only account line item appears writable in the webform

  Hi All,
  We are using Hyperion Planning 11.1.1.2.We have a line item called "Salary" under account which is set to read only.Its parent "Compensation" has the security set as IDesc(writable).
  The line item Salary is used in 2 forms.In one form it appears as readonly and in the other it appears as writable.Both the forms are identical except for the change in member in custom dimension for which security is not applied.
  Ideally this line item has to appear as readonly.
  Can anybody throw some light on this issue?
  Thanks in advance,
  Malini

  Hi,
  Can you just try this,edit the first form that works, do a save as and give it a name, change the custom dimension member. save. run. Is it the same?
  Cheers
  John
  http://john-goodwin.blogspot.com/

• Developer read only account ?

  Is possible to have a "developer" account that only could see the pages' code and unable to modify it ?
  We have some scenarios where we would appreciate this functionality:
  1. One stage of our development process is "Peer Review", where an external developer see our code checking, for example, if we have followed the code standards we have and if the code could be improved.
  2. Usually we share our code to other groups of developers and in order to do that we create a developer account for the persons of these groups.
  In the other hand, is possible to lock an entire application for modifications ? This could be used in our productions environment in order to prevent modifications "by mistake".
  Regards
  Harvey

  Harvey,
  No, to the read-only mode.
  Yes, to the other question, you just set the build status to Run Application Only, so the Builder can't get to it at all.
  Scott

• "Read-only" user account

  Hi All,
  Although the systems in question run Solaris 8, I am asking in this Solaris 10 forum because the way to implement what I am trying to do will most likely be the same on Solaris 8 as Solaris 10 (basic user, group, and permissions related functions have not changed much). There are also alot more posts and answers in this forum so I'm likely to receive a response more quickly.
  My question is: I have been asked to create a "read-only" account for IBM to support some of the applications on a couple of our systems (app support has recently been outsourced to them). I don't really understand why they would be needing a "read-only" account as they wouldn't be able to do anything to resolve problems or install new versions etc., but anyway the question is there and they seem to be insisting on creating such an account. So what is involved with creating a so called "read-only" account? I have never been asked to create one of these before and I've been working with UNIX for quite some time.
  I know one could do something like create a very basic user who is only a member of a new group I would create called e.g. "readonly" and then use things like "chmod" to set permissions so that all files on the system have no write or execute permissions for "other" users (e.g. -rwxrwxr--), or I can use restricted shell (e.g. rksh, rbash) etc. However, setting all files globally to no write and execute permissions for "other" can and probably would cause all sorts of problems, and I already gave them a restricted shell but this was not suitable for them as they are unable to change directory or browse other parts of the filesystem they need to check.
  Please let me know how I can create one of these so-called "read-only" accounts.
  Thanks in advance.
  Regards,
  David.
  Commonwealth Bank
  David Stofberg
  UNIX Systems Administrator
  Enterprise IT Operations
  Level 9, 363 George Street
  Sydney NSW 2000
  P: +61 (2) 9303-2898
  M: +61 (434) 220-893
  E: [email protected]
  Our vision is to be Australia's finest financial services organisation through excelling in customer service.

  most normal users dont have the ability to write to most critical areas of the system by default. if you need more restrictions, deploy RBAC. you can create custom rights profile to limit what a certain role can do.
  [http://docs.sun.com/app/docs/doc/816-4557/prbactm-1?a=view] solaris 10
  [http://docs.sun.com/app/docs/doc/805-7229/6j6q8svdf?l=en&a=view] solaris 8 (update 10/01)

• Address Book server -- any way to make an account "read-only"?

  So, they'd like to incorporate Address Book Server here to work as a "group" address book.
  But they only want to give certain people read-write access to the group book and read-only address to others.
  As far as I know, there's no way to do this (like you could with an iCal "delegate" for comparison.)
  But I was thinking -- is there some way to just set an AB Server account read-only in general?
  If so, I was thinking I could set up two AB Server accounts -- the "read-write" account for some users and then script/sync the values in that account nightly to a "read-only" account.
  But I can't figure out if there's a way to marke an AB server account read-only to begin with.
  Any suggestions along these lines?
  Thanks!

  I'd imagine this is a question that only Apple can answer, as it would require some "behind the scenes" tinkering with Terminal etc., if it were at all possible.
  Its definitely something they should think about including in a future release, as there seem to be quite a few people here who want a shared calendar, plus therefore the ability to pick who can EDIT vs. just read the info on it.
  Cheers!
  Steve

• How to unlock account on read only replica (DS 5.2 p4)

  We are planning to turn on password policy to lock account after user failed to provide correct password after n times and the account will be lock forever unless administrator is to reset the password retry count.
  We implemented password policy with role and cos so that the policy only imposed on end users but not administrators. The password policy works fine.
  We understand that for DS 5.2 p.4, the password retry count is per instance, so the account lock is per instance. The problem we now encountered is at account unlock. We developed a function to reset the password retry count in order to unlock the account. It works fine in our test env. However, in production, we have 2 masters and 4 replicas and our replicas are all read only, all update is referred to the 2 masters. Now, when we update the master setting 0 to the password retry count, the reset is not populated to the replicas and when we try update the replica directly, the update get referred to the master and hence the attribute on the replica remains the same.
  Is there a way to unlock the account that got locked at the read only replica?

  As I recalled the way to unlock an account is to reset password using admin account. I think Ludovic once mentioned that in one of his post.
  If I were right here in this point, you should reset password which will be replicated to your read-only account and reset the counter to be 0.
  BTW, just found Ludovic's original post link:
  http://forum.java.sun.com/thread.jspa?forumID=761&threadID=5159009
  Message was edited by sun_iplanet
  sun_iplanet
  Message was edited by sun_iplanet
  sun_iplanet

• Login: Read Only

  Customer requires read only login access. This read only account should be able to run all 'show' commands on a catalyst 3560 switch

  The only two levels defined by default are:
  Level 0: User exec mode
  Level 15: Privileged Exec (enable) mode
  Levels 1-14 are UNDEFINED, by default. You have to manually define commands for each of these levels.
  Please note you will have issues with commands like show running-config, because the commands shown in the config might be blocked by priviledged level.
  If you had an ACS server, you could give that user level 15 access then RESTRICT the commands they are able to use to the subset you require.
  Here are some helpful links:
  http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfpass.html
  http://www.cisco.com/en/US/docs/ios/12_2t/12_2t13/feature/guide/ftprienh.html

• Problem connecting (read only) to Sybase Server using Crystal XI

  Hi,
  I'm having a very similar problem to Renuha in the thread 'Problem connecting to Sybase Server using Crystal XI-Version-11.0.0.1994'
  The thread is marked as assumed answered but I suspect not!
  I am experiencing this issue in Crystal XI R1 11.0.0.2495, post SP4 install.
  Though the issue was exactly the same pre SP4 install, when it was a vanilla install @ version 11.0.0.1282.
  I am trying to connect to a Sybase database via Crystal > Start Page > Standard Report Wizard > Standard Report Creation Wizard > Sybase Server > Make New Connection
  I enter the details, of my read only user account, and select my desired database, from the (successfully) populated 'Database' drop down.
  After some time, in the 'Standard Report Creation Wizard' window I get the server listed under the Sybase Server branch, but, on expanding the server I only get '...no items found...'. However ,if I use the sa account, after selecting a particular database, I can see all the available database objects under the Sybase Server > [server] node.
  I am on Windows XP Pro SP3, with Sybase Open Client v12.5.2
  I assume my Sybase Open client is correctly installed as I am able to successfully connect using the sa account.
  I am trying to connect to a Solaris 10 (5.10) system running Sybase @@version= Adaptive Server Enterprise/15.0.3/EBF 16548 ESD#1/P/Sun_svr4/OS 5.8/ase1503/268
  Our database vendor/supplier has said:
  "...Crystal reports is not handling the granularity of the Sybase revoke permissions and assuming we've revoked all access to any table where we have revoked only write access.
  Is anyone able to assist?
  Thanks,
  Matt

  Don,
  Thanks again for the response and my apologies for the delay in reply - they keep giving me other work to do!!
  Anyway.
  CR XI R2 SP6 successfully installed.
  Same outcome on Sybase connect, with a full read/write sa account
  i.e. successfull connect and sight of all database objects within my chosen database.
  Same outcome on my restricted read only account
  i.e. I am able to successfully authenticate and choose which database I wish to select but subsequently, still, 'no items found' is displayed when I expand my database node.
  I believe it is a problem with the read only account as both accounts are able to connect, as shown by the availablilty of the dropdown, listing the available databases within the specified Sybase instance.
  The reasons for going down this path are as you suspect - I've been asked to provide access which is not full!
  As far as the testing via test tbl creation.
  I know very little of Sybase (?!) and all our Sybase DBA activities are carried out by our system/dB vendor/supplier.
  To do further testing I would have to go back to our dB vendor/supplier but, as mentioned, (I get the impression) they already beleive they have carried out all required of them by providing locked down read only access.
  I ought to mention that the database trying to be accessed is a restored copy of "the previous days" live data, on an MIS server. The read-only account comes over as with full privileges, and it is a script, subsequent to database restore, which knocks down the accounts privs, to read-only. Given this scenario what would I have to ask of them re further testing/troubleshooting?
  Thanks,
  Matt

• Toad read only sessions open a transaction  in DB?

  Hi,
  When I check v$transaction, I see all TOAD and sqldeveloper sessions which are read only accounts. If I use the same user in sqlplus it won't appear in v$transaction. I am puzzled why these tools create a transaction for even select queries. How can i avoid these tools creating transaction(may be they are running begin trasaction for each session causing a transaction).
  Thanks
  Anand

  SAP IMG  -> Cross Application Components -> Master Data Synchronization  Synchronization Control -> Synchronization Control -> Activate Synchronization options
  This setting allows you to activate synchronization of BP with R/3. Not maintaining the values may result in certain fields being read-only in BP.
  Suggested Values:
  Source Object: BP | Target Object: CUSTOMER | Active Indicator : X
  Source Object: BP | Target Object: VENDOR | Active Indicator : X
  Source Object: CUSTOMER | Target Object: BP | Active Indicator : X
  Source Object: VENDOR | Target Object: BP | Active Indicator : X
  Have you set all of the above settings??
  BHARATH

• Wiki "Read Only" users can read & write

  I am looking to use the built in Wiki software on our Snow Leopard mac mini server. The wiki is meant to be private with one user able to read and write and another account that can read only. After selecting "read only" the user can still read & write. The read only account is not an administrator so I am not sure why they are not read only, could someone point me in the right direction?
  Thanks for your help!

  Hi,
  According to your post, my understanding is that users with read only permissions can't see custom Master Page and Managed Metadata Navigation SharePoint 2013.
  I suggest to customize the ClientObject model code to retrieve info with elevated privileges and then re-deployed the master page.
  Here is a similar thread for you to take a look at:
  http://social.technet.microsoft.com/Forums/en-US/bd7aa817-114a-46ae-a08a-71d903227ce0/sharepoint-2010-custom-master-page-and-read-only-permission-issue?forum=sharepointadminprevious
  If it doesn’t work, please check more information about the custom Master Page, such as whether it contain content like web parts that with permission limited, or whether you have any changes
  to the read permission group.
  In addition, please check the SharePoint ULS log to find more information, , the ULS log file is in the location: C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\LOGS
  You can check the ULS log by the methods here:
  http://blog.credera.com/technology-insights/microsoft-solutions/troubleshooting-sharepoint-errors/
  Best Regards,
  Linda Li

• How enable read only access for ACS server itself

  Hi,
  We would like to know whether its possible to create a read only access to the ACS server. Currenlty ACS server has a generic login with full admin rights.
  We need to create a login to couple of users to log into ACS to check the "Report and Activity" tab. Access to all other tabs should be disabled.
  We are using ACS4.0 verison. Please let me know whether its possible.
  Thanks
  Nachi

  Hi,alexchy8
  We can make use of 2 PowerShell commands to achieve this goal.
  Add-MailboxPermission and Add-MailboxFolderPermission.
  Execute the Add-MailboxPermission command to delegate the read permission at mailbox level.
  Execute the Add-MailboxFolderPermission command to delegate the required permissions on specific folders inside the mailbox.
  You can read the following article as reference:
  http://www.exchangedictionary.com/articles/assign-read-only-mailbox-permission-on-exchange-2010-2013-powershell
  Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety,
  or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
  Best Regards.

• ME21N, Account Assignment, to set G/L Accout field 'read only

  Hi,
  I am creating PO with reference to Purchase Requisition (using T-Code ME21N). The fields 'Cost Centre' and 'G/L Account'  under Account Assignment Tab are needed to be rendered 'Read only'.
  The 'Cost Centre' Field has been made Read Only using User Exit. I am not able to do the same for 'G/L Account' field. Please suggest a possible way to do the same. Field Exit is not working and i have experimented with lots of BADIs, but to no avail.
  Thanks,
  Ranjan

  Hi Venu,
  I have done as you have told. This is working fine while creating
  PO with reference to Purchase Requisition, but the problem arises when we try to create PO by simply putting Account Assignment Category 'K' along with other relevant data.
  The G/L Account field is in display mode, obviouly due to configuration i have done, and thus we are not able to put value in it. It is interesting to note that SAP is itself determining and displaying G/L account in this case.We are checking if this is the case with all test cases. If so then our problem can be considered solved.
  Thanks,
  Ranjan

• Creating a read-only user account

  I am trying to create a read-only user account. Reason being,
  when our users may be able to use MS Access to pull information
  and modify changes (if possible). I was told there is a way to
  do this. Help?

  I'm connecting using ODBC with a user account that I created.
  This dummy account will be available to approx 15 users so they
  can generate reports using Crystal. But, if there is someone
  that wants to generate queries using MS Access, they can still
  modify the data. So, how do I create only select statements to
  disallow users from using MS Access to link to the oracle
  database and change data?