Read-Only Role For User Admin

Similar Messages

• Need to Assign read-only roles to a user in EP

  Hello,
  I am currently facing a situation wherin I need to assign read-only roles to a user. I need to assign the user admin, system admin and content admin roles to him, but all with read only permissions. Could someone kindly direct me as to how this can be done in EP7.0?
  Thanks in advance and best regards,
  Karthik.

  Hi Karthik,
  first, welcome on SDN!
  About your question:
  Ganesh already showed the way for the PCD. Anyhow, the content admin also can accedd the KM content (if installed); so for KM the settings have to be done, too, i.e. defining only read-permissions for this user on all repositories.
  The same holds for System-Admin - Permissions - Portal Permissions, here under the different sections only read access permissions would have to be set.
  Anyhow, some areas cannot be restricted in this way, for example the User Management. This could be done only via http://yourserver/useradmin and there via ROLE actions (and not per user).
  Still, some areas certainly will stay problematic, so that one maybe would have to strip down the standard roles (create a delta link copy of the content and then remove the problematic areas).
  Hope it helps
  Detlev
  PS: Please consider rewarding points for helpful answers on SDN. Thanks in advance!

• Tabular Form - Read only condition for certain users

  Is it possible to make a select list field in a tabular form read-only to certain users? Here's the situation:
  The tabular form lists the users who need to select "Approve" or "Reject" in that field (they are approving or rejecting an engineering change)
  I want all of them to see the approval/rejection of their team, but only have access to edit the select list associated with their record.
  Thanks in advance.
  Apex 4.0.0.00.46

  You could use either "authorisations" tab or "conditional display" for the relevant column attribute.
  Report Attributes->Column Attributes->authorisationsIt would be better to have some more detail about what you are trying to get (maybe a quick mock up of the form, for example) but, I can envision something along the lines of the following:
  For each approval/rejection field:
  1. Create an authorisation appropriate for access to to each approval/rejection field e.g. authorisation scheme "FOO"
  2. In the relevant fields column attributes, set the authorisation to "FOO"
  3. now create a read only "public" copy of the above field, using the "display as text (based on LOV does not save state)" - set the authorisation for this field as "{NOT FOO}"
  (if you don't want to use authorisations, you could build an equivalent using "conditional display" instead, which is basically the same thing, except column specific)
  The downside is of course that you're duplicating fields in your query, which creates a bit of redundancy. There may be better ways to achieve this (maybe you could make use of the APEX_ITEM api, for example) but this is fairly easy to set up IMO.

• How to create mandatory (read-only) profile for Terminal Services user (HP Thin Client) on Server2003... aaarrgghhh!

  I've been tearing my hair out for a couple of days now...
  I'm trying to create a mandatory profile for users logging in from hp thin clients on a 2003 server at a school.
  I've set up a prototype user, then copied the proto user's NTUSER.DAT to NTUSER.MAN and renamed
  NTUSER.DAT to NTUSER.DAT_unused.
  At that point, logging in as the prototype user looks ok.  It was my understanding that renaming NTUSER.DAT to NTUSER.MAN would make it a mandatory profile, and the user (in this case the proto user) would be unable to change it.  However, in this
  case the user can still modify the desktop and those modifications are preserved across logins.  The NTUSER.MAN file is being updated, judging by the timestamp changes.
  What am I missing?  
  I've tried putting the NTUSER.MAN in the user's dir on the server
   (C:\Documents and Settings\ProtoUser),
  in the DefaultUser, and in AllUsers.
  Right now I'm getting a default, unmodifiable profile which I have no idea where it comes from.
  In case it matters, the original user and directory tree from which the NTUSER.MAN I'm trying to use has been deleted, but I wouldn't think that should matter.
  For example, I have the option to not show the security tab set in the group policy, but it is showing up.
  The Start menu is showing as the classic start menu, and I had it set for the "new" (2 column) one.
  I've got hide network places on the desktop set, but it's showing up.
  Is there a way to tell where a profile is coming from?
  I'm pretty confused at this point; any clarifications / tips would be much appreciated.
  Related questions:
    If both an NTUSER.DAT and an NTUSER.MAN exist, which is used?
    If no profile is found for a user in the normal place, what happens?

  Hi,
  Thank you for posting in Windows Server Forum.
  A mandatory user profile is a special type of pre-configured roaming user profile that administrators can use to specify settings for users. With mandatory user profiles, a user can modify his or her desktop, but the changes are not saved when the user
  logs off. The next time the user logs on, the mandatory user profile created by the administrator is downloaded. There are two types of mandatory profiles: normal mandatory profiles and super-mandatory profiles.
  User profiles become mandatory profiles when the administrator renames the NTuser.dat file (the registry hive) on the server to NTuser.man. The .man extension causes the user profile to be a read-only profile.
  User profiles become super-mandatory when the folder name of the profile path ends in .man; for example, \\server\share\mandatoryprofile.man\.
  More information:
  Mandatory User Profiles
  http://msdn.microsoft.com/en-us/library/windows/desktop/bb776895(v=vs.85).aspx
  Using User Profiles in Windows Server 2003
  http://technet.microsoft.com/en-us/library/cc776120(v=ws.10).aspx
  Hope it helps!
  Thanks.
  Dharmesh Solanki

• Essbase Error 1051440 - Authentication fails for user admin

  We are facing a very unique problem...
  The application is up & running.. even I can login into the application, can perform member addition, editing & mamage database from planning.... but I get this error while retreiving from excel addin or running scripts.
  What I analysed is that this problem is Actually coming when a particular set of members are called anywhere either in scripts or during retreival thru Addin.
  Recently we had added one dimension in one of the database of our application. After that that this problem started.
  There were fewer Xref functions used to pull data from other cubes.... The problem is cominng with only those set of members where this Xref function has been used.
  Even I had changed the formulas & incorporated member of new dimension in the formulas to point to target members....
  Can you guys ever had faced such kind of issue....
  Please help in resolving....
  Complete Error is: msg fromremote site[date n time] Local////Error(1051440) Essbase user[admin] Authentication fails against shared services serverwith Error[30:1005:Authentication failed for user admin. Enter valid credentials.]]

  Hi,
  are you sure that user "admin" has all necessary rights to run your scripts? I have to ask because we sometimes had problems with our admin user... There is an "native essbase server admin" and the admin user in shared services.
  We dont had any idea how this could happen but sometimes our admin user changed to the mentioned "native essbase server admin" - you can see it if you are connected as "admin (internal)".
  If you are logged in as "admin (internal)" you have to "externalize" this user.
  Hope this helps and my bad english is not so much confusing... :-)
  Kind regards
  André

• Changing role for users

  Hi,
  in forms 10g , it's possible to change the role for user
  REVOKE role_name FROM :USERNAME;

  This should work, but the user revoking a role from a different user needs to have the admin option of this role.
  When creating a role, by default the "Admin option" for that role should be enabled for the user creating the role.
  Normally, this would be the schema-owner of the application objects ...
  A user holding the "admin option" may grant a role to a different user and grant the other user "admin option" on this role...

• When i try and open the auto cad Lt that i just downloaded i get this error The directory may be locked by another process or have been set Read Only. Directory: '/Users/hockaday' Please correct this problem and press OK to exit the application.

  i get this error why i try and open the auto cad that i just downloaded
  The directory may be locked by another process or have been set Read Only.
  Directory: '/Users/hockaday'
  Please correct this problem and press OK to exit the application.

  I did install it in the admin account.  Actually the computer has four accounts, one for my husband, where I installed it.  One for me which also is set to admin, one is called TEST and has nothing in it and one is guest user.
  I don't know how AutoCad is interfacing with the account.  That is why I am not sure what to do about it.  I read other threads in various places and some seemed to point to something having to do with having multiple users.  The solutions were not clear.  I was hoping someone else had this problem and could tell me what to do.  I tried apple support but no help.  I have not tried AutoCad yet as I assumed they wont help since this is a free educational version of their product.

• Password for user admin

  Hello,
  I have to change the PW for user admin and tried to do this in the ERP/SU01 on every client.
  The connection to XI was lost. The error 'can not read exchange profile' occurred.
  I reset the password of user admin in all clients to default and entered the user admin and password in the http://<xi-host>:<j2ee-port>/exchangeProfile.
  This worked fine.
  But now I get the periodic error that user admin on client 200 is locked due to wrong logon and XI does not work. Error as described above
  Okay. I can unlock user admin, but the error occurs periodically.
  Is there a description how to change the PW for user admin and get rid of this error. I found a SAP Note (936093), is this the way to do it?
  I assume user admin is locked every time the portal fails to contact XI, but I am not sure.
  Best Regards
  Maximilian

  Try reflashing the firmware and see if that alleviates the issue.  If not call into 866-606-1866 for further troubleshooting.

• Read only permissions as an Admin & force ejection of osx disk; Other disk?

  I have had problems with permissions on my computer for about 2 years now. In the past two years, I've reinstalled my OS about 10 times. In the past month, though, the problems have escalated. I can no longer burn my files to disk successfully because the disk is always ejected before the process can complete. This happened on occasion in the past, but now it happens every time.
  I had an external biometric hard drive which I used to back up my files, but after about 10 months of use, it stopped working. I ordered a new one and sent the old one in for repair, but all of my backups were gone.
  When I got the new one - it is smaller and more portable, which is a plus, it had already been formatted. I tried to reformat, but within minutes I had no control over my settings and even though I am listed as the only user, I had read only permission for the new drive and had no ability to change any system preferences.
  Time to start from the Snow Leopard disk and try to repair permissions, etc. Did repair permissions and reset the permissions under the "Change Password" window in Utilities. When I tried to startup again, I only got a blue screen.
  I have a firmware password, so when my drive wouldn't start, I tried again with the option key down and the startup disk in the optical drive - only to find it force ejected over an over. Then I noticed that not only were my two volumes visible, but another Network Server was fading in and out. Currently, my network was unplugged and I have never connected to an external server. Again, I should be the only user on my system.
  I have returned the newest hard drive in exchange for a new one, but am uncertain of what to do now if I am unable to reinstall the OS. I have posted the photos I took with my iPhone to show the screen with the three volumes visible and will post the link shortly. Please help!

  Image of the screen can be seen here: http://gallery.me.com/iphone/asrodrig1/100033#0

• In HTTP log:  Store Critical: Unable to read index file for user/ uid

  All:
  Sun Java(tm) System Messaging Server 6.2-7.05 (built Sep 5 2006)
  libimta.so 6.2-7.05 (built 12:18:44, Sep 5 2006)
  We recently have started to see the following errors in our http logs:
  [01/Mar/2007:13:03:43 -0500] httpd[5174]: Store Critical: Unable to read index file for user/<uid>: System I/O error. Administrator, check server log for details.
  It's occurring a couple of different times during the day to certain users. Then it won't happen for days to anyone, but then start up again. I saw a similar thread to this re: IMAP and I'm curious if http could be having the same problem. We increased the number of process of http (from 2 to 4 a few months ago) but kept the same maxsessions (6000), so maybe I need to change the maxsession to something lower? We only started to see the I/O error two weeks ago We're not seeing the error in imap logs. Also there's no errors in the default log related to the users that receive this in http.
  I'm planning on running a reconstruct -m in the mean time to see if that helps. There have been no changes to the server or application for quite some time. Any thoughts?

  Yes, http can have the same issue. Yes, lowering the maxsessions from 6000 is the answer, IF it's the same problem. Likely, but not guranteed.
  If you actually look at the store.idx for that particular user, what do you see? Is it near 2 gig? If so, then the user needs to either delete some messages or move some to another folder, as 2 gig is the limit for the store.idx file.....
  jay

• Store Critical: Unable to read index file for user/mailtest: System I/O err

  more imap
  [27/Nov/2007:13:36:52 +0800] e69-1-c imapd[5984]: Store Critical: Unable to read index file for user/mailtest: System I/O error. Administrator, check server log for details.
  [27/Nov/2007:13:36:52 +0800] e69-1-c imapd[5984]: Store Critical: Unable to read index file for user/mailtest/&V4NXPnux-: System I/O error. Administrator, check server log for details.
  [27/Nov/2007:13:36:52 +0800] e69-1-c imapd[5984]: Store Critical: Unable to read index file for user/mailtest/&XfJT0ZAB-: System I/O error. Administrator, check server log for details.
  [27/Nov/2007:13:36:52 +0800] e69-1-c imapd[5984]: Store Critical: Unable to read index file for user/mailtest/&g0l6Pw-: System I/O error. Administrator, check server log for details.
  [27/Nov/2007:13:36:52 +0800] e69-1-c imapd[5984]: Store Critical: Unable to read index file for user/mailtest/test: System I/O error. Administrator, check server log for details.
  [27/Nov/2007:13:36:52 +0800] e69-1-c imapd[5984]: Store Critical: Unable to read index file for user/mailtest: System I/O error. Administrator, check server log for details.
  [27/Nov/2007:13:36:54 +0800] e69-1-c imapd[5984]: Store Critical: Unable to read index file for user/mailtest: System I/O error. Administrator, check server log for details.
  [27/Nov/2007:13:36:54 +0800] e69-1-c imapd[5984]: Store Critical: Unable to read index file for user/mailtest/&V4NXPnux-: System I/O error. Administrator, check server log for details.
  [27/Nov/2007:13:36:54 +0800] e69-1-c imapd[5984]: Store Critical: Unable to read index file for user/mailtest/&XfJT0ZAB-: System I/O error. Administrator, check server log for details.
  [27/Nov/2007:13:36:54 +0800] e69-1-c imapd[5984]: Store Critical: Unable to read index file for user/mailtest/&g0l6Pw-: System I/O error. Administrator, check server log for details.
  [27/Nov/2007:13:36:54 +0800] e69-1-c imapd[5984]: Store Critical: Unable to read index file for user/mailtest/test: System I/O error. Administrator, check server log for details.
  [27/Nov/2007:13:36:58 +0800] e69-1-c imapd[5984]: Store Critical: Unable to read index file for user/mailtest: System I/O error. Administrator, check server log for details.
  [27/Nov/2007:13:37:00 +0800] e69-1-c imapd[5984]: Store Critical: Unable to read index file for user/mailtest: System I/O error. Administrator, check server log for details.
  [27/Nov/2007:13:37:00 +0800] e69-1-c imapd[5984]: Store Critical: Unable to read index file for user/mailtest/&V4NXPnux-: System I/O error. Administrator, check server log for details.
  [27/Nov/2007:13:37:00 +0800] e69-1-c imapd[5984]: Store Critical: Unable to read index file for user/mailtest/&XfJT0ZAB-: System I/O error. Administrator, check server log for details.
  [27/Nov/2007:13:37:00 +0800] e69-1-c imapd[5984]: Store Critical: Unable to read index file for user/mailtest/&g0l6Pw-: System I/O error. Administrator, check server log for details.
  [27/Nov/2007:13:37:00 +0800] e69-1-c imapd[5984]: Store Critical: Unable to read index file for user/mailtest/test: System I/O error. Administrator, check server log for details.

  whr25 wrote:
  root@e69-1-c # ./imsimta version
  Sun Java(tm) System Messaging Server 6.3-0.15 (built Feb 9 2007)
  libimta.so 6.3-0.15 (built 19:27:56, Feb 9 2007)
  SunOS e69-1-c 5.10 Generic_118833-24 sun4u sparc SUNW,Sun-FireThis is an old release of 6.3, you should be planning to upgrade to proactivly prevent known bugs.
  prstat
  2255 mailsrv 407M 310M sleep 59 0 0:00:44 0.0% imapd/3Not 3GB. Of course if you had just restarted messaging server as you noted below then that isn't unexpected.
  I'm restart Messaging Server,I't is not problem
  This issue is about two days after the RuningWhen the problem does occur what is the prstat output? The size of the imapd processes will increase over-time depending on the number of people accessing the store via IMAP, and the size of the mailboxes (store.idx files) they are accessing.
  Regards,
  Shane.

• Is BAM-reader only available for US IDs?

  Is BAM-reader only available for US IDs?

  I see it in the USA App store.  If you can't from your store, I would assume it's not available in your country.  AFAICT, all their physical stores are in the USA.

• HI,how to find roles for user based on userid?

  hi,
  i need to find roles for each user based on user id.
  can i know any one knows this how to get roles for user?
  thanks,
  jpullareddy

  hi,
  i solve my self.
  i am getting values
  jpullareddy

• Role for User Administrator(Read only)

  Hi All,
  I want to create a role just like the role ofUser Administrator.But I want to make it read only.I want that the end user can perform search operation,can see the locked user,can see the roles but can't delete the user.Basically ,they shouldn't able to do the modification.
  Any suggestions will be appreciated.
  Paritosh

  I have only managed to do this by creating a role and assigning the relevant User Admin iViews to the role and then changing the End User Permissions on the role.
  I assigned the ReadAll Premission. That did the trick for me.
  Groups unfortunately require the manage_groups Permission, so we do not allow the viewing of groups.

• How to assign read only access for a database to a single user?

  Hi All,
  I have created a login for one of the user , and i used deny view to deny that user access to any of the databases to be shown.Now, he cannot see any databases in the explorer window.
  My question is now i want to give this user permission ( read-only) to a single database. How can i do that? I have googled around and found some solutions but nothing is working.
  Can someone please help me with any suggestions.
  Thanks a lot for your time and suggestions in advance.
  Thanks

  Hi Bhanu,
  Thanks for your reply, I am not sure i got it. I have a user created with the name of 'msam_test' and if i login into management studio with this userid and password i dont see any databases showing up because i used the DENY View command to hide which is
  working fine.Now i just want to see only 1 database named 'suresh3_test' with a read only access to this database.
  I tried using your code in the below way
  USE [suresh3_test]
  CREATE USER [<msam_test>] FOR LOGIN [<msam_test>] WITH DEFAULT_SCHEMA=[dbo]
   exec SP_ADDROLEMEMBER 'DB_DATAREADER','<msam_test>'
  But i receive an error saying
  Msg 15007, Level 16, State 1, Line 3
  '<msam_test>' is not a valid login or you do not have permission.
  Msg 15410, Level 11, State 1, Procedure sp_addrolemember, Line 75
  User or role '<msam_test>' does not exist in this database.
  Can you please help me on this.
  Thanks