Reapply Rules for existing users

Similar Messages

• Access Policy for Existing Users

  Hi,
  Here is the Scenario:
  1. We have AD resource object having "Allow Multiple" Unchecked
  2. We have Users who are already provisioned to AD
  We are trying to introduce Auto Provisioning into our system for AD, I know new users will be evaluated against Access policies and will be provisioned to the resource and hence groups management will be taken care automatically, Questions:
  1. If I disable resources (and not revoke) for these new users what will be the group membership status -will they be removed from group?
  2. How to pull existing users under this auto prov umbrella? My thoughts: by writing a custom scheduler that will check resource provisioned and make it as part of the group, but will resource be revoked automatically if group is removed for these users? If not what should be the approach for existing users?
  Thanks in advance

  I've completed a similar tasks using SQL.Take a look at the following table and you can do these tasks:
  UPP, UPD, USG, POG and AD group table 'UD_ADUSRC'

• Pb with populating newly added AD fields for existing users

  Hello,
  Let's say that we have version 10 of the AD process form pushed to production.
  Then we decided to push version 11 of the AD process form, which now has 4 more fields, to prod.
  For new users, we can see that the new fields are populated and the data flows down to AD.
  But, how do things work for existing users with existing AD account?
  How can we make the new fields appear in the process form of an existing user with old AD account that did not contain the new 4 fields.
  Thanks
  Khanh

  FVC or Form Version Control Utility is specifically designed for this purpose. Refer OIM documentation & also have a look at the following links:
  http://download.oracle.com/docs/cd/E10391_01/doc.910/e10363/appc.htm
  http://oim-iam.blogspot.com/2010/04/oim-fvc.html
  Thanks
  SRS

• Create new mailbox for existing users?

  Hi All,
  I am new to JNDI concepts. I need to create new mailbox for existing users in domino directory. is it possible?
  Scenario is : I have some users in domino directory. They dont have mail account now. I want to create it.
  Kindly guide me...
  Thanks,
  Ram

  Hi,
  You can try LSMW (Direct method) for uploading class values.
  Upload file can hae following structure:
  OBJEK     |     ATINN     |     KLART     |     ATWRT
  Release Grou+Release strategy |     Characteristic name     |     Class type     |     Class Value
  e.g. rel grp is PO, rel strategy is 01, characteristic name is EBAN_EKORG, and class value is 1000 then
  OBJEK     |     ATINN     |     KLART     |     ATWRT
  PO01     |     EBAN_EKORG |     032     |     1000
  multiple characterstics can be
  OBJEK     |     ATINN     |     KLART     |     ATWRT
  PO01     |     EBAN_EKORG |     032     |     1000
  PO01     |     EBAN_EKGRP |     032     |     100
  Regards,
  Yogesh

• Problems with a certain program for existing users

  Hello,
  We have problems with a third party software application. We have installed this software program on a terminal server (server 2003 32bit) and when we open this software with a existing user account the application crashes with the following entry in the
  eventviewer:
  Application Error 100
  Faulting application ProTime.exe, version 4.1.0.9, faulting module msvbvm60.dll, version 6.0.97.82, fault address 0x000fd0d9.
  For more information, see Help and Support Center at
  http://go.microsoft.com/fwlink/events.asp.
  We have checked the eventlog on the server but the only error that we see is the application error 100 when we open the program. Also we checked the rights on the program's database and folders but that doesn't help either.
  The last thing we did was;
  - Installing the software on a brand new virtual server with server 2003 x86 (no other software installed)
  - Installing the software on a new virtual machine with server 2008 r2 x64 (no other software installed)
  The strange thing is when we change something in the compatibility mode setting for example run as windows xp then we can run the program just fine but when the user logs off and log on again it doesn't work until you change something at the compatibility
  mode setting (doesn't mather which setting)
  When we create a new domain user then the software works properly without any settings changed.
  Any idea what could cause this problem?
  Thanks
  With kind regards,
  Lars

  Hi Jesper,
  Sorry for the late response. We think so, atleast the software company says it is.
  We should not use the compat. mode because the application is not working on server 2003 x86, server 2003 x64, server 2008 r2.
  It is just really strange. Software company has no clue how to fix this problem and they say it is caused by the active directory because when we add a new user then the application starts properly. User accounts created a long time ago are not able to start
  the application.

• PF attribute modification in Access Policy for existing users.

  Hi Guys,
  I have an access policy for provisioning a resource. Suppose if I make some changes for the process form attribute value inside the access policy,How can I have the same attribute value reflected in the process form of users who are already provisioned by the access policy?
  Direct database update wont be a good idea here as I am having multiple access policies for the same resource. Is there any table which is having the relation between provisioned resource and curresponding access policy if at all I have to go for a custom scheduled task?
  Thanks,

  Does this solution also supposed to work in OIM 11g? I Tried it but data on the main form does not get reflected on the process form of existing users. For child data it does work.
  Edited by: bsteen on Aug 5, 2011 5:21 AM

• Error "550 5.1.1 ADR.RecipNotFound" for existing user

  Hello!
  Our Exchange infrastructure description, briefly:
  1. Using Exchange 2013 CU7
  2. 2 x MBX+CAS servers (EX1, EX2)
  3. 2 x Edge servers (mx1, mx2)
  4. DAG, 4 DBs
  5. Hybrid Configuration: 200 local users, 15 cloud users
  Our case: sometimes our users receive NDR while sending messages to existing mailboxes:
  "Remote
  Server returned '550 5.1.1 RESOLVER.ADR.RecipNotFound; not found'
  For example, user sent 2 messages, first caused NDR, second was successfully delivered:
  Get-MessageTrackingLog -Sender [email protected] -Recipient [email protected] | fl EventId, Source, TimeStamp, EventData
  EventId : HAREDIRECT
  Source : SMTP
  Timestamp : 15.04.2015 16:58:36
  EventData : {[DeliveryPriority, Normal], [AccountForest, local.domain.ru]}
  EventId : RECEIVE
  Source : SMTP
  Timestamp : 15.04.2015 16:58:36
  EventData : {[FirstForestHop, EX1.local.domain.ru], [Oorg, domain.ru], [ProxiedClientIPAddress, 10.0.100.21], [Proxie
  dClientHostname, mx1.domain.ru], [ProxyHop1, EX1.local.domain.ru(192.168.0.11)], [DeliveryPriority, Normal]
  , [AccountForest, local.domain.ru]}
  EventId : AGENTINFO
  Source : AGENT
  Timestamp : 15.04.2015 16:58:36
  EventData : {[AMA, SUM|action=st|error=|atch=0], [DeliveryPriority, Normal], [AccountForest, local.domain.ru]}
  EventId : FAIL
  Source : ROUTING
  Timestamp : 15.04.2015 16:58:36
  EventData : {[DeliveryPriority, Normal], [Oorg, domain.ru], [AccountForest, local.domain.ru]}
  EventId : HAREDIRECT
  Source : SMTP
  Timestamp : 15.04.2015 18:17:23
  EventData : {[DeliveryPriority, Normal], [AccountForest, local.domain.ru]}
  EventId : RECEIVE
  Source : SMTP
  Timestamp : 15.04.2015 18:17:23
  EventData : {[FirstForestHop, EX2.local.domain.ru], [ProxiedClientIPAddress, 10.0.100.22], [ProxiedClientHostname,
  mx2.domain.ru], [ProxyHop1, EX2.local.domain.ru(192.168.0.12)], [DeliveryPriority, Normal], [AccountForest,
  local.domain.ru]}
  EventId : AGENTINFO
  Source : AGENT
  Timestamp : 15.04.2015 18:17:23
  EventData : {[AMA, SUM|v=0|action=|error=|atch=0], [AMA, EV|engine=M|v=0|sig=1.195.3371.0|name=|file=], [TRA, ETR|ruleI
  d=068e0c20-5de5-48e0-9b53-ea90e5deb5b9|st=12.12.2014 18:27:31|action=SetSCL|sev=1|mode=Enforce], [CompCost
  |AMA=0|ETR=0], [DeliveryPriority, Normal], [AccountForest, local.domain.ru]}
  EventId : SEND
  Source : SMTP
  Timestamp : 15.04.2015 18:17:25
  EventData : {[E2ELatency, 4.863], [Microsoft.Exchange.Transport.MailRecipient.RequiredTlsAuthLevel, Opportunistic], [
  DeliveryPriority, Normal], [AccountForest, local.domain.ru]}
  EventId : DELIVER
  Source : STOREDRIVER
  Timestamp : 15.04.2015 18:17:25
  EventData : {[MailboxDatabaseName, IT], [Mailboxes, c1357fa5-52f2-4d16-8c70-09c9f9c4ab0e], [ToEntity, Hosted], [E2ELate
  ncy, 4.863], [DeliveryPriority, Normal], [AccountForest, local.domain.ru]}
  How can I investigate this issue?

  Hi Turboon,
  Thank you for your question.
  Did this issue occur when mailbox was moved to office 365?
  "Remote Server returned '550 5.1.1 RESOLVER.ADR.RecipNotFound; not found'’ could be occurred if the on-premises mail-enabled user who represents the moved mailbox isn't stamped correctly with the target address. The Exchange server generates an NDR
  message because the on-premises Active Directory Domain Services (AD DS) can't locate the user in order to route the mail correctly. We could add the target address, also known as the service routing address, to the mail-enabled user in the on-premises environment
  by the following steps:
  In a web browser on your local Exchange 2013 server, browse to the Exchange Admin Center,
  Click Recipients, and then click Mailboxes.
  Click the user, and then click Edit.
  Click Email Address, and then click Add, .
  Under Email Address, click SMTP, and then enter the email address. Use the
  <alias>@<domain>.mail.onmicrosoft.com format for the email address.
  Click OK, and then click Save.
  We could refer to the following link:
  https://support.microsoft.com/en-us/kb/2685437
  If there are any questions regarding this issue, please be free to let me know. 
  Best Regard,
  Jim
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
  Jim Xu
  TechNet Community Support

• Business Rules for Business Users

  Folks,
  There is a requirement from my clients to use Business rules by Business users, apparently it is difficult to give them jdeveloper and ask to devlop, have you come across such situation? if so what is the best way to handle such scenarios.
  FYI: we're implementing 11g BRE
  TIA
  Srini

  The only way is to use Rules SDK. We had a similar requirement and had to develop a custom GUI with all CRUD operations using Rules SDK.
  The starting points are:
  http://download.oracle.com/docs/cd/E12839_01/apirefs.1111/e10663/toc.htm
  http://download.oracle.com/docs/cd/E12839_01/integration.1111/e10227/toc.htm (especially RuleSession)
  or simply starting from the master index (search for Business rules)
  http://download.oracle.com/docs/cd/E12839_01/nav/portal_booklist.htm
  rgds

• Change display name for existing users

  Hi,
  We have alot of users in our Active Directory. After an migration our existing users are displaying their name wrong. When we create a new user the display name is set FirstName LastName. But all of our old users have their User logon name as display name.
  Is there a way to change the display name of our old users to FirstName LastName instead of the user logon names they are displaying now? Doing this per user is a hell of a job so this really isn't an option.
  Example:
  Full name: Peter Peterson. User logon name: pepeter. Display name: pepeter. (old user)
  Full name: Tom Thompson. User logon name: tothomp. Display name: Tom Thompson. (new user)
  Greetz,
  Tom

  I have found a script for Powershell that may be the answer to my question. There is only one thing that is not in the script. The script runs for all users. The PageSize is set to 2000 so it runs 2000 entries. Is there a way that I can run this script for
  all Users in AD that start with the letter "A" or with an other letter. :P
  $previewMode = $true #change value to $false ONLY after you have verified the preview!!!
  $CurrentDomain = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
  $Domain = [System.DirectoryServices.DirectoryEntry]"LDAP://$CurrentDomain"
  $Searcher = New-Object System.DirectoryServices.DirectorySearcher
  $Searcher.PageSize = 2000
  $Searcher.SearchScope = "Subtree"
  $Searcher.Filter = "(&(objectCategory=person)(objectClass=user)(!(objectClass=computer)))"
  $Searcher.PropertiesToLoad.Add("userPrincipalName") > $Null
  $Searcher.PropertiesToLoad.Add("givenName") > $Null
  $Searcher.PropertiesToLoad.Add("sn") > $Null
  $Searcher.PropertiesToLoad.Add("distinguishedName") > $Null
  $Searcher.SearchRoot = "LDAP://" + $Domain.distinguishedName
  $SearchResults = $Searcher.FindAll()
  $dnsSuffix = $CurrentDomain.Name
  foreach ($Result in $SearchResults){
                 $firstName = $Result.Properties.Item("givenName")
                 $lastName = $Result.Properties.Item("sn")
                 $newLogonName = "$firstName $lastName"
                  [System.DirectoryServices.DirectoryEntry]$userObject = $Result.GetDirectoryEntry()
                  $oldLogonName = $userObject.sAMAccountName
      Write-Host "Changing $oldLogonName to $newLogonName..."
      try {
          if (!($previewMode)) {
                     $userObject.cn = $newLogonName           
             $userObject.CommitChanges()
          Write-Host "$oldLogonName successfully changed to $newLogonName."
      catch{
          Write-Host "Error changing $oldLogonName to $newLogonName."

• Mountain Lion upgrade effects mail rules for all users

  After upgrading to Mountain Lion, the mail rules appear to be "shared" for all user on our Mac. When a user adds a rule, everyone sees this rule.  Some mail rules are lost in the process.  How can we fix this?

  If it is hanging on the 'upgrading database' portion please see this discussion and the solution posted by registerednderd at the bottom of the first page.  It worked for me at least to get past the 'upgrading database' hangup and then to import the old messages.
  https://discussions.apple.com/thread/4137441

• What does the Mac App store mean for existing users of Aperture?

  I was wondering how the Mac App store will affect existing users of the software. I have purchased Aperture and upgrades since its launch but because I've not purchased through the App store, how will I gain access to future upgrades?
  When I go to the Aperture app in the store it shows as being installed but as I've not purchased it through the store, will I be eligible for future upgrades or will Apple expect me to purchase again?

  There is no way Apple can update Aperture 3 without offering that update to every user, regardless of where the app was purchased. So, expect that Aperture 3.1.2 or whatever will be available to you in some fashion.
  When the next paid Upgrade (to Aperture 4?) comes along, then we'll have to see what arrangements the offer.
  Regards
  TD

• *** SPAM *** - rule for all users

  hello.
  is it possible to create one rule to all users that move all emails with *** SPAM *** in subject line to specific folder eg SPAM? or push one rule to all users?
  SLES10+GW8
  regards
  Mirek

  On 3/29/2012 9:36 AM, leroyjjr wrote:
  >
  > Michael Bell;2186127 Wrote:
  >> On 3/29/2012 1:16 AM, mmadej wrote:
  >>>
  >>> Thank you,
  >>> I can change only subject, no add X-spam header.
  >>>
  >>> 3. every user create rule - simple and free
  >>>
  >>> regards
  >>> Mirek
  >>>
  >>>
  >> Well you have more talented users than most. ;)
  >
  > Michael,
  > Will that also work for GroupWise2012 on SLES11/OES11 as
  > well?
  >
  > Leroy Joseph
  > Visual Click Software
  > 'eDirectory Management and Reporting | DSRAZOR for eDirectory'
  > (http://www.visualclick.com/content/d...edirectory.htm)
  >
  >
  will WHICH work?
  1. yes, built into admin snapins, and gwia
  2. yes, but you'll need a windows workstation to run vertigo on, because
  it uses a mixture of soap and admin api, the latter only beig
  available on windows
  3. yes, but it depends on user education.

• Have Adobe Standard CS 5 (Student), and would like to upgrade to Creative Cloud (Non-Student) - won't accept my serial number for special pricing for existing users

  I currently use Adobe Standard CS 5. It was bought with the Education discount. I would like to upgrade to Creative Cloud and see that they have special pricing for existing customers that use past versions of Creative Suite. I am no longer in Education, so I will have to buy a full version. This is fine, but it won't accept my serial number for the discounted pricing. Is there something else I should be doing?

  Hi there
  Please contact our Sales team who will assist with your order - 800-585-0774
  Thanks
  Bev

• Change EXPIRY_DATE for existing user

  Hello dba-gurus !
  Since I'm a beginner (and the real dba is on holiday) maybe this is a stupid question :
  How can I change the value of EXPIRY_DATE ??
  The Backup user account "rman" is expired.
  when i query dba_users i'll get :
  USERNAME EXPIRY_DA ACCOUNT_STATUS
  RMAN 20-MAY-10 EXPIRED
  is there away to disable expiration or set the expiration to a date of my choice ?
  All i found in google was default profile related.
  Does this also effect existing users ?
  regards

  thanks, thats exactly what i want to know.
  I executed "ALTER PROFILE DEFAULT LIMIT PASSWORD_LIFE_TIME UNLIMITED;"
  and when i query the dba_users expired,expiry date is the same values.
  Shouldn't these values also change or are they just ignored?
  However, I'ill see this on next rman-logs.

• More rules for Unlimited users to consider.  Are you among the 5%?

  This is taken from the this website's  "Important Plan Information" link found on the "Change Minutes, Text or Data" page.
  (My underlines)
  DATA SERVICES
  Verizon Wireless strives to provide customers the best experience when using our network, a shared resource among tens of millions of customers. To help achieve this, if you use an extraordinary amount of data and fall within the top 5% of Verizon Wireless data users we may reduce your data throughput speeds periodically for the remainder of your then current and immediately following billing cycle to ensure high quality network performance for other users at locations and times of peak demand. Our proactive management of the Verizon Wireless network is designed to ensure that the remaining 95% of data customers aren't negatively affected by the inordinate data consumption of just a few users.
  You may use Mobile Hotspot or any other Wi–Fi hotspot or tethering service to use your smartphone or basic phone as a Wi–Fi hotspot or to tether it to your computer or tablet. If you subscribe to a data plan or package with an unlimited data allowance, there is an additional $20/month fee to do so.
  We further reserve the right to take measures to protect our network and other users from harm, compromised capacity or degradation in performance. These measures may impact your service, and we reserve the right to deny, modify or terminate service, with or without notice, to anyone we believe is using Data Plans or Features in a manner that adversely impacts our network.

  Hi all,
  In my case, the customized add-on (huge & extensive add-on modules) for a single customer company we are developing right know is almost complete and will be installed at the client production server (without the newly developed add-on) which  Go-Live a few days already.
  The add-on is being tested on several sap b1 laptop (pro licensed installed) and I assume it is running with compatibilty mode.
  Now the issue is, since it only means for that particular company add-on and won't be SAP certified or resell, we just decided to ignore the add-on identifier in the coding side. Does it also will leads us to Jan 2008 compatibilty issue aferwards as well? No other forum thread or official announcement from SAP so far..any thoughts?
  Any feedback is appreciated.
  Shukri - Malaysia