Remove encryption for users?
Hi,
Is it possible to remove the possibility for users to encrypt documents, both using certificates and password? I am a aware that a combination of removing DigSig.api and PKKlite.api, and setting FIPSMode will do the job. But is it a better way of achieving this?
-Rasmus
I removed the beforementioned plug-ins, but unfortunately this interefered with other critical Acrobat plug-ins. I created a pdf with buttons and actions, saved the document and closed Acrobat. When tried to open the document with Acrobat Pro the program would crash. After I reinstalled the plug-ins this behaviour stopped. Do I really have to sacrifice program functionality and reliability to keep my users from encrypting documents?
-Rasmus
Similar Messages
-
Remove phonenumber for user in spesific OU
HI all,
not a PowerShell guru,but found that i can run following command to SET officephone for every user in a spesific OU
get-aduser -Filter * -SearchBase "ou=testou,dc=test,dc=net" | Set-ADUser -OfficePhone 555-555-1212
But i want to REMOVE Officephone for all users in a spesific OU instead.What would be the correct command to add?
Thanks!
Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2workHi o2w,
it is a slight modification of your current example:
get-aduser -Filter * -SearchBase "ou=testou,dc=test,dc=net" -Property OfficePhone | Set-ADUser -Remove @{ OfficePhone = $_.OfficePhone }
Cheers,
Fred
There's no place like 127.0.0.1 -
Trying to disable Encryption for users through the Customization wizard
I am trying to create a transform through the Customization Wizard that will disable users from seeing or selecting Encryption when they have a PDF file open. I know that in the security-policy.acrodata file that if /SP_IsHidden [/b true] in the file then Encryption is hidden. My question, how do I do that for all users during or after a new install. And how would I modify existing users profiles to achive the same result?
Please see [/questions/887078#answer-261172]
-
Remove personalization for users
Hi,
we are running a portal for many thousand users. We have restricted personalization on the portal so that the user cannot personalize anything.
However after an upgrade, personalization was allowed at some placed for a short while before we removed it. However a couple of users managed to personalize their site, and now we wan't remove their personalization and reset their portal to the default one.
Does anyone know how to do this.
Are there table in the DB where personalization is stored.
We are running EP 60 SP2 Patch 3 hotfix 7 on AIX
Thanks,
MikkelIn EP5, personalization details was stored in PCD - Database.
If only couple of users, then you can delete these users when they are not using the portal and recreate the user ids with default portal personalization. This is just a work around, i am sure there will be better option in EP6.
If you are fine with the work around, give some points.
Thanks
Senthil -
Remove encryption or protection for many PDFs in Action Wizard?
Hello,
I can remove encryption manually for each PDF file, but I have hundreds of files so it is impossible to do it manually.
From what I know, in Action Wizard, I can only add encryption for many files, there seems to be no 'encryption remove' function in Action Wizard for me to apply to many files.
So, my question is, how do I remove encryption for many PDF files at once without having to so manually?
Thank you.Sir, what you said makes perfect sense but it may work only in case the files are protected with a password.
This case seems different.
I remove the protection manually by choosing Protection --> Encrypt --> Remove.
No password whatsoever.
After that, I am able to Edit Object, Edit Document Text, Add or Edit Text Box.
To make sure I followed your steps correctly, this is how I did it:
http://img141.imageshack.us/img141/3079/screenshot20110315at616.png -
Mailbox cleanup could not completely remove the mailbox for user
Hello.
I have Exchange 2010SP3 2 DAG member in cluster.
Recently i have warning in app log on a second DAG member:
Mailbox cleanup could not completely remove the mailbox for user GUID.Encountered error 0xfffffae8. Should this message continue to persist for the same mailbox, it may be indicative of a problem that requires further investigation.
I read all post wich say just unmount and mount database.
I can't find any user wich have guid containted in error.
So that i need to do?
Can i use StartDAGmaintenance and reboot a server,then after reboot use StopDAGmaintenance?Hi,
I suggest to refer to this blog to find this mailbox by GUID.
http://blogs.technet.com/b/ehlro/archive/2010/04/22/how-to-find-the-object-that-belongs-to-a-guid.aspx
Then check which database this mailbox belongs to, dismount and mount this database.
Best Regards.
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
Lynn-Li
TechNet Community Support -
I am trying to remove the backup encrypt for my Iphone 4 but the itunes ask for the password and basically I have not set any password before ...!!! Please note that I entered the password for my apple account and also it did not work, how i can reset it?
You can't reset it. If you don't konw the password then you can't use that backup
-
Remove sysdba privilege for user
Hi,
$ sqlplus
SQL*Plus: Release 9.2.0.7.0 - Production on Thu Apr 19 05:57:41 2007
Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.
Enter user-name: / as sysdba
Connected to:
Oracle9i Release 9.2.0.7.0 - 64bit Production
JServer Release 9.2.0.7.0 - Production
SQL> exit
Disconnected from Oracle9i Release 9.2.0.7.0 - 64bit Production
JServer Release 9.2.0.7.0 - Production
$
$
$ id
uid=5000(webman) gid=103(wbroot)
$I want to remove "sysdba" connect privilege for user "webman", what do I need to do?
I am on HPUX
ThanksI tried the revoke command below & I am stiil able to connect as "/ as sysdba" for webman.
revoke sysdba from webman;These are the users on in the DB.
SQL> select username from dba_users;
USERNAME
SYS
SYSTEM
OUTLN
WEBMAN
DBSNMP
SECW
SEC
DAEMON
8 rows selected.
SQL> select username,granted_role,default_role from user_role_privs;
USERNAME GRANTED_ROLE DEF
WEBMAN CONNECT YES
WEBMAN DBA YES
WEBMAN OT_ADM YES
WEBMAN OT_OWNER_ROLE YES
WEBMAN OT_SEC YES
WEBMAN OT_USR YES
WEBMAN RESOURCE YES
7 rows selected. -
Hi ,
we are planning to implement Transparent Data Encryption for 11.2.0.4 11g DB .
My Query is Whether SYS DB user will be able to Decrypt all encrypted Columns.
we have tested for Virtual Private Database Policy, and found out that it applies Policy for all DB Users except SYS.
so now we have a query whether encryption will be applied for all DB users except for SYS.?
regards
Abdulrahman
(P.S: attached is document how we tested for Virtual Private Database , if we can somehow disable SYS access to specific tables also our compliance requirement will be met thanks )http://docs.oracle.com/cd/E11882_01/network.112/e40393/asotrans.htm#ASOAG600
"Transparent Data Encryption(TDE) enables you to encrypt sensitive data, such as credit card numbers, stored in tables and tablespaces. Encrypted data is transparently decrypted for a database user or application that has access to data. TDE helps protect data stored on media in the event that the storage media or data file gets stolen."
TDE encrypts data blocks.
Users are not aware that the objects they query are encrypted - this is the reason it is called 'transparent'. -
Remove T Code for each ROLE for user
Hi Experts
Can anyone tell me how to remove the T code for each role which was define individually for users Eg
CR01 has been assign to 50 users, the difficulty is I have to go to each role then search for CR01 t code then delete and again generate the Authorization
In this way there are so many t codes which I have to go one by one to delete it.
Any help to remove the t-code for each role through any way.
regards
Piroztry the Security forum at Security
they might have trick (such as CATT scripts).
doing this via SQL commands is dangerous. avoid this solution if you are not 100% sure of its impact. -
Need help with Java app for user input 5 numbers, remove dups, etc.
I'm new to Java (only a few weeks under my belt) and struggling with an application. The project is to write an app that inputs 5 numbers between 10 and 100, not allowing duplicates, and displaying each correct number entered, using the smallest possible array to solve the problem. Output example:
Please enter a number: 45
Number stored.
45
Please enter a number: 54
Number stored.
45 54
Please enter a number: 33
Number stored.
45 54 33
etc.
I've been working on this project for days, re-read the book chapter multiple times (unfortunately, the book doesn't have this type of problem as an example to steer you in the relatively general direction) and am proud that I've gotten this far. My problems are 1) I can only get one item number to input rather than a running list of the 5 values, 2) I can't figure out how to check for duplicate numbers. Any help is appreciated.
My code is as follows:
import java.util.Scanner; // program uses class Scanner
public class Array
public static void main( String args[] )
// create Scanner to obtain input from command window
Scanner input = new Scanner( System.in);
// declare variables
int array[] = new int[ 5 ]; // declare array named array
int inputNumbers = 0; // numbers entered
while( inputNumbers < array.length )
// prompt for user to input a number
System.out.print( "Please enter a number: " );
int numberInput = input.nextInt();
// validate the input
if (numberInput >=10 && numberInput <=100)
System.out.println("Number stored.");
else
System.out.println("Invalid number. Please enter a number within range.");
// checks to see if this number already exists
boolean number = false;
// display array values
for ( int counter = 0; counter < array.length; counter++ )
array[ counter ] = numberInput;
// display array values
System.out.printf( "%d\n", array[ inputNumbers ] );
// increment number of entered numbers
inputNumbers++;
} // end close ArrayYikes, there is a much better way to go about this that is probably within what you have already learned, but since you are a student and this is how you started, let's just concentrate on fixing what you got.
First, as already noted by another poster, your formatting is really bad. Formatting is really important because it makes the code much more readable for you and anyone who comes along to help you or use your code. And I second that posters comment that brackets should always be used, especially for beginner programmers. Unfortunately beginner programmers often get stuck thinking that less lines of code equals better program, this is not true; even though better programmers often use far less lines of code.
// validate the input
if (numberInput >=10 && numberInput <=100)
System.out.println("Number stored.");
else
System.out.println("Invalid number. Please enter a number within range."); Note the above as you have it.
// validate the input
if (numberInput >=10 && numberInput <=100)
System.out.println("Number stored.");
else
System.out.println("Invalid number. Please enter a number within range."); Note how much more readable just correct indentation makes.
// validate the input
if (numberInput >=10 && numberInput <=100) {
System.out.println("Number stored.");
else {
System.out.println("Invalid number. Please enter a number within range.");
} Note how it should be coded for a beginner coder.
Now that it is readable, exam your code and think about what you are doing here. Do you really want to print "Number Stored" before you checked to ensure it is not a dupe? That could lead to some really confused and frustrated users, and since the main user of your program will be your teacher, that could be unhealthy for your GPA.
Since I am not here to do your homework for you, I will just give you some advice, you only need one if statement to do this correctly, you must drop the else and fix the if. I tell you this, because as a former educator i know the first thing running through beginners minds in this situation is to just make the if statement empty, but this is a big no no and even if you do trick it into working your teacher will not be fooled nor impressed and again your GPA will suffer.
As for the rest, you do need a for loop inside your while loop, but not where or how you have it. Inside the while loop the for loop should be used for checking for dupes, not for overwriting every entry in the array as you currently have it set up to do. And certainly not for printing every element of the array each time a new element is added as your comments lead me to suspect you were trying to do, that would get real annoying really fast again resulting in abuse of your GPA. Printing the array should be in its own for loop after the while loop, or even better in its own method.
As for how to check for dupes, well, you obviously at least somewhat understand loops and if statements, thus you have all the tools needed, so where is the problem?
JSG -
I have a java application (SSO via SAML2) that uses Weblogic as a Identity Service Provider. All works well using users created directly in Weblogic. However, I need to add support for Active Directory. So, as per documentation:
- I defined an Active Directory Authentication provider
- changed it's order in the Authentication Providers list so that it comes first
- set the control flag to SUFFICIENT and configured the Provider Specific; here's the concerned part in config.xml:
<sec:authentication-provider xsi:type="wls:active-directory-authenticatorType">
<sec:name>MyOwnADAuthenticator</sec:name>
<sec:control-flag>SUFFICIENT</sec:control-flag>
<wls:propagate-cause-for-login-exception>true</wls:propagate-cause-for-login-exception>
<wls:host>10.20.150.4</wls:host>
<wls:port>5000</wls:port>
<wls:ssl-enabled>false</wls:ssl-enabled>
<wls:principal>CN=tadmin,CN=wl,DC=at,DC=com</wls:principal>
<wls:user-base-dn>CN=wl,DC=at,DC=com</wls:user-base-dn>
<wls:credential-encrypted>{AES}deleted</wls:credential-encrypted>
<wls:cache-enabled>false</wls:cache-enabled>
<wls:group-base-dn>CN=wl,DC=at,DC=com</wls:group-base-dn>
</sec:authentication-provider>
I configured a AD LDS instance(Active Directory Lightweight Directory Services) on a Windows Server 2008 R2. I created users and one admin user "tadmin" which was added to Administrators members. I also made sure to set msDS-UserAccountDisabled property to FALSE.
After restarting Weblogic I can see that the AD LDS's users and groups are correctly fetched in Weblogic. But, when I try to connect with my application, using Username:tadmin and Password:<...> it does not work.
Here's what I see in the log file:
<BEA-000000> <LDAP Atn Login username: tadmin>
<BEA-000000> <authenticate user:tadmin>
<BEA-000000> <getConnection return conn:LDAPConnection {ldaps://10.20.150.4:5000 ldapVersion:3 bindDN:"CN=tadmin,CN=wl,DC=at,DC=com"}>
<BEA-000000> <getDNForUser search("CN=wl,DC=at,DC=com", "(&(&(cn=tadmin)(objectclass=user))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))", base DN & below)>
<BEA-000000> <DN for user tadmin: null>
<BEA-000000> <returnConnection conn:LDAPConnection {ldaps://10.20.150.4:5000 ldapVersion:3 bindDN:"CN=tadmin,CN=wl,DC=at,DC=com"}>
<BEA-000000> <getConnection return conn:LDAPConnection {ldaps://10.20.150.4:5000 ldapVersion:3 bindDN:"CN=tadmin,CN=wl,DC=at,DC=com"}>
<BEA-000000> <getDNForUser search("CN=wl,DC=at,DC=com", "(&(&(cn=tadmin)(objectclass=user))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))", base DN & below)>
<BEA-000000> <DN for user tadmin: null>
<BEA-000000> <returnConnection conn:LDAPConnection {ldaps://10.20.150.4:5000 ldapVersion:3 bindDN:"CN=tadmin,CN=wl,DC=at,DC=com"}>
<BEA-000000> <javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User tadmin denied
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:229)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
So, I tried to look why do I have: <DN for user tadmin: null>. Using Apache Directory Studio I reproduced the ldap search request used in Weblogic and, sure enough, I get no results. But, changing the filter to only "(&(cn=tadmin)(objectclass=user))" (NOTICE, no userAccountControl), it works; here's the result from Apache Directory Studio:
#!SEARCH REQUEST (145) OK
#!CONNECTION ldap://10.20.150.4:5000
#!DATE 2014-01-23T14:52:09.324
# LDAP URL : ldap://10.20.150.4:5000/CN=wl,DC=at,DC=com?objectClass?sub?(&(cn=tadmin)(objectclass=user))
# command line : ldapsearch -H ldap://10.20.150.4:5000 -x -D "[email protected]" -W -b "CN=wl,DC=at,DC=com" -s sub -a always -z 1000 "(&(cn=tadmin)(objectclass=user))" "objectClass"
# baseObject : CN=wl,DC=at,DC=com
# scope : wholeSubtree (2)
# derefAliases : derefAlways (3)
# sizeLimit : 1000
# timeLimit : 0
# typesOnly : False
# filter : (&(cn=tadmin)(objectclass=user))
# attributes : objectClass
#!SEARCH RESULT DONE (145) OK
#!CONNECTION ldap://10.20.150.4:5000
#!DATE 2014-01-23T14:52:09.356
# numEntries : 1
(the "[email protected]" is defined as userPrincipalName in the tadmin user on AD LDS)
As you can see, "# numEntries : 1" (and I can see as result the entry "CN=tadmin,CN=wl,DC=at,DC=com" in Apache Directory Studio's interface); if I add the userAccountControl filter I get 0.
I've read that the AD LDS does not use userAccountControl but "uses several individual attributes to hold the information that is contained in the flags of the userAccountControl attribute"; among those attributes is msDS-UserAccountDisabled which, as I said, I already set to FALSE.
So, my question is, how do I make it work? Why do I have "<DN for user tadmin: null>" ? Is it the userAccountControl ? If it is, do I need to do some other configuration on my AD LDS ? Or, how can I get rid of the userAccountControl filter in Weblogic?
I didn't seem to find it in config files or in the interface: I only have "User From Name Filter: (&(cn=%u)(objectclass=user))", there's no userAccountControl.
Another difference I noticed is that, even though in Weblogic I have set ssl-enabled flag to false, in the logs I see ldaps and not ldap ( I'm not looking to setup something production-ready and I don't want SSL for the moment ).
Here are some other things I tried but did not change anything:
- the other "msDS-" attributes were not set so I tried initializing them to some value
- I tried other users defined in AD LDS, not tadmin
- in Weblogic I added users that were imported from AD LDS in Roles and Policies> Realm Roles > Global Roles > Roles > Admin
- I removed all userAccountControl occurrences that I found in xml files in Weblogic (schema.ms.xml, schema.msad2003.xml)
Any thoughts?
Thanks.I managed to narrow it down: the AD LDS does not support the userAccountControl.
Anyone knows how I can configure my Active Directory Authentication Provider in Weblogic so that it does not implicitly use userAccountControl as filter?
<BEA-000000> <getDNForUser search("CN=wl,DC=at,DC=com", "(&(&(cn=tadmin)(objectclass=user))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))", base DN & below)> -
As ive seen in other posts Im having a problem with the e-qip website. It states that I dont have 128 bit encryption. Im running firefox 33.0 It has a walk through on how to configure firefox to work with the site but the directions are obviously old and I dont have any of the controls they are adjusting!
The Mozilla browsers which include Firefox has supported 256-bit even encryption for a long time now.
The issue could perhaps be the e-qip site is still looking for the old obsolete '''U''' in the useragent which was used to specify the encryption strength of 128-bit though 256-bit has been supported for a long while already at time by Mozilla applications. This "U" was removed in Firefox useragent as of 4.0 which was released March 22nd, 2011. The old 3.6.x was the last to have it.
http://en.wikipedia.org/wiki/User_agent#Encryption_strength_notations
https://hacks.mozilla.org/2010/09/final-user-agent-string-for-firefox-4/ -
Anyone using SecureDoc Full-Disk Encryption for Mac from WinMagic?
Currently I am using Mac OS X v10.5 on a MBP and want to upgrade to Snow Leopard. I use PGP full disk encryption.
I do not want to wait anymore for PGP v10 before I can upgrade to Snow Leopard. In my search for a replacement for PGP I found SecureDoc Full-Disk Encryption for Mac from WinMagic.
https://www.winmagic.com/products/full-disk-encryption-for-mac
They claim to be Snow Leopard compatible
https://www.winmagic.com/kw/download.php?url=/datasheets/securedocmac_brochure20090925a.pdf
I have two questions:
1) Does anyone have experience with SecureDoc Full-Disk Encryption for Mac from WinMagic?
2) Where can I buy one? PGP has a store where I ordered my copy of the software. But I can't find a store anywhere for SecureDoc. With some trouble I found a reseller in the Netherlands, but they don't reply to any questions.I am currently testing a trial license from Checkpoint Full Disk Encryption.
http://www.checkpoint.com/products/datasecurity/pc/index.html
The company where I work is a Checkpoint reseller, and normally only has dealings with other companies, not end users. But we arranged a trial license and I can buy a single user license Checkpoint Full Disk Encryption if the test proves Checkpoint Full Disk Encryption is a good solution.
I created a bootable usb disk with Snow Lepoard on it. But I was unable to install FDE on it. After reboot I only get a blank screen, that's it. Probably it isn't supported to boot from a full disk encrypted removable drive, I can understand that.
I can't create a virtual Snow Leopard machine (legal reasons) to test it on. And all FDE solutions I found aren't compatible with Mac Server, which is a shame because you can virtualize Mac Server legally.
So now I am planning to change the hard-disk of my MBP this evening with another hard-disk to test Checkpoint FDE there. I don't want to upgrade my current Leopard installation to Snow Leopard only to discover it doesn't work as expected. I could of-course use my current installation and when it doesn't work rollback to a timemachine backup, but before that I have to decrypt my disk and uninstall PGP witch will take 1-2 days, and encrypt again when the test is over. Not pratical.
I will let you know how the test with Checkpoint Full Disk Encryption went! -
I removed SkyDrive for Business and installed OneDrive for Business on my laptop. After that, I had problems opening a Word and Excel document in a SharePoint site (SP2013). After installing Service Pack2 from Office2010, this problem is solved.
But I still have the same problem with InfoPath. Whenever I click an InfoPath form (I have InfoPath 2010 on my laptop),...
... I get the error "cannot display web page".
When I change the URL
ms-infopath:ofe|u|http://intranet.water-link.be/samenwerken/awwit/Autorisaties/Gebruikersbeheer/2015-02-25%20Aanvraag%20gebruikersbeheer%20voor%20Stephanie%20Geeraerts.xml
into
http://intranet.water-link.be/samenwerken/awwit/Autorisaties/Gebruikersbeheer/2015-02-25%20Aanvraag%20gebruikersbeheer%20voor%20Stephanie%20Geeraerts.xml
I can open the InfoPath form and read it.
Any ideas about how to fix this ? I already tried to restore the Office 2010 via Control Panel - Install Programs but without any success...Hi Gert,
As I understand, you can’t open InfoPath form in SharePoint 2013 unless you change the URL without “ms-infopath:ofe|u|”.
There are some reasons which maybe cause this issue, and you can try to do things below:
Access CA -> General Application Settings -> Configure InfoPath Form Service -> Check the two options in User Browser-enabled Form Templates.
Go into the registry by typing regedit from the Run line and rename the SharePoint.OpenDocuments.5 key (ex. SharePoint.OpenDocuments.5.old) under HKEY_CLASSES_ROOT.
In library settings, click "relink documents to this library".
Here are some similar posts for your reference:
http://blogs.technet.com/b/office_integration__sharepoint/archive/2014/02/24/quot-the-webpage-cannot-be-displayed-quot-when-trying-to-open-edit-an-office-file-from-a-sharepoint-2013-site.aspx
http://www.infopathdev.com/forums/t/28998.aspx
Thanks,
Wendy
TechNet Community Support
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
[email protected]
Maybe you are looking for
-
Using xsgl:insert-request to insert non-English character data from HTML form
I tried to insert a text written in French and pasted into an HTML form into my database following the recipe from the XSQL release notes. The table: create table content_object ( id number(9) constraint pk_content_object primary key, author number(9
-
Carried forward balance through f.07 and ledger balance are not tallying
Hi experts, When I try to execute F.07 last month (fiscal year April-March), carried forward balance and closing balance as per ledger are not matching for Customers. Could you suggest the possible reasons? Thanks
-
Error in importing data from multiple ASCii files, Concatenat​e
I am trying to use the "Importing Data From Multiple ASCII FIles.VBS" and the "Concatenate Groups.VBS" scripts downloaded from here, http://zone.ni.com/devzone/cda/epd/p/id/3870. When I run the importing data script and test it by highlighting the ex
-
[svn:fx-] 13817: Branch maintenance:
Revision: 13817 Revision: 13817 Author: [email protected] Date: 2010-01-27 11:29:27 -0800 (Wed, 27 Jan 2010) Log Message: Branch maintenance: - remove branches/3.2.0 Removed Paths: flex/sdk/branches/3.2.0/
-
I bought a new Sony camera and I went out to do some tests. I ended up shooting some great images (about 500) of a series that was screaming "BOOK". So I decided to make my third book using LR4 (the other two were quite good, despite Lightroom's ma