Restricted ODI user / how to connect without providing master rep passwd ?

Similar Messages

• HOW TO CONNECT WITHOUT WIFI

  HOW DO CONNECT MY APPLE TV TO MY MODERN AS I HAVE ADSL CONNECTION AND NOT WIFI, IS THERE A CERTAIN CABLE I HAVE TO BUY OR GET MADE PLEASE HELP ASAP AS VERY KEEN TO WATCH MY TV SERIES ON A LARGER SCREEN INSTEAD OF MY MAC.

  If you don't have wifi, you will need an ethernet cable.

• 1 router === 2 ASA (how to connect without switch)

  Internet ----  ASR ------ Switch ------- ASA 1 (active) 
                                         |              |
                                         |              |
                                         |---------- ASA 2 (standby)
  ASR supports BDI (Bridge Domain Interface), in that case, it seems like possible.

  Hi,
  I think you might be able to bridge the 2 interfaces (even if they are not switchports) and enable the use of ASA Failover behind the 2 interfaces. I have only operated one ASR1001 just lately. To my understanding every port it has is a normal router port.
  Have a look at this section of the configuration guide
  http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/bdi.html
  Also have a look at this thread on these forums which seems to handle the same situation as yours
  https://supportforums.cisco.com/thread/2169496
  Hope this helps
  Please remember to mark the question as answered if it was.
  - Jouni

• How to Restrict the users in oracle applications

  Hi,
  I want to Restrict the users in oracle applications without using database
  can any one please expalin me how to resttrict the users using middletier
  Thanks
  Gita

  HI srini ,
  my application version 12.0.4 and database is 10.2.0.4
  and i want to restrict the No of users
  exp i have have 500 users and i want restrict to 100 only
  how can i do that please explain
  Thanks,
  Sudheer

• How to restrict the user id to a specific company code?

  Hi,
  I want to restrict a user id to access a specific company code only for both customizing and application data creation. This means that the user id can do customizing and create application data for that company code only and not for any other company codes.
  how can i do this?

  Hello Raja,
  You requirement of restricting users for application data can solved by adding the company code in the organization level button and the user will be restricted to mainatin application (transaction) data for the org element for which he is authorized for, if the transaction has objects which check company code.
  Customizing data authorization can be very tricky, as most of the customizing transactions are for maintaining customizing tables will not necessarily have an authorization check for org elements. In this case you may to manually insert a object called S_TABU_LIN alongwith S_TABU_DIS it will perform the job of restricting authorizations.
  In cases where the end user is accessing tables directly with SE16 S_TABU_DIS is the object that is check and maintained in PFCG.But,Such a restriction cannot be made with S_TABU_DIS alone. Fortunately SAP provides us with another authorization object S_TABU_LIN (Authorization for Organizational Unit), which can be used in conjunction with S_TABU_DIS to enforce such a restriction.
  This authorization object works only with Maintenance Views and Customizing tables. Also note that an Organization Criterion is a prerequisite for implementing the same
  A detailed step by step procedure to be followed is given below:
  1. The first step in implementation of line authorization is defining an Organization Criterion. For this we need to access the u201CSAP Reference IMGu201D customization page from SPRO transaction.
  2. From the IMG display screen select SAP Web Application Server -> System Administration -> Users and Authorizations -> Line Oriented Authorizations. Select the execute ( ) button for the u201CDefine Organization Criteriau201D.
  3. The resulting table display show all available Org Criteria values existing in the system. For our purposes we will create a new Org Criteria to suit our needs. Select the tab u201CNew Entriesu201D as shown below.
  4. Give an appropriate name starting with Y or Z for the new value. Note that a name starting with another letter will not be accepted by the SAP system. Click on u2018Saveu2019 button to save the newly created Org Criteria. This opens a new window asking for a Workbench Transport Request. This would be required so as to transport the new Line authorization restrictions further to the test and production systems.
  5. Now select the new Org Criterion u201CY_TESTu201D and double-click the u201CAttributesu201D tab as below to define the various Org Attributes.
  6. Provide the new Attribute name and Description for the same. Also fill the Authorization field value from the provided dropdown (1st Org Criterion Attribute u2026. 8th Org Criterion Attribute). The search help field is an optional field which can be filled if a search criterion exists or has been created earlier for the specific purpose. This field enables the u201CF4u201D when filling entries in the authorization object
  7. We already have a search help (C_T001) available, which provides as an F4 help the list of all available Company Codes in the system.
  Note that we can create up to 8 Org Attributes as per our requirements (by selecting u201CNew Entriesu201D tab), each corresponding to a column in the target table.
  8. Selecting the attributes link again will show us a list of all defined attributes and the authorization Field it will appear in. Now that we have defined the Attribute Field that we require, we need to associate each attribute to the corresponding Table Field in the target table.
  Select one of the attributes as below and double-click on the u201CTable Fieldsu201D button to define the field associations.
  9. Select the u201CNew Entriesu201D tab to create a new table field association.
  10. The View/table field must be filled with the target table which we need to control.
  11. The u201CField Nameu201D will require the field name of the target table which be linked with the specific Org Attribute. Performing an F4 on this field will display the list of all possible fields available in the View/table provided earlier. Here we will select the field name BUKRS (Company Code). Save the entries in the same workbench request created earlier.
  12. The next step would be to activate this new Org Criterion so that SAP now checks the authorization for S_TABU_LIN for every user
  13. In the u2018IMG displayu2019 go to SAP Web Application Server -> System Administration -> Users and Authorizations -> Line Oriented Authorizations. Select execute ( ) button for the u201CActivate Organization Criteriau201D.
  14. From the resulting customization screen tick the check-box for the Org Criterion that we have created. On saving the settings the system then asks for a Customizing Transport Request for further transport into test and development systems.
  15. Any user without this authorization will not be allowed in to the SM30 display/change screen for this table.
  16. In the role for which the S_TABU_DIS provides maintenance access for the table , we will now also need to maintain the object S_TABU_LIN.
  17. On selecting change button besides any authorization field you will need to select the Organization criterion which needs to be maintained here. Note that only one Org Criterion can be maintained in one instance of S_TABU_LIN object.

• How to restrict saving of a sales order without a material.

  Hi Gurus
  Please advice How to restrict saving of a sales order without a material. That is the system saves the order even if no item is assigned to it.

  Hi Raghu,
               In standard SAP we can not do that. Even for some requirements of the customer this feature is required, specially in case of milestone billings, custom materials etc. client after saving the empty sales order they may create materials based on that sales order number.
               If it is mandatary for u to save sales order only after the entry of the materials, u can try user exits or go for a code with the help of an ABAPer.
  Regards,
  Ravi Duggirala
  Edited by: ravi duggirala on Jun 20, 2008 11:11 AM

• RV120W: The user attempted to connect using a dial-in medium that did not match the restricted dial-in media

    I am trying to configure a Cisco RV120W wireless using RADIUS. The IAS server is Windows 2003. The wireless client can’t access the wireless.  The ISA server keeps getting this error: Event Type: Warning Event Source: IAS Event Category: None Event ID: 2 User: N/A Computer: DEVICES1 Description: User ntdomain\blin was denied access. Fully-Qualified-User-Name = chicagotech.org/Users/Bob Lin NAS-IP-Address = 10.0.30.102 NAS-Identifier = Called-Station-Identifier = Calling-Station-Identifier = Client-Friendly-Name = RV102-Domain Client-IP-Address = 10.0.30.102 NAS-Port-Type = NAS-Port = Proxy-Policy-Name = Use Windows authentication for all users Authentication-Provider = Windows Authentication-Server = Policy-Name = CBG-All Authentication-Type = EAP EAP-Type = Reason-Code = 70 Reason = The user attempted to connect using a dial-in medium that did not match the restricted dial-in media. Check the dial-in constraints for the matching remote access policy. The public wireless and WPA2 work fine. Other Cisco 1240 wireless works fine with this event: Event Type: Information Event Source: IAS Event Category: None Event ID: 1 Date: 10/18/2013 Time: 1:33:19 PM User: N/A Computer: DEVICES1 Description: User blin was granted access. Fully-Qualified-User-Name = chicagotech.org/Users/Bob Lin NAS-IP-Address = 10.0.20.103 NAS-Identifier = WLC2504 Client-Friendly-Name = WLC2504 Client-IP-Address = 10.0.20.103 Calling-Station-Identifier = 90-18-7c-e6-95-aa NAS-Port-Type = Wireless - IEEE 802.11 NAS-Port = 1 Proxy-Policy-Name = Use Windows authentication for all users Authentication-Provider = Windows Authentication-Server = Policy-Name = CBG-All Authentication-Type = PEAP EAP-Type = Secured password (EAP-MSCHAP v2) Can you help?                  

  Dear Customer,
  Thank you for reaching the Small Business Support Community.
  The RADIUS configuration settings are intended to authenticate the wireless clients attempting to connect through a SSID and if this is the problem you have, I first suggest you to check on the RADIUS server IP address (Security>RADIUS Server), make sure it is reachable, and the authentication port number used by this server to send traffic and the shared key used to authenticate to the server which must match on both sides.  If all that is good, try using WAP Enterprise as the wireless security method and not WAP2 Enterprise.
  If the problem persits I then first suggest to to make sure you run the latest firmware release version 1.0.5.6;
  http://software.cisco.com/download/release.html?mdfid=282981372&flowid=796&softwareid=282487380&release=1.0.5.6&relind=AVAILABLE&rellifecycle=&reltype=latest
  Then contact support if the problem persists; (the "dial-in medium" part error I just don't understand what it has to do with the RADIUS wireless client authentication);
  https://supportforums.cisco.com/community/netpro/small-business/sbcountrysupport
  Please do not hesitate to reach me back if there is any further assistance I may assist you with in the meantime.
  Kind regards,
  Jeffrey Rodriguez S. .:|:.:|:.
  Cisco Customer Support Engineer
  *Please rate the Post so other will know when an answer has been found.

• Search using a specific user without providing password

  Hi Experts,
  I'm trying to impersonate a search in FAST or atleast in Sharepoint search without providing the password. Below is a similar thread.
  http://social.technet.microsoft.com/Forums/en/sharepointsearchlegacy/thread/49475fbc-3c6d-42f2-bf35-82365bf0a0c8
  Any help?
  Much Thanks!!
  Freddie Maize ..A story with Glory is History. Doesn’t matter whether Glory rest in the world of Demon or God. Lets create History..

  Hi Freddie,
  Here is another similar post about performing an impersonated search in SharePoint without providing a password, please check the details from below,
  http://stackoverflow.com/questions/1025409/can-you-perform-an-impersonated-search-in-sharepoint-without-providing-a-passwor
  http://www.threewill.com/2010/06/connect-to-sharepoint-forwarding-user-identities/
  Thanks
  Daniel Yang
  TechNet Community Support

• Restrict corporate user to connect to the BYOD ssid

  Dear folks ,
  Can anyone help me out to do the configuration of the ISE to restrict the corporate users to get connected to the BYOD ssid .
  My devices are - laptops , windows phones ,  Iphones ..
  My corporate laptops have certificate installed , i am using (peap + ep tls ) authentication to connect the Corporate laptop to corp ssid .
  Plese guide me with some ideas ..
  Regards
  Agnus

  Debaker,
  You dont mention how you are expecting the non-BYOD devices to authenticate.  If they are authenticating with certificates then you can do this.  You can create an AuthZ rule that uses the BYOD SSID and authentication method as criteria. Then you create a rule that matches Certificate based authentication that permits access.  Followed by a default deny. 
  Assuming the SSID was BYOD the mac address is presented to ACS/ISE as the "Called-Station-ID" using MAC address then SSID name separated by the colon.  00-11-22-AA-BB-CC:BYOD. 
  Your AuthZ rule can match Called-Station-ID ends with BYOD.  The other option is to match based on Airespace-Wlan-Id.  The second is not always preferred because if you have multiple WLCs all of the WLCs would need to be configured with the WLANs configured with the same ID numbers. 
  The second rule does not need to specify which SSID you want to allow the devices with the certificates on.  This is because they are corporate devices they should be able to connect to the BYOD or corporate SSID, but if you wanted to only allow them to connect to the corporate SSID you would create a similar rule to the one above except using ":corpssid" and Network Access:AuthenticationMethod EQUALS x509_PKI. 
  You can also include Network Access:EapTunnel EQUALS PEAP to the BYOD rule if for some reason you wanted to disallow using certificates on the BYOD network.

• How do we restrict the user access for a particular G/L account

  Dear Experts,
  At our customer site, we follow master / derived role concept for authorisations.
  We have a requirement to restrictict user at G/l account authorisation level.
  I am aware that every g/l account account has a authorisaition group. But g/l account authorisation is a non-org value for which the present value is * for brgru, we cannot restrict by user/org. At our customer site the authorisations are provided at master role level for a designation and derived role is restricted for a plant, BA etc..
  Is there is any user parameter level restriction which can handle this requirement, i mean user parameter for specific g/l account, as we do LIF pid to restrict vendor level access.
  Appreciate your suggestions ASAP.
  Best regards,
  M.Kumaran

  Depends.
  What are you trying to protect? GL account masterdata (FS00) or FI document creation for specific GL accounts?
  Without knowing more about the design principles behind your roles, your release or other restrictions, I would suggest:
  (1) grouping off the GL accounts you want to protect in authorization groups (maintained via FS00);
  (2) deactivating either object F_BKPF_BES (if your trying to restrict FI document creation) or object F_SKA1_BES (if your trying to restrict access to GL account masterdata) or both in master/derived role;
  (3) create several separate roles that would contain only the aforementioned objects with access to specific GL account groups;
  (4) assign the roles from step 3 to users as required.
  Hope this helps.

• Satellite 1135-S1553 without S-Video Out Port - How to connect TV

  I have a laptop Satellite 1135-S1553, how to connect it to TV without having S-Video Out Port in my laptop?

  Are you 100% sure that your notebook doesnt support the s-video OUT port?
  According to [this page |http://www.csd.toshiba.com/cgi-bin/tais/su/su_sc_tourView.jsp?moid=434998&rpn=PS113U&ct=PT&so id=660059] the notebook Sat 1153-S1553 supports this port at the back side.

• How we can restrict remote user to access same URL?

  HI,
  We have two remote sites A and B.
  Site-A    ---  Users accessing application by using this URL: http://frsys.abc.com.pk:7777/forms/frmservlet?config=sales
  Site-B    ---  Users accessing application by using this URL: http://frsys.abc.com.pk:7777/forms/frmservlet?config=market
  We want to restrict the users A and B, to access the login pages vise versa.
  Regards.

  Hi,
  I m not sure how the task would be achieved throughOAS.
  But with the help of developer n DBA,we can restrict the users A and B, to access the login pages vise versa.
  1) Create 2 tables in DB,one table which contains only user A and another only for user B
  2) With the help of Developers,create inital login page(Userrname/Password) for both applications ie Site A and Site B
  3) At Login page validate with the respective table created ie check whether the user is from table A or table B
  Regards,
  Fabian

• How do I find the option of 'no payment'?It is not available on the payment type page.I wanna download a free app without providing payment details at present.

  I wanna download an app without providing payment details.But unable to find the 'no payment' option on the page.What should I do?

  Hi Aaradhya2002,
  Welcome to the Apple Support Communities!
  If the account you are using has already been created, you will have to add a payment method to verify the account. You can add the payment method and then remove it directly after it is added. If the account has not yet been created, please use the following article for instructions on how to create the account without a payment method.
  Creating an iTunes Store, App Store, iBooks Store, and Mac App Store account without a credit card
  http://support.apple.com/kb/ht2534
  I hope this helps,   
  -Joe

• How to restrict the user(Schema) from deleting the data from a table

  Hi All,
  I have scenario here.
  I want to know how to restrict a user(Schema) from deleting the values from a table created in the same schema.
  Below is the example.
  I have created a table employee in abc schema which has two values.
  EMPLOYEE
  ABC
  XYZ
  In the above scenario the abc user can only fire select query on the EMPLOYEE table.
  SELECT * FROM EMPLOYEE;
  He should not be able to use any other DML commands on that table.
  If he uses then Insufficient privileges error should be thrown.
  Can anyone please help me out on this.

  Hi,
  kumar0828 wrote:
  Hi Frank,
  Thanks for the reply.
  Can you please elaborate on how to add policies for a table for just firing a select DML statement on table.See the SQL Packages and Types manual first. It has examples. You can also search the web for examples. This is sometimes called "Virtual Private Database" or VPD.
  If you have problems, post a specific question here. Include CREATE TABLE and INSERT statements to create a table as it exists before the policies go into effect, the PL/SQL code to create the policies, and additonal DML statements that will be affected by the policies. Show what the table should contain after each of those DML statements.
  Always say which version of Oracle you're using. Confirm that you have Enterprise Edition.
  See the forum FAQ {message:id=9360002}
  The basic idea behind row-level security is that it generates a string that is automatically added to SELECT and/or DML statement WHERE clauses. For example, if user ABC is only allowed to query a table on Sunday, then you might write a function that returns the string
  USER  != 'ABC'
  OR      TO_CHAR (SYSDATE, 'DY', 'NLS_DATE_LANGUAGE=ENGLISH') = 'SUN'So whenever any user says
  SELECT  *
  FROM    table_x
  ;what actually runs is:
  SELECT  *
  FROM    table_x
  WHERE   USER  != 'ABC'
  OR      TO_CHAR (SYSDATE, 'DY', 'NLS_DATE_LANGUAGE=ENGLISH') = 'SUN'
  ;If you want to prevent any user from deleting rows, then the policy function can return just this string
  0 = 1Then, if somone says
  DELETE  employee
  ;what actually gets run is
  DELETE  employee
  WHERE   0 = 1
  ;No error will be raised, but no rows will be deleted.
  Once again, it would be simpler, more efficient, more robust and easier to maintain if you just created the table in a different schema, and not give DELETE privileges.
  Edited by: Frank Kulash on Nov 2, 2012 10:26 AM
  I just saw the previous response, which makes some additional good points (e.g., a user can always TRUNCATE his own tables). ALso, if user ABC applies a security policy to the table, then user ABC can also remove the policy, so if you really want to prevent user ABC from deleting rows, no matter how hard the user tries, then you need to create the policies in a different schema. If you're creating things in a different schema, then you might as well create the table in a different schema.

• I am a OS10.7.4 user. yesterday i bought a Lacie external hard disk but error message appear said " You cant open the applicant LaCie setup assistant because PowerPC applicants are no longer support". please help me how to connect my mac with Lacie??

  i am a OS10.7.4 user. yesterday i bought a Lacie external hard disk but error message appear said " You cant open the applicant LaCie setup assistant because PowerPC applicants are no longer support". please help me how to connect my mac with Lacie??

  You do not need the Setup Assistant; in fact, you do not need any software on an external hard drive. I have two LaCie's; I erased the drive as soon as I plugged it in. You will need to format it anyway because most hard drives come Windows formatted. So, if you only want to use it with the Mac, highlight it in Disk Utility and choose Mac OS Extended (Journaled) as the format and the GUID Partition scheme under Options. While doing that, it will erase the drive (and get rid of the LaCie software) - once finished, your drive is ready to use for Time Machine or any other backup plans you have for it.