Restricting  Access for SQ01 User Group

Similar Messages

• Restricted access for user in SU01

  Hi All
  How can we give authorisation to a User to modify access (Create/Delete/Password Change/Role assign /Role Delete..etc) for other user IDs but that user should have only display access for his User ID.
  Please Help me in this.

  Hi,
  I have worked with many clients, and the requirement of handling the user Administration and Role Administration is different from each client to other client.
  Some client may ask for the same person should handle both User and Role ADministration, but some client may ask for separating the tasks.
  In your case, if you want to restric the person to maintain the other users but not the own user id, this can be achieved by doing the following:
  Create a separate user group who is doing the administration part and create other user groups for other users.
  Create a role with SU01 and restrict the Standard objects with all user groups except the administation one and add S_USER_GRP authorization object manually into the same role and provide only 03 with the administration object.
  The above will solve the problem of administration not able to update the own user id, but the other users.
  Regards
  Anandm

• How to restrict the access of "InPlaceRecordsListSettings.aspx" and "InPlaceRecordsSettings.aspx" pages for some users and allow the access for some users?

  I have a requirement to restrict the access of "InPlaceRecordsListSettings.aspx" and "InPlaceRecordsSettings.aspx" pages for some of the users and allow the access for some of the users.
  I have applied the below code on the web.config file but this modification impacting only on the web application level not on the site collection and sub site level.  
  <location path="_layouts/15/InPlaceRecordsSettings.aspx">
      <system.web>
        <authorization>
          <deny users="*" />
        </authorization>
      </system.web>
    </location>
  <location path="_layouts/15/InPlaceRecordsListSettings.aspx">
      <system.web>
        <authorization>
          <deny users="*" />
        </authorization>
      </system.web>
    </location>
  When I tried the access on
  :<portno>/sites/<scname>/_layouts/15/InPlaceRecordsSettings.aspx">http://<servername>:<portno>/sites/<scname>/_layouts/15/InPlaceRecordsSettings.aspx page allowed the access for all users.           
  Please suggest the possible solution to restrict the access of "InPlaceRecordsListSettings.aspx" and "InPlaceRecordsSettings.aspx" pages on SharePoint2013.
  Thanks
  Ramasubbu

  You can't do it from OOTB. 
  _layout folder is accessible to the users if they have read access in any of the site even subsite.
  You can modify *.aspx file, add your custom control which will check user.
  [custom.development]

• Access control for different user groups in APEX 4.0

  Hi guys,
  in Apex 4.0, is there any way to use the access control page to configure access control for different user groups?
  The access control page currently only has an access control list by users with 3 privileges namely, Administrator, Edit & View where Administrator has the highest access level & View the lowest. Therefore 1 user cannot have more than 1 different privilege, however if the user belongs to 2 or more different groups then we can control what access he can have in a more fine grained manner. We also want to have more than the 3 privileges given.
  Can we assign different groups to different users and let them have different privileges to be configured by page, region, process or item level?
  Now Apex will create 2 tables, Apex_Access_Control & Apex_Access_Setup to store the application access control mode & access control list. It will also create 3 authorization schemes "access control - administrator", "access control - edit" & "access control - view" based on the 2 tables.
  Does this mean we have to change the table structures & edit the authorization schemes to suit our usage? We are reluctant to do this because if we upgrade to a newer version of Apex then we would have to merge our pl/sql coding with Apex's updated code.
  How can we auto-configure more than the 3 authorization schemes in the access control page? Is there any way to achieve a finer grain of access control based on the current access control administration page given by Apex without writing it ourselves?
  We are afraid that we may have missed something on Apex access control & do not want to reinvent the wheel.

  Hi Errol,
  to build your own application authorization scheme around the security model supplied by Apex for administration of the Apex environment would be a bad idea.
  This was never intended for authorization scheme management in custom built Apex applications, it was solely intended to control access in the Apex environment overall. The API for it is not published, and making changes to it, such as adding more roles, would run the risk of breaking the overall Apex security model. It would not be supported by Oracle and Oracle would not guarantee the upwards compatibility of any changes you make in future versions of Apex.
  In short, you should follow Tyson's advice and build your own structure. As he indicated, there are plenty of examples around and provided your requirements are not too complicated, it will be relatively simple.
  Regards
  Andre

• After installing Mountain Lion, why is there Yahoo access for one user but not another?--both are administrators.

  After installing Mountain Lion, why is there Yahoo access for one user but not another?--both are administrators.

  We've had several instances where we have had to run chkdsk on arrays with over 1m files. Average completion time is approximately 72 hours. The maximum downtime window they have available is the 64 hour weekend window. File sizes and number of files were
  much smaller then than they are now.
  The idea, in theory, was to use VHDs to compartmentalize the data into smaller volumes which could be more easily managed. It would also improve performance when transferring these compartments of data as they would use sequential read/write rather than
  fragmented/random. This idea was never fleshed out in entirety, they don't split data up into little containers, but simply into big ones per project. Hence the 11m files in one container that I am currently trying to diagnose.
  Some other important facts: The VHD in question is mounted in B:/project/ as this server also allows remote workers to log in, but they are restricted to see only data in E:. Disks A-D are hidden via group policy.
  Update: icacls is failing on a large number of files within this dataset. I counted the path characters to ensure it wasn't the 255 character limit I was encountering and verified that the paths being blocked are only about 150 characters long. Once it finishes,
  I'll have to try taking ownership and then re-running it. At this point I still have no idea how long to expect. I'm running out of time as the environment will be in use again at 9AM tomorrow morning.

• Restrict access for Vendor Master Data

  Hi all.
  Our company structure is like below:
  Single instance, just one mandant.
  Company codes like 1001, 3001, 6002, 6006, etc... over the world.
  At some companies just the central administration can create vendor for the companies using the transaction XK01.
  Now we need to give access to users from one of our company from other country but we can´t give access to transaction XK01 because just the central administration can create the master data for the vendors.
  I already read about the object F_LFA1_AEN that is possible to create some field groups and give access just for the rigth groups. I also read that this authorization groups don´t have effect on the vendor master data like address.
  How can I restrict access for the vendor master data? I´m thinking to give access to transaction FK01 and MK01 and restrict access for create a new vendor, I only want that the users can create the data for a new company or new purchase organization.
  Thank you
  Darlei Friedel

  among many other authorization objects, you find following three:
  F_LFA1_GEN general data
  F_LFA1_BUK company code data
  M_LFM1_EKO purchasing org data.
  If the user does not have authorization for F_LFA1_GEN , then he cannot maintain general data.

• Restrict Access to certain users based on if a variable in the SQL database is set to 1

  Hey guys,
  I am quite new to PHP and MySQL and I have a question concerning access  restriction. For a website project I am experimenting with Dreamweaver's  login and restrict access behavior, which works fine. However, on the  website I would like to restrict access for users that only have a 1 set  in the corresponding MySQL database (which means that e.g. each page has a different variable in the database that can be set to 1, which would allow me to personify access beyond the level of the out-of-the box option, where each user can only have one access level). So it is quite similiar to the  out-of-the-box restrict access to page based on user group, but just  depending on another variable in the database.
  I guess it can be done with an if condition that checks in the database if the logged in user has a 1 in this variable, and if yes give her/him access if not redirect to another page. However, I could not figure out  how to implement that.
  Your help is highly appreciated!
  Thanks in advance!

  Hello guys,
  I spend quite some time on the internet reseaching my wish and redefined my need: I would basically like to have the possibility to assign a user multiple access levels. There would be e.g. 10 pages for each I create an access level. Then a user with e.g. access to pages 2 and 8 can only access these two pages. So my basic question is if and if yes how I can assign a user muliple access levels at a time and store these values in the MySQL database.
  Thanks a lot for your help!!

• HELP needed on Remote Management set to allow access for all users

  my mac mini snow leopard server runs in a data center and i use screen sharing to interact with it. i played with the sharing settings remotely yesterday and changed "allow access for" to all users. i was disconnected immediately and i couldn't logon again. i have no luck changing to other users. i don't want to make a special trip to the center to change it back to whatever it used to be. i can still use afp to connect but the screen sharing option is no longer available. what does "allow access for all users" mean anyway?
  thanks!

  As its name implies, allow access for all should allow any valid user account to access the server. I'm not sure why it's no longer working. It almost sounds like the ARDAgent crashed.
  Either way there's a command-line interface to the ARD preferences:
  /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/ki ckstart
  man kickstart discusses the options, including examples of how to enable access for specific users.

• Giving Access for an User On One Schema.

  Hi all,
  I want to give read,write and execute access for an user in one schema and only read access to another two users.
  How can I give..Please suggest.

  Hi,
  Well in that case you may have to give the select privilege to a particular user for all tables.
  Or
  You may like to create two roles, and give select privilege to a particular role for all tables. And give write i.e. insert/update privilege to the other role. Then assign this role to the user whom you like to give the access.
  Regards
  Anurag Tibrewal.

• How to set different default interactive reports for different user groups?

  I'm probably overlooking an obvious solution, but how do I set different default interactive report for different user groups?
  For the same interactive report, I want one set of users to see a default where the default filter is based on column X. However, another group of users doesn't have authorization to see that column so I need to set the default filter to something else for them.
  Thanks

  You can set a filter on a report in a URL - would that help? I think with apex 4.x you can also link to a saved default report or alternative report...

• Last modified by for a user/group object

  Hi All,
  Is there any way to find out who has last modified the User/Group object in the portal.
  I can see the last account unlocked by for the user object. But is there any attribute to find out who has last modified the assigned groups/users for the user/group respectively or any change in the user/group profile.
  Thanks in advance,
  Siva
  Pts will be rewarded for useful answer.

  Hi Siva,
  as far as I know there is no standard way to find out who modified a user/group object in the portal. But I just checked the official API of <a href="https://help.sap.com/javadocs/NW04S/current/se/com/sap/security/api/IUser.html">IUser</a> (represents a portal user) and <a href="https://help.sap.com/javadocs/NW04S/current/se/com/sap/security/api/IGroup.html">IGroup</a> (represents a portal user group) and found out something interesting. <a href="https://help.sap.com/javadocs/NW04S/current/se/com/sap/security/api/IPrincipal.html">IPrinciple</a> (super object of IUser and IGroup) has a field LAST_MODIFIED_BY.
  Looks like you can write your own portal component, which allows you to find out who has modified your users last.
  Best regards,
  Martin

• Default dashboard page for each user group

  How can I set for each user group (or for each user) which dashboard will be opened as the deefault after login?
  Can I also set the default page in that dashboard?

  Hi,
  Under Settings->My account->Preferences->User can select his default dashboard.Is it ok?
  If you dont want them to select that option,you need to redirect them...You can use that blog....
  Create a table in db with two columns-User, Portalpath
  In initialization blog give query to fetch Portalpath from db based on user login... Follow steps from blog...
  Check this blog....http://bintelligencegroup.wordpress.com/2010/09/23/external-table-authentication/
  Clear explanation for external table authentication....in the same way you cna do but take two columns user,portalpath and follow the steps in blog.
  Regards,
  Srikanth
  Edited by: Srikanth Mandadi on Oct 7, 2010 1:44 AM

• Restrict Access for Asset with Ubuntu

  Hello guys,
  now i have a problem for you and i hope, that you could help me.
  The ArtBox have some problems on my ubuntu system. The error message shows me "Restrict Access for Asset".
  Can somebody give me some tips, how the error could be recognize or how i can fix it?
  Thanks for the help.

  Hi,
  After you finish installing Artbox , you must now make sure that samba is setup correctly. I just plan to try ArtBox and ubuntu using virtualbox, hope it can work fine.

• How to hide ribbon from all item view for particular user group

  hi friends
  how to hide ribbon from all item view of particular list for specific user group.
  using OOB functionality or javascript. 

  Hello,
  Use this codeplex tool to hide ribbon to user group:
  http://spribbonvisibility.codeplex.com/
  If you don't want to use above tool then you have to add SPSecuritytrimming in "Rajiv Kumar" code for filtering based on user group permission.
  http://www.topsharepoint.com/hide-the-ribbon-from-anonymous-users
  Hope it could help
  Hemendra:Yesterday is just a memory,Tomorrow we may never see
  Please remember to mark the replies as answers if they help and unmark them if they provide no help

• Restrict access of "domain user" to specific computer

  I need to restrict access of "domain user" to a specific computer in the domain/
  I try to Do it by using "Active Directory Administrative Center"
  In Computers\Computer name\Properties\Extensions\Security
  I add the name of user and I marked deny to all and I canceled inheritance
  And yet the user can login to the computer
  I searched Policy that contradicts the security and I not found.
  With the "gpo" I was able to block, but I need necessarily used the Security
  Because of Security can be partial restriction.

  Hi,
  Based on your description, I understand that you want to allow some certain users to access specific domain
  computers.
  Please open ADUC (Activity Directory Users and Computers) and click User container. Then select that specific
  user account, open its Properties and navigate to Account tab. Please click
  “Log On To…” option to open Logon Workstations panel. In Logon Workstations panel, please change
  This user can log on to: All computers to The following computers. Then type the specific computer names. Please check if this can help you to achieve target.
  If anything I misunderstand or any update, please don’t hesitate to let me know.
  Hope this helps.
  Best regards,
  Justin Gu