Restricting "Other" access permissions after SAP Unix/Oracle installation

Similar Messages

• Problem with JDBC Comm Channel from UNIX PI Installation.

  Dear Gurus:
  Inside a standard scenario, we have a receiver comm channel which use JDBC adapter type to connect to a MS Access remote database.
  The database connection is made like this:
  JDBC Driver: sun.jdbc.odbc.JdbcOdbcDriver
  Connection: jdbc:odbc:Driver={Microsoft Access Driver (*.mdb)};DBQ=//10.96.0.10/c$/app/appdb.mdb
  Working from a Windows 2003 PI installation, everything works fine..
  But we recently have finished a Heterogeneous migration from Windows 2003 + SQL server to UNIX AIX + Oracle servers and that particular interface does not work anymore.
  Is there a way to connect to a MS Access from inside a UNIX PI installation..? Is there a native JDBC or ODBC driver that we can use to fix our problem...?
  Waiting for your help. Best regards.
  Eduardo.

  Hi,
  In the JDBC receiver CC, Advanced-->Advanced Mode, use poolWaitingTime and taskTimeout parameters and specify
  some time using seconds.
  Babu

• PSAPI.dll problem in oracle installation soa_windows_x86_101310_disk1

  During 98% of the installation, it prompted the following message
  "the procedure entry point GetProcessImageFileNameW could not be located in the dynamic link linrary PSAPI.dll"
  I am on window XP and Explorer 7.
  Does it matter to ignore the message and continue on the installation process.
  I did try this route - meaning ignore the message but it seems I am not able to launch my BPEL console control properly.
  I run some window tools noticed that
  javaw.exe is running psapid.dll from ....Temp\OraInstall2008-04-18_09-28-41AM\psapi.dll
  Is this correct ?
  How does it get the copy of psapi.dll ?
  I have a copy of psapi.dll under C:\WINDOWS\system32
  Anyone has any idea how to resolve this problem ?

  Does it matter to ignore the message and continue on the installation process.I did try this route - meaning ignore the message but it seems I am not able to launch my BPEL console control properly.
  Yes, you cannot ignore the error message during installation because Oracle requires this dll file for the Oracle on Windows installation. Check to make sure that you have correct permissions granted for the Oracle installer to write to the Temp directory.

• How to restrict the access of FUNCTION MODULE for others after transporting

  A Function module needs to be executed in one server and should be executed when others try to access it.how to restrict the access of FM to one application server after being transported using SM59.

  issue resolved

• Setting the UNIX file permissions after writing the file to a directory

  Hi Experts,
  Can we set the UNIX file permissions after writing the file to a directory using Receiver File Adpater in SAP PI 7.1 ?
  Thanks in Advance.
  Regards,
  Jyoti

  Hi
  you can use the option "Run Operatiing system Command after File Processing" in the file adapter.
  Thanks
  Rinku Gangwani

• How to restrict user access in Oracle Application Server 10g (9.0.4)?

  Can anybody please let me know how to restrict user access in 10g AS? To be specific, how to allow http requests from specific IPs only?

  Hi,
  You have to edit httpd.conf and modify acces rights for each protected directory
  e.g.
  <Directory /var/www/sub/payroll/>
  Order allow,deny
  Allow from 192.168.1.0/24
  </Directory>
  then you have to restart Oracle HTTP Server
  jm--

• Is it possible to give a user read access to an SAP table but to restrict it to a subset of columns?

  Hi,
  is it possible to give a user read access to an SAP table but to restrict it to a subset of columns?
  Thanks,
  Digesh

  Hi Digesh,
  If your requirement is to restrict the excess to specific rows it is possible to use S_TABU_LIN, but it works only for table which contains org units, like plant, company code, etc.
  Please search for S_TABU_LIN if this is your requirement.
  Otherwise please follow Alex's suggestion.
  BR,
  Mangesh

• GP on Domain User to Restrict other PC Access

  Hi Team,
  Thanks for reading, I have the following scenerio - 
  Being the administrator of Domain i have to restrict other domain user to access other PC.
  Domain User should not able to access the other PC's WITHIN the domain.
  Awaiting for your response..
  OS - Windows Server 2008 R2.
  Client pc using OS- Windows 7
  Thanks,
  Regards, Ravi Kumar

  Hi,
  you can set the User Attribute "userWorkstations"
  Source of Picture: http://www.selfadsi.de/user-attributes-w2k8.htm
  So yo can restrict where the users can logon.
  Is this what you searched for?
  Regards
  Eric
  Eric Berg -- http://www.ericberg.de -- MCSE: Private Cloud MCSE: Server Infrastructure MCSE: Desktop Infrastructure

• IMac 10.6.7 freezes at startup; have reset PRAM, replugged power, repaired disc via target mode on other computer, it spits out cds that came with it...any ideas? key commands useless, can't access permissions...i have to keep shutting it off...

  My iMac 10.6.7 freezes at startup or if I click anything, won't restart, key commands don't work, I have to keep shutting it off to restart.....I repaired disc via target mode using a laptop, but access permissions there or by clicking anything on the screen...it spits out the discs that came with it...any ideas?

  My iMac 10.6.7 freezes at startup
  How large is your HD & how much space do you have left on it?
  it spits out the discs that came with it...any ideas?
  Make sure the DVDs are not dirty, smudged and/or scratched.
  http://support.apple.com/kb/TS2000 Mac doesn't start up from install disc
  *** Your drive may need cleaning.  Cleaning kits can be purchased from any store that sells CD/DVDs. ***
  (10.6.7)
  Use Software Update or the OS 10.6.8 combo update to update your OS.  Also, update everything SU has to offer for your computer.  When done, repair permissions and restart your computer.

• The file access permissions do not allow the specified action

  I had an issue while transferring file from source to target..i am able successfully transfer the file to target and later i should move the file to another folder using IO operations.
  it failed at invoke.following are the error
  <remoteFault xmlns="http://schemas.oracle.com/bpel/extension">
  -<part name="summary">
  <summary>Exception occured when binding was invoked. Exception occured during invocation of JCA binding: "JCA Binding execute of Reference operation 'SynchRead' failed due to: The IO operation failed. The IO operation failed. The "OPER[NOOP][S->R,T->R]" IO operation for "xxxxxxxxxxxxxxxxxx/  xxxxxx.txt" failed. Check the error stack and fix the cause of the error. Contact oracle support if error is not fixable. ". The invoked JCA adapter raised a resource exception. Please examine the above error message carefully to determine a resolution.
  </summary> 
  </part>
  -<part name="detail">
  <detail>550 xxxxxxxxxxxxxxxxxxxxxxxxx: The file access permissions do not allow the specified action.
  </detail> 
  </part>
  -<part name="code">
  <code>550
  </code> 

  >
  Prasanna Shanmugasundaram wrote:
  > Hi,
  > I have the File to JDBC scenario. The file is extracted in AL11 folder of the Sending (BW) system.
  > The folder is FTP enabled and the Unix admin says he has given full authorization to both the folder and ftp user.
  > But in the File CC I get the following error "Could not process due to error: com.sap.aii.adapter.file.ftp.FTPEx: 550 TSMSACAIX5350.tar.gz: The file access permissions do not allow the specified action."
  >
  > Can some one advice what is wrong. Im pretty much sure it has to be a problem with the UNIX permission. But the unix admin person says he has given a full permission.
  > I need to know what permissions needs to be given??  Is there different permissions for application level and OS level??
  >
  > Pls advice
  >
  > Thanks
  > Prasanna
  In CC you set ON the delete mode, after processing file? Maybe, the file have read only permission....

• FTP file adapter: file access permissions do not allow the specified action

  Hi,
  I have the File to JDBC scenario. The file is extracted in AL11 folder of the Sending (BW) system.
  The folder is FTP enabled and the Unix admin says he has given full authorization to both the folder and ftp user.
  But in the File CC I get the following error "Could not process due to error: com.sap.aii.adapter.file.ftp.FTPEx: 550 TSMSACAIX5350.tar.gz: The file access permissions do not allow the specified action."
  Can some one advice what is wrong. Im pretty much sure it has to be a problem with the UNIX permission. But the unix admin person says he has given a full permission.
  I need to know what permissions needs to be given??  Is there different permissions for application level and OS level??
  Pls advice
  Thanks
  Prasanna

  >
  Prasanna Shanmugasundaram wrote:
  > Hi,
  > I have the File to JDBC scenario. The file is extracted in AL11 folder of the Sending (BW) system.
  > The folder is FTP enabled and the Unix admin says he has given full authorization to both the folder and ftp user.
  > But in the File CC I get the following error "Could not process due to error: com.sap.aii.adapter.file.ftp.FTPEx: 550 TSMSACAIX5350.tar.gz: The file access permissions do not allow the specified action."
  >
  > Can some one advice what is wrong. Im pretty much sure it has to be a problem with the UNIX permission. But the unix admin person says he has given a full permission.
  > I need to know what permissions needs to be given??  Is there different permissions for application level and OS level??
  >
  > Pls advice
  >
  > Thanks
  > Prasanna
  In CC you set ON the delete mode, after processing file? Maybe, the file have read only permission....

• Chmod -R 700 on home directory doesn't restrict other users

  Hi All,
  I have several users sharing a mac. I wanted to secure my home directory so I opened a terminal and typed:
  cd /users
  chmod -R 700 alandye
  a ls -l confirmed permissions recursively changed for my home directory and subsidiary directories and files had been set to og-rwx.
  Then, I logged in as a different user (tknoble) , and tried to access the directory (alandye)through the finder that I had just restricted permissions on, and viola, I could read any file in there.
  This doesn't happen on Unix or Linux, why is it happening here? I tried restricting account tknoble to non-administrative, but got the same problem.
  Net/net, finder seems to be ignoring the posix file permissions.
  Can anyone explain why this is happening?
  thanks,
  Alan

  ... Still, the ACL issue and the open default permissions including the default umask on the Mac has me perplexed. I've used ACL's for years as a system manager on mainframes and other secure enterprise unix platforms, generally through a central administrative console like RACF or ACF2 on the mainframe. It identifies all ACL's on the system and allows you to administer them centrally. The idea that my mac has system generated ACL's that are only accessible through chmod on a file by file basis and are inherently set with open permissions seems like a bad security setup.
  First, the default permissions and umask values have been typical of Unix systems since I started using them back in '85. And even in the Family situation, allowing family members the ability to share information is not uncommon, and can be frustrating to the family if everything is totally locked up.
  Plus your complaints about ACLs, it just a side issue, as the /User/username folder should have only had an ACL that prevented accidental deletion. Your real problem was cached Finder information. So this ACL discussion is just a tangential issue.
  Second, a Mac is a mass market consumer personal computer, with a strong leaning towards 1 person being the owner and user of that computer. It is not typically sold as a Mainframe replacement. Having tightly locked down, no access default permissions and umask just makes life extremely difficult for the mass market consumer.
  Applying Mainframe rules to a Mac is only going to frustrate you.
  As for having an ACL admin tool besides chmod, for the most part consumers are not aware of ACLs, they are used sparingly on the Mac, and as such it is not something Apple has felt a need to invest in. Maybe there is a 3rd party utility that will provide this service for you.
  While investigating this I did discover a similar problem with a RAID array I have attached with similar file permission problems. chmod -R 700 on directories does set the permission bits correctly, but again, finder bypasses them and allows access for other users, even after a reboot. Apparently, according to this http://hints.macworld.com/article.php?story=20020418091450891 the externally attached drives ignore ownership by default.
  Again, the Mac is a mass market consumer item. Just about every external drive on a Mac is a detachable device, which can be moved around to other Macs, etc... (especially USB thumb drives, SD cards, etc...). Having these devices default to strict security would again frustrate the mass consumer Mac user, when all they want to do is get their pictures off of the SD card, or move files between 2 computers, etc...
  My point is that the defaults Apple has selected are targeted to the mass consumer Mac user. Not the data center mainframe user.
  I would encourage you to give Apple feedback on your experiences
  <http://www.apple.com/feedback/macosx.html>
  or
  BugReporter
  <http://bugreporter.apple.com>
  Free ADC (Apple Developer Connection) account needed for BugReporter.
  Anyone can get a free account at:
  <http://developer.apple.com/programs/register/>

• ERP 6.0 EHP4 SR1 Upgrade Unix Oracle issue with /STARTUP

  We are in the process of doing an ERP 6.0 EHP4 SR1 Upgrade Unix Oracle Upgrade.  We have ran into a problem running the /STARTUP, we are using the Upgrade Master DVD 51036889 as well as have down loaded it from service market place and jce_policy-1_5_0.zip as well as the one on SAP service market place.  When we execute the command   /STARTUP jce_policy_zip=jce_policy-1_5_0.zip the job starts and runs down to where the controller for port 4241 starts and then hangs.  If we control C out and go to the /usr/sap/SID/upg and run /STARTUP  it runs all the way through setting up both 4241 controller and 4239 controller, we then go to the web browser and launch the Gui => logon as administrator => upgrade roadmap screen pops up it is set on the initialization phase we hit next and nothing happens after that, we don't get the ABAP tab or the progress bar.  We would appreciate any help.

  Hi Jerry,
  The first time you run STARTUP its run from the NW7 EHP1 SR1 DVD. Just wanted to confirm that your running it from this DVD. This extracts and setups your /usr/sap/<SID>/upg directory. It sounds like this directory hasn't been setup correctly which is why your not seeing anything when you login to the GUI.
  Can you confirm that you got your JCE files from SWDC -> SAP Cryptograpic Software ?
  OSS Note - 1240081
  http://service.sap.com/swdc > Download > SAP Cryptographic Software
  I had to use the JCE file from here to get my upgrade to work. What OS are you on?
  Hope this helps.
  Cheng

• Access denied:com.sap.ip.bi.web.portal.integration.launcher

  Hi Friends,
  I have installed a Standalone Portal ( EP, EP core, BI Java) , configured LDAP as data source and imported the Portal content from Source system . ( in Development, Quality, Production)
  I completed all configuration and testing completed.
  But the portal user created with customized  iviews roles are working fine in Development and Production.
  But ....Access denied:com.sap.ip.bi.web.portal.integration.launcher error is encountered in Quality system.
  In QAS system, while installation I have selected EP, EP core as Usage type.. and after Insatllation I have installed additional Usage tye BI JAVA using JSPM
  Whereas in DEV, PRD ( EP, EP core, BI Java) were taken as Usage types while installation only..
  Above reason may effect the Test user for access denied error.
  Please suggest.
  Thanks
  Venkat

  Ramana,
  It looks like a permissions issue, right click on the system created for BI under System Admin-System Configuration-System landscape and open the permissions and ensure you have the everyone group added there and enduser checked.
  Good Luck!
  Sandeep Tudumu

• CMC access error after Integration Kit 3.1 FixPack 1.7

  Hello all,
  We face an error after the patch(Integration Kit 3.1 FixPack 1.7) application now.
  When we access CMC, after a patch(Integration Kit 3.1 FixPack 1.7) application, an error occurs.
  HTTP:404 error
  /PartnerPlatformService/Appl/logon.do
  Do you know a correspondence method about this phenomenon?
  In addition, please teach it about the known problem occurring with this patch.
  Regards
  Toru

  Hi,
  ok please do the following:
  1) Stop the tomcat
  2) Go to <BOBJ installation directory>\Tomcat55\webapps (For Unix: <BOBJ installation directory>\bobje\tomcat\webapps) and remove the following directories:
  CmcApp
  CmcAppActions
  InfoViewApp
  InfoViewAppActions
  dswsbobje
  OpenDocument
  PartnerPlatformService
  SAP
  3) Restart the tomcat and wait until the directories you removed are created again (Tomcat does this automatically)
  Try after this to log into the CCM/InfoView
  Regards,
  Stratos