Restricting users in accessing project/project reports

Similar Messages

• How to find which user has access to Discoverer Reports?

  I need to find users having access to Discovered reports using a script. How can I do that?

  Hi,
  You need to give more details...
  Are you using oracle applications? are the users database users?
  If you use oracle application you can use the following:
  SELECT DISTINCT Disco_Docs.Doc_Name "Discoverer Workbook"
  ,Trunc(Disco_Docs.Doc_Created_Date) "Workbook Create Date"
  ,CASE
  WHEN Instr(Disco_Docs.Doc_Created_By
  ,'#') = 0 THEN
  Disco_Docs.Doc_Created_By
  WHEN Instr(Disco_Docs.Doc_Created_By
  ,'#') > 0
  AND Instr(Disco_Docs.Doc_Created_By
  ,2) = 0 THEN
  (SELECT Fu.User_Name
  FROM Fnd_User Fu
  WHERE Fu.User_Id = Substr(Disco_Docs.Doc_Created_By
  ,2
  ,5))
  ELSE
  NULL
  END "Workbook Owner/Creator"
  ,Disco_Users.Eu_Username
  ,CASE
  WHEN Instr(Disco_Users.Eu_Username
  ,'#') = 0 THEN
  Disco_Users.Eu_Username
  WHEN Instr(Disco_Users.Eu_Username
  ,'#') > 0
  AND Instr(Disco_Users.Eu_Username
  ,2) = 0 THEN
  (SELECT Fu.User_Name
  FROM Fnd_User Fu
  WHERE Fu.User_Id = Substr(Disco_Users.Eu_Username
  ,2
  ,5))
  ELSE
  (SELECT Resp.Responsibility_Name
  FROM Fnd_Responsibility_Tl Resp
  WHERE Resp.Responsibility_Id =
  Substr(Disco_Users.Eu_Username
  ,2
  ,5))
  END AS "Shared Name / Responsibility"
  FROM Eul_Us.Eul5_Documents Disco_Docs
  ,Eul_Us.Eul5_Access_Privs Disco_Shares
  ,Eul_Us.Eul5_Eul_Users Disco_Users
  WHERE Disco_Docs.Doc_Id = Disco_Shares.Gd_Doc_Id(+) AND
  Disco_Users.Eu_Username(+) NOT IN ('EUL5', 'PUBLIC') AND
  Disco_Users.Eu_Id(+) = Disco_Shares.Ap_Eu_Id
  Tamir

• Restrict user to access report of a specific layout

  Hello experts,
  We have a std. CJI3 report. In this report I have created a layout (see screen shot) and I want a user to access only that data of the report which comes with this layout.
  Kindly suggest if there is a way to control the access in this way.
  I though of creating z-report using call transaction function (to call cji3) and use screen variant for it.. but I dont want to go this way..
  Kindly suggest.
  Thank You.
  Regards
  Saurabh

  That would work nicely, if you also implemented note http://service.sap.com/sap/support/notes/1113939.
  However, I doubt this will be enough for CJI3, which has "Free Selections" as well as "Extended Selections" AND DB-Profiles.

• How can i restrict user to access database object (procedure) or JSP

  Hi
  I have 9ias infrastructure 902, on win2k box with 9i DB.
  and I have one PL/SQL web application and another J2EE application both are hosted by 9ias 902.
  Now we are looking forward to couple both with SSO.
  I have deloyed samples of both and works fine.
  Each application have different set of users, i mean there is no common user.
  How can i restrict user not to view the web page which is not authorised to them.
  as far as i understand from the Grocery demo is pick the role (which is a string only) from OID and programaticall apply security via if else endif construct.
  can any one through light upto my concern.
  regards
  [email protected]

  Hey Mary
  No i haven't try to do that via pl/sql....
  as the our application is j2ee app... deployed in oc4j.. with sso and ldap....
  still finding to do so....
  what i have realized that LDAP is just to store user information in inverted tree... and one have to build separated access security mechnisum that will be applicable to j2ee system....
  thanx...
  samir....

• How to restrict users to access the files directly from /irj/go/km/docs/doc

  Dear Experts,
  I have made a folder in KM where I have saved some files, and also I have made a application from where user can access those files.
  But the users are able to access the files by directly typing the path of the file in internet explorer, I have to restrict it that the user should not be able to access the files directly.
  Please give your helpful suggestions.
  Warm Regards
  Upendra Agrawal
  Edited by: Upendra Agrawal on May 15, 2009 4:49 PM

  Hello,
  You can have a link/button react to a mouse clic by reading the KM document and putting it on the htpp flux with the correct header (this is the same kind of code that is used when you generate the pdf). As the file access is in you server-code, user will not have access to the URL...
  an exemple for the WD Java (coming from this [PDF|https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/d0cc41cb-9576-2b10-99a6-ab90ef28c73b]), with slight modifications :
  public void exportToPDF( ) {
     //@@begin exportToPDF()
     ByteArrayOutputStream outputStream = null;
     outputStream = new ByteArrayOutputStream();
     // read the file with KM API and copy it to the outputStream
     showPopUp(WDWebResourceType.PDF, outputStream, "PDF Out Put");
     outputStream.close();
  //@@end
  regards
  Guillaume

• Help needed restricting users admin access to devices using ACS 4.2

  I have users that access the network via a VPN client to a PIX 515 which authenticates to the ACS (using the default group for unknown users) which uses an external Active Directory Database.
  The problem I have is that as the ACS authenticates these users, it now allows them admin access to the PIX. How do I restrict access? I have looked at NARs using the 'All AAA clients, *, *' approach but that just stops their VPN access. ( I have a separate group called 'PIX ACCESS' which will contained only defined users for admin access).
  Incidentally I have other devices on the network which are AAA clients, in particular Nortel switches. I can set the group settings for that RADIUS set up to 'Authenticate Only' (RADIUS Nortel option) and that works fine, I was expecting the ACS to have a similar setting for TACACS+.
  So how do I allow the unknown users to authenticate to their AD database but restrict them admin access to the AAA clients?

  Very common problem. I've solved it twice over the last 6 years with ACS. I'm sketchy on the details. But here goes. First option to explore is using RADIUS for VPN access, then TACACS on all the Cisco switches and PIX firewall. That would make it alot easier. I think that with TACACS, you can build a NAR based on TCP port number instead of IP address....
  http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_tech_note09186a0080858d3c.shtml
  So you'd have a group with 3-4 Administrators that can access PIX CLI, and another group of VPN users that can't access the PIX but can VPN in. So on the VPN group, put a NAR that restricts access to SSH/Telnet TCP ports?
  This comes up everytime I install an ACS server, (every 2-3 years), and it's always a trick.
  Please let me know if this works for you. And if it doesn't, let us know how you fixed it. I think I can get back into the ACS I last did this with and take a look, but I'd have to call up and make a special trip.

• How to restrict/allow users to access oracle forms/reports through SSO

  Dear All,
  I am new to oracle application server and need to know how can we manage the access rights for oracle forms using OID/SSO.

  Anyone can answer.

• Restrict User to access/fetch data in back date

  Hi All,
  As financial year is about to close, one of my clients has requirement that for all t-codes, user must be having restriction to access or fetch the data in back date or till 31st March, he won't be able to access it. So my ques is can we do it at authorization level or from basis end.?
  If no, then how it would be possible?
  But they want only 3 users out of all should have access.
  Guida me for the same.
  Regards
  Disha

  Hi ,
  As per standard behaviour of the system you wount be able to achieve what you are looking for .
  As the system does not allow user to be restricted based on period for reports .
  You can check for either BADI or exits / Enhancement points for restricting but that too based on which t codes you want to restrict . It would be T code based like you identify the T codes and accordingly make the enhancements .
  Cheers ,
  Dewang

• How to restrict users' event on a column report

  Hello All,
  I wrote a classical report with hotspot on one field. I used a parameter ID to skip the transaction screen to avoid an extra click for users. My question is restricting an event to the 'only' column where the hotspot is defined. I found out that clicking other fields on the report actually triggers an events that users would not like seeing. Kindly drop an hint to disable any action on column(s) 'EXCEPT' the field where hotspot in defined
  thanks

  Hello Frn  ,
    use the below syntax ....
  GET CURSOR FIELD CURSORFIELD VALUE VAL.
  CASE CURSORFIELD.                  (This Cursorfiled consist field name)
    WHEN 'I_POSUM-LIFNR'.             (here check the field name )
  put your code here *
  endcase .
  Thanks and Regards ..
    Priyank

• Restricting user's access to printer--how?

  I have a mac with several users, all with their own log-in accounts. The mac isn't part of a network and has only one printer. I'd like to restrict access to the printer to certain users. Can I do this? How?
  Thanks.

  Hi,
  You can't have the computer enforce that on it's own (at least easily or without adding some extra software). You can restrict a non-admin user from administrating printers (in general).
  You could ask all admins to pause printing and leave it off when they log out - then the other users would be powerless to start them again, but they could add items to the print queue for the admins to clean out before using the printers again.
  If you get Mac OS X Server - it has a Workgroup Manager program that can allow fine control over what user can print where - but you need to have your mac set up to authenticate against OS X server somewhere to have your mac obey the rules set up on the remote server...

• We are using version 3.6 on several machines. Is there a way to restrict users from accessing the about:config page?

  Prevent users from making modifications to the about:config page?

  You can do this with the [https://addons.mozilla.org/en-US/firefox/addon/3911/ Public Fox] add-on.
  It can be used to password protect access to about:config. To prevent the user from disabling/uninstalling the add-on, it also allows you to password protect the add-ons manager. You can also lock down other parts of Firefox such as the options dialog and clear history.

• Restriction user to access owa outside the organization

  I need a policy that a specific group of user, they can access owa in inside the organizational network but when they go outside they cannot access owa outside network.
  if possible please suggest

  Hi,
  Based on my research, we can block selected Users external OWA access by change the files
  startpage.aspx and basicmessageview.aspx
  For more information, you can refer to the following article:
  http://blog.leederbyshire.com/2012/11/27/block-or-allow-selected-users-depending-on-location-in-microsoft-exchange-2010-outlook-web-app/
  Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make
  sure that you completely understand the risk before retrieving any suggestions from the above link.
  Thanks,
  Angela Shi
  TechNet Community Support

• Can't Restrict users form accessing folders

  I have just installed my Mac osx server and i have created my users and shared my folders but it looks like all the users are able to access my folders even though i set permissions for them.even if i Deny in Acl the user still has access to the folder.i want to give specific users access to certain folders.what am i doing wrong? your help will be greatly appreciated.

  If this is a production server, I'd suggest acquiring some IT coverage or an escalation path for issues, or both. As nice as Mac OS X Server is, you're still running a Unix server, and a month and a half of problems is going to be something that the users will take issue with.
  Your /Users folder looks somewhat problematic by what's not present there; I'd expect to find (more) users' home directories there, and I'd expect the users' directories to be owned by the specific user and by "staff"
  Here's what the home directory for user zork2 looks like in /Users directory, for a configuration with the users's homes in /Users.
  drwxr-xr-x+ 12 zork2 staff 408 Aug 31 2009 zork2
  0: user:_spotlight inherited allow list,search,fileinherit,directoryinherit
  This would be a common case for OD users created under the /Users directory on the server.
  The user edem parallels this and looks OK, but (if that's the entire contents of your /Users directory) it looks like the users are created elsewhere.
  You'll need to use Workgroup Manager (WGM) to locate that elsewhere, and then go check that area for its protections and ACLs. The commands involved in listing protections over in that path are similar (albeit adjusted for the different directory path), and the outputs should match what was posted for zork2 or edam in the existing /Users directory.
  Apparently I was insufficiently clear with the +ls -ale /users/somefolder+ command reference and had intended to look at the settings within one of the problematic user's directory, but it does appear that the first command showed enough to indicate that the users' homes are elsewhere.
  I'd also suggest getting an IT escalation path, first and foremost. Another good option (albeit from personal experience with following this path, one that can occasionally lead to frustration and outages) is going to be the school of hard knocks and whatever classes and books you can get your hands on or can attend; the proverbial crash-course in Mac and Unix server IT management. I've not viewed the tutorial videos available at Lynda.com, though various folks posting around the forum do indicate those can be a good resource.

• Role to Restrict access to BW report acc. to plant & Region

  Hello,
  Can I restrict users to view the BW report according to the plant they are authorized to.
  Say I've User1(plant 1100) & User2(plant 1200).
  Now I want both the users to access same report (say, Plant Wise Sale Report) but to view data related to their plant only.
  Can I achieve the scenario by creating Role.
  Also I want to put a check on Region( East, West, North, South).
  Plz provide Authorization Object & complete procedure for both plant & Region.
  Thanks in Advance
  Shilpi

  its long procedure. Screenshots will help u. 
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/ded59342-0a01-0010-da92-f6b72d98f144
  http://help.sap.com/saphelp_nw2004s/helpdata/en/59/fd8b41b5b3b45fe10000000a1550b0/frameset.htm
  BI and Portals 2006 [original link is broken]
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/ded59342-0a01-0010-da92-f6b72d98f144
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d01852a1-772c-2a10-ada1-88300f31c6cf
  /people/prakash.darji/blog/2006/10/09/sap-netweaver-2004s-bi-authorizations-for-reporting
  let me know if you are not clear.

• How to restrict users from creation of varients in report transaction

  Hi All,
  I have a requirement where buisness wants to restrict users in creating varients in report transactions.because of create options users will be creating more screen varients which will be disturbing for the other users to select a particular standard varient.Kindly give ur input regarding this
  With regards
  Girish A

  Hi,
  First edit the role assigned to users using PFCG.
  Then go to Authorization tab and click on "Change Authorization Data".
  It will opened up the profile of the role. now find the authorization object "S_PROGRAM".
  In that edit "User action ABAP/4 program" object.
  Remove "VARIANT" check box if it was checked and save. Now press
  Generate button or "Shift+F5".
  That's it.
  You can ask for this to your basis team. They can perform this task  easily.