Retail customer - Site (Store) level authorization

Similar Messages

• Lock a custom site permission level

  Hello,
  In SharePoint 2013 I have created a custom permission level called Site Owner.  It was modeled off the Full Control level and basically I just wanted to remove the "Create Subsites" permission.
  Now our site owners should still be able to modify/add/edt permissions to the site - but I don't want them to be able to create their own custom permission levels or to modify existing ones (like the one I created so that they could then create subsites).
  I've tried to remove the Manage Permissions and the Enumerate Permissions but then they can't do any permission changes.
  Is it possible have a user be able to edit site/list/etc permissions but not edit Site permissions levels?
  Thanks!
  Ruby

  Hi  Ruby,
  According to your description, my understanding is that you want to restrict your users editing Site permissions levels  but remain them editing site/list/etc permissions .
  As far as I know, it is infeasible by OOTB . For a workaround, you can remove the “Create Subsites” permission in your Web Application:
  Go to your Central Administration -> Application Management -> Manage web applications.
  Select your Web Application, click  “User Permissions”.
  Uncheck “Create Subsites” Permission and Save.
  Thanks,
  Eric
  Forum Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support,
  contact [email protected]
  Eric Tao
  TechNet Community Support

• Customer Level Contact and Customer Site Level Contact

  Hi,
  How to create a customer level contact and Customer site level contact details for the existing Customer using standard API's. please Guide me any one with Queries.
  It will be great help for me.
  Thanks,
  Prakash

  Pl post your EBS version. For 11i, all public APIs are listed at http://irep.oracle.com. For R12, APIs can be explored using the Integration Repository responsibility in your instance
  HTH
  Srini

• Using a custom certificate store for SCCM 2012 clients and primary site server

  I have read what seems to be all the pki related documentation out there for SCCM 2012. I have a PKI infrastructure up and running issueing certificates with an offline root through group policy autoenrollment. The problem that i'm faced with is we are migrating
  from SCCM 2007 that was in native mode and we chose not to use the CA that we used for the old SCCM environment. When the clients attempt to communicate with the M.P. it runs through all of the different certificates and adds a tremendous amount of overhead
  to the M.P. We will have ten's of thousands of clients by migration end. Could someone please point me to a document that goes over how to leverage a custom certificate store that I could then tell the new 2012 environment to use? I know that it's in there,
  I've seen it in the console. The setup is one primary site server with SQL on box and the pki I just mentioned as well as the old 2007 environment that is still live.
  I read that you can try and use SAN as a method of identifying the new certs but I haven't found a good document covering exactly how that works. Any info you could provide I would be very grateful for. Thanks.

  Jason, thank you for your reply. I'm getting the impression that you have never been in the situation where you had to deal with 2 different PKI environments. Let me state that I understand what your saying about trust. We have to configure the trusted root
  CA via GPO. That simply isn't enough, and I have a valid example to backup this claim. When the new clients got the advertisement and began the ccmsetup process I used the /pki switch among others. What the client end up doing was selecting a certificate that
  had the longest validity period which was issued by our old CA. It checked the authentication chain, found it to be valid and selected it for communication. At that point the installation failed, period, no caveats as you say. The reason the install failed
  because the new PKI infrastructure is integrated into the new environment, and the old is not. So when you said " that
  are trusted and they can use *any* cert that is trusted because at the end of the day, there is no
  difference between two valid certs that have the same purpose as long as they are trusted. "
  that is not correct. Both certs are trusted, and use the same certificate template, but only one certificate would allow the install to complete successfully.
  Once I started using the CCMCERTISSUERS
  switch the client install went swimmingly. The only reason I'm still debating this point is because someone might read this thread see your comments and assume "well I've got my new PKI configured as a trusted root CA, I should be all set" and their
  deployment will fail, just as my pilot did.
  About Intune I'm looking forward to doing a POC in the lab i built with my Note 3. I'm hoping it goes well as I really want to have our MDM migrated into ConfigMgr... I think the
  biggest obstacle outside of selling it to management will be the actual device migration from the current MDM solution. From what I understand of the enrollment process manual install and config is the only path forward.
  Thanks Jason for your post and discussion.

• API to Nullify customer site level credit limits and currency

  Hi All,
  We need to nullify customer site level credit limits (CREDIT_LIMIT) and currency (CR_LIMIT_CURR_CODE) in prod. Is there any API to Nullify customer site level credit limits (CREDIT_LIMIT) and currency (CR_LIMIT_CURR_CODE) for Oracle 11i ( 11.5.9). There are many customers so its difficult to do it manually.
  Please let us know,its urgent.
  Thanks in Advance.
  Thanks,
  APAC

  Refer MOS note:
  Can we create Credit Limits at Party Level? [ID 414997.1]
  Different uses of TCA API. [ID 230753.1]

• Managed custom properties at site collection level when used as refiner returns no value in search result web part

  I have created certain crawled properties and mapped them to the OOB managed properties( refineable active )  in search schema at site collection level and tried to use them as refiner in the search
  site at farm level but it returns no value.
  But when i use the same crawled property and map it to a service level OOB metadata property ( refineable active ) and use it in search as refiner it returns result , Can you help as to why this difference is there.
  What steps should i do so that site level refiners also work in the enterprise search 
  Thanks in advance

  Hi  Dextar,
  According to your description, my understanding is that you want to create a site level refiner in SharePoint 2013.
  Here is a detailed blog you can refer to:
  http://blogs.technet.com/b/tothesharepoint/archive/2013/11/11/how-to-add-refiners-to-your-search-results-page-for-sharepoint-2013.aspx
  Be aware that any changes in the manage property required full crawl.
  Best Regards,
  Eric
  Eric Tao
  TechNet Community Support

• Custom HTML Store Open Link in Safari

  Hi there,
  I'm working on Custom HTML Store.
  And today I faced with one problem.
  Is there any way to open html link directly in Safari or in standard DPS view (with back button and open-in-safari button)?
  Currently my link reloads HTML Store in UIWebView.
  I tried three different approaches:
  1) <a href="http://site/" target="_blank"></a>
  2) window.open('http://www.site/','_blank');
  3) window.open('http://www.site/','_system');
  But I didn't get result.
  Thank you!
  Best regards,
  Andrey

  Thank you for reply!
  Directly in Safari - yes, I agree.
  But in GQ US, GQ Italia I can see banners, which are working fine - they open standard DPS view (with back button and open-in-safari button) .

• Change of ownership of a customer site in SAP

  Hi
  By change of ownership, we're talking about a customer site (physical outlet/store) changing owners from Owner A to Owner B. Owner A and Owner B can be totally different customers with different Payer details.
  Currently we are creating a new Sold-To for Owner B and then making the old Sold-To (owner A) "inactive" which has led to a bit of a mess. We'd like to avoid having to create a new Sold-To each time a change of ownership occurs.
  One option we're considering is to update the existing Sold-To account (for the phsyical outlet/store i.e Owner A) with the details of Owner B but create an Ex-Payer account (i.e dummy payer account that is no longer linked to the Sold-To) for Owner A and a separate Payer account for owner B that is linked to the Sold-To. This way we can manage debt collection/claims on the old owner through the Ex-Payer account and manage payments /invoices for new orders on Payer account for owner B.
  What other options are available to us?
  Can we use the Head Office / Branch concept in some way to deal with the above mentioned change of ownership scenario?
  What is the best practice way of handling a change of ownership of a physical outlet (sold-To) in SAP ?
  Are there articles that deal with Change of Ownership and / or Head office-Branch concept that we could read up on?
  Any help or ideas on the above would be greatly appreciated.
  Kind Regards
  Trevor

  Hi
  This is an interesting scenario. Creating a new customer and leaving old one as orphan doesn't sound a good idea. What you have shared is the best approach I think. You are creating new Payer and assigning that to existing sold to party and changing the name address etc of that sold to party is the good approach. With this you could have financial information of old owner separately and you can start new business with new owner.
  Head office and branch customer is not for this purpose. That is something else which you may have already read that. Thats kind of parent child relation but in your case your ownership is changing so I think you are already doing good.
  Thank$

• Use of default XACML with custom role mapper and authorization provider

  Hi,
  Is it possible to use the default XACML provider for custom role mappers and authorization providers when role information will be provided via an external application ( not an LDAP or RDBMS server )?
  My custom providers will be communicating with the external application via an API that accepts user credentials and will return decisions whether the credentials were successfully authenticated as well as returning a list of roles for the authenticated user.
  Once the roles and the subject are cached, will the default XACML provider be able to use them to make role mapping and authorization decisions?

  I see 2 approaches. First, write a custom authenticator that stores the role information in the subject either by creating a custom java.security.Principal that is stored in the Subject or by saving it in PrivateCredentials of the Subject. Then right a custom role mapper that knows how to get the role information from the Subject and return a role Map. The default XACML Authorizer will then work with the role information in the role map.
  Second approach is to write a custom role mapper that looks up the role information based on the Subject and returns a role map.
  The chosen approach depends on where you're getting the role information from.

• Query for Customer site Phone number and Fax number  in Oracle Apps

  Dear All,
  Can anyone guide me how to write qurey for Customer site phone number and Fax number for Acive customers.
  Thanks in advance.
  Best Regards
  NRC

  Hi Team,
  This is a shipping report in header level we have the customer information with site address. The requirement is along with site address we need to show the phone number and Fax number .For this we need to write the formula column.Thes are the comes through HZ parties only. I have no idea how to achieve this.
  Best Regards
  NRC

• Direct database data access without data level authorization check

  Hello,
  My customer raised issue about direct database data access. Due to the customeru2019s strong security policy, it shouldnu2019t be allowed.
  To prevent this kind of illegal data access, customer ask me to list up all the possibilities to display data without data level authorization check.
  The things in my mind are
  SQL Command Editor (for Oracle based system) : ORASPACE, DB02, ST04
  Query Based : SQVI (Quick Viewer), SQ01/SQ02/SQ03 (SAP Query)
  Data Browser : SE11, SE12, SE16, SE16N, SE17
  Table Maintenance : SM30
  Function Module : RFC_READ_TABLE
  Function Module : DB_EXECUTE_SQL (DML)
  Anyone knows anything which is not listed above?
  Thanks

  HI,
      Generally in production user's should not be given all these authorizations.
  Ram.

• Webserver - setting permissions for Custom Sites

  Quick q on setting permissions for custom sites default. Default home for custom (non-default) web site is:
  /Library/Server/Web/Data/Sites/ 
  and whatever subdirectory you stipulate, e.g. MyServer - or whatever.
  Server sets this as owner:
  drwxrwxr-x   7 root  admin  238 Mar  8 15:34 CustomSitesDefault
  drwxrwxr-x  16 root  admin  544 Mar  8 15:38 Default
  For security, shouldn't the permissions and ownership be changed - to some webamin user WITHOUT root privs? Or will this break Lion Server? Thanks.

  Hello,
  One option would be to disable the automatic Project Site Sync in the User Sync Settings Page, create custom permission levels and groups on your SharePoint Project site template(s) to meet your requirements - make use of default SharePoint groups where
  possible, save the new template(s) and attach the new templates to the EPTs. Then develop a Project Server event handler that adds the users to the Project Site on the Publish event (or what ever event you like). The project owner one is simple - just add
  the project owner to the new SharePoint group, project members - just read the project team and add those users and the visitors just add a domain AD group (Domain Users for example) to that group.
  Default Project Server sync settings / site permissions can be seen here:
  http://technet.microsoft.com/en-gb/library/cc197668(v=office.14).aspx
  Paul
  Paul Mather | Twitter |
  http://pwmather.wordpress.com | CPS

• Site Collection level Search Scopes after Upgraded to 2013

  In SharePoint 2010 we have  good amount of site collection level search scopes and it has been heavily used in search scope down.
  Please correct me if any of my below statement is wrong
  1.After migration these scopes cannot be used and it will not appear in search drop down.
  2.Only opition I have is to create Result Source and Configure search navigation at Site Level?
  3.For Result Sources to appear in drop down I need to have individual search page for every custom result source.
  I would really appreciate your inputs
  Thank you
  Vijay

  1. Usually 2010 Search Scopes can be used after migrating to 2013.  What you can't do is edit them or create new ones.  However, I've had mixed luck with them.  About 75% seem to work, with the rest being broken beyond repair.
  2. If the migrated scope doesn't continue to work your only real option is a REsult Source.  To add them to the dropdown you will need to configure the navigation at the Site level.
  3. Result sources can re-use result pages used by other Result sources.  You need a Result source for each entry, but that result source may point to the same page as another result source.
  Paul Stork SharePoint Server MVP
  Principal Architect: Blue Chip Consulting Group
  Blog: http://dontpapanic.com/blog
  Twitter: Follow @pstork
  Please remember to mark your question as "answered" if this solves your problem.

• SM30 Field level authorization check

  Hi,
  I have a requirement to add the authorization check in SM30 for the company field in the custom table. Please suggest.
  Thanks,
  Gagan Chodhry

  Hi,
  I have this requirement for both type of tables i.e. custom as well as standard. Tables has got field profit center.. I need to show the table based on the loggedin user authorization to the profit center.
  If it is a custom table then as mentioned by Siva, there is a way I heared that we can check the authorization in PAI event, but when I tried to do a small test, I could get the field symbol with the values, but I was not able to skip that record for disply.
  If anyone can send the sample or the way to skip the record based on the check.
  Also is there any other way to add the field level authorization to custom and standard tables...
  Thanks,
  Gagan Chodhry

• SAP IS Retail Create Site Group

  Hai All
  How to create site goup,

  Hi,
  To create Site Group : Logistics --> Retailing -->Site Master --> Grouping --> Promotion --> Create (WB60).
  The small window popped up with three option : Customer, Site Grouping, Site Hierarchy. Select Site Grouping option and enter required data as per your requirement.
  Assign Sites to Site Group: Logistics --> Retailing > Master Data> Site Data--> Grouping > Promotion> Maintaining Assignment -->Sites in a class (WB66).
  Select Site Grouping as option. You will observe screen with button "Only New assignments". When you click on this button, select plant radio button and continue. Now, you can add respective site into site group.
  Hope it will help.
  Regards,