Roles, Groups and Class of Service

Similar Messages

• Delegated Admin and Class of Service

  Hi
  we have configured
  Messaging Server
  Calendar server
  Instant Messaging Server
  and Portal Server
  We would like use delegated admin for user provisioning.
  We are able to modify default Class of Service templates to suit our needs for Messaging and Calendaring.
  We would also like to provide Portal desktop and Instant messaging access thru' delegated admin.
  Help us to configure these class of services either using directory console or any other method
  Thanks
  Saba

  rkbunca wrote:
  Recently we deleted about 3K users using: commadmin domain purge, and while
  it appears to have successfully deleted the users -- ldapsearch doesn't yield any
  output. The lower number of users is NOT reflected in the field "Number of Users"
  on the Delegated Admin page. It still shows the same number of users >11K we
  "had" prior to the deletion process.
  Any ideas to explain this discrepancy?The number of users displayed in the DA GUI is recorded in the "sunNumUsers" attribute associated with the domain e.g.
  dn: o=aus.sun.com,dc=aus,dc=sun,dc=com
  sunNumUsers: 11
  This is to avoid having to do an ldapsearch across the domain to get a count. You can manually update this attribute to get the number back-in-sync.
  The commadmin domain purge should have updated this value -- I couldn't find any pre-existing bugs to explain why it didn't happen in your case. I suggest you log a support case to get this looked into further.
  You may also want to check your directory audit logs to see if an attempt was made to update this attribute but failed for some reason.
  Regards,
  Shane.

• Explaning the concept or roles, groups and owners

  Hi, i'm trying to find any documentation which explains theses concepts i 've tried the oracle library but it was no results.
  Can anyone help me?
  I'm trying to undestand that.

  Hello,
  have you gone through the BPM tutorial:
  http://download.oracle.com/docs/cd/E13154_01/bpm/docs65/tutorial/index.html
  It gives some basic understanding of the implementation ofthe roles and groups.
  If you are looking for further material on the topic then look into the following material on studio:
  http://download.oracle.com/docs/cd/E13154_01/bpm/docs65/studio/index.html
  Check the documentation for organization.
  Hope this helps,
  Regards,
  Jaydev Doshi.

• What function/purpose does the User to be Billed and Class of Service fields serve in the IDA?

   

  The user does not have to be the owner of the cwm2 objects to access them. Access to cwm2 objects is based on database security. Therefore, if the user is not the owner of the object (if user is the owner, they obviously have access to the object), then as long as the user has been granted access to the underlying physical object (i.e., the table the dimension or cube has been mapped to), the user will be able to access the object.

• BI Server group and Presentation Services group

  Hi Experts,
  I've created a BI Server group and a Presentation Services group - both named 'Reporting Superuser'.
  Next I've created a user (User_1) in the BI Administration tool and added the user to 'Reporting Superuser'.
  The Presentation Services group 'Reporting Superuser' has full control on the right folders and the corresponding dashboards.
  I haven't added User_1 to the Presentation Services group 'Reporting Superuser'. According to the documentation that shouldn't be necessary.
  Unfortunately when I log in using User_1, I don't see any of the dashboards User_1 should have access to through the group membership.
  Is there anything I might have missed?
  OBIEE Version 10.1.3.4.1.090414.1900
  Thanks for your help
  Regards
  Andy

  First check whether user is assigned with that particular group after logging in..
  log in to presentation service with that user and go to my account.. and check for following:
  Group Membership
  This list shows the groups to which you belong.
  Group1
  Group2
  check whether that user belonged group is there in that list or not...

• ESB METADATA ISSUES WHILE DEPLOYING ESB SERVICE GROUPS AND SERVICES

  Customer has SOA Suite 10.1.3.4 with MLR#8.
  We have 2 separate SOA based integrations being shipped to the customer which
  he can install together. The 2 integrations share a ESB service group called
  "EBS" under which some ESb services are registered.
  One of the integration was installed/deployed on the SOA server successfully
  and the services were running successfully.
  When the second integration was installed, it gave some errors while
  deploying/registering the common ESB service group and the ESB services under
  it.
  <error code="1067" severity="5">
  <description>Already esb metadata is getting modified by {0}.Concurrent
  modification of esb metadata is not allowed.</description>
  <fix>Please try after sometime.If Error Persists, Contact Oracle
  Support</fix>
  </error>
  The customer tried bouncing the SOA server and the SOA db as well before
  re-trying but no help.
  Any pointers ?
  Thanks.

  i would recommend delete and recreate the ESB Components.
  R u using some scripts to create it or is it manually from ESB Console ?

• Using class of service to manage password policy

  We implemented password policy on our old DS across the board, which entailed finding all of the special administrative accounts used by software and setting an expiration date at the end of the epoch. I was wondering if a smarter way to do this is to create a class of service template for normal and special accounts and tie those into our user accounts. Has anyone done this?
  Thanks.

  Sun DS 5.2 supposedly has support for the latest LDAP password policy internet draft which allows you to explicitly setup password policy on a subtree or user basis. It uses roles and class of service under the covers. I would use that instead of rolling your own.

• Role Groups

  Hi,
       Can someone explain role groups and what they are useful for? I know you can add a bunch of Roles into a group.  It seems like just creating a role with other roles is more useful.
       I can't see what use they are when you are dealing with setting up your TLN and Detail Nav.  You can't put the inserted roles in any order so there is no way to control how they would appear in the navigation to the user. 
  Can anyone help me out why I would use groups vs. setting up a role within role type organization?
  Thanks!

  Hi everybody,
  From the image you sent ("Assigned" roles, as already written before), Kenneth, as well as from the ongoing discussion, it's just what I already said: Role are "assigned" to groups, and that from the hierarchies point of view, is: Roles "have" groups.
  > roles in groups has its own purpose
  That is a wrong termonology. If anything is "in" something, groups are "in" roles. Sometimes people also talk of groups "assigned" to roles, as this also makes sense from the hierarchie's point of view. Anyhow, the other way round makes more sense from a semantic point of view (groups, as users, may "play" different "roles", so roles are assigned to these principals) and is the common one. Nevertheless, draw some UML class diagram, and you'll see that a role "has" groups (and users) and a group has groups and users.
  > how to control what level an item will appear on
  At this point, the discussion should reflect the differences between UME roles and PCD role objects. It's also not necessary (and not advised at all officially by SAP) that the roles themselve are the entry points (but the workset(s) under a role, in most cases).
  Anyhow, as I have described in my second posting, the hierarchy is used within the UME, so that in most cases there will be a 1:1 relationship between groups and roles (this is not necessary, and sometimes other combinations do make sense, but it is a (quite general) advise).
  Hope this brings some light into it...
  Best regards
  Detlev

• Policy map/ class map/ service policy for IOS xr

  Hi,
  I need to create a policy map and class map/service policy to limit the amount of bandwidth that can be used on one interface both in and out.
  I need the cap for the bandwidth to traverse this circuit to ne 10 Meg.
  the IOS xr version we are using is 4.3.4
  I was hoping someone could help me out by giving me a configuration example I could follow.
  Thank you.

  for instance like this:
  policy-map police-in
  class class-default
  police rate 10 mpbs <optionally set burst>
  policy-map shape-out-parent
  class class-default
  shape 10 mpbs <optional burst config>
  service-policy shape-out-child
  policy-map shape-out-child
  class class-default
  queue-limit 10 packets
  int g 0/0/0/0
  service-policy police-in in
  service-policy shape-out-parent out
  also have a look at CL 2013/2014 (orlando/sanfran) ID 2904 for more QOS details
  and the support forum article of "asr9000 quality of service architecture"
  xander

• Standard roles, groups, profiles of a rfc-user

  hi,
  can anybody tell me please, which are the standard roles, groups and profiles of a rfc-user in our sap xi-system?
  thanks.
  regards
  Stefan

  Hi,
  Check the links for authorizations.
  http://www.erpgenie.com/sap/netweaver/xi/xiauthorizations.htm
  also check if your user have this roles in abap stack TECODE su01
  SAP_XI_ADMINISTRATOR
  SAP_XI_CONFIGURATOR
  SAP_XI_CONTENT_ORGANIZER
  SAP_XI_DEVELOPER
  SAP_XI_DISPLAY_USER
  SAP_XI_MONITOR
  SAP_ALM_ADMINISTRATOR
  SAP_J2EE_ADMIN
  SAP_SLD_ADMINISTRATOR
  SAP_SLD_CONFIGURATOR
  SAP_SLD_DEVELOPER
  SAP_XI_ADMINISTRATOR_ABAP
  SAP_XI_ADMINISTRATOR_J2EE
  SAP_XI_CONFIGURATOR_ABAP
  SAP_XI_CONFIGURATOR_J2EE
  SAP_XI_ID_SERV_USER
  SAP_XI_IR_SERV_USER
  SAP_XI_RWB_SERV_USER
  SAP_ALM_CUSTOMIZER
  SAP_BC_BASIS_ADMIN
  SAP_BC_BASIS_MONITORING
  ARG_XI_DEV
  Thanks,
  Vijaya.
  Edited

• Role grouping

  Hi Xperts
  Role group has been created and couple of roles assigned to it.But when creating
  Org and Group, my role grouping is not displayed in the drop down list.At the same time it is available in the list if trying to create Person.
  Can somebody throw some light on this
  Thanks
  Jessy

  Hi Jessy,
  Just check the roles u have assigned in ur BP role gouping are valid for all the BP categories.
  For this goto:
  SAP Implementation Guide-> Cross-Application Components->SAP Business Partner->Business Partner->Basic Settings->Business Partner Roles->Define BP Roles
  1. View the Roles u have added in BP Role Grouping and check their BP role category.
  2.  Now In BP Role category , check if in Possible Bussiness partner category the all the Bussiness partner categories are selected (Person, Organization, Group)
  In case in ur BP role category, u have a role which is valid for just one BP category say person, even ur BP role grouping will be visible in Person category.
  Regards,
  Shalini Chauhan

• Group and Owner fields blank when viewing Service Request results via UWQ

  When looking at a row that represents a service request in either the UWQ or View Service Requests (search form) the group and owner columns are blank only for some of my users.
  If you look at the detail for the SR, there is a owner and group.
  Not sure what the issue is..? Inherited this role.
  -JP

  Which release is this occuring? At the first glance it looks like an issue that cropped up in 11.5.3. and has been fixed since.

• Class and release group and code in release strategy??

  hi experts ,
  Can some body explain me..
  I have created Characteristics and Class for for release strategy.
  But while creating release group , i should assign my class with release group , after doing this when i save , its giving error as check the release classes????
  I m using the same class what i have created for my company..
  So how to over come this issue
  Thanks

  Release Prerequisites
  Definition
  The release prerequisites indicate the sequence in which a purchase requisition or an external purchasing document must be approved via the release codes. The release prerequisites are defined in the Purchasing Customizing facility (in the release strategy).
  The approval procedure for purchase requisitions in an enterprise may be set up in such a way that a department manager must approve a requisition item before the next level of authority (e.g. the cost center manager). In this case, approval by the department manager is a prerequisite for approval by the cost center manager.
  Release Indicator
  Definition
  When a requisition or an external purchasing document has been processed via a release code, a release indicator is assigned to it.
  When the system sets which release indicator is defined in the Customizing facility for Purchasing (in the release strategy via the release statuses).
  What does the release indicator determine?
  Requisitions...
  External purchasing documents....
  Whether the item may be changed by Purchasing or Materials Planning and Control after the start of the release procedure
  Whether a new strategy is determined and whether existing releases must be cancelled in the event of changes
  Whether an RFQ or a PO may be created with reference to the item
  Whether the document may be changed by Purchasing after the start of the release procedure
  Whether a new strategy is determined and whether existing releases must be cancelled in the event of changes
  Whether the purchasing document is released for transmission
  Alternative Release
  Definition
  Within the release sequence, you can define alternatives. This means that several employees can effect release (signify approval) at a certain point in the sequence. If just one of these employees has effected release, the next release status is reached. The other employees thus need take no action.
  Five release codes are defined for purchase requisitions in an ascending hierarchy. The requisition item can be converted into either an RFQ or a PO if release has been effected either with the release codes 01, 02, 03 and 04 or - alternatively - with release code 05.
  The box with the information on the release strategy also offers you the possible alternatives for selection (see Displaying Release Information).
  An alternative release cannot be a prerequisite for the next release code. In the above example, the releases with codes 01, 02, 03 and 04 could not be prerequisites for release with 05.
  Release w. Classification (PReqs./Ext. Pur. Docs.)
  Use
  The aim of this procedure is to replace manual written authorization procedures using signatures by an electronic one, while maintaining the dual control principle.
  The person responsible processes the requisition or other purchasing document in the system, thereby marking it with an "electronic signature" which can give the document legal force.
  This release procedure can be used to approve requisitions and the external purchasing documents RFQ, PO, contract, scheduling agreement, and service entry sheet.
  Purchase requisitions are released either at item level or in total. There is no provision for item-wise release (i.e. partial approval) in the case of the external purchasing documents. The latter can only be released in their entirety.
  If you set up the release procedure with classification for purchase requisitions, the procedure without classification is deactivated.
  Prerequisites
  The release procedure with classification must have been set up in Customizing for Purchasing. In addition, a class with characteristics must have been created for each document (requisition, purchase order, etc.).
  If you wish to set up both the overall release procedure and the item-wise procedure for requisitions, you must create one class for each procedure.
  How to do this is outlined in the Implementation Guide (IMG) for Purchasing in Define Release Procedure for the relevant documents and in Set Up Release Procedure with Classification for purchase requisitions. You will find detailed information on classification in the R/3 Library in the documentation CA Characteristics and CA The Classification System.
  This procedure offers a wide range of possible combinations of release criteria. Should you nevertheless have other requirements, use the enhancement provided by SAP.
  Operation of Release Procedure w. Classification
  The characteristic values from a requisition or external purchasing document are passed on to the classification system.
  The system checks whether the values correspond with release conditions. If so, it assigns a release strategy.
  The persons responsible for the release codes process the document in the sequence defined in the release strategy.

• Role, user and group

  Hi, folks:
  In order to have separate PROD and DEVL services, I created a role to include all production databases/listeners require 7*24 paging support. Then I assign a user(Administrator) to this role and subscribe to my own notification rule (This rule only checks for important metrics). And this user has a pager for its email address. As for the other DBs, I simply let the OEM provided notification rule take care of it and have some important alerts send to an email address. In the future, if I need have any new database requires 7*24 paging support, I can simply add the DB in this role. Is this a good approach. Can GROUP be used in this setup, like putting all important stuff (Listener, hosts, DB) in this group and simply assign the group to the role??

  Yes. Allen. Group is for that purpose only .. simply you can segregate your whole application in to diffrent area .. either or PROD/DEV/UAT or into diff region for eg NA/EMEA/APAC or with diff applications ...

• LDAP groups and WebLogic Roles - Urgent ( weblogic 6.1 sp1, iPLanet 5.1)

  I have 2 questions and these are very urgent :-
  1. Where the mapping can be defined between LDAP groups and WebLogic Roles. I have
  2 groups in iPLanet :- Contarctors and employees and I have 2 security roles in weblogic:-
  contractactors and employess. How do I map LDAP group contractors to weblogic security
  Role contractors? Similarly for employees ?
  2. I have not defined contarctors and employeees under People container in IPlanet.
  e.g. The RDN for contractor is
  uid=1234,ou=dir,dc=orams,dc=com
  Can I still use the defualt security realm of weblogic (the WebLogic Security Realm
  under People ) OR I have to write my own custom code ?
  3. I am planning to use Roles insetad of groups to manage the logical grouping in
  iPLant. Can I still use the groups in WebLogic security realm ( in the configuratin
  parameters ?)
  This is very urgent ....so if any of you can throw any hints that will be greatly
  appreciated.
  --Sunita

  Hi Ariel,
  The driver is bundled with the product in WLS 6.1sp1. you don't have to
  download any additional driver. Use it as you normally would only thing to
  remember is if you are trying to write standalone java code then you have to
  have weblogic.jar in your classpath. For the rest of the info follow the wls
  docs for 6.1
  HTH
  sree
  "Ariel" <[email protected]> wrote in message
  news:3bb4a643$[email protected]..
  We want to connect our Weblogic 6.1 sp1 server to a SQLServer 2000 db. We
  downloaded the JDriver from bea.com, but all the istructions that camewith
  it are for WLserver 5.1.
  What has to be done to do this with 6.1 sp1?
  Thanks,
  Ariel