SAP parameter or setting to allow only capital letters in password

Similar Messages

• How can I see shared pc with firewall set to allow only essential services?

  How can I see shared pc with firewall set to allow only essential services?
  So far if I set it as above then shared does not show up? I have to set the firewall to set access to specific applications and services to get access to my windows based hard drive.
  Cheers
  Mike R

  Ok I solved it myself. Not an ideal solution as I have to connect it manually each time but it will do... Unless anyone has a way to have it auto connect when I start the mac.
  Cheers
  Mike R

• Capital letters in passwords...

  hi all
  got my iphone 3gs yesterday and im having problems entering passwords that contain capital letters.
  I understand how to change to uppercase on the touch keyboard and the passwords are definetly being entered with the capital letters in the correct places.
  I even typed the password as a note and then pasted it into the password field and it was still rejected.
  In the end i changed one of my passwords to all lower case and its was accepted first time!
  This is happening when i try to enter passwords on webpages in safari and when i try to set up mail accounts.
  Anyone else come across this or got any ideas what im doing wrong?
  As i said im 100% sure im typing the passwords correctly.
  Christopher.

  Theres no such parameter... and I don't understand why would you do that, that will make passwords less complex.
  In any case... if you limit the amount of caracters to say 8 and force 1 special caracter and 1 number, then you can set the minimun amount of capitals to 6 meaning all have to be capitals.
  Again, I wouldn't do that.
  Regards
  Juan

• How to allow only specific letters, numbers and symbols in input string

  Hi all
  i'm new to java and trying to program a polynom calculator.
  so, you can enter a polynom string like for example "2.1x^3 + 3x^2 - 1". this all works fine.
  but i only need numbers, some special symbols and only the letter x which will be the variable you can enter here, otherwise a message should be displayed that i entered an invalid character or symbol. and is it also possible to check that there is a space before and after a + or - sing?
  the input string i'm reading it in with: String inputString = TastaturRead.readString();
  anyone out there who can help me?
  many thanks in advance.

  Please don't cross-post.
  Again, this looks backwards here. You seem to be using the string you want to split as the regex string, but again, I'm no expert here.
  import java.util.regex.*;
  public class Splitter {
      public static void main(String[] args) throws Exception {
          // Create a pattern to match breaks
          String pattern = "[+|-]+";
          Pattern p = Pattern.compile(pattern);
          // Split input with the pattern
          String input = "-5x^3+8x^2 - 2";
          //This smells wrong to me, backwards
          String[] result = p.split(input);
          for (int i=0; i<result.length; i++)
              System.out.println(result);
  //This looks better to me.
  result = input.split(pattern);
  for (int i = 0; i < result.length; i++)
  System.out.println(result[i]);

• Only capital letters in emails

  Since a couple of weeks, I receive a lot of mails that contain only capitals. It looks like this problem runs throughout an entire mail thread. When looking at the source code of a mail or when viewing it from a different computer (except on my iPhone), the text appears normal (only capitals where you'd expect them). Furthermore, just now I found out that also some documents (a .docx I opened with Pages), contained only capitals. So it might not be Mail-specific.
  Does anybody has a clue anout what might cause this? It's pretty annoying.

  the font Calibri consists only of capitals and is somehow used in lots of mails and some documents.
  It is the default font for various Windows apps in recent years. A normal copy should certainly have both upper and lower case.

• Parameter Text set maximum length

  I have 2 paramenters with requirements below
  Set the maximum length of the parameter to 4 typed in the text box.
  Set the maximum length of the parameter to 2 and allow only alphabets typed in the text box.
  ShanmugaRaj

  Hi ShanmugaRaj,
  If I understand correctly, you have two parameters in the report. You have not set the available and default values of these parameters. User would type the parameters’ values manually. The parameter value of the first parameter should be less than 4 characters.
  The parameter value of the second parameter is less than 2 characters, and it can only type alphabets characters.
  Suppose these two parameters is: Parameter1 and Parameter2. Please refer to the following filter:
  Filter1:
  Expression: =InStr(Fields!Field1.Value,Parameters!Parameter1.Value)
  Operator: =
  Value:
  =IIF(Len(Parameters! Parameter1.Value)<=4 and
  InStr(Fields!Field1.Value,Parameters! Parameter1.Value),
  1,Nothing)
  Filter2:
  Expression: =InStr(Fields!Field2.Value,Parameters!Parameter2.Value)
  Operator: =
  Value:
  =IIF(Len(Parameters! Parameter2.Value)>2 and
  (IsNumeric(Left(Parameters! Parameter2.Value,1)) or IsNumeric(Left(Parameters! Parameter2.Value,2)))
  and InStr(Fields! Field2.Value,Parameters! Parameter2.Value)=0,
  Nothing,1)
  If there are any misunderstanding, please elaborate the issue for further investigation.
  Regards,
  Alisa Tang
  If you have any feedback on our support, please click
  here.
  Alisa Tang
  TechNet Community Support

• Allow only one set of parameter values for all worksheets

  I would like to " Allow only one set of parameter values for all worksheets ", but prompt before executing the worksheet. This function is a great time saver, but the users on occasion would like to change at the least one of the parameters. Is this possible? What setting do I use? I've tried various combinations of the " After opening a workbook: " on the options page. " Run query automatically", " Don't run query (leave sheet empty) ", and " Ask for comformation ". I would have thought that "Ask for comformation " was the trick, but no. I'm considering putting a do nothing parameter that has the setting of " Allow different parameter values for each worksheet. " so that it will keep all the others, default this one, but prompt for a possible change.
  Any thoughts...
  Thanks,
  Jamie

  Hi Jamie
  Even though you have the same parameter for all worksheets a user can still choose what to use on a worksheet. Its just that if they click to another worksheet then that parameter will be applied.
  Which version of Discoverer are you using?
  Best wishes
  Michael

• EWA Error : EWA to SAP is allowed only for test or production syetm

  I setup EWA in SDCCN, Choose Task ->Create ->Request session data-> Periodic:-EarlyWatch Alert.
  At the last step to confirm, I received error "EWA to SAP is allowed only for test or production syetm".
  When can I do?

  Hi,
  1. Which system for EWA
  2. Create Production system for EWA and open the connection for SAP.
  Regards,
  Srini Nookala

• Communication between Lync - Mediant . 488 evt from mediant site when SBC Remote Early Media RTP parameter is set to Delayed

  Hi,
  I have a problem with Early Media functionality between Lync and Mediant 1000 E-SBC. If SBC Remote Early Media RTP parameter is set to Delayed (on IP Profile Settings level) i cannot establish connection. After receiving 183 Session progress (from Lync site)
  call is released with 488 event (488 is sent from mediant site). Before "Not applicable here" in logs i can see:
  6d:9h:46m:35s (      lgr_flow)(18219     )  #MediaResourcesConnector::AllocateMediaResources
  (lgr_media_connector)(18220     )  MediaResourcesConnector:CalculateResourcesForAppExtensions Leading:DSP Opposite:NONE MediationLevel:NONE
  (lgr_media_service)(18221     )  ServicesMngr: Allocate Media channel. current active: 0 and max is: 0
  6d:9h:46m:35s (lgr_media_service)(18222     ) !! [ERROR] ServicesMngr: Cannot allocate more Media channel. current active: 0 and max is: 0
  6d:9h:46m:35s (lgr_media_service)(18261     )  (#292) ChannelResource Deallocated.
  6d:9h:46m:35s (lgr_media_service)(18262     )  (#293) ChannelResource Deallocated.
  I need this because if im using SBC Remote Early Media RTP = Immidiately i cannot hear ringtone. Could someone give me any clues what is wrong in config?
  I enclosed detailed logs:
  Log is Activated  6d:9h:46m:35s (       lgr_sbc)(18057     )  (#51) SBCRoutesIterator Allocated.
  (       lgr_sbc)(18058     )  Classification Succeeded - Source IP Group #2.
  (       lgr_sbc)(18059     )  CallAdmission::AddDialog: Type INVITE Direction In IP group 2: 1 SRD 2: 1 SRD ovflw:1 used unres:1
  (      lgr_flow)(18060     )  (#51)SBCRoutesIterator::Change State From: InitialRouting To : AlternativeRouting
  (       lgr_sbc)(18061     )  CallAdmission::AddDialog: Type INVITE Direction Out IP group 1: 1 SRD 1: 1 SRD ovflw:1 used unres:2
  (      lgr_flow)(18062     )  (#51)SBCRoutesIterator::Next route found: Route by: IPGroup , IP Group ID: 1, Live:1
  (       lgr_sbc)(18063     )  Routing Succeeded -IP2IPRouting Rule #2.
  (      lgr_flow)(18064     )  ---- Incoming SIP Message from switch:5060 to SIPInterface #2 UdpTransportObject[#2] ----
  6d:9h:46m:35s INVITE sip:1234@Mediant;user=phone SIP/2.0
  Allow: INVITE, ACK, CANCEL, BYE, PRACK, NOTIFY, REFER, SUBSCRIBE, OPTIONS, UPDATE, INFO
  Supported: replaces,timer,path,100rel
  User-Agent: OmniPCX Enterprise R10.1.1 j2.603.33.a
  Session-Expires: 1800;refresher=uac
  Min-SE: 900
  P-Asserted-Identity: "TPSA 12" <sip:221111111@switch;user=phone>
  Content-Type: application/sdp
  To: <sip:1234@Mediant;user=phone>
  From: "TPSA 12" <sip:221111111@switch;user=phone>;tag=434636a077aeb3418ef3d5c0887debbd
  Contact: <sip:221111111@switch;transport=UDP>
  Call-ID: 5050e7eb34568795c049d14a6b088172@switch
  CSeq: 1290334631 INVITE
  Via: SIP/2.0/UDP switch;branch=z9hG4bK668ced008893ef177292c6f0f662ca02
  Max-Forwards: 70
  Content-Length: 265
  v=0
  o=OXE 1415263596 1415263596 IN IP4 switch
  s=abs
  c=IN IP4 172.16.20.32
  t=0 0
  m=audio 32156 RTP/AVP 8 4 97
  a=sendrecv
  a=rtpmap:8 PCMA/8000
  a=ptime:20
  a=maxptime:30
  a=rtpmap:4 G723/8000
  a=ptime:30
  a=maxptime:30
  a=rtpmap:97 telephone-event/8000
  (     sip_stack)(18066     )  New SIPMessage created - #57
  (     sip_stack)(18067     )  New SIPSBCCallLeg created - #1695
  6d:9h:46m:35s (     sip_stack)(18068     )  New AcSIPCall created - #1922
  (     sip_stack)(18069     )  AcTransactionUser::AddMessageToQueue: Queueing message
  6d:9h:46m:35s (     sip_stack)(18102     )  SIPCall(#1922) changes state from Idle to Invited
  6d:9h:46m:35s (     sip_stack)(18164     )  SIPCall(#1921) changes state from Idle to Inviting
  (     sip_stack)(18165     )  SIPSessionTimer<TU#1921>::FillSTRequestData - Session-Timer mode: TRANSPARENT
  (      lgr_flow)(18166     )  ---- Outgoing SIP Message to Lync2:5068 from SIPInterface #1 TcpTransportObject[#648] ----
  6d:9h:46m:35s (      lgr_flow)(18178     )  ---- Incoming SIP Message from Lync2:5068 to SIPInterface #1 TcpTransportObject[#648] ----
  SIP/2.0 183 Session Progress
  FROM: "TPSA 12"<sip:221111111@switch;user=phone>;tag=1c1656521459
  TO: <sip:1234@Mediant;user=phone>;tag=499c98c8cd;epid=DE8F26F104
  CSEQ: 1 INVITE
  CALL-ID: 1656462877611201494635@Mediant
  VIA: SIP/2.0/TCP Mediant:5068;branch=z9hG4bKac1657277504;alias
  CONTACT: <sip:lyfe02.grupa.lukas:5068;transport=Tcp;maddr=Lync2>
  CONTENT-LENGTH: 281
  CONTENT-TYPE: application/sdp
  ALLOW: CANCEL
  ALLOW: BYE
  ALLOW: UPDATE
  ALLOW: PRACK
  REQUIRE: 100rel
  SERVER: RTCC/5.0.0.0 MediationServer
  Rseq: 1
  v=0
  o=- 89 1 IN IP4 Lync2
  s=session
  c=IN IP4 Lync2
  b=CT:1000
  t=0 0
  m=audio 52882 RTP/AVP 8 97
  c=IN IP4 Lync2
  a=rtcp:52883
  a=label:Audio
  a=sendrecv
  a=rtpmap:8 PCMA/8000
  a=rtpmap:97 telephone-event/8000
  a=fmtp:97 0-16
  m=audio 0 RTP/SAVP 8 4 97
  (     sip_stack)(18180     )  New SIPMessage created - #55
  (      lgr_flow)(18181     )  |       |(SIPTU#1921)183 State:Proceeding(1656462877611201494635@Mediant)
  6d:9h:46m:35s (   lgr_stk_ses)(18182     )  |       |       |       #1694:SIP_ALERT_EV(1656462877611201494635@Mediant)
  (     sip_stack)(18183     )  SDPBody::New - id = 126
  (     sip_stack)(18184     )  SDPBodyMedia::New - id = 541
  (     sip_stack)(18185     )  SDPBodyMedia::New - id = 540
  (     sip_stack)(18186     )  <BaseSIP SDPSESSION #1694> UpdateChosenMediaByCN - CN as Remote -1
  (     sip_stack)(18187     )  SDPBodyMedia::New - id = 539
  (     sip_stack)(18188     )  SDPBodyMedia::New - id = 538
  (   lgr_stk_ses)(18189     )  SBCOfferAnswerMngr(#1694) changes state from SIP_MEDIA_OFFERING to SIP_MEDIA_COMPLETED
  (   lgr_stk_ses)(18190     )  <SESSION #1694> SendToCall - event: MEDIA_NEGOTIATION_COMPLETED_EV  m_Call#1852
  (      lgr_flow)(18191     )  |       |       (#1852)SBCCall <- (#1694)SIPSBCCallLeg: MEDIA_NEGOTIATION_COMPLETED_EV
  (      lgr_flow)(18192     )  |       (#59)SBCCallPlacementFeature <- (#1852)SBCCall: MEDIA_NEGOTIATION_COMPLETED_EV
  (      lgr_flow)(18193     )  |       (#1853)SBCParticipantEndPoint <- (#59)SBCCallPlacementFeature: MEDIA_NEGOTIATION_COMPLETED_EV
  6d:9h:46m:35s (      lgr_flow)(18219     )  #MediaResourcesConnector::AllocateMediaResources
  (lgr_media_connector)(18220     )  MediaResourcesConnector:CalculateResourcesForAppExtensions Leading:DSP Opposite:NONE MediationLevel:NONE
  (lgr_media_service)(18221     )  ServicesMngr: Allocate Media channel. current active: 0 and max is: 0
  6d:9h:46m:35s (lgr_media_service)(18222     ) !! [ERROR] ServicesMngr: Cannot allocate more Media channel. current active: 0 and max is: 0
  6d:9h:46m:35s (lgr_media_service)(18261     )  (#292) ChannelResource Deallocated.
  6d:9h:46m:35s (lgr_media_service)(18262     )  (#293) ChannelResource Deallocated.
  6d:9h:46m:35s (      lgr_flow)(18263     )  |       |       (#1853)SBCCall <- (#1695)SIPSBCCallLeg: RELEASE_EV
  (      lgr_flow)(18264     )  |       |       (#1853) SBCCall changing states from:AlertingState to:DisconnectingState
  (      lgr_flow)(18265     )  |       (#1852)SBCParticipantEndPoint <- (#1853)SBCCall: RELEASE_EV
  (      lgr_flow)(18266     )  (#1852) SBCParticipantEndPoint changing states from:InitiatedState to:ReleaseingState
  (      lgr_flow)(18267     )  (#1035)SBCController <- (#1852)SBCParticipantEndPoint: RELEASE_EV
  (      lgr_flow)(18268     )  |       |       (#1035) SBCController changing states from:EstablishingState to:DisconnectingState
  (      lgr_flow)(18269     )  |       (#1853)SBCParticipantEndPoint <- (#1035)SBCController: RELEASE_EV
  (      lgr_flow)(18270     )  (#1853) SBCParticipantEndPoint changing states from:InitiatedState to:ReleaseingState
  (      lgr_flow)(18271     )  |       (#59)SBCCallPlacementFeature <- (#1853)SBCParticipantEndPoint: RELEASE_EV
  (      lgr_flow)(18272     )  (#59) SBCCallPlacementFeature changing states from: Initiated to: Releasing
  6d:9h:46m:35s (      lgr_flow)(18273     )  |       |       (#1852)SBCCall <- (#59)SBCCallPlacementFeature: RELEASE_EV
  (      lgr_flow)(18274     )  |       |       (#1852) SBCCall changing states from:AlertingState to:DisconnectingState
  (      lgr_flow)(18275     )  |       |       |       (#1694)SIPSBCCallLeg <- (#1852)SBCCall: RELEASE_EV
  (     sip_stack)(18276     )  New SIPMessage created - #52
  (      lgr_flow)(18277     )  |       |(SIPTU#1921)DISCONNECT_REQ State:Proceeding(1656462877611201494635@Mediant)
  (     sip_stack)(18278     )  New SIPMessage created - #49
  (      lgr_flow)(18279     )  ---- Outgoing SIP Message to Lync2:5068 from SIPInterface #1 TcpTransportObject[#648] ----
  CANCEL sip:1234@Mediant;user=phone SIP/2.0
  Via: SIP/2.0/TCP Mediant:5068;branch=z9hG4bKac1657277504;alias
  Max-Forwards: 70
  From: "TPSA 12" <sip:221111111@switch;user=phone>;tag=1c1656521459
  To: <sip:1234@Mediant;user=phone>;epid=DE8F26F104
  Call-ID: 1656462877611201494635@Mediant
  CSeq: 1 CANCEL
  User-Agent: E-SBC/v.6.60A.260.002
  Reason: SIP ;cause=488 ;text="488 Not Acceptable Here"
  Content-Length: 0
  (     sip_stack)(18281     )  Resource SIPMessage deleted - #49
  6d:9h:46m:35s (     sip_stack)(18354     )  New SIPMessage created - #42
  (     sip_stack)(18355     )  Resource SIPMessage deleted - #42
  (      lgr_flow)(18356     )  |       | TransactionUserMngr::ReturnTransactionUser - #1921
  (     sip_stack)(18357     )  SIPCall(#1921) changes state from Disconnected to Idle
  6d:9h:46m:40s (     sip_stack)(18358     )  New SIPMessage created - #47
  (     sip_stack)(18359     )  Resource SIPMessage deleted - #47
  (      lgr_flow)(18360     )  |       | TransactionUserMngr::ReturnTransactionUser - #1922
  (     sip_stack)(18361     )  SIPCall(#1922) changes state from Disconnected to Idle

  Hi,
  On Mediant 1000 E-SBC SBC tab, when set Remote Early Media RTP Behavior to
  Delayed, but also check if the following configuration set correctly:
  SBC Media Security Behavior: SRTP
  PRACK Mode: Optional
  Remote Update Support: Supported Only After Connect
  Remote Re-INVITE:  Supported Only With SDP
  Remote Delayed Offer Support: Not Supported
  Remote REFER Behavior: Handle Locally
  Remote 3xx Behavior: Handle Locally
  Enforce MKI Size: Enforce
  You can refer this
  link
  Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there.
  Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
  Best Regards,
  Eason Huang
  Eason Huang
  TechNet Community Support

• Web dynpro parameter to set language

  Hi there,
  We are using a the newest version of ESS (ecc 6.0)
  Is it possible to set a parameter so that the web dynpro's are not translated into the language set in the user's IE language settings?
  For example, for IAC and webgui transactions this is possible in the the iview settings, and for BSP you can set the "sap-language=XX" parameter.
  The reason I ask, is because all portal content is and should be in English, but the ESS stuff should <i>only</i> be in German. We have set backend language settings and JCO connection settings, IACs, etc to only use German. The problem is that standard WD iviews (like "change own data") are available in other languages, which result in the UI being displayed in English when the user's language settings are english, but data coming out of R/3 is German... a nasty mix of languages.
  Thanks for any tips. I award points generously
  -faB

  Hi Maksim,
  Thanks, I have seen that page...but the parameters don't seem to work. It does not override the language set in IE.
  It can be tested with the "identiy management" WD.
  This should display in french, for example.
  http://portalserver.domain.dom:50X00/webdynpro/dispatcher/sap.com/tcsecumewdumeadmin/UmeAdminApp?sap-language=FR
  The Portal/J2ee only looks at the browser setting, not the parameter.
  thanx
  -faB

• Do you trust the SAP standard rule set ?

  Hello all,
  I have the impression that, too often, the SAP standard ruleset has been taken for granted : upload, generate and use. Here is a post as to why not to do so. Hopefuly, this will generate a interesting discussion.
  As I have previously stated in other threads, you should be very careful accepting the SAP standard rule set without reviewing it first. Before accepting it, you should ensure that your specific SAP environment has been reflected in the functions. The 2 following questions deal with this topic :
  1. what is your SAP release  ? ---> 46C is different than ECC 6.0 in terms of permissions to be included in the function permission tab. With every SAP release, new authorization objects are linked to SAP standard tcodes. Subsequently some AUTHORITY-CHECK statements have been adapted in the ABAP behind the transaction code. So, other authorizations need to provided from an implementation point of view (PFCG). And thus, from an audit perspective (GRC-CC), other settings are due when filtering users' access rights in search for who can do what in SAP.
  2. what are your customizing settings and master data settings ? --> depending on these answers you will have to (de)activate certain permissions in your functions. Eg. are authorization groups for posting periods, business areas, material types, ... being used ? If this is not required in the SAP system and if activated in SAP GRC function, then you filter down your results too hard, thereby leaving certain users out of the audit report while in reality they can actually execute the corresponding SAP functionality --> risk for false negatives !
  Do not forget that the SAP standard ruleset is only an import of SU24 settings of - probably - a Walldorf system. That's the reason SAP states that the delivered rule set is a starting point. 
  So, the best practice is :
  a. collect SAP specific settings per connector in a separate 'questionnaire' document, preferably structured in a database
  b. reflect these answers per function per connector per action per permission by correctly (de)activating the corresponding permissions for all affected functions
  You can imagine that this is a time-consuming process due to the amount of work and the slow interaction with the Java web-based GRC GUI. Therefore, it is a quite cumbersome and at times error-prone activity ...... That is, in case you would decide to implement your questionnaire answers manually. There are of course software providers on the market that can develop and maintain your functions in an off-line application and generate your rule set so that you can upload it directly in SAP GRC. In this example such software providers are particularly interesting, because your questionnaire answers are structurally stored and reflected in the functions. Any change now or in the future can be mass-reflected in all (hundreds / thousands of) corresponding permissions in the functions. Time-saving and consistent !
  Is this questionnaire really necessary ? Can't I just activate all permissions in every function ? Certainly not, because that would - and here is the main problem - filter too much users out of your audit results because the filter is too stringent. This practice would lead too false negatives, something that auditors do not like.
  Can't I just update all my functions based on my particular SU24 settings ? (by the way, if you don't know what SU24 settings are, than ask your role administrator. He/she should know. ) Yes, if you think they are on target, yes you can by deleting all VIRSA_CC_FUNCPRM entries from the Rules.txt export of the SAP standard rule set, re-upload, go for every function into change mode so that the new permissions are imported based on your SU24 settings. Also, very cumbersome and with the absolute condition that you SU24 are maintained excellent.
  Why is that so important ? Imagine F_BKPF_GSB the auth object to check on auth groups on business areas within accounting documents. Most role administrator will leave this object on Check/Maintain in the SU24 settings. This means that the object will be imported in the role when - for example - FB01 has been added in the menu.  But the role administrator inactivates the object in the role. Still no problem, because user doesn't need it, since auth groups on business areas are not being used. However, having this SU24 will result in an activated F_BKPF_GSB permission in your GRC function. So, SAP GRC will filter down on those users who have F_BKPF_GSB, which will lead to false negatives.
  Haven't you noticed that SAP has deactivated quite a lot of permissions, including F_BKPF_GSB ? Now, you see why. But they go too far at times and even incorrect. Example : go ahead and look deeper into function AP02. There, you will see for FB01 that two permissions have been activated. F_BKPF_BEK and F_BKPF_KOA.  The very basic authorizations needed to be able to post FI document are F_BKPF_BUK and F_BKPF_KOA.  That's F_BKPF_BUK .... not F_BKPF_BEK. They have made a mistake here. F_BKPF_BEK is an optional  auth object (as with F_BKPF_GSB) to check on vendor account auth groups.
  Again, the message is : be very critical when looking at the SAP standard rule set. So, test thoroughly. And if your not sure, leave the job to a specialized firm.
  Success !
  Sam

  Sam and everyone,
  Sam brings up some good points on the delivered ruleset.  Please keep in mind; however, that SAP has always stated that the delivered ruleset is a starting point.  This is brought up in sap note 986996     Best Practice for SAP CC Rules and Risks.  I completely agree with him that no company should just use the supplied rules without doing a full evaluation of their risk and control environment.
  I'll try to address each area that Sam brings up:
  1.  Regarding the issue with differences of auth objects between versions, the SAP delivered rulset is not meant to be version specific.  We therefore provide rules with the lowest common denominator when it comes to auth object settings.
  The rules were created on a 4.6c system, with the exception of transactions that only exist in higher versions.
  The underlying assumption is that we want to ensure the rules do not have any false negatives.  This means that we purposely activate the fewest auth objects required in order to execute the transaction.
  If new or different auth object settings come into play in the higher releases and you feel this results in false positives (conflicts that show that don't really exist), then you can adjust the rules to add these auth objects to the rules.
  Again, our assumption is that the delivered ruleset should err on the side of showing too many conflicts which can be further filtered by the customer, versus excluding users that should be reported.
  2.  For the customizing settings, as per above, we strive to deliver rules that are base level rules that are applicable for everyone.  This is why we deliver only the core auth objects in our rules and not all.  A example is ME21N. 
  If you look at SU24 in an ECC6 system, ME21N has 4 auth objects set as check/maintain.  However, in the rules we only enable one of the object, M_BEST_BSA.  This is to prevent false negatives.
  3.  Sam is absolutely right that the delivered auth object settings for FB01 have a mistake.  The correct auth object should be F_BKPF_BUK and not F_BKPF_BEK.  This was a manual error on my part.  I've added this to a listing to correct in future versions of the rules.
  4.  Since late 2006, 4 updates have been made to the rules to correct known issues as well as expand the ruleset as needed.  See the sap notes below as well as posting Compliance Calibrator - Q2 2008 Rule Update from July 22.
  1083611 Compliance Calibrator Rule Update Q3 2007
  1061380 Compliance Calibrator Rule Update Q2 2006
  1035070 Compliance Calibrator Rule Update Q1 2007
  1173980 Risk Analysis and Remediation Rule Update Q2 2008
  5.  SAP is constantly working to improve our rulesets as we know there are areas where the rules can be improved.  See my earlier post called Request for participants for an Access Control Rule mini-council from January 28, 2008.  A rule mini-council is in place and I welcome anyone who is interested in joining to contact me at the information provided in that post.
  6.  Finally, the document on the BPX location below has a good overview of how companies should review the rules and customize them to their control and risk environment:
  https://www.sdn.sap.com/irj/sdn/bpx-grc                                                                               
  Under Key Topics - Access Control; choose document below:
      o  GRC Access Control - Access Risk Management Guide   (PDF 268 KB) 
  The access risk management guide helps you set up and implement risk    
  identification and remediation with GRC Access Control.

• Sharing stopped.  Sharing set to allow editing and viewing.  He can see what I enter.  I can't see his entries.

  Sharing set to allow editing and viewing.  He can see what I enter.  I can't see his entries. He sees his entries plus mine.  I only see mine.  This all worked fine a week ago.

  I'm sorry to be so incredibly dense. The article to which you linked says:
  "If the computer is already authorized, the item plays. If the computer has not yet been authorized, iTunes asks you to enter the Apple ID and password you used to purchase the song."
  I can play songs from my husband's library. I can't drag them into my library.
  If deauthorizing/authorizing is the solution, who needs to do what? We've got three computers and two iTunes accounts.

• How to set the read only property for dynamic ALV column

  Hi All,
  I have built one dynamiv ALV and I have one name column inside that ALV for which I have to set read only property based on two column fields that exist in the same ALV,say IS_SP and IS_CORP of type boolean.
  If any one of the flag is 'X',i have to make that name column as display only and
  If both flag are not set,it should be displayed as ediatable column.
  I have written one method as INIT_ALV which gets called when ALV is loaded.
  Code is as  follows:
    lr_column_settings ?= wd_this->alv_all_roles.
    lt_columns = lr_column_settings->get_columns( ).
  LOOP AT lt_columns INTO ls_column.
  CASE ls_column-id.
     WHEN <NAMECOLUMN>. "name column which should be editable/display
  Create Input Field
          CREATE OBJECT lr_uie_input_field_ro
            EXPORTING
              value_fieldname = ls_column-id.
       ls_column-r_column->set_cell_editor( lr_uie_input_field_ro ).
      After this,I have to set the read only property based on IS_SP and IS_CORP values,
            CALL METHOD lr_uie_input_field_ro->set_read_only_fieldname
            EXPORTING
              *value = 'IS_SP' or 'IS_CORP'
  ENDLOOP.
  I dont want to use cell variants also.
  Help me to achieve this.
  Thanks and Regards,
  Divya

  Divya - I have done it in the past following these documents. Please read it and try it it will work.
  Please read it in the following order since both are a continuation documents for the same purpose (it also contains how to change colors of row dynamically but I didnt do that part I just did the read_only part as your requirement) 
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/f0625002-596c-2b10-46af-91cb31b71393
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/d0155eb5-b6ce-2b10-3195-d9704982d69b?quicklink=index&overridelayout=true
  thanks!
  Jason PV

• My first generation AppleTV will not sync with iTunes anymore.  I get an error message that says: "The Apple TV is not responding Check that any firewall software running on this comptuter has been set to allow communication on port 3689"  firewall is off

  My first generation AppleTV will not sync with iTunes anymore.  I get an error message that says: "The Apple TV is not responding Check that any firewall software running on this comptuter has been set to allow communication on port 3689"  firewall is turned off.. Any ideas?

  Thanks Rudegar,
  I only synch and do not stream off of my 1st Gen AppleTV
  I will try with ethernet but will be a pain in the butt if i can not fix it with wifi for long term fix
  I may end up trying to do a named IP address vs DHCP for this appleTV (not sure if i can do both and do not want to remove DHCP as i have a bunch of sensors and other devices that I prefer to dynamically add to the network via DHCP vs. assign each one
  Will keep working on other fix options (factory reset, etc.)
  Thanks again

• Permissions on Android AT200 removable SD card set to read only

  Recently the removale SD card on my at200 has been set to read only for all but a few applications. This mean that when editing or trying to save, copy docs on the SD card I get the "not enough permissions" message. Any editing by these applications requires shifting files to onboard SD card and back again.
  Toshiba file manager is able to rw OK, but my other file manager fails, as does ezy PDF.
  Reading the attributes of the SD card show that it is set to rw for data.p (permissions XML). But looking at info from file manager shows sdcard directories and files set to dr- or -r-.
  Is there some way of getting this changed to allow access for all my installed apps? Or even some?
  Cheers
  rabel

  MisterX,
  Found this note from zc2 on the xda forum dealing with the same issue December 2011.
  "The owners of Honeycomb-powered tablets experience a problem writing to the external SD card, because since v3.2 the permissions for the files there were changed from sdcard_rw to media_rw.
  According the file /system/etc/permissions/platform.xml, any application with declared permission "android.permission.WRITE_MEDIA_STORAGE" should be included to that media_rw group.
  But that won't happen.
  I made a test application to show the group membership (it just executes the "id" command), and according to its output, the application is not member of the media_rw group, despite the "android.permission.WRITE_MEDIA_STORAGE" permission is mentioned in its manifest.xml"
  This is somewhat confirmed by a comment returned to me from the AntTek File Explorer developers on an interum work around for this problem (a common one since 3.2)
  "While waiting, the simple solution, if your device is rooted, is as follows:
  1. Using AntTek File Explorer, active Native mode from application preference.
  2. Navigate to /system/etc/permissions.
  3. Open platform.xml and find the WRITE_EXTERNAL_STORAGE permission.
  4. Add an additional group definition for this permission: <group gid="media_rw" />. It will grant AntTek Explorer (and other applications) permission to writing to removable SD Card. After edited, it will look like:
  <permission name="android.permission.WRITE_EXTERNAL_STORAGE">
  <group gid="sdcard_rw" />
  <group gid="media_rw" />
  </permission>
  5. Save the changes to the file.
  6. Restart your tablet."
  My tablet is not rooted so this was not available to me, but it appears this is a major issue for Honeycomb, including the version on the AT200. Is there any plans to fix this bug do you think? Or is there a date for the promised update to ICS for the AT200, another prime selling point.
  Cheers