SCCM 2012: create user/group which can only import computers, reset pxe boots

Similar Messages

• How to configure SCCM 2012 discover user group only?

  Hi,
  I'm wondering if there is a way to discover user group only (ignore computer group) in SCCM 2012?
  Jason

  Hi,
  Also note that by default, only security groups are discovered. However, you can discover the membership of distribution
  groups when you select the checkbox for the option Discover the membership of distribution groups on
  the Option tab
  in the Active Directory Group Discovery Properties dialog box.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• App-V 5.0 SP2 user applications published via SCCM 2012 to VDI workstations with roaming only

  Hi,
  The environment consists of App-V 5.0 SP2 (KB2956985) user based applications published via SCCM 2012 to Windows 7 VDI snapshotted workstations that are reset at user logoff.
  When a user logs on the SCCM 2012 client initiates App-V client package publishing.  After a couple of minutes after logon the shortcuts appear and the user can launch their applications.
  The issue is that at logoff, even with roaming enabled, the publishing information disappears.  This causes the next logon process for that user to repeat, the applications are not available until the SCCM client has completed it's publishing cycle. 
  Roaming profiles are implemented. %APPDATA% is redirected to a UNC path.  The following registry key is set
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Integration\PreserveUserIntegrationsOnLogin=1
  U-EV, global publishing of applications, and AppLocker rules are not an option.  Also, I have read this already - http://technet.microsoft.com/en-us/library/dn659478.aspx#BKMK_PE
  I do not want to wait for the SCCM client to kick in prior to the user applications being available.  What do I need to roam or run to create a seamless transition for the user between sessions? 
  Eddie.

  Hi Tywin (bad username considering the last GoT Episode ;))
  If you ask Microsoft, they always recommend using SCCM for deploying App-V packages and reuse your current SCCM infrastructure if that is already in place. Problem is, as you now experience, is that there is some big caveats both in regards to publishing
  time and to roaming of settings.
  As Nické states I would suggest looking into the Full Infrastructure Model for App-V 5.x, which gives you much better performance in what I call "from no apps" to "being able to click the shortcut" - the add and publishing phase. If you don't have the time/budget/whatever
  to start looking into that, you could look into some community tools like App-V Scheduler which is developed specific by Citrix guys to ease the publishing and management in a Citrix world.
  Microsoft have a great article about Performance Guidelines, which you have read, but it mostly presumes you work with Full Infrastructure. Have you looked into Steve Thomas' session from TechEd NA? It talks about "implementation trends".
  Senior Consultant at Atea Denmark - http://Atea.dk Atea Technical Evangelist for App-V NoLightPeople - http://NoLightPeople.com Access Director - http://www.nolightpeople.com/index.aspx#accessdirector

• Creating user groups using SQ03.

  I am going to make a change to a already existing query 01 in the user group /SAPQUERY/AM. I am not a query expert, in fact this is the second query that I am modifing. I am reading some documentation that the first thing that I have to do is create a user group. from what I am reading, the user group will contain the users that are allowing to modify queries. Since our users do not use this tool, I am the only one that creates and modifies queries. I think I am going to create a user group and that my user-id will be the only one in the group - correct? will I create one user group and and queries that I make changes to in the future user this user group or do I create user groups based on the users group that are defined by SAP. example - If I am changing a query in /SAPQUER/AM  and in /SAPQUERY/AU - would I create 2 user groups  1 for AM and 1 for AU or would I create only 1 user group and use it for both queries.
  After this, I think I have to copy the infoset (SQ02)and the query (SQ01) to custom names (names starting with Z) and then attaching the parts to the new user group.

  Hi Timothy
  Typically you want to create user groups for functional areas or grouped reports/queries. You can enter as many users as needed into a user group and only those who have the checkbox next to their name in the user group screen will have authorization to create/modify queries in the infosets where the usergroup is assigned. If you are creating 2 usergroups with the same users and authorizations then that is redundant but if the list of users is different or the authorizations may change then it would make sense to have 2 usergroups. You should have some naming convention to follow when creating the queries but the Z prefix is not required.
  Andy

• How to create user groups in SAP

  Hello Gurus,
  Can anyone let me know how to create user groups in SAP-HR Module and who will be creating  the user groups.
  plz provide me the steps.

  Hi Stephanie,
  IMG --> Personnel Mgmt --> Personnel Administration --> Basic Setting s --> Maintain User Parameters
  Please refer the below links:
  http://scn.sap.com/thread/1653026
  http://scn.sap.com/thread/1682721
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/10eab7af-0e54-2c10-28a5-87b47adbe1a5?QuickLink=index&overridelayout=true&44478681629499
  Thanks,
  Madhav.

• Have been here before but still have not resolved a fix for a black screen when I try to access a PDF file...Now I've got a new iPad and need the User Guide which is only available inPDF

  Have been here before but still have not resolved a fix for a black screen when I try to access a PDF file using Safari...Now I've got a new iPad and need the User Guide which is only available in PDF and FireFox will not work.

  Hello,
  '''Try Firefox Safe Mode''' to see if the problem goes away. Safe Mode is a troubleshooting mode, which disables most add-ons.
  ''(If you're not using it, switch to the Default theme.)''
  * On Windows you can open Firefox 4.0+ in Safe Mode by holding the '''Shift''' key when you open the Firefox desktop or Start menu shortcut.
  * On Mac you can open Firefox 4.0+ in Safe Mode by holding the '''option''' key while starting Firefox.
  * On Linux you can open Firefox 4.0+ in Safe Mode by quitting Firefox and then going to your Terminal and running: firefox -safe-mode (you may need to specify the Firefox installation path e.g. /usr/lib/firefox)
  * Or open the Help menu and click on the '''Restart with Add-ons Disabled...''' menu item while Firefox is running.
  [[Image:FirefoxSafeMode|width=520]]
  ''Once you get the pop-up, just select "'Start in Safe Mode"''
  [[Image:Safe Mode Fx 15 - Win]]
  '''''If the issue is not present in Firefox Safe Mode''''', your problem is probably caused by an extension, and you need to figure out which one. Please follow the [[Troubleshooting extensions and themes]] article for that.
  ''To exit the Firefox Safe Mode, just close Firefox and wait a few seconds before opening Firefox for normal use again.''
  ''When you figure out what's causing your issues, please let us know. It might help other users who have the same problem.''
  Thank you.

• Unable to Create Users/Groups/Orgs in OAM

  I have created a admin user [oamadmin] in Sun One Directory Server and configured the admin user as a Administrator during the initial installation/configuration. When I go the Identity System Console, I can see the users from Sun One Directory Server. When I tried to create a User, Group or a Organization, I see the error message
  "You do not have sufficient access rights"
  Is there anything I'm missing? What should I tune if I have to create users, groups and organizations from Identity System Console? I have included the admin user [oamadmin] in Directory Administrators group in Directory Server.

  You have to create a workflow that creates user, group, ... and make the current logged in user (your admin in this case) the initiator of this workflow
  for more details check the identity and common administration guide section 5 - chaining identity actions into workflows

• How to create users group under jazn realm

  Dear Experts,
  I am in need to create two groups of users under jazn.com realm. From my knowledge I have checked Enterprise Manager console. There is no option to create users group. What I have to do to create new users group. Please
  suggest that.
  Also suggest me, what is the maximum amount of users can we define under jazn.com realm.
  Thanks,
  Rajesh

  Rajesh
  check <Soasuite_home>\j2ee\oc4j_soa\config\system-jazn-data.xml. Add the role(your role name is your group name) and add the users to that group.
  You can do this from em, but if you want to add the properties like phone number, mail details, then you will need to change in the file.
  Nirav

• Create user with select privilege only one schema

  can someone tell me how i can create user with select priviliges only one schema.
  i don't want the user to have any select privileges with other schema.
  can someone advise me.
  Thansk

  In general, you would do something like
  CREATE ROLE abc_read_only;
  FOR x IN (SELECT * FROM dba_tables WHERE owner='ABC')
  LOOP
    EXECUTE IMMEDIATE 'GRANT SELECT ON abc.' || x.table_name || ' TO abc_read_only';
  END LOOP;
  CREATE USER your_user ...;
  GRANT abc_read_only TO your_userYou create a role, grant the role SELECT access to all the tables in the ABC schema (you can extend this to grant access to views, functions, etc depending on the requirements), and then grant that role to your user.
  Justin

• How to create sharepoint Group with read only permissions using powershell for entire site ?

  How to create sharepoint Group with read only permissions using powershell for entire site (including subsites and top level site)

  Hi
  using (SPSite site = new SPSite(url))
  using (SPWeb web = site.OpenWeb())
  SPUserCollection users = Web.AllUsers;
  SPUser owner = users[string.Format("{0}{1}", "Domain", "Owner Username")];
  SPMember member = users[string.Format("{0}{1}", "Domain", "Default Member Username")];
  SPGroupCollection groups = Web.SiteGroups;
  string GroupName = “Super Exclusive”;//your group name
  string GroupDescription = “Super exclusive group description.”;
  groups.Add(GroupName, owner, member, GroupDescription);
  SPGroup NewSPGroup = groups[GroupName];
  SPRoleDefinition role = Web.RoleDefinitions["Read"];
  SPRoleAssignment roleAssignment = new SPRoleAssignment(NewSPGroup);
  roleAssignment.RoleDefinitionBindings.Add(role);
  Web.RoleAssignments.Add(roleAssignment);
  Web.Update();
  Please 'propose
  as answer' if it helped you, also 'vote
  helpful' if you like this reply.

• Create User Groups and assign Access privileges in Reports

  Hi All,
  Could you share the document or explain which explains about the Standard method to create User Groups in CMC for BOBJ XI 3.1 architecture.
  And how to assign privileges to user groups like view reports, folders, privileges to create/edit reports etc.
  Environment:
  - Backend - BW
  - and  BO XI 3.1 sp3
  Thanks,
  AK

  BO XI 3.1 Administration guide
  http://help.sap.com/businessobject/product_guides/boexir31SP3/en/xi31_sp3_bip_admin_en.pdf

• Creating User Groups

  Hi All,
  How can I create User groups in Application Express 4.0.1.00.03.
  I am not able to find the link for creating User groups after logging in as found in the Help:
  1.Log in to Oracle Application Express. See "Logging In to Oracle Application Express" in Oracle Application Express Application Builder User's Guide.
  The Workspace home page appears. Note I have logged in as administrator for Internal Workspace.
  2.Click the Administration icon. - Not able to find
  The Administration page appears.
  3. From the Tasks list, click Manage User Groups. - Not able to find
  The User Groups page appears.
  Thanks & Best Regards
  Arif Khadas

  Hello Arif,
  >> Note I have logged in as administrator for Internal Workspace
  You should login to your working workspace as a developer with workspace administrator privileges. At the Application Builder home page you’ll see the Administration icon, and within it the Manage Users and Groups icon. In this module, you should select the Manage User Groups Task.
  Regards,
  Arie.
  &diams; Please remember to mark appropriate posts as correct/helpful. For the long run, it will benefit us all.
  &diams; Author of Oracle Application Express 3.2 – The Essentials and More

• Creating user group

  Hi team
  I had a few queries can u suggest.
  1. creating user group in one system?
  2. How to transport this user group to different clients in the same system?
  3. How to transport this user group to different clients to other system in the same SLD?
  4. How to transport this user group to different clients to other systems in othe SLD?
  SLD(System Landscape)
  Feebacks are greatly appreciated.
  Regards
  Bhaskar

  Hi Bhaskar,
  You can created the user groups by using tcode SUGR. However there is no need to transport the user groups. You can create the same user group in DEV,QA and Prod systems and add the user on logon data.
  There is also one another way to assign user group :-
  You can assign the user to user group on groups tab in SU01 tcode. Assignments that you make on the Groups tab page are not used for authorization checks that are specified on the Logon data tab page using the user group field.
  Regards,
  Sneha

• How to create a jframe which has only the close button

  hi
  i want to create a jframe which hold only the close button on the title bar. just like an JOptionPane.
  hussain52

  Well, if you are in a window's environment and using forte, you can go to sample forms, MDI, and then just highlight and delete what you don't want from the menubar.

• SCCM 2012: Active Directory Group Discovery, Delta Discovery?

  Hi,
  Our scenario:
  *Software is requested via a seperate system which puts AD computer objects in groups
  *Software within SCCM 2012 is deployed to computer collections
  *Computer collections query AD groups, in those AD groups the pc's reside
  *Collections memberships run via AD query (every 20 minutes)
  *We deploy an OS (Windows 7) via SCCM
  *Machine policy is updates every 20 minutes
  What is important: AD Group discovery is set to full discovery every 7 days, delta discovery set to 15 minutes
  So what happens:
  *Pc is staged correctly with Windows 7 but software isn't coming through in time (sometimes it's there within the hour, sometimes it takes 6 hours)
  *If we run a full AD Group discovery mostly software is installing immediately
  *Sometimes a SCCM 2012 client machine reset policy or reinstall client solves the problem
  My questions:
  *Would it be better to run full discoveries every x minutes since this always solves our problem
  *Would it be better to disable the delta discovery if we do the change above to minimize AD queries
  => tried that now (full discovery every 30 minutes and disabled delta discovery) but I don't want to put to much pressure on our domain controller
  *Our software collections are limited to all systems, we could limit them to a Windows 7 collection. Probably we should do that but any suggestion how to do this safely in Powershell?
  Please advise.
  J.
  Jan Hoedt
  Note: what I don't get is why a full ad discovery system discovery sovles the problem since SCCM 2012 collections do a AD query, what 's the link there?

  So, let me see if I get this correct for our situation:
  Our own developed system puts pc’s in AD groups
  SCCM 2012 polls these groups, by default 1/week full discovery then every 30 minutes a delta discovery
  We deploy software to computer collections, these collections check the SCCM 2012 database every 30 minutes (collection update) Note: the query our collection do, is based upon requirement of Windows 6.1 + membership of an AD group.
  The SCCM 2012 client/computer does a computer policy update every 30 minutes to see what collections it is member of and see then the software to be deployed
   2 questions:
  *Our my assumptions correct? Specifically point 3.: is the query fully coming from an ad sync (or also from sccm client, f.e. Windows 6.1%)?
  *Don’t we have a step to much then, wouldn’t it be better to add a direct membership of the AD group within SCCM? This direct membership would mean no query and so save us about 20 minutes (run of query)?
  Jan Hoedt