Security configuration

Similar Messages

• Enable the security configuration for this panel

  Why do my panels built with Configurator sometimes display
  this in Ps Cs4?
  "Please close all panels or restart Photoshop to enable the
  security configuration for this panel"
  Closing panels or restarting Photoshop does not enable the
  panels but exporting from Configurator does enable them. Why do I
  have to keep exporting?

  I believe I have stumbled on the answer to this problem, so I
  would like to pass it along to any other users who have a similar
  problem.
  My experience is that this is an intermittent problem, so I
  asked myself what do I do from time to time that could be causing
  this difficulty. The answer is I use a program called CC cleaner to
  clean out temporary files (that in theory I don't need). I found
  that after running CC cleaner, I have to re-export the
  configuration file (as I get the error message described in an
  earlier posting) so that the configurator panel subsequently opens
  properly when I open up C S 4.
  I immediately ran CC cleaner again and found that it wanted
  to delete only one group of files that were located in the
  following folder:
  C:\Documents and settings\user's name\application
  data\Macromedia\flash player\*.*
  Accordingly, I instructed " CC cleaner", to exclude this
  folder and everything in it (from deletion):
  Now if I run CC cleaner to get rid of all my temporary
  Internet files and other temporary files, but it leaves the above
  folder untouched, and so far the configurator panel opens up
  properly in Photoshop.
  I don't use Windows "disk cleaner" so I'm not sure whether or
  not this cleaner represents a potential problem. In any event it's
  the Macromedia folder described above that causes the problem.
  It's clear that Adobe configurator uses Macromedia flash to
  do its thing, so hopefully I've solve this problem
  long-term.

• Java Security Configuration Assistant fails to install

  Hello,
  I have a problem because Oracle Application Server 10g for Windows doesnt install. I have tried several times on various systems, but every time I have the same error when the installer comes to the "Java Security Configuration Assistant"
  The command being spawned is:
  C:\oracle2\product\10.1.0\Db_1/jdk/bin/javaw -Djava.net.preferIPv4Stack=true -classpath C:\oracle2\product\10.1.0\Db_1\dcm\lib\dcm.jar;C:\oracle2\product\10.1.0\Db_1\j2ee\home\jazn.jar;C:\oracle2\product\10.1.0\Db_1\j2ee\home\lib\jaas.jar;C:\oracle2\product\10.1.0\Db_1\j2ee\home\oc4j.jar;C:\oracle2\product\10.1.0\Db_1\jlib\ojmisc.jar -Doracle.security.jazn.config=C:\oracle2\product\10.1.0\Db_1\j2ee\home\jazn\install\jazn.xml oracle.security.jazn.util.JAZNInstallHelper -log C:\oracle2\product\10.1.0\Db_1\cfgtoollogs\jaznca.log -realm jazn.com -user admin -oldpwd welcome -newpwd 05f2d5c792fb24147255fbe8169f54594b -oh C:\oracle2\product\10.1.0\Db_1 -clearpwd false
  Only the first parameter is interesting :
  C:\oracle2\product\10.1.0\Db_1/jdk/bin/javaw
  It has a mixture of slahes (/) and backslashes (\), the first half C:\oracle2\product\10.1.0\ is ok but the second half Db_1/jdk/bin/javaw is not compatible with windows (slahes are for unix path only), so it obviously doesnt work because this path with a mixture of / and \ is not correct. At this point, the installation of Oracle AS fails.
  Does anybody know a cause for this, or a workaround to get AS installed ? Thanks

  The mixture of slashes and backslashes isn't an issue for Windows. I have examined the failure of the assistant, but with the new release of AS10g (release 2), I would like to know if you still have the problem you describe.

• [Secure Configuration] Oracle Reports 10g Email Configuration...

  Hi Everyone,
  In oracle Reports 10g, we have an option of sending mail as an attachment using destype = mail and desname = [email protected] For this to happen we have to add the outgoing mail server name in the <report server>.conf file. Once we configure this setting, end-users can send any report to any mail-id. So, how to make an secured configuration so that they can send only those allowed reports?
  Note: We have already many reports which are already deployed. So we cant incorporate the validation or some logic within the each report.

  hello dsegard,
  Thanks for you help. I tried the way which you had said. I have incorporated the security tag in the conf file and included the XMLSecurity Project( Deployed the JAR file and done necessary configuration). Now, I dont know how to use it.
  Is there any alternative way for this? Is there any way that we can remove the default options provided by the Oracle Reports under the Destype?

• How to Migrate Row Level Security Configuration

  Hi Guys,
  Does anybody know how to migrate row level security configuration? I suppose PeopleSoft provided a data mover script, like securityexport.dms.
  Thank you in advance,
  Bob

  Here are two options to achieve what you want.
  A. You can do this by coding, that's if you are ready to. Are you? If yes then try the steps below:
  1. create a security codes table. Say for example
  001 - company a
  002 - company b
  2. create a security table that will list all users and which company they should have access to. You can also implement this by roles.
  3. alter all tables in the application schema to add a security code column. This will be a foreign key reference to table created in 1 above.
  4. update all data in the tables according to which company they belong to.
  5. write a procedure or package that does a validity check whenever a user requests for data. This procedure/package determines which company data the user has access/rights to.
  With this, you should be able to achieve what you want if you do not want to spend on VPD and FGAC. The problem comes where there are users who would have cross access to data from both companies. In this regard, then you have to modify your security table a little bit to handle this.
  B. This option i will admit is not so clean. You can also achieve this by two different views for every table in the application schema. And on each of these views, create a private synonym for every user. For illustration purposes:
  Table name = Employee.
  Create a view employee_a on employee
  create a view employee_b on employee
  Let's say you have users x and y. X has access to employees of company a and y has access to employees of company b. You can now create private synonyms for each of these users as follows:
  create synonym employee on employee_a in x schema.
  create synonym employee on employee_b on y schema.
  This i have not tried but believe should work.
  Hope one of these options serve your purpose.

• Oracle Service Bus 11gR1 - missing Web Services Security Configuration?

  I am trying to configure a web service which uses username token policy.
  The below option is missing in Proxy Service --> Security
  Web Services Security Configuration
  Process WS-Security Header     Yes     NoIs there anything that needs to be enabled for the above to show up in Proxy Service-->Security.

  This option was enabled by removing the username token policy from the wsdl file.
  Thanks for looking.

• WS Security Configuration error DELAY_L_ERE is inconsistent

  Hello Colleagues,
  if I try to activate the WS Securtiy Configuration (SE38 > WSS_SETUP) on a SAP ECC 6.0 System for a SAML Scenario over PI  I get following notification:
  WS Security Configuration
  Service user 'DELAY_L_ERE' is inconsistent
  Configuration for WS Security logon created
  Service user 'DELAY_L_ERE' is consistent
  Service: Name or password is incorrect (repeat logon)
  The WS Security Configuration on PI was successfully without any errors!
  Any ideas?
  Many thanks in advanced!
  Regards,
  Jochen
  Edited by: Jochen Schertel on Jun 18, 2010 10:43 AM

  Hello Colleagues,
  we found the solution.
  Presumably it's required to have the profile "SAP_ALL" during executing WS Security Configuration.
  Profile "SAP_ALL" solved the problem.
  Regards,
  Jochen

• Sup 2.1.3 new security configuration problems

  Hi all,
  I created a new security configuration. In the new security configuration I configured for OpenLdap. Then I deployed my MBOs with a new security configuration.
  but, when I try to register the devices a error appear:
  May  6 09:19:45 dreifs-mini-ipad TEST[2433] <Warning>: onRegistrationStatusChanged: status = REGISTRATION_ERROR, code = 14850, message = SUPApplicationError_REGISTRATION_TEMPLATE_NOT_FOUND
  What could be problem?
  thanks in advance,
  david

  Please mark this Discussion with a Correct Answer and Helpful Answer where appropriate.  See http://scn.sap.com/community/support/blog/2013/04/03/how-to-close-a-discussion-and-why   Even if you discovered the solution without any outside contributions, it helps others to understand what the solution turned out to be.
  Regards, Mike
  SAP Customer Experience Group - CEG

• Error when creating security configuration

  I am trying to create new security configuration via Web Service administration. I clicked on Add for adding users but I was getting this exception
  JBWEB000309: type JBWEB000066: Exception report
  JBWEB000068: message
  JBWEB000069: description JBWEB000145: The server encountered an internal error that prevented it from fulfilling this request.
  JBWEB000070: exception
  java.lang.NullPointerException
  atg.nucleus.Nucleus.getAbsoluteName(Nucleus.java:2566)
  atg.nucleus.Nucleus.getAbsoluteName(Nucleus.java:2533)
  atg.nucleus.GenericService.getAbsoluteName(GenericService.java:447)
  atg.nucleus.GenericService.startService(GenericService.java:560)
  atg.nucleus.NucleusNameResolver.startService(NucleusNameResolver.java:1751)
  atg.nucleus.MultiRootNameResolver.configureAndStartService(MultiRootNameResolver.java:1219)
  atg.nucleus.MultiRootNameResolver.bindAndConfigureService(MultiRootNameResolver.java:959)
  atg.nucleus.MultiRootNameResolver.createFromName(MultiRootNameResolver.java:849)
  atg.nucleus.MultiRootNameResolver.resolveName(MultiRootNameResolver.java:455)
  atg.nucleus.ResolveNameHelperImpl.resolveName(ResolveNameHelperImpl.java:274)
  atg.nucleus.MultiRootNameResolverFactory$RequestResolveNameHelper.resolveName(MultiRootNameResolverFactory.java:832)
  atg.servlet.DynamoHttpServletRequest.resolveNameSingleNucleus(DynamoHttpServletRequest.java:3898)
  atg.servlet.DynamoHttpServletRequest.resolveName(DynamoHttpServletRequest.java:3857)
  atg.servlet.DynamoHttpServletRequest.resolveName(DynamoHttpServletRequest.java:3835)
  atg.droplet.DropletDescriptorManager.getPropertyValue(DropletDescriptorManager.java:395)
  atg.droplet.DropletDescriptorManager.getPropertyStringValue(DropletDescriptorManager.java:304)
  atg.droplet.DropletDescriptor.getPropertyStringValue(DropletDescriptor.java:318)
  _dasadmin_3._atg._dynamo._admin._en._webservice._choose_sindividuals$_Param_8_output.service(_choose_sindividuals.java:398)
  atg.servlet.DynamoPageServlet.service(DynamoPageServlet.java:142)
  atg.servlet.DynamoHttpServletRequest.serviceLocalParameter(DynamoHttpServletRequest.java:4428)
  atg.servlet.DynamoHttpServletRequest.serviceLocalParameter(DynamoHttpServletRequest.java:4687)
  atg.droplet.security.GetAllPrincipalsDroplet.service(GetAllPrincipalsDroplet.java:208)
  atg.servlet.DynamoServlet.service(DynamoServlet.java:152)
  atg.servlet.pagecompile.PageSubServlet.serviceServlet(PageSubServlet.java:255)
  atg.servlet.pagecompile.PageSubServlet.serviceByName(PageSubServlet.java:212)
  _dasadmin_3._atg._dynamo._admin._en._webservice._choose_sindividuals$_Param_10_output.service(_choose_sindividuals.java:608)
  atg.servlet.DynamoPageServlet.service(DynamoPageServlet.java:142)
  atg.servlet.DynamoHttpServletRequest.serviceLocalParameter(DynamoHttpServletRequest.java:4428)
  atg.servlet.DynamoHttpServletRequest.serviceLocalParameter(DynamoHttpServletRequest.java:4687)
  atg.webservice.GetSecurityItem.service(GetSecurityItem.java:154)
  atg.servlet.DynamoServlet.service(DynamoServlet.java:152)
  atg.servlet.pagecompile.PageSubServlet.serviceServlet(PageSubServlet.java:255)
  atg.servlet.pagecompile.PageSubServlet.serviceByName(PageSubServlet.java:212)
  _dasadmin_3._atg._dynamo._admin._en._webservice._choose_sindividuals._jspService(_choose_sindividuals.java:705)
  atg.servlet.jsp.DynamoJspPageServlet._jspService(DynamoJspPageServlet.java:152)
  atg.servlet.jsp.DynamoJspPageServlet._jspService(DynamoJspPageServlet.java:116)
  atg.servlet.jsp.DynamoJspPageServlet.service(DynamoJspPageServlet.java:202)
  atg.servlet.pagecompile.PageCompileServlet.service(PageCompileServlet.java:498)
  atg.servlet.DynamoServlet.service(DynamoServlet.java:152)
  Could anyone help me figure out the cause for this issue?
  Message was edited by: Nick Glover-Oracle
  (To add new lines to stack trace)

  This is the operation that I am trying to expose
  http://ech-10-157-132-76.mastercard.int:8080/userprofiling/usersession/loginUser?WSDL

• Wireless 1410 Throughput Test and Security Configuration

  Hi Team
  Could you please address on the security configuration of the 1410 bridge and on how to test the bandwidth/throughput between two 1410 Bridges setup for point-to-point connectivity.
  We have setup this in one of our Client sites.
  Awaiting your reply.
  Thanks in advance!
  Regards
  Unni Kannan
  Systems Engineer

  Bandwitdh testing is usually done with Iperf with an iperf PC standing at each side of the bridge.
  I'm not sure what you mean with "address on the security configuration" though ...

• WS-C2960S-24TS-S and WS-C2960S-24TS-S Basic Security configuration.

  Greeting's, I would like to start by apologizing. I have absolutely no knowledge in switch security management but I've been tasked with it given the shortage of personnel. I have a WS-C2960S-24TS-S and a WS-C2960S-24TS-S switch that needs to be securely configured. I've done the basic  of upgrading the firmware to the latest. Given my lack of any experience whatsoever, please include complete procedures (hand holding, I'm sorry).
  I wanted step-by-step guidance of:
  1. Locking down ports by MAC address.
  2. DDoS protection.
  3. Lock down login from all but 1 IP and only allow browser based SSL login. No TELNET, SSH or other method.
  4. Shutting down any services on the switch.
  5. Shutting down password recovery.
  Any other recommended security steps to secure the switch.
  Thanking in advance,
  Parth

  Hi Parth,
  I'm not sure if you got this figured out or not but a lot of the stuff you need can be found here: Cisco Guide to Harden Cisco IOS Devices
  Regarding the "locking down ports by MAC address", you should think about Port-security.

• Inconsistent Security Configuration - SSL

   

  The problem appears to be that the version of WLS your using is only for
  export, not domestic.
  You should contact your account rep to discuss how to obtain a domestic
  strenght kit
  Paul Patrick
  "Waldemar Thiel" <[email protected]> wrote in message
  news:[email protected]..
  Hi all
  I've got certificate for my server (WBL 5.1) and ...
  <Security> 1 certificate(s): fingerprint = b566b9920c64eb6f55d2e... -that is
  ok.
  <Security> WARNING: Exportable (weak) WebLogic Server build running and
  domestic (full) strength SSL license detected. Only exportable strengthSSL
  connections will be accepted.
  <SSLListenThread> Inconsistent Security Configuration,java.lang.Exception:
  Using a domestic (full) strength certificate with an exportable (weak)
  strength WebLogic Server build.
  <Security> Not listening for SSL: java.io.IOException: InconsistentSecurity
  Configuration, java.lang.Exception: Using a domestic (full) strength
  certificate with an exportable (weak) strength WebLogic Server build.
  What to do ? Thanks for any help.
  Waldemar Thiel
  PS. my key is 1024 length... and CA is thawte

• Network security: Configure encryption types allowed for Kerberos-Windows 2008

  If below setting has been enabled in domain policy on Windows 2008 R2 DC ; what is the effect on Windows 2008 Member server . that seeting is not present in Windows 2008.
  Network security: Configure encryption types allowed for Kerberos:
  Please advice & if possible please provide more info.
  AliahMurfy

  Hi,
  I found some related information is some type of the encrypt not supported on the server 2008, such as AES128_HMAC_SHA1.
  More detail information please refer the following KB:
  Network security: Configure encryption types allowed for Kerberos
  http://technet.microsoft.com/en-us/library/jj852180(v=ws.10).aspx
  Hope this helps.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• CCP v2.5 running with Enhanced Security Configuration?

  I understand that Cisco Configuration Professional v2.5 does not officially support Windows Server 2003, but does anyone have CCP v2.5 running successfully on Windows Server 2003 and Internet Explorer 6, specifically with Internet Explorer Enhanced Security Configuration installed/running? My specific challenge is to get it running in this environment:
  Windows Server 2003 Standard Edition SP2 (5.2.3790)
  Internet Explorer 6.0.3790.3959
  Java 1.6.0_29-b11
  Adobe Flash Player (ActiveX Version): 10.3.183.10
  Internet Explorer Enhanced Security Configuration Enabled
  I have it running as the local administrator, but I'm unable to get it to start as a domain administrator. The software begins the startup process, but hangs immediately after displaying "Checking system...", and the Enhanced Security Configuration warning shows up. The software works with Enhanced Security Configuration turned off, so it must be something with the IE security settings?
  RH

  Hi,
  Based on my research, if you turn off the IE ESC, you can change the Internet Zone in Internet option.
  In addition, if you want to disable IE ESC on a single computer, you can do that in the Server manager. However, if you want to disable it on multiple servers, you
  need to use a PowerShell script or Group Policy to achieve that.
  For more detailed information, please refer to the similar thread and a third-party article below:
  can't disable internet explorer enhanced security configuration on Server 2008 R2
  http://social.technet.microsoft.com/Forums/en-US/fccb7da5-f61b-4c94-be60-490660ae4789/cant-disable-internet-explorer-enhanced-security-configuration-on-server-2008-r2?forum=winservergen
  Four
  ways to disable Internet Explorer Enhanced Security Configuration (IE ESC)
  http://4sysops.com/archives/four-ways-to-disable-internet-explorer-enhanced-security-configuration-ie-esc/
  Best regards,
  Susie
  Hi, Susie.
  Thanks for the pointer. I tried lowering all the zone settings to the minimum using gpedit.msc. No luck. This is another one of those annoying (at least to me) Windows Server situations when something that is supposed to work needs some kind of secret incantation
  that isn't documented and/or can't be easily found to make it work.

• Secure Configuration Guide for Lion?

  Is Apple going to release a secure configuration guide for Apple, as it has for its past OS X operating systems?  It doesn't yet exist on the Secure Configuration Guide page on Apple's site.

  i'm also interested in reading this document.
  i posted the same question before reading your post.
  https://discussions.apple.com/message/19256352#19256352

• SCC Security Configuration (Application Connection)

  Hi,
  while creating a new application connection, one has to choose which kind of security configuration you should take. Per default you can choose "basic" and "admin". Is there any "best practice" for security settings on production systems? The only information I found is not to use "basic" on production systems...
  How to configure the security setting for application connections?
  Thanks, Chris

  You should not use the default security profiles in production environment. Given below is the available built in securities you can configure for your app.
  http://infocenter.sybase.com/help/index.jsp?topic=/com.sybase.infocenter.dc01703.0213/doc/html/aba1253113891962.html
  Midhun VP