Show/Search Users from specific organization in OIM

Similar Messages

• SCCM 2012 Report that shows the users with specific software installed

  Hi,
  Is there a report in SCCM 2012 that shows the users with specific software installed? The report should show username, machine name and the software name. I am looking for a report that shows the users with the following softwares installed:
  1. Adobe(all versions)
  2. Photoshop(all versions)
  3. MS Project(all versions)
  4. MS Vision(all versions)
  Regards, Lorin Davis

  Take a look at the Asset Intelligence reports in the software section. You may get a list of computers with a product installed, and you might have to use that list to find the primary users based on user device affinity.

• Oracle User From Specific Machine

  Hi,
  Looking to prevent the client from using specific oracle user account (MANAGER)
  But From the Application X that we install in his machien it is internally
  calling this user account
  How can we prevent using this user account in this client mahchine for any other connection of any other applications sql plus visual basic reports ....etc
  While we need it only fro the application X
  Regards
  HSBDBA

  Arup, your solution will not work. Re-read the OP. The user logs in from the same terminal via an application that uses the ID in question hence sometimes the IP is allowed and sometimes it should not be allowed to sign on.
  The goal is to prevent the user from using the ID with any tool other than the application.
  Solutions
  1- Code the Id and Password in the application so the user does not know it
  2- Check the contents of v$session.program when the user runs the application. If it also shows the application and the application does not use SQLPlus or other tools as part of itself then use a database event after logon trigger to check the program being ran. The v$session.program column is not always populated depending on the client version is use.
  HTH -- Mark D Powell --

• How to prevent Mac OS X's Finder not to show search results from other accounts?

  Hello.
  How do I have Mac OS X 10.8.3 not show searched file results, on Mac, from other accounts with a standard account? I noticed a standard account found files (test.txt in an admin account in a standard account) and can open them! :O
  Thank you in advance.

  Barney-15E wrote:
  If I'm reading your path correctly, it is because you created the folder at the root of your Home directory.
  As I stated above, all users can read your home directory, in order to see into the Sites and Public folders.
  Other users, including Admin users, cannot see into the default folders in the Home folder, except Sites and Public.
  When you create a folder at the root of your home folder, it inherits the permissions of the parent folder, which allows everyone to read that folder.
  If you create a folder at the root of your home, you have to set the permissions on it to prevent others from being able to read it.
  To do so, Get Info on the folder and unlock the padlock on the Sharing and Permissions section.
  Make sure you are the owner of the folder. Select your name from the list, or add it if it is not. Then, click on the gear button and if it is available, select "Make username the owner." If it is not available, you are already the owner. Also make sure you have Read & Write access. Then, select the staff group and delete it. Then, select everyone and set to No access. Then, select Apply to Enclosed from the gear menu.
  To avoid all of this, make your folders inside the default folders (Documents, Pictures, Music, etc.), or one you've already change the permissions on. The Sites and Public folders are visible to all.
  Interesting. I didn't want to use Apple's default folders. I want to make my own. I tried chmod -R 700 on my account and that seems to work. Is that enough? I don't see Staff anymore through Get Info.

• Block Users from specific Warehouses

  Hi,
  Can anyone tell me if it is possible to prevent specific users from transacting out of certain warehouses only?
  I know this can be done with a customized approval procedure, however the client would like this to be blocked comepletely wihtout anyone having to approve the document
  Please assist...
  Kind Regards
  Grant

  Hi Friend,
  I'm afraid there is no method here we can link or block certain users to certain WHs.
  That is why the approval procedure is used as a possible workaround.
  If the customer wants this work as you've mentioned, you have to develop your own SDK code to justify the user's permission.
  Kind Regards,
  Dani Zhao
  SAP Business One Forums Team

• How can HelpDesk manage users in multiple Organizations in OIM R2

  Hi All,
  I looking to satisfy a requirement for OIM 11g R2 where a helpdesk administrator can only manage users that belong to a particular institution. However, there are approximately 50% of users that belong to more than one institution, where helpdesk staff from each institution should be able to manage the user. Customer is currently
  doing this in Waveset by assigning users to orgs dynamically through rules which allows multiple virtual orgs. OIM unfortunately has no way to assign a user to multiple orgs, making OOTB authorization management very difficult.
  How can a administrators from different org manage same User. If that user belongs to different org?
  How to achieve this in OIM R2?
  Thanks
  Akshat

  Hi Adr,
  I know the OIM Authorization is around the Organization, and a user can present in only one org in OIM.
  I wanted to know, can we force the authorization based on Department/Institutions rather than Org. I am thinking in reagards of OES Authorization policies.
  OIM unfortunately has no way to assign a user to multiple orgs, making OOTB authorization management slightly difficult.
  I am looking to determine the best approach to accommodate this requirement. Due to the high number of users that reside within multiple institutions, leveraging organizations will not work. Asa far i know OES APM should be able to accommodate this, but could not find any solid guidance in the Oracle training or Oracle by Example documentation.
  Any thoughts?
  -Ak

• LR keyword search (coming from PSE Organizer 9)

  I am using LR 4.1 RC2.  This morning using LR I upgraded my PSE Organizer 9 catalog.  It has about 50k photos with keywords and star ratings.  It seems like the upgrade worked because I can now see all my photos in LR and they have the keywords and star ratings.  Hurray!  I am having some trouble  figuring out how to do keyword searches in LR though so I hope someone can help.
  In Organizer there are several ways to do keyword searchs:
  1.  Use the Keyword Tags panel and click on one or multiple keywords.  Organizer will then display only the photos that have all of the keywords, i.e., it uses AND.  This is very easy and is great for finding things very quickly when using one or more keywords.
  2.  Use Find > By Details (Metadata) which allows searching by multiple keywords and the choice of AND or OR.  You can also combine the keyword search with other metadata so that, for example, you can find all Bird photos taken in Florida using a Canon 7D + 100-400mm at ISO 400 in April 2011 that have 3 or more stars.  I use this option to search fairly often.
  3.  Use the Search bar and type in search expressions using NOT, AND, and OR.  I occasionally use this for complicated searches that #2 can't handle.  This is a pain in the butt to use since you must type everything out, but when #1 or #2 can't do it (which is rare) it is great to have this option too.
  Several months ago I read on the PSE forum a thread about using Organizer and an Adobe developer recommended upgrading to LR since it was more flexible and meant for professionals and serious amateurs.  Therefore even though I have read the LR help info and can't find how to do sophisticated searches I am sure it is possible and I just haven't found it yet.  Here is what I have found so far:
  1.  Use the Keyword List panel where I can select only one keyword.
  2.  Use the Library Filter bar where I can do a ctrl-click on multiple keywords, but this results in an OR instead of AND.  In other words, if I click on Birds and then ctrl-click on Florida I get all bird photos and all Florida photos (the union, not the intersection).  This is probably almost never what a person wants.
  I hope someone can tell me or point me to documentation so that I can at least do as much as the amateur Organizer can do.  Thank you!

  John, thanks for the reply.  Yes, I am discovering that the amateur Organizer has much better searching capability than the professional Lightroom. I have already mentioned in my post the flexibility and power and Organizer is not even as good as some other programs.  I had spent time investigating LR, but mostly raw conversion and non-destructive editing.  I had, I think naturally, assumed that LR's database functions would be at least as good as the cheap Organizer.  I never dreamt that they would not be as good or as easy to use.  I sometimes wonder what happens in corporations when they seem to forget their own past and come out with new stuff that is a step or two backwards compared to their older, lower end stuff.  Oh well.
  Thank you very much for the tip about having more than one instance of keywords in the filter bar.  That helps.
  After I posted I discovered using Smart Collections and that helps a bit too.  It is sort of a cutdown, less user friendly version of the Find By Details (Metadata) function in Organizer.  It also means that for just a one time search I would have to create a smart collection and then delete it.  What's with that, I wonder?  Of course, if you often want to do that same search then it is good (Organizer allows you to save the search too), but most of the time I just do it one time.  Oh well.
  I looked at the Any Tag plugin and also the Any Filter plugin (same website) and I might download them to try out.
  What I would like for Adobe to do is have their LR developers (probably a more prestigious development team in the company) talk to their Organizer developers (maybe a less prestigious development team) so that the LR developers can learn a bit about this.  Yes, I have been a software developer for many years so I do understand a bit about development organizations.  LR and PS are standard bearing products so their teams probably are held in higher esteem.  Time to be humble and talk to other people though, IMO.
  If any LR developers happen to read this then please know that I mean no offense.  But, please, at least, take a look at Organizer and see if you can come up with something simpler that requires less typing of multiple long keywords and more powerful searching using various types of metadata.  I am not saying Organizer is the best out there, but it is much better than LR in this case.

• How to get users from Organizational Unit and with worker's subgroup

  Hi
  I am looking for a f. module to get the list of users from specific Organizational Unit and with specific worker's subgroup.
  I found f. module SWI_GET_USERS_OF_ORG_UNIT but it seems not working and only returns the users, how can I narrow the selection to get only from specific worker's subgroup?
  Thank you

  Hi,
  Try with FM RH_STRUC_GET with following parameters:
  ACT_OTYPE = O
  ACT_OBJID = worker's subgroup
  ACT_WEGID = SBESX
  Most important is to specify OBJID as the workers's subgroup, values for the others parameters may vary.
  Cheers.

• Get OSX to retrieve users from a specific AD OU.

  Hi All,
  I work in a school with OSX and AD, two campuses (Secondary and Junior). On the Secondary campus we run the 'Golden Triangle' pretty well, but we just present a login box for users. On our Junior campus we run OSX as it's own directory master, with the WGM preference showing a list of names of network users.
  Now while I can quite easily point our Junior school OSX server to our AD and get all the users showing in a list, we don't need to have all the Secondary school users showing in the Junior school list.
  Is there a way to only show network users from a specific AD OU in the list of network users when we bind our OD to AD?
  Thanks,
  Dustin

  There are a number of ways to accomplish this, but AFAIK none of them is straightforward like writing a script to accomplish the task.
  This could be accomplished quite readily with the Essbase API.
  Unfortunately, when Maxl outputs tabular data such as what comes out after DISPLAY SESSION ALL; - it comes out as all one big string with lots of spaces.
  So to parse that output you would need to use a language that can tokenize the text into a collection and parse that for the users.
  Then you need to do the same sort of thing after running DISPLAY USER IN GROUP ALL; (or instead of all, use a specific group name);
  Then run ALTER SYSTEM LOGOUT SESSION BY USER <parsed_username>;
  What would be ideal (hello Oracle... <wink> ) is a MAXL command ALTER SYSTEM LOGOUT SESSION BY GROUP <GroupName>;
  The way I would approach this would be to write a little utility that does exaclty what you seek:
  - Scan the current session periodically (say, once every 5 mins)
  - for each user that belongs to group(s) <group>(<group>...)
  - if user has an open query running longer than n minutes, kill the user request.
  This way you're not kicking people, your just taking back resources. Of course you can be more aggressive and code it to kick the user by forcefully ending (invalidating) his session too.
  I can give you a hand with this offline if you want.
  Robb

• OIM 11GR2 UNIX Connector Reconcile users from UNIX inquiry

  Good Day!
  I would like to ask whether there is a way in OIM that when I reconcile all new users from my UNIX server, OIM will also create the resource which this user is provisioned upon?
  Here is my scenario:
  1.) Freshly installed OIM 11GR2.
  2.) Installed UNIX connector on OIM 11GR2.
  3.) Configured UNIX TRUSTED Resource
  4.) Reconciled all the UNIX users into OIM. (New users are created since my OIM doesn't have any user)
  5.) The problem is when the new users are now created in OIM, they don't have entitlements or accounts linked to the UNIX server which they have been pulled upon.
  I would like to ask whether I need to configure something to have the entitlements/accounts linking possible?
  If not, what are the ways I can achieve this?
  The only way I can think of is have the UNIX users be created in a flat file first then load via GTC then have reconciliation to have OIM to link these users to UNIX which I believe should be able to do the scenario I am asking upon.
  Thanks in advance!
  Regards,
  Jeff

  By the way, checking target resource recon by default will not create new users when OIM is not able to establish a link.
  In my case, OIM doesn't have any users since this is a fresh install hence even running target resource at start will won't create the new users in OIM right?
  based from this:
  "You configure application (AD, OID, OVD, HR) etc in Target Resource Mode if that OIM is source of truth for user provisioning (All users are created in OIM and OIM then provision accounts in Application. Any changes in Application are reconciled back to OIM)."

• SharePoint 2010 Central Admin to add users from AD from specific Department

  Dear All,
  I am working on SharePoint Foundation 2010. I have to add users from specific department to a particular site collection.
  Please let me know if there is a way to import users from Active Directory based on the 'Department' filed in
  SPCA.
  Thanks.

  Is that okay if I share the PowerShell code? Do you have access to Active Directory and can you query information?
  Refer this Link
  Code
  # set site collection owner for all sites...
  # 1-2012
  Add-PSSnapin Microsoft.SharePoint.PowerShell
  # $AccountList is an array of Windows Identities in the format of $AccountList = @("DOMAIN\USERID" , "DOMAIN\USERID2")
  $accountList = @(Get-ADUser -Filter {(Department -like '*Ur Needs*')})
  #$AccountList = @("LAB\Jack", "Lab\tom", "Lab\dick", "lab\harry")
  #this gets an array of objects representing the sites at the IIS level:
  $IISSites = Get-SPWebApplication
  Foreach($oneIISSite in $IISSites)
  #using .Sites, we can get a list of the site collections
  foreach ($SharepointSiteCollection in $oneIISSite.Sites)
  write-host $SharepointSiteCollection.url -ForegroundColor Cyan
  $spweb = Get-SPWeb $SharepointSiteCollection.url
  #now we have the website, so lets look at each account in our array
  foreach ($Account in $AccountList.samaccountname)
  #lets see if the user already exists
  Write-host "Looking to see if User " $account " is a member on " $SharepointSiteCollection.url -foregroundcolor Blue
  $user = Get-SPUSER -identity $Account -web $SharepointSiteCollection.url -ErrorAction SilentlyContinue #This will throw an error if the user does not exist
  if ($user -eq $null)
  #if the user did NOT exist, then we will add them here.
  $SPWeb.ALLUsers.ADD($Account, "", "", "Added by AdminScript")
  $user = Get-SPUSER -identity $Account -web $SharepointSiteCollection.url
  Write-host "Added user $Account to URL $SPWeb.URL" -Foregroundcolor Magenta
  else
  Write-host "user $Account was already in URL " $SPWeb.URL -Foregroundcolor DarkGreen
  if ($user.IsSiteAdmin -ne $true)
  $user.IsSiteAdmin = $true
  $user.Update()
  Write-host "$account has been made an admin on $SPWeb.URL" -Foregroundcolor Magenta
  else
  Write-host "$account was already an admin on $SPWeb.URL" -Foregroundcolor DarkGreen
  $SharePointSiteCollection.Dispose()
  Note:
  First uncomment the second $accountlist add the user manually to test
  If you have AD module installed in your SP server you can use
  $accountList = @(Get-ADUser -Filter {(Department -like '*Ur Needs*')})
  Regards Chen V [MCTS SharePoint 2010]

• Search Users in RACF

  Hi All,
  I am trying to search user from RACF who has a particular racfConnectGroupName. But I am getting LDAP: error Code 53 - R000128 Filter 'racfConnectGroupName=something' is not supported. While I am able to search on the basis of another attribute like racfid.
  Is there any restriction for this particular attribute? If so, is there any other way to meet this requirement?
  Regards,
  Gaurav

  Thanks for the response. I tried your suggested solution but it did not work because I do not see any such attribute in group profile.
  Regards,
  Gaurav

• Remove SP User from SharePoint subsite

  Hello All,
  I am trying to remove a user account form all sub sites except few.
  I am making use of following command.
  Remove-SPUser "Contoso\jdoe" -web http://webapp/sites/site1/web1/
   But this command is removing the user from all the sub sites including the site collection.
  Can anybody please help to delete the user from specific subsite only.
  Thanks & Regards
  MD Liakath Ali
  MD.Liakath ali

  Hi,
  You can try to delete user from specific SharePoint group at sub site level using Power shell script as below .
  #Remove
  user from SP Group
      $theGroup.RemoveUser($theUser);
  Fine
  more details on below blog
  http://markimarta.com/sharepoint/add-remove-user-to-sharepoint-groups-with-powershell/
  Regards
  Soni
  K

• Org Tech Admin can add user from other org?

  We are currently on a trial run with CIAC, and I am testing User Management with a Organization Tech Admin account (OTA).
  To my suprise, when adding user and select "existing user", I can see every account currently on Cloud Portal, and even successfully add user from other organization to my orgnization.
  Is there anyway so that OTA can see only the users in their own organization?

  I've been able to remove the admin role from a site administrator with an OTA.
  I know there are issues when you log with an user then logout and relog with another user, CIAC considers that you are still the previous user (I've encountered the issue several times in portlets in the nsapi requests). I don't know if/how those issues are related, but I'd say that logout/login issue were an user has the same rights than the previous users should be fixed.
  Changing OTA rights will not change that particular issue.
  For the moment, what we've done is create our own servlet for requests to the sql DB, and our own roles for most services.
  Let's see what v4 has in store for us.

• Search of a specific User in Outlook 2010 show different syntax

  Hi
  when I search for a specific user under sent items in outlook 2010 it shows for e.g. max mustermann in different ways
  Max Musterman
  'Max Mustermann'
   [email protected]
  In my personal contact there is no contact like this. Any reason why it show this person in a different look?

  Hi Matthew,
  login to the outlook web access using the browser and try to search, if you are not able to find it may due to cache in the outlook
  Try to remove the Exchange cached mode and perform the action again
  Reconfigure your outlook and verify it
  Exchange Queries