[Solved] Propagating users from ADF App to DB for VPD, Attn Frank

Similar Messages

• ERROR: Invoking BPEL PROCESS FROM ADF APP

  hi guys ,
  I have made a simple bpel process with invokes a webservice (This service only gets a string and returns the string).
  I have tested this bpel process and web service it works fine. when tested with bpel console.
  I copied the wsdl of bpel and created the datacontrol.
  the problem is that when i hit start the process from ADF App. it raises the error
  Sep 7, 2009 1:24:49 PM oracle.wsm.common.logging.WsmMessageLogger logSevere
  SEVERE: Failure in looking up EJB component PolicyAccessService#oracle.wsm.policymanager.ejb.IStringPolicyAccessServiceRemote.
  Sep 7, 2009 1:24:49 PM oracle.wsm.common.logging.WsmMessageLogger logSevere
  SEVERE: Failure in looking up EJB component PolicyAccessService#oracle.wsm.policymanager.ejb.IStringPolicyAccessServiceRemote.
  Sep 7, 2009 1:24:49 PM oracle.adf.model.connection.webservice.impl.WebServiceConnectionMessages debugExecuteFailure
  SEVERE: Failed to execute a SAAJ interaction.
  javax.xml.ws.WebServiceException: oracle.fabric.common.PolicyEnforcementException
       at oracle.j2ee.ws.client.jaxws.DispatchImpl.invoke(DispatchImpl.java:741)
       at oracle.j2ee.ws.client.jaxws.OracleDispatchImpl.synchronousInvocationWithRetry(OracleDispatchImpl.java:226)
       at oracle.j2ee.ws.client.jaxws.OracleDispatchImpl.invoke(OracleDispatchImpl.java:97)
       at oracle.adf.model.connection.webservice.impl.SaajInteractionImpl.execute(SaajInteractionImpl.java:87)
       at oracle.adfinternal.model.adapter.webservice.provider.soap.SOAPProvider.execute(SOAPProvider.java:323)
       at oracle.adfinternal.model.adapter.webservice.WSDataControl.invokeOperation(WSDataControl.java:251)
       at oracle.adf.model.bean.DCBeanDataControl.invokeMethod(DCBeanDataControl.java:427)
       at oracle.adf.model.binding.DCInvokeMethod.callMethod(DCInvokeMethod.java:256)
       at oracle.jbo.uicli.binding.JUCtrlActionBinding.doIt(JUCtrlActionBinding.java:1437)
       at oracle.adf.model.binding.DCDataControl.invokeOperation(DCDataControl.java:2120)
       at oracle.adf.model.bean.DCBeanDataControl.invokeOperation(DCBeanDataControl.java:464)
       at oracle.adf.model.adapter.AdapterDCService.invokeOperation(AdapterDCService.java:307)
       at oracle.jbo.uicli.binding.JUCtrlActionBinding.invoke(JUCtrlActionBinding.java:693)
       at oracle.adf.controller.v2.lifecycle.PageLifecycleImpl.executeEvent(PageLifecycleImpl.java:394)
       at oracle.adfinternal.view.faces.model.binding.FacesCtrlActionBinding._execute(FacesCtrlActionBinding.java:217)
       at oracle.adfinternal.view.faces.model.binding.FacesCtrlActionBinding.execute(FacesCtrlActionBinding.java:176)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at com.sun.el.parser.AstValue.invoke(AstValue.java:157)
       at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:283)
       at org.apache.myfaces.trinidadinternal.taglib.util.MethodExpressionMethodBinding.invoke(MethodExpressionMethodBinding.java:53)
       at org.apache.myfaces.trinidad.component.UIXComponentBase.broadcastToMethodBinding(UIXComponentBase.java:1245)
       at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:183)
       at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:475)
       at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:756)
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._invokeApplication(LifecycleImpl.java:673)
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:273)
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:165)
       at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
       at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:191)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:85)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420)
       at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:54)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:247)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:157)
       at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.security.jps.wls.JpsWlsFilter$1.run(JpsWlsFilter.java:96)
       at java.security.AccessController.doPrivileged(Native Method)
       at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
       at oracle.security.jps.wls.util.JpsWlsUtil.runJaasMode(JpsWlsUtil.java:146)
       at oracle.security.jps.wls.JpsWlsFilter.doFilter(JpsWlsFilter.java:140)
       at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:70)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:202)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3588)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
       at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2200)
       at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2106)
       at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1428)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  Caused by: oracle.fabric.common.PolicyEnforcementException
       at oracle.integration.platform.common.InterceptorChainImpl.createPolicyEnforcementException(InterceptorChainImpl.java:161)
       at oracle.integration.platform.common.InterceptorChainImpl.processRequest(InterceptorChainImpl.java:97)
       at oracle.integration.platform.common.mgmt.InterceptorChainManager.processRequest(InterceptorChainManager.java:216)
       at oracle.j2ee.ws.client.mgmt.runtime.SuperClientInterceptorPipeline.handleRequest(SuperClientInterceptorPipeline.java:96)
       at oracle.j2ee.ws.client.jaxws.DispatchImpl.handleRequest(DispatchImpl.java:524)
       at oracle.j2ee.ws.client.jaxws.DispatchImpl.handleRequest(DispatchImpl.java:508)
       at oracle.j2ee.ws.client.jaxws.DispatchImpl.invoke(DispatchImpl.java:693)
       ... 64 more
  Caused by: java.lang.NullPointerException
       at oracle.j2ee.ws.rm.interceptor.WSRMClientInterceptor.processRequest(WSRMClientInterceptor.java:169)
       at oracle.integration.platform.common.InterceptorChainImpl.processRequest(InterceptorChainImpl.java:89)
       ... 69 more
  <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="http://xmlns.oracle.com/SOAApp1/Project1/BPELProcess1"><env:Header/><env:Body><ns1:process><ns1:input>Shakeel Anjum</ns1:input></ns1:process></env:Body></env:Envelope>
  Kindly help
  Regards,
  Tariq

  Hi,
    Check if your wsdl endpoint can accessed properly. If yes, check the soap-binding address is properly pointing to the server hosting the webservice.
  Regards,
  Harikiran.

• I recently purchased, from the APP store, Lion for use on my MacBook Pro.  I wish to upgrade my IMac to Lion also.  Do I need to make a 2nd purchase or will the single purchase suffice?  If the single purchase will suffice, how do I facilitate ?

  I recently purchased, from the APP store, Lion for use on my MacBook Pro.  To upgrade my IMac to Lion, need I make an additional purchase?  If not, how do I facilitate the IMac upgrade?

  No, you do not need to re purchase Lion. You can re download Lion on all your authorized Macs using the same Apple ID.
  How to re download apps from the Mac App Store:
  Open the App Store. From the menu bar click Store > Sign In
  Click Purchases from the top of the App Store window.
  Select which apps you want to re download. Then right or control click where you see Installed  then click Install.

• HT204088 how to I find out the most recent deductions to my account from the app store (say, for a recent download for additional functionality on a iPad game)

  How to I find out the most recent deductions to my account from the app store (say, for a recent download for additional functionality on a iPad game). Much as I try, I can't seem to get to see my account in enough detail to see what I have spent downloading apps to the ipad.

  You need to punch in the passcode for any purchase right, not just for new apps??
  If one of the other students, or anyone else, got access to your iTunes Store account, necessary to make any purchases, then they'd have all the information they'd need to also make in-app purchases. But an in-app purchase can only be made through the account through which the original app was purchased. Either your son bought the game (free or paid) and then shared it with someone else along with the account information (necessary to authorize the app on someone else's device), or someone else downloaded the game as well, not just made in-app purchases.
  In any case, changing your iTunes Store password should now have cut off any such unauthorized activity, though of course if your son gives the new password out, you'll be back to square one.
  Regards.

• Aperture purchased from the App Store asking for Serial Number?

  Aperture purchased from the App Store asking for Serial Number?
  Has anyone seen this? I just updated the app and now I can't get in.
  I don't understand.

  First thing to try is delete the app. Open the Mac App Store and the status in the Purchases section should update to "Install". Click to download the full app rather than an update.

• Not allowed to download apps not from Mac App Store--needed for my college genetics home work (mit.edu/star/genetics)

  Daughters is trying to do genetics homework using required website: www.mit.edu/star/genetics. Unable to load page after hitting "start" alert says "Security does not allow downloading subject not downloaded from Mac App store. Using Mac desktop utilizing OSX Yosemite. Have tried on both this desktop and MacBook Air. Same response each time. Thank you for your help.

  Hello,
  This question is probably better suited to an Apple Forum:
  * https://discussions.apple.com/welcome
  * (doubt you'll find anything here, but just in case there is something useful) https://www.apple.com/support/
  Note your user agent shows an extremely outdated version of Firefox. See:
  * https://www.mozilla.org/security/known-vulnerabilities/firefox/
  Please update by following this article:
  * [[Update Firefox to the latest version]]

• Can you authenticate users from 2 different AAA-servers for one specific tunnel-group?

  I need to authenticate users from two separate AD LDAP databases on the same tunnel-group. I would like them to use the same tunnel-group and thereby using the  same group-alias. I tried creating a new aaa-server group and putting both LDAP servers into group but apparently the ASA does not roll through the separate servers in the aaa-server group and will stop if the first server states that the authentication failed.
  I also tried assigning multiple aaa-server groups into the tunnel-group authentication-server-group but that also did not work. I finally tried to create a separate tunnel-group and assigning it the same group-alias but the ASA will not allow me to assign the same group-alias to different tunnel-group. What is the best way to accomplish this without having to create a new group-alias that will show up and possible confuse the dumb users requiring this access? Please help.

  If you don't want ANY drop down I believe you can do it in a kludgy sort of way.
  Eliminate all the group aliases (which are used to populate the dropdown) and make a local database of the users for the sole purpose of assigning / restricting them to a non-default tunnel-group which authenticates to the secondary LDAP server. 
  You can also send out a non-published URL that points to a second tunnel-group not in the dropdown.
  Of course, we can accomplish this if the AAA server is ISE. ISE 1.3 can authenticate users to multiple AD domains (with or without trust relationships) or a single domain with multiple join points in the Forest.
  The ISE answer makes me wonder - could you establish trust between the domains and authenticate users that way?

• Limiting user from installing apps eventhough they have CC Complete Licence

  Hi Guys,
  I'm wondering if anyone have any idea how to do this. Basically we have CC for teams subscription with CC Complete licences. However we don't want the invited users to install anything they want within CC Complete.
  I know that I can create custom packages according to what the user required for their work, but my understanding is the user would still be able to go to Adobe Website and download other software outside their package and activate it.
  Is there a way to stop them from doing that? Thanks heaps.

  Hi there, I suggest uninstalling again. Then running the Cleaner Tool: http://www.adobe.com/support/contact/cscleanertool.html
  Once you have finished this, please install the CC desktop app at creative.adobe.com Then you will be able to download your apps properly.
  Please let me know if this works.
  Thanks,
  Madison

• From 3D apps to AE for 2D & 2.5D Motion Graphics...???

  A word of warning for those of you coming from mainstream 3D apps to AE under the misconception that it's the default and best choice for 2D motion graphics.
  AE is a compositing app onto which some functionality for doing rudimentary animation has been added, but it's all tacked on, and it feels that way. And there's great big holes in its capabilities as an animation creativity space.
  Most of its user base and adherents aren't even aware of its limitations in comparison to the features and functionality of 3D apps. Consequently they will automatically rebuke any negatively phrased questions about AE's abilities and immediately suggest trite work-arounds that fail to consider the deeper potential relationships inherent to entities created within 3D apps.
  After Effects is not good at 2D animation in the ways that you're familiar with it being possible, at all. It's arguably not even really suited to 2D Motion Graphics, that folks coming to it without ever having used 3D apps are playing within a constrained space and should be deeply congratulated for the way they've worked around its inherent limitations to create what they have.
  You're better off hightailing it back to your favourite 3D app and figuring out how to make a flat lighting rig, and materials and models in an ideal orthographic camera setup... far better than fighting with the inabilities of After Effects.
  After Effects was fundamentally designed as a compositing tool for video, and has become the default choice for motion graphics "artists" who know no better. They're using more work-arounds, fudges and trickery than you could ever imagine necessary to get their desired results... when they stray outside of what AE can do "natively".
  Their trickery is that most of them stay within the lines, so to speak, and make some incredible works in which we of the 3D realm don't necessarily instantly see how they've artificially constrained their creativity to the limitations of the tool they're using. But, given enough time, you'll start to bump into those limitations and constraints within AE, and begin to feel that irrepressible urge to bang your head against a wall because you'll initially make the same mistake I did... which is to think that you're failing to find how to do something, not that it can't be done in AE with the kinds of connectivity you're accustomed to.
  But, more often than not, those things that you've come to rely on in 3D apps for consistency, accuracy and legitimate relationship management between entities in your projects, they simply don't exist in AE's way of thinking.
  If you have a choice, use 3D apps to do 2D. And thank me later.
  AE could be a great product for Motion Graphics, but it first needs to consider the humble Vertex to be a first class citizen. Consider that it's not, and you're at the first part of avoiding AE and running back to those 3D hills.

  As a heavy C4D user, I would disagree with this gentleman's (or gentlewoman's) characterization of After Effects. After Effects has a very different way of working, yes. There are things that are better done in a 3d program (like C4D), yes.
  However, After Effects is a very powerful tool for motion graphics and, once you learn how to work with it, you can do things that you can't do in 3d software. (Or would take a really long time to do.) The key here is that you have to learn to work with it. Just like when you start out learning 3d, it takes a while - the same is true here. It's a very different way of working. But so is Photoshop compared to Cinema 4d. They are very different tools with very different ways of working.
  For example, glitch effects. You can't do those in 3d software.
  Or try this exercise:
  Type some text in AE
  Create a solid with the Fractal Noise effect applied
  Precompose this solid (making sure you choose to move all attributes into the precomp)
  Turn visibility for this layer off
  On your text layer, apply the Compound Blur effect and the Displacement Map effect
  For both effects choose your Fractal Noise precomp as the map to use
  Animate up the displacement values and the blur values
  Learn how to use each program and then use each program for what it was designed to do and you'll have a great time.
  Don't take the time to learn it, and be frustrated.

• Lion from the app store asking for random login details!

  Hi i have a 2011 Mac Air 11"
  Today i did a reinstall of osx lion. I erased the disk and connected the internet to reinstall, everything went fine no problems but when i went to the Mac App Store in the Purchased section, it showed Lion there with "UPDATE" instead of installed. When i click update its saying i need to sign in with some ramdom login details not my own! I thought when that happened it means its a cracked app isn`t it? How can that be?
  My Mac came with lion on it, i also bought another copy of Lion in my account.
  Anyone have any ideas? should i contact Apple?
  thanks
  Kaato.

  Click View Hidden Purchases in the Account Information window. You need to sign in first.
  My Mac came with lion on it, i also bought another copy of Lion in my account.
  Exactly which version of Lion do you currently have installed? Click your Apple menu icon top left in your scren. From the drop down menu click About This Mac.
  Message edited by CS

• Multiple Apps using same security system -  Attn: Frank

  Hi Frank:
  Based on what you suggested for a scenario with different apps/databases using one "application_users", "application_roles" tables and one "system-jazn-data.xml" file, does the following setup sound right?
  (1) APPLICATION_ROLES table
  Add an additional column "APPLICATION_REALM". This will have "app_one_realm", "app_two_realm" etc.
  (2) System_jazn_data.xml
  <application>
  <name>current-workspace-app_one</name> (***App One wrkspace****)
  <login-modules>
  <login-module>
  <class>oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule</class>
  <control-flag>optional</control-flag>
  <options>
       <option>
       <name>data_source_name</name>
       <value>jdbc/BDTestDS_App_One</value> (***Points to connection for App One. Does this sound right?****)
  </option>
  <option>
  <option>
  <name>realm_column</name> (***is this correct?**)
  <value>application_realm</value> (**Is this correct?***)
  </option>
  </options>
  </login-module>
  </login-modules>
  </application>
  <application>
  <name>current-workspace-app_two</name> (****App Two wrkspace. Make sense*** )
  <login-modules>
  <login-module>
  <class>oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule</class>
  <control-flag>optional</control-flag>
  <options>
       <option>
       <name>data_source_name</name>
       <value>jdbc/BDTestDS_App_Two</value> (***Does this sound right? Coonection for App Two*****)
  </option>
  <option>
  <name>realm_column</name> (***is this correct?***)
  <value>application_realm</value> (***Is this correct?***)
  </option>
  </options>
  </login-module>
  </login-modules>
  </application>
  (3) system-application.xml (Points to absolute path for system-jazn-data.xml)
  <jazn provider="XML" location="<absolute address>/system-jazn-data.xml" default-realm="jazn.com"/>
  (4) jazn.xml (Points to absolute path for system-jazn-data.xml)
  <jazn
  location="<Absolute address>/system-jazn-data.xml"
  default-realm="jazn.com">
  </jazn>
  (5) I am not clear about your comment "Regarding Application Context when assigning roles to a J2EE authenticase case see jaassec/index.htm doc" Are you talking about something in the web.xml for each app?
  How does (a)
  <option>
  <name>realm_column</name>
  <value>application_realm</value>
  </option>
  in "system-jazn-data.xml"
  and (b) "APPLICATION_REALM" in APPLICATION_ROLES table
  and (c)      
  <application>
  <name>current-workspace-app_one</name>
  </application>
  <application>
  <name>current-workspace-app_one</name>
  </application>
  in "system-jazn-data.xml" all tie in?
  In other words, how are the roles tied to the appropriate application context? Each app needs to know its role?
  Thanks

  Hi,
  please note that application_realm only works with the LoginModule provided with the document. It doesn't work with the OC4J oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule. Note that the how-to document I pointed you to explains the use of custom LoginModules by example of custom login modules I wrote.
  The way it works is that the application_realm if provided is used when querying the application specific roles. If a realm is not provided then all roles are queried for the user.
  Frank

• Can I remove users from an Ad-Hoc App?

  We are producing some Ad-Hoc Multi-Issue Apps with the Adobe DPS for a client to use internally with their sales reps.
  The client is concerned that as staff change over the content that is published into the App will still be available to staff that are no longer employed.
  Is there a way to remove users from an App so they can no longer access content as new issues become available. Changing the Provisioning only affects newly built apps and not ones already built, so they can still access content?
  Is there a way to have a login?

  DPS content is downloaded to the device for offline reading.
  It cannot be read when in the cloud.
  Even if the articles are web content based and need online connection to display the content, once you disable access to it it's disabled for all readers.

• How do small companies / non-profits purchase software from the app store?

  Hello, I have asked this question to a few Apple Business reps and I seem to get conflicting answers depending on the person I talking to. 
  I work in the I.T. department for a large non-proffit.  We are no stranger to purchasing Apple computers, phones and iPads.  But we are running in to much confusion when it comes to the purchasing and specifically the licensing of Apple Software from the App Store.  For years we have worked with Microsoft and Adobe and have found their licensing (especially for our "one-off" purchases) to be quite helpful.  Each time a user requests a software title, we order it and it is put into our licensing account and is charged to our I.T. credit card.  Accounting has a clear papertrail to follow as to which department gets "billed" for the purchase and everyone is happy. 
  However, with Apple, and the App Store, there is no such program for the type of "one-off" purchases we do.  Sure, there is an "Enterprise" Volume Licensing solution, but the minimum purchase quantity for software licenses is 20.  Most of our requests come in as 1 - 5 copies of a software title.  So, Apple's solution to us has been to create a separate Apple ID for each purchase.  This worked OK until we got up to 5 Apple IDs on one credit card.  This led to yet another phone call to Apple and having them tell me that you can only associate 5 Apple IDs to one credit card... their solution? "Just open up a new credit card for every 5 licenses that you need".  That solution is absolutely impossible for our accounting department.  I called Apple back to see if I could talk to another business rep.  That individual informed me that the only way to get around this is to just purchase pre-paid iTunes gift cards and associate 5 Apple ID's to each one that we buy, then just keep track of them with an Excel sheet.  Again, this is an accounting nightmare.  What happens when there is money left over on a card? ($5 that is unused may seem trivial, but that ads up!)
  Anyway, I'm hoping that somebody has found a decent solution to this, and I REALLY hope that Apple gets their volume licensing program together.  They boast about being ready for the corporate world, yet they still have "solutions" in place that require end users to go out and buy iTunes gift cards just to make sure they remain in software compliance????

  Oooookay...
  I realized that both the iPhoto 9.3.2 and iMove9.0.7 updates are in .dmg format (disk image) up on the support downloads site.  So I downloaded them, and applied the iPhoto update (using ARD), which (supposedly) succeeded.  Then I tried the iMovie update, and I got the message:  "iMovie9.0.7Update.pkg" could not be installed.  Error message: "The version of iMovie installed on this Mac must be updated through the Mac App Store.  Check the Mac App Store to see if an update is available."
  Well, first of all, the iMovie update is over a GB, and no, I'm not going to go walk around to 64 machines and download 64 GBs of network traffic so that each machine can have its own personal special download of the update.  The one update.  To be repeated with every update.  That's what ARD is for!
  AND the iPhoto update which supposedly succeeded didn't apparently get applied -- the App Store still shows the update as being needed, and launching the app and doing an "About" says that it's at version 9.3 (650.39).
  If I were to create an apple ID for the  company, can I attach that one apple ID to all 64 of the macs that the company owns?
  Is there any way to update AppStore software without an apple ID tied to the machine?  Is there some problem with App Store software licensing?  Is it legal to use the software in a business?  Is that why the software is quarantined away from these machines?  Can it only be sold to an individual employee, and if an employee attaches his/her personal apple ID to a company-owned machine is it even legal to use the software commercially?

• Standard user cannot install apps

  I have setup a Mac Mini in my office for several people to use, with me as Admin and others as Standard account.  The problem is, when someone wants to install an app, they always get a prompt to input the Admin's username and password.   From my research, I was under the impression that Standard users could install apps, but only for their own account, which is what we want.  But for some reason, it's not working that way.  I did a Google search and following one recommendation, used Disk Utiltiy to repair permissions on the hard drive of both the Admin and Standard User account in question, but with no positive result.  I'm a bit reluctant to just give Admin privileges to one person; then others will may ask for the same privileges.  What should I do?
  Thanks,
  HL

  It sounds like they are trying to install an application in a location that they do not have permissions for (the main /Applications folder, for example).  They will need to use a location inside their own account that they have access to - usually this would be in a different Applications folder that has been created in their own account.  There are a few badly written applications that expect to be installed and run from an administrative account, but fortunately there aren't too many of those.

• How to assign the role for created user  thru dynpro App

  Hi All
  How to assign the role for currently created user from Webdynpro App.
  when i enter into the portal after creating the user
  i am getting the following messgae in the portal
  "No portal roles are assigned for this user.If this problem persists, contact your system administrator."
  how to assign the user defined role for the created user from dynpro App
  Regards
  Dhina  Kar J
  Edited by: Dhinakaran Jeyachandran on Feb 1, 2008 12:19 PM
  Edited by: Dhinakaran Jeyachandran on Feb 1, 2008 12:35 PM

  In the User Administration section of your portal find your newly created user and below select "Assigned Roles" tab then press <Modify> button and look through available roles on portal then just simply add and save. But if you want to do it programmatically see below:
  IUserAcountFactory userFactory = UMFactory.getUserAccountFactory();
  // IUser - read only but with IUserAccount is possible to set up user data
  IUserAccountSearchFilter userFilter = userFactory.getUserAccountSearchFilter();
  userFilter.setLogonUid("superuser", ISearchAttribute.LIKE_OPERATOR, false);
  ISearchResult sr = userFactory.search(userFilter);
  for (final Iterator i = new PrincipalIterator(sr); i.hasNext();) {
    IUserAccount user = (IUserAccount) i.next();
  Execute the same search for IRole (or IGroup if needed) get the unique id of them and use newRole(...) and addUserToRole(...) methods from IRoleFactory.
  Of course you don't need search for this principals if you know uniqueness of them. Use appropriate factories to get'em all by this unique id.
  All the features see in  [javadocs|http://help.sap.com/javadocs/NW04S/current/se/index.html]