Unique item permissions per user/group of ListItems

Similar Messages

• Selective LOV per User/Group

  Hi Guys,
  Just would like to ask if there's a way on how to limit or only show a selected number of LOVs per User?  For example,
  I have a parameter for Country and I have 2 Users... User1 should only see let's say China, Japan and Korea, while User2
  should be able to see all countries..
  Kind  Regards and Many Thanks,
  Mark

  I am facing the Same Issue. I implemented Dynamic LOV and published the CR into BOE. But when user runs the report he/she see all the avilable LOVs.  But we need only Selective LOV per User/Group.
  Please suggest me where can I use the Current CE User function becuase we are already using security table in Crystal Reports.
  Thanks
  Reddy

• Granting item permissions to specific group or users via workflow- sharepoint online

  I want to create a Document Set and upon doing that i want to grants users/ groups item level permissions to the document set.
  Can this be done via workflow?
  What are my options?

  If workflow starts on document set, you will change permission on the document set: if the files inherit permission from document set, all children files will have the same document set permission.
  the document set is nothing more than a souped-up folder
  Regards,
  Bubu
  http://zsvipullo.blogspot.it
  Please mark my answer if it helped you, I would greatly appreciate it.

• ISE 1.2 & AD & Meraki - Per User Group Policy ?

  I am working on a PoC for a deployment in an MDU. We are using Meraki switches and access points. There are 250 units in the building, each unit will have it's own subnet. The goal is to have the tenant be able to connect to a common building SSID and be placed into their assigned VLAN. There will also be physical ports in each unit that will need to do the same. I am trying to figure out a way to use ISE to authorize on a per user basis and not based on groups of users. On the Meraki system there are group policies that will assign the VLAN for the user as well as any type of layer 7 firewalling and bandwidth control. So there will be 250 group policies, one for each unit. There is a deployment guide that shows how to setup ISE for use with Meraki and it is great but it assumes that there will be large groups like Employees, Contractors, etc.. that will be used. This is where I'm being tripped up, also... this is my first swing at a NAC deployment so I have a lot to learn.
  1.Can I setup each user in Active Directory to have a tag that ISE can then forward on to Meraki for the group policy? Say it's unit 101 and I have a group policy called 101 in Meraki, Meraki documentation says to use the Airespace-ACL-Name attribute in ISE to indicate the group policy to use. This gives me the ability to place a group into that policy but not an individual. Or would this be better done by creating the users in ISE directly? Omit AD entirely?
  2. Each unit will have devices that will need MAB because they are not 802.1x compatible. I need to do the same as above with them. I would create a separate SSID for these devices but then use the MAC address to authenticate them but will need to authorize them to go into a specific group policy.
  I know this isn't a typical ISE application but I think that this will work really well in the end, just need to iron out these details and get a test system functioning. Any help would be greatly appreciated!!!
  Thanks,
  Nathan

  Please find the Meraki_ISE integration doc. in attachment.
  When VLAN tagging is configured per user, multiple users can be associated to the same SSID, but their traffic is tagged with different VLAN IDs. This configuration is achieved by authenticating wireless devices or users against a customer-premise RADIUS server, which can return RADIUS attributes that convey the VLAN ID that should be assigned to a particular user’s traffic.
  In order to perform per-user VLAN tagging, a RADIUS server must be used with one of the following settings:
  MAC-based access control (no encryption)
  WPA2-Enterprise with 802.1x authentication
  A per-user VLAN tag can be applied in 3 different ways:
  The RADIUS server returns a Tunnel-Private-Group-ID attribute in the Access-Accept message, which specifies the VLAN ID that should be applied to the wireless user. This VLAN ID could override whatever may be configured in the MCC (which could be no VLAN tagging, or a per-SSID VLAN tag). To have this VLAN ID take effect, “RADIUS override” must be set to “RADIUS response can override VLAN tag” under the Configure tab on the Access Control page in the “VLAN setup” section.
  The RADIUS server returns a group policy attribute (e.g., Filter-ID) in the Access-Accept message. The group policy attribute specifies a group policy that should be applied to the wireless user, overriding the policy configured on the SSID itself. If the group policy includes a VLAN ID, the group policy’s VLAN ID will be applied to the user.
  On the Client Details page, a client can be manually assigned a group policy. If the group policy includes a VLAN ID, the group policy’s VLAN ID will be applied to the user. 

• "Make proxy settings per-machine (rather than per user)" Group Policy setting not applied until login as a local Administrator

  We want to deploy to all our desktop the pac file to configure proxy. We have a Windows 2008 R2 server, and i've enabled the GPO "Make proxy settings per-machine (rather than per user)", and i've add a registry key AutoConfigURL in "HKLM\Software\Microsoft\Windows\Current
  Version\Internet Settings" with the pac file link.
  I've tested on my pc, and all was configured without any problem. I've try to login to my computer with another user (without admin rights) and the automatic configuration proxy was compiled and not modificable. It's seems that all works.
  But, our users are not local admin, so i've tried to deploy the GPO in a collegue computer. I've forced the update of GPO, checked on registry that all new keys are added, and i've reboot the pc. When i've check on IE settings, autoconfig URL was empty and
  grey. I'm disconnected from user and i've login to the pc with a local admin. With my surprise, the IE settings was compiled. When i'm come bac to the user profile the IE settings was compiled and not modificable.
  The problem is: i've over 750 users in 3 countries, and i don't want grant them the local admin permissions. How can i configure proxy settings via GPO without login to every machine at least one time?

  > have a Windows 2008 R2 server, and i've enabled the GPO "Make proxy
  > settings per-machine (rather than per user)", and i've add a registry
  > key AutoConfigURL in "HKLM\Software\Microsoft\Windows\Current
  > Version\Internet Settings" with the pac file link.
  In the past, we experienced various issues with machine proxy settings,
  so we don't use them anymore. The simple approach:
  Block access to the connections page through ADM template settings and
  deploy the proxy through GPP Internet Settings.
  This is what we do (with a pac file, too), and it works well :)
  Martin
  Mal ein
  GUTES Buch über GPOs lesen?
  NO THEY ARE NOT EVIL, if you know what you are doing:
  Good or bad GPOs?
  And if IT bothers me - coke bottle design refreshment :))

• Restrice subroles as per Users/Groups

  Hello Experts,
  We have one role (say for e.g. Main Role) in portal which has 4 subroles under it. The 4 subroles are assigned as Delta link to the 'Main Role'.
  Now when I assign this 'Main Role' to user, the user has assess to all the 4 subroles. This is a problem.
  The requirement is to assign the Main Role to a user and that user only needs to see 2 subroles out of the 4.
  Is there any way through which we can restrict access to the sub roles as per the Users/Group?
  Thansks in Advavance,
  Sanjay Sarode

  Hi Sanjay,
  Did you try the same using Merge ID concept, that way you can restrict according to your need.
  To be more clear
  Role 1   Role2    Role3
  wks 1    wks2     wks3
  in WKS you have Mege ID Property give a test name and in other workset give the same name in that property.
  now you can assign each role individually or assign 2 or more than 2 at a time.
  when you assign more than 2
  Role1
  WKS1  WKS2
  Hope this helps.
  Cheers-
  Pramod

• Server 2008 R2 RDP: limit max number of rdp connections per user group?

  Hello everyone,
  I have a Windows Server 2008 R2 with RDP installed.
  I want to create a couple of user groups which will have 5 different users in each. Then I would like to limit RDP connections, let's say 2 connections for the first group and 3 connections for the second group. For example, if 2 users from Group 1 are connected
  then when a 3rd user from Group 1 tries to connect it will be rejected to connect, but 3 users from Group 2 still can connect. Is it doable?
  Thanks in advance.

  Hi,
  I would like to check if you need further assistance.
  If you need help to create script, please post your questions in our related forums.
  http://social.technet.microsoft.com/Forums/scriptcenter/en-US/home
  Thanks.
  Jeremy Wu
  TechNet Community Support

• Active Directory Authentication and permissions for user group in APEX 4.0

  Hello,
  I am new to oracle APEX and I have searched the forum for active directory authentication for a user group and I am really confused about all the different threads. Can anyone please provide me the steps to follow; in order to implement AD authentication for a user group in Oracle APEX 4.0.
  These are the threads which i was looking at to get an idea like how AD authentication works but its really confusing for me.
  Help with Authentication (APEX_LDAP.AUTHENTICATE)
  Re: LDAP Authentication Via Groups
  Thanks,
  Tony

  You need to give it more than 30 minutes before bumping your own post. This is not an official support channel, so you need to be patient and wait for people to read, think and respond.

• VLAN assignement per user group with WDS

  I have configured an EAP-TLS wlan. I have configured the radius server to assign a vlan to the user depending of the user group.
  In this way I avoid that an user with a valid certificate that discover another SSID can change the VLAN changing his SSID (so I control what vlan connects every user)
  But when I have configured WDS in the wlan it stops to work. Because (I suppose) when the user reauthenticates (not the firt time) the WDS don't ask the radius server (it uses his cache) so it doesn't use the radius configuration and applies the vlan deppending of the user SSID.
  How can I resolve this problem?
  Thanks

  I think that the WDS configuration is not working as intended. Thats the reason the WDS is not caching the credentials and authenticating the user. Under Wireless Services > WDS status tab do you see the the infrastructure devices as Registered. if not check the authentication server for authentication stats. The first thing is that the WDS AP should register the infrasrtructure devices. Only then things will work.

• Changing permissions and user groups in 10.5/10.6

  I recently installed a second hard drive into my mac pro. i noticed that the permissions for the volume on this drive and all of the files on it are as follows:
  johnhorner (me) "read/write"
  staff sometimes "read/write", sometimes just "read only"
  everyone "read only"
  i don't remember ever setting up a group named staff and can't find it listed anywhere. the startup volume has a different set of permissions listed:
  johnhorner (me) read/write
  admin "read/write"
  everyone "read"
  can anyone tell me where "staff" came from and how i can change it to match the same set of permissions on the startup drive?
  i would like them to match because i am using some backup software which triggers if the permissions don't match. furthermore, the permissions displayed in the sync software show for example "rwx r-x r-x" or "rw- r-- r--". in setting the permissions in the get info panel for a given file or folder, i don't see how to change the "x" part of the permissions, only the read and write. does anyone know how to change the "x" aspect of the permissions?
  any help would be much appreciated.
  thanks,
  jhorner

  Carolyn Samit wrote:
  HI,
  The only time it's necessary to repair permissions is before and after software updates.
  Some permissions can be safely ignored.. http://support.apple.com/kb/TS1448
  Which is exactly what I've done since 10.2
  These messages are not "errors" that mean anything is wrong. Nothing is wrong, and some future update will likely address the issue. For now they can simply ignore them.
  BTW, when you run DU and repair disk permissions, make sure and Quit all other open applications. That can speed things up.
  BTDTGT. Under 10.5.6, it used to take about 10 - 15 minutes, so when I passed the 25 minute mark under 10.5.7 with no progress, I stopped DU and tried again with Onyx. After the same amount of delay, I posted my question only to get a snide reply. It finally finished but I don't know what the final elapsed time was as I ignored that computer while I did things on another one.

• Report links by user group

  hi, is it possible to set the "report links" per user group
  for example, the report links are Download, Refresh for user group Sales.
  the report links are Download, Refresh and Modify for user group Sales Admin.
  Just wanna know whether this can be done.
  thanks!

  If "Sales" doesn't have the Answers privilege, then the "Modfiy" link won't be rendered even if specified for the request. So you can just keep it in and all users having access to Answers will see it. Read-only users (i.e. no Answers) won't.
  Cheers,
  C.

• Bandwidth VPN 3000 user groups

  I would like to graph bandwidth usage per user group. Does anyone know what MIB will give this information?

  I have been looking at this for a few days now. Thought possibly I might be missing something. Guess not...

• How to create secutiry filters and users, groups in system 9

  HI,
  Could you please help me how to create security filters and groups, users in system 9. I need it very ugent. i am very much thankful to you.. if you respond immediatly.
  Thanks,
  sudhakar.

  In short here's how I did it in 9.3.1 but there are multiple ways to do it.
  I'm using MSAD external authentication.
  Using EAS right click on database, Edit, Filters. Create your filters.
  Then go to Shared Services.
  Find the MSAD user/group and provision them to the Essbase database that you have your filters on. Access level is "Filter".
  Then go back to EAS and Refresh Security From Shared Services.
  Then go back to Shared Services.
  Navigate to Projects & then your Essbase server. Find your Essbase database and click on it. To the right it'll populate a list of all the users/groups you provisioned to above. Select all of them and click Next.
  Now you should see a drop down at the top showing your filter(s). Click the checkbox(s) next to the users/groups you want to apply that filter to. Click the green checkmark to apply the filter, and repeat for your various filters that you want to apply. Only 1 filter per user/group.
  Then go back to EAS and Refresh Security From Shared Services again.
  Good luck, hope this helps.

• "No Items" listed under defaults tab of Users & Groups

  After Mountain Lion upgrade from Snow Leopard, "No Items" listed under default images from Users & Groups as well as Contacts (which) I'm sure share the same library. Have repaired permissions, redownloaded and re-installed Mountain Lion as recommended by the Apple Geniuses, but to no avail. Anyone got any ideas? See image.

  Hi Leroy -  Sy Kim, another user in the community posted a solution that worked, see below.
  SY Kim
  Sep 10, 2012 6:42 AM 
  After upgrade(from snow leopard), user picture list have no items. (Users & Groups)
  Finally, I got the solution.
  The key is to delete every '.DS_Store' files in the directory '/Library/User Pictures/'.
  Open Terminal application and follow these.
  1. Chagne directory by command below :
  cd '/Library/User Pictures'
  2. Listing all files including hiddens in the directory by command below :
  ls -al
  3. If there is a .DS_Store file. Remove the file by command below :
  sudo rm .DS_Store
  (It need user password for execute)
  Then, it'll show every pictures in 'Users & Groups' control panel.

• Is there a way to pull  User, Group , Other permissions of a file

  I wanted to know whether Java provides any API to pull up each and every permission associated with a file.
  For example: In Unix, a file has 3 sets of permissions as shown below:
  <UserPermissions><GroupPermissions><Others'Permissions>
  Example: -rwxrwxrwx
  r - for read
  w - for write
  x - for execute
  There are some methods provided in java.io.File, such as canRead() and canWrite(), which help in telling whether a file is readable or writable. But I did not find any API which tells whether a perticular user has read/write/execute permission or not. Also, I presume the canRead(),canWrite() methods pull up the permissions pertaining to the owner of the file, but not for the group and others part of a Unix File's permissions.
  Is there a way to pull up the read/write/executable permissions for all the 3 catergories namely, UserPermissions, GroupPermissions and Others'Permissions.
  I appreciate your note on this and appreciate your time too.

  In the java.io.File class, there's methods canRead() and canWrite().
  They will test the read/write permissions of the Unix user you are running your Java program with.
  They will not return a list of user names, user groups etc though.
  You'd have to get the permissions through some platform specific method, eg. via JNI.
  regards,
  Owen