Usage of Security Groups

Hi All,
I am new (3 months) to the Oracle UCM system (10g) and have a basic query regarding security groups.
NOTE: We are going to use Accounts.
Should the security groups feature be used to control security level
eg
Public
Secure
Confidential
Top secret
or should they be used to segregate content
eg
IT
Finance
Marketing
etc
The documentation on this seems to be ambiguous and I was looking for some real world experiences.
Thanks, Paul

In general, security groups are for classification, accounts are for department. There are also user-based Access Control Lists for fine-grained control... but those can sometimes be a performance hog.
So, you should have about 5 security groups (public, internal, secure, top secret, etc.) and then nested accounts for each department or concern (HR, HR/USA, HR/Japan, Development, Development/ProjectAlpha/, etc.) if needed.
If security groups give you problems with workflows, use workflow templates, sub workflows, or place the logic in a component.
Out of curiosity... what specifically about the security model makes you think its inferior to Sharepoint?

Similar Messages

  • Is there a way for an end user to see who has membership in a security group

    Windows Server 2008 R2
    Active Directory Domain
    Windows 7 workstations
    I am looking for a way that my end users can look at a folder security tab and then discover who has membership in the security groups listed.
    Is that possible? Any drawbacks or concerns?

    Hi Tod,
    Based on my research, other than viewing group membership in ADUC, we can use this PowerShell cmdlet
    Get-ADGroupMember GroupName and Net Group GroupName to view members in a group:
    However, these commands can only be used on Domain Controllers or when connecting to DCs remotely. That’s because accounts and account membership are stored on Domain Controllers, therefore we can only view group membership on DCs.
    More information for you:
    Viewing the Direct Members of a Group
    http://technet.microsoft.com/en-us/library/dd391915(v=WS.10).aspx
    Net group
    http://technet.microsoft.com/en-us/library/cc754051.aspx
    Best Regards,
    Amy

  • Not able to set security group without mail enabled as site collection admin using powershell in sharepoint online site - office 365

    not able to set security group without mail enabled as site collection admin using powershell in sharepoint online site - office 365?
    Any idea?

    after few days test in my lab, I can see that only email enabled group can be added as site collection admin using POWERSHELL.
    hope this helps who stuck like me!! :-)

  • Project Server 2010: PWA Removing Default Project Site Security Groups When Creating a New Project

    I looked for this specific issue with Project Server 2010/PWA/SharePoint and could not find an exact answer... hopefully someone can help.
    We are currently using Project Server 2010 and have a number of project site templates that are used dependent upon the enterprise project type selected. Each of these project site templates have unique permissions which should create the default security
    groups on the project site upon publishing/syncing:
    <Project Name> Members
    <Project Name> Owners
    <Project Name> Visitors
    <Project Name> Project Managers (Project Web App Synchronized)
    <Project Name> Team Members (Project Web App Synchronized)
    Web Administrators (Project Web App Synchronized)
    Whether a user creates a project through PWA or Project Pro 2010 and imports the project into PWA, we get a weird result in the Site Permissions of the newly created project site. PWA will remove all default security groups from the project site template
    and add a whole list of users in the Site Permissions list without groups. 
    Once the project is published and the project site is created, we can then go back and add those default security groups back in the project Site Permissions and even add a couple of custom groups without them being removed on all subsequent project syncs
    or publishing. 
    How do we get PWA to not overwrite the project site templates' security groups and place each user in the proper default security groups? At the same time, how is PWA adding a number of users into the Project Site Permissions?
    Thanks in advance.

    Paul,
    Thanks for that information. Right now we are using the Test environment to turn the Auto-sync feature back on. I suspect that the reason this is happening is due to PWA groups/categories/security templates. There may be more than one PWA group that is "overwriting"
    the default project site groups upon initial creation of the project. We will look further into the security settings to tighten up the policies. 

  • Security Group for SharePoint 2013 Online Enterprise 3

    I need to copy all the user account names from one SharePoint Security group to a different SharePoint Security group in the same single tenant.
    I can not figure out how to do this.
    Thanks.
    Dawn

    Call your local Microsoft office (any office may due, but info from your local office will be more accurate), and ask for the
    Account Manager for SMB (small to medium businesses) in the
    education sector.
    Scott Brickey
    MCTS, MCPD, MCITP
    www.sbrickey.com
    Strategic Data Systems - for all your SharePoint needs

  • Using a security group to add members to the collection question

    Hi,
    I have a collection created in SCCM 2007 that is using a security group for membership. So I added a computer to the security group in AD but when I go to SCCM and click on the collection I dont see the computer in the collection. Should it show here or
    because it is a security group based membership will it not show the members?
    THanks!

    Details from Active directory are added to SCCM database through discovery methods. Please ensure that AD security group discovery and AD system discovery are enabled in the primary site. If they are enabled, check the frequency set for these discovery
    methods. Once you added these computers to the AD group, you need to wait till the next discovery cycle before it appears in SCCM collections. Till that point, SCCM database will not have information about the group memberships of these computers

  • Unable to change members of AD security groups who have access to shared mailboxes

    I have an exchange 2013 running for over a year now and never had any problems with it. Until recently.
    A request came in to make a new shared mailbox. So I did just that and gave rights to a security (not mail enabled) AD group. Just like I Always do. Everything worked fine. A few hours later I did exactly the same for another request and then the people
    could not access the shared mailbox. So I added my regular user to the AD group and I also couldn't (I tested it with OWA and Outlook). I tried to remove myself of one of my own shared mailboxes and the permissions wouldn't stick. When I removed the entire
    group then the permissions were gone(and I could not access the shared mailbox). When I added it back I had my permissions back but still wasn't in the group. Then I tried adding a distribution group with the same result.
    It seems when I add normal users directly to the permissions everything works.
    When I had to restart the server a few days later. All changes were applied but I could not change it again.
    i'm a bit stumped on this one. i'm out of options.

    Hi Jelle,
    "I did exactly the same for another request and then the people could not access the shared mailbox.", I would like to verify if you give the same Security Group rights to multiple shared mailboxes.
    If the security group members can't have access to all the shared mailboxes they have rights, you can recreate a security group and grant permissions to shared mailboxes one by one to check the result.
    Hope this can be helpful to you.
    Best regards,
    Amy Wang
    TechNet Community Support

  • Can I deploy 2 computer GPO for 2 different Security Groups to the same machine?

    Hi
    this is my scenario
    I have 2 different security group ( in a domain ) and i would like to deploy 2 different Computer GPO depends by the user SG membership
    this is a terminal server ( 2k12) and I would like  have the computer GPO policy/admin template/windows components/remote desktop session host/profile different for each security group.
    thanks
    Marco

    > I have 2 different security group ( in a domain ) and i would like to
    > deploy 2 different Computer GPO depends by the user SG membership
    Not really, but for some settings there is a workaround... ->
    http://evilgpo.blogspot.de/2012/03/how-to-save-my-screen.html
    > this is a terminal server ( 2k12) and I would like  have the computer
    > GPO policy/admin template/windows components/remote desktop session
    > host/profile different for each security group.
    For THIS setting, it definitely does NOT work. The profile path must be
    known BEFORE the user is logged on and this means BEFORE any user
    specific settings can be processed.
    Martin
    Mal ein
    GUTES Buch über GPOs lesen?
    NO THEY ARE NOT EVIL, if you know what you are doing:
    Good or bad GPOs?
    And if IT bothers me - coke bottle design refreshment :))

  • Error while adding new security group in content server

    Hi,
    When i am trying to add new security group in UCM using User Admin applet i am getting following error:
    Event generated by user 'weblogic' at host 'vpunvfpctnsz-07.ad.infosys.com:16200'. Unable to execute service ADD_GROUP and function insertGroupRow.
    Unable to execute query 'IroleDefinition(INSERT INTO RoleDefinition (dGroupName, dRoleName, dPrivilege, dRoleDisplayName)
    values ('Test_111', 'admin', 0, ''))'. ORA-00001: unique constraint (DEV_OCS.PK_ROLEDEFINITION) violated
    java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique constraint (DEV_OCS.PK_ROLEDEFINITION) violated. [ Details ]
    An error has occurred. The stack trace below shows more information.
    !csUserEventMessage,weblogic,vpunvfpctnsz-07.ad.infosys.com:16200!$!csServiceDataException,ADD_GROUP,insertGroupRow!$!csDbUnableToExecuteQuery,IroleDefinition(INSERT INTO RoleDefinition (dGroupName\, dRoleName\, dPrivilege\, dRoleDisplayName)<br>          values ('Test_111'\, 'admin'\, 0\, ''))!$ORA-00001: unique constraint (DEV_OCS.PK_ROLEDEFINITION) violated<br>!syJavaExceptionWrapper,java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique constraint (DEV_OCS.PK_ROLEDEFINITION) violated<br>
    intradoc.common.ServiceException: !csServiceDataException,ADD_GROUP,insertGroupRow!$
    at intradoc.server.ServiceRequestImplementor.buildServiceException(ServiceRequestImplementor.java:2071)
    at intradoc.server.Service.buildServiceException(Service.java:2207)
    at intradoc.server.Service.createServiceExceptionEx(Service.java:2201)
    at intradoc.server.Service.createServiceException(Service.java:2196)
    at intradoc.server.ServiceRequestImplementor.handleActionException(ServiceRequestImplementor.java:1736)
    at intradoc.server.ServiceRequestImplementor.doAction(ServiceRequestImplementor.java:1691)
    at intradoc.server.Service.doAction(Service.java:476)
    at intradoc.server.ServiceRequestImplementor.doActions(ServiceRequestImplementor.java:1439)
    at intradoc.server.Service.doActions(Service.java:471)
    at intradoc.server.ServiceRequestImplementor.executeActions(ServiceRequestImplementor.java:1371)
    at intradoc.server.Service.executeActions(Service.java:457)
    at intradoc.server.ServiceRequestImplementor.doRequest(ServiceRequestImplementor.java:723)
    at intradoc.server.Service.doRequest(Service.java:1865)
    at intradoc.server.ServiceManager.processCommand(ServiceManager.java:435)
    at intradoc.server.IdcServerThread.processRequest(IdcServerThread.java:265)
    at intradoc.idcwls.IdcServletRequestUtils.doRequest(IdcServletRequestUtils.java:1332)
    at intradoc.idcwls.IdcServletRequestUtils.processFilterEvent(IdcServletRequestUtils.java:1678)
    at intradoc.idcwls.IdcIntegrateWrapper.processFilterEvent(IdcIntegrateWrapper.java:221)
    at sun.reflect.GeneratedMethodAccessor120.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at idcservlet.common.IdcMethodHolder.invokeMethod(IdcMethodHolder.java:87)
    at idcservlet.common.ClassHelperUtils.executeMethodEx(ClassHelperUtils.java:305)
    at idcservlet.common.ClassHelperUtils.executeMethodWithArgs(ClassHelperUtils.java:278)
    at idcservlet.ServletUtils.executeContentServerIntegrateMethodOnConfig(ServletUtils.java:1592)
    at idcservlet.IdcFilter.doFilter(IdcFilter.java:330)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:94)
    at java.security.AccessController.doPrivileged(Native Method)
    at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
    at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:414)
    at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:138)
    at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:330)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    Caused by: intradoc.data.DataException: !csDbUnableToExecuteQuery,IroleDefinition(INSERT INTO RoleDefinition (dGroupName\, dRoleName\, dPrivilege\, dRoleDisplayName)
    *          values ('Test_111'\, 'admin'\, 0\, ''))!$ORA-00001: unique constraint (DEV_OCS.PK_ROLEDEFINITION) violated* at intradoc.jdbc.JdbcWorkspace.handleSQLException(JdbcWorkspace.java:2441)
    at intradoc.jdbc.JdbcWorkspace.execute(JdbcWorkspace.java:584)
    at intradoc.server.UserService.insertGroupRow(UserService.java:1201)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at intradoc.common.IdcMethodHolder.invokeMethod(IdcMethodHolder.java:86)
    at intradoc.common.ClassHelperUtils.executeMethodEx(ClassHelperUtils.java:310)
    at intradoc.common.ClassHelperUtils.executeMethod(ClassHelperUtils.java:295)
    at intradoc.server.Service.doCodeEx(Service.java:549)
    at intradoc.server.Service.doCode(Service.java:504)
    at intradoc.server.ServiceRequestImplementor.doAction(ServiceRequestImplementor.java:1622)
    ... 39 more
    Caused by: java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique constraint (DEV_OCS.PK_ROLEDEFINITION) violated
    at oracle.jdbc.driver.SQLStateMapping.newSQLException(SQLStateMapping.java:89)
    at oracle.jdbc.driver.DatabaseError.newSQLException(DatabaseError.java:135)
    at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:210)
    at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:473)
    at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:423)
    at oracle.jdbc.driver.T4C8Oall.receive(T4C8Oall.java:1095)
    at oracle.jdbc.driver.T4CStatement.doOall8(T4CStatement.java:193)
    at oracle.jdbc.driver.T4CStatement.executeForRows(T4CStatement.java:1028)
    at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1379)
    at oracle.jdbc.driver.OracleStatement.doScrollExecuteCommon(OracleStatement.java:5846)
    at oracle.jdbc.driver.OracleStatement.doScrollStmtExecuteQuery(OracleStatement.java:5989)
    at oracle.jdbc.driver.OracleStatement.executeUpdateInternal(OracleStatement.java:2012)
    at oracle.jdbc.driver.OracleStatement.executeUpdate(OracleStatement.java:1958)
    at oracle.jdbc.driver.OracleStatementWrapper.executeUpdate(OracleStatementWrapper.java:301)
    at weblogic.jdbc.wrapper.Statement.executeUpdate(Statement.java:503)
    at intradoc.jdbc.JdbcWorkspace.execute(JdbcWorkspace.java:564)
    ... 50 more
    I checked in database , the security group Test_111 is not present in ROLEDEFINITION table.
    What could be the issue?
    Regards,
    Minal

    1) Try importing CMU bundle with 'Overwrite Duplicates' option unchecked .
    2) In the CMU bundle, open file roles_guest.hda and see if 'guest' role has access to any group that start with special character or group you haven't created in the system..
    Eg: guest
    #AppsGroup
    0
    Also open securitygroups folder in CMU bundle, and see if you can find any groups that starts with special character or group you haven't created in the system.
    3) Identify that group and execute below query in the UCM database.
    select * from roledefinition where dgroupname= '#AppsGroup';
    Replace '#AppsGroup' with the groupname you identified.
    4) Solution would be to delete all the rows with dgroupname= '#AppsGroup' from the 'roledefinition' table.
    delete from roledefinition where dgroupname= '#AppsGroup';
    Replace '#AppsGroup' with the groupname you identified.

  • How to create a site and add security groups through code: scripts, csom, ... ?

    Hi,
    I'm new to CSOM and are looking for a way to create sites in SharePoint Office365 and especially add user to it with a specific role eg. 'visitor' or 'owner'.
    I use this code to add sites from a csv file, so far so good.
    But now I want to add security groups based on the csv file and assign a role. The security groups allready exists.
    and also how to add a user with a 'owner' role for some sites.
    That would make my life easier :-)
    so thank you in advance!
    # load assemblies
    #[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint.Client")
    #[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint.Client.Runtime")
    Add-Type -Path "c:\Program Files\Common Files\microsoft shared\Web Server Extensions\15\ISAPI\Microsoft.SharePoint.Client.dll"
    Add-Type -Path "c:\Program Files\Common Files\microsoft shared\Web Server Extensions\15\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"
    # site collection
    $siteUrl = “https://mysharepoint.com”
    # admin
    $username = "[email protected]"
    $password = Read-Host -Prompt "Enter password" -AsSecureString
    # get clientcontext as object
    $ctx = New-Object Microsoft.SharePoint.Client.ClientContext($siteUrl)
    # assign credentials to clientcontext object
    $credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($username, $password)
    $ctx.Credentials = $credentials
    # create site from template 'teamsite' => STS#0
    $data = Import-Csv "c:\tools\CSOM\vakwerking_test.csv"
    foreach ($row in $data) {
    $webCreationInformation = New-Object Microsoft.SharePoint.Client.WebCreationInformation
    $webCreationInformation.Url = $row.vakwerkingurl
    $webCreationInformation.Title = $row.vakwerkingnaam
    $webCreationInformation.WebTemplate = "STS#0"
    $webCreationInformation.UseSamePermissionsAsParentSite = $false
    $newWeb = $ctx.Web.Webs.Add($webCreationInformation)
    Write-Host "Title" $newWeb.Title
    #send to sharepoint
    $ctx.Load($newWeb)
    $ctx.ExecuteQuery()

    Hi,
    The command above about creating a group only works for the root site of the site collection, because the scope of the user group is site collection level, these groups
    can be used in all the sites in this site collection.
    With the existing groups in the root site, we can add users into them and grant specific permissions of a specific sub site to these groups.
    Here is a demo about how to assign permission to a group using Client Object Model(though in C#) for your reference:
    http://www.c-sharpcorner.com/UploadFile/54db21/set-permission-to-group-in-sharepoint-2010-programmatically/
    Best regards,
    Patrick
    Patrick Liang
    TechNet Community Support

  • How to make clone of active directory security group

    Hi
    i am having one Security group in AD, i want to make copy or clone of that group with same members in different name in AD.
    Anybody help me out...

    Hi Vino1985,
    Just do it with ds-tools.
    dsquery group -samid %SamidOfYourReferenceGroup% | dsget group -members |  dsmod group %distinguishedNameOfYourNewGroup% -addmbr -c
    This should work as
    "dsquery group -samid " will return the distinguished name of your reference group and pipe it to dsget group
    "dsget group -members" will return all distinguished-names of the members and pipe it to dsmod group
    "dsmod group -addmbr" will all DN's to the membership-attribute of the new group the switch "-c" will continue on errors.
    best regards
    Switch
    MCITP Enterprise Administrator
    MCSA Windows Server 2012
    MCTS Windows 7 Configuration
    Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.

  • How to change the values in custom profiles based on security group ??

    Hi,
    i am facing problem for my requirement, can anybody help me for below scenario...
    i have custom check in profiles , there are content types and sub types. sub type nothing but a categories on for particular content type. For example i have News content type , same in the below subtypes drop down list are press release, events, articles etc.
    what i want to do is, when i open custom checkin profile, subtype values need to be changed( some values in subtype should hide) based on security group changes .
    In the Sub type listed values, some values need to hide only when i choose different security groups.. sub types values should display based on the particular security group only. when ever i change the security group, drop down Values in subtypes needs to change.
    hope understand my requirement.
    How to achieve this task. Any help would be greatly appreciated.
    Thanks,
    yt

    Hi,
    Thanks alot. its working fine
    Can we configure DCL Relation two times in one information filed ??? i should not create not more than fields to this requirement.
    Type -> subtype = DCL already existed
    Now, i want to Create DCL to
    Subtype ---> Security group
    As per my requirement, if i change the security group in checkin form, values should be change in the SubType drop down list.
    Created checkin profile there was DCL relation to " Type and "Sub Type" . now i want to map Relation ( DCL ) for subtype to security group.
    i was trying do for DCL for subtype and security group. but there was already existing DCL created for subtype information field (Relation configuration done for content type). even though i was trying to do for DCL in Security group information field. but, i could not find security group information field in configuration manager.
    Now what should i do ?? how to create DCL to subtype and security group ??
    Help would be appreciated.
    yt

  • How to set security group as primary site collection admin and secondary site collection admin using powershell in sharepoint online site - office 365?

    How to set security group as primary site collection admin and secondary site collection admin using powershell in sharepoint online site - office 365?

    Hi,
    According to your description, my understanding is that you want to set security group as admin of primary and secondary site collection using PowerShell command in office 365.
    I suggest you can use the command below to set the group to site owner, then it will have the site collection admin permission.
    Set-SPOSite -Identity https://contoso.sharepoint.com/sites/site1 -Owner [email protected] -NoWait
    Here are some detailed articles for your reference:
    https://technet.microsoft.com/en-us/library/fp161394(v=office.15)
    http://blogs.realdolmen.com/experts/2013/08/16/managing-sharepoint-online-with-powershell/
    Thanks
    Best Regards
    Jerry Guo
    TechNet Community Support

  • File Server Migration - For ORG A Forest to ORG B Forest ( Need to create and Map Security Group automatically on new Migrated Folders - Please Help

    I have two forest With Trust works Fine .
    I have file server in ORG – A ( Forest ) with 2003 R2 Standard
    I have a File server in ORG  - B ( Forest ) With Windows server 2012 ( New Server for Migration )
    I have 1000 + folders with each different permission sets on ORG-A. We are using Security groups for providing permission on the share Folders on ORG A
    I need to Migrate  all the folders from ORG – A to ORG – B.
    I am looking for an automated method of creating Security Groups on AD during the Migration, Once the Migration is Done, I can add the required users to the security groups manually.
    Example.
    Folder 1 on ORG – A has Security Group Called SEC-FOLDER1-ORGA
    I need an automated method of Copying the files to ORG – B and Creating a new security Groups on ORG –B Forest with the same permission on parent and child Folders. I shall Add the users manually to the Group.
    Output Looks Like
    Folder 1 on ORG – B has Permission called SEC-FOLDER1-ORGB ( New Security Group )
    Also I need a summarized report of security Group Mapping, Example – Which security Group on ORGA is mapped with Security Group Of ORGB

    Hi,
    I think you can try ADMT to migrate your user group to target domain/forest first. Once user groups are migrated, you can use Robocopy to copy files with permission - that permission will continue be recognized in new domain as you migrated already. 
    Migrate Universal Groups
    http://technet.microsoft.com/en-us/library/cc974367(v=ws.10).aspx
    If you have any feedback on our support, please send to [email protected]

  • Not able to edit membership of universal security groups

    I’m not able to edit membership of My Universal security groups using outlook, when I add/remove members it shows the error
    “Changes to the public group membership can’t be saved. You do not have sufficient permission to perform this operation on this object”
    I've already assigned the RBAC role “Security Group Creation and Membership” to a security group and the user who is editing the group is the member of this role group. I’ve also tried to assign the role directly to user, but it also did not work.
    Exchange 2010, Outlook 2010.
    Could someone please suggest me on this.
    ------- Subodh

    No, I am still facing issue.
    I’m not able to edit membership of My Universal security groups using outlook, when I add/remove
    members it shows the error
    “Changes to the public group membership can’t be saved. You do not have sufficient permission to
    perform this operation on this object”
    I've already assigned the RBAC role “Security Group Creation and Membership” to a security group
    and the user who is editing the group is the member of this role group. I’ve also tried to assign the role directly to user, but it also did not work.
    I have multi domain scenario like Exchange is in child domain and AD Users are in Parent domain.
    ------- Subodh

Maybe you are looking for

  • Iws 4.1 upgrade to 6 (sparc)

    hi, have anyone try to upgrade 4.1 to 6 at sparc platform? i have some difficulty after upgrade, i have no idea to fix it, if there have no virtul server... can run after upgraded, but can't changed document root if there has virtul server.... can no

  • Microphone for Macs

    I gotta say I love Garageband/Logic, but I am missing a professional microphone. At the moment, my band (literally a garage band, which consists of 5 members) record with our MacBook microphone, which doesn't really turn out nice-sounding all the tim

  • Fiori launchpad designer: missing tile templates

    Dear all, We have installed the PPM Fiori apps on our system; we have managed to get these apps on the launchpad. Now we want to add a custom app to the catalog. If we start the launchpad designer and click on the catalog and then on the "+" to add a

  • Need installati​on CD's for Lookout V3.8 b16 as originals are lost. How do I get these?

    Original version was purchased and sold to customer as part of system developed for them. V3.8 b16 is registered to customer. Customer now wants some additional development done and an upgrade to PC but does not have the installation CD's for Lookout

  • Hyperion as Data Source

    I am completely stranger to Hyperion solutions.I am currently working for a company wich already runs hyperion. They are building data marts in a Oracle Database using Oracle OLAP tools and Essbase is one of ours data source.The question is: We are r