Using a security group to add members to the collection question
Hi,
I have a collection created in SCCM 2007 that is using a security group for membership. So I added a computer to the security group in AD but when I go to SCCM and click on the collection I dont see the computer in the collection. Should it show here or
because it is a security group based membership will it not show the members?
THanks!
Details from Active directory are added to SCCM database through discovery methods. Please ensure that AD security group discovery and AD system discovery are enabled in the primary site. If they are enabled, check the frequency set for these discovery
methods. Once you added these computers to the AD group, you need to wait till the next discovery cycle before it appears in SCCM collections. Till that point, SCCM database will not have information about the group memberships of these computers
Similar Messages
-
Filter AD Security Group and add member through visual webpart
Hi All,
I want to know how to Filter AD Security Group and add members to it from SharePoint 2013 Visual webpart, where i have multiple domains as well.
Regards
Rathanavel
RathanavelSP doesn't interrogate AD groups (DL's or SG's)... you'll need to query AD directly (ADSI).
Scott Brickey
MCTS, MCPD, MCITP
www.sbrickey.com
Strategic Data Systems - for all your SharePoint needs -
not able to set security group without mail enabled as site collection admin using powershell in sharepoint online site - office 365?
Any idea?after few days test in my lab, I can see that only email enabled group can be added as site collection admin using POWERSHELL.
hope this helps who stuck like me!! :-) -
Use AD Security Groups for SharePoint database permissions
In our SharePoint environment we have around 30 content databases. Each of these content databases need a few application pool accounts added to there permissions for various service applications etc. Currently all the accounts are added individually,
but this can be a little error prone. Is there a reason why we could just pop all the required accounts in an AD security group and add that database permissions in SQL?You could do that, but your service accounts shouldn't be accessing the databases directly, instead routing through the SharePoint API, which then permissions would be taken care of by SharePoint accounts (or if you have custom Service Applications, the
service app pool account).
Trevor Seward
Follow or contact me at...
  
This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs. -
Collection1:Test
SELECT apex_item.checkbox(10,c001) order_id
, apex_item.display_and_save (12, c002) QTY
, apex_item.display_and_save (14, c003) UNIT_PRICE
FROM apex_collections
WHERE collection_name = 'Test'
....Collection2:
SELECT * FROM (SELECT apex_item.checkbox(20,c001,'UNCHECKED') SELECT
, apex_item.display_and_save (22, c002) QTY
, apex_item.display_and_save (24, c003) UNIT_PRICE
FROM apex_collections
WHERE collection_name = 'source')
....The above query is used to generate a report.
Requirement: I want to add records to the collection TEST (below javascript function and ondemand process created) from other collection (SOURCE) based on checked item (order id) value from another report which is based on another collection.
function callprocess(){
var arr_f20=new Array();
var ajaxRequest=new htmldb_Get(null,&APP_ID.,'APPLICATION_PROCESS=test',0);
arr_f11=document.getElementsByName('f20');
for(i=0;i<arr_f20.length;i++){
if(arr_f20.checked){
ajaxRequest.addParam('f01',arr_f20[i].value)
var ajaxResult=ajaxRequest.get(); alert(ajaxResult);
ajaxRequest=null;
BEGIN
FOR i in 1..APEX_APPLICATION.G_F01.COUNT LOOP
apex_collection.add_member (p_collection_name => 'Test', p_c001=> APEX_APPLICATION.G_F01(i));
END LOOP;
END;I am successfully being able to add 1 member (p_c001). But I am not being able to figure out how to add other members ie, p_c002,p_c003 to the collection TEST
Thanks for the help!
Regards,
VedHi Ved,
to add members to a collection you should use this command:
apex_collection.add_member(
p_collection_name => 'Test',
p_c001 => APEX_APPLICATION.G_F01(i),
p_c002 => APEX_APPLICATION.G_F02(i),
p_c003 => APEX_APPLICATION.G_F03(i)
Question
- the column APEX_APPLICATION.G_F01, does it contain rownum or an ID of the primary key of the table?
if pk then you have to change the code like this:
apex_collection.add_member(
p_collection_name => 'Test',
p_c001 => APEX_APPLICATION.G_F01(i),
p_c002 => APEX_APPLICATION.G_F02(APEX_APPLICATION.G_F01(i)),
p_c003 => APEX_APPLICATION.G_F03(APEX_APPLICATION.G_F01(i))
TIPP
- you should use upper case names for your collection then you are not running into an error (not finding collection), because when you query your collection you would enter something like:
SELECT c001 test1, c002 test2, c003 test3
FROM APEX_collections
WHERE collection_name = collection_name
the name of your collection is always changes to upper case when creating the collection.
so in any query for selecting rows of your collection you have to use the upper case of your collection_name,
regards,
Denise
www.appsassociates.de -
Update membership is taking too long to update members in the collection - SCCM 2012 R2 + CU1
Hi,
We have a standalone primary site server hierarchy (SCCM 2012 R2 + CU1), Not only with this upgrade.starting from the SCCM 2012 SP1, We had an issue that members in the collections are not being updated as expected (like SCCM 2007).
I have created about 20+ query based collections with the normal with the "Full schedule" option but not used "Incremental update" option. Also i have observed that after a day or so..members are appearing.
anyone had solution to this, why this collection update membership in SCCM 2012 is improper?
Thanks.
srkrHi Torsten,
We have about 25 machines in each collection, My collection condition is based on the package (Ex:if the package is not installed on the machine, it will appear in the collection to target the package),
WQL query looks good, I have used the same logic for all the collections with different package.
I did not see any error in colleval.log, all the collections are evaluating properly,but I can see .CEP files in COLLEVAL.BOX which has 0 KB size.
Any Idea?
srkr -
I forgot the answers for the security questions and when I try to change them (My Apple ID -> Manage your account -> Password and Security) I'm asked to answer the exact questions I'm trying to change because I don't remember the answers. How can I do it?
Can't you try the email option instead?
-
Exchange 2010 Unable to Assign Full Access Permissions using a Security Group
I've been running into this issue lately. I cannot seem to use groups to allow full access to mailboxes. When I add them from the EMC, it will show up when you go to "Manage Full Access Permission...". After waiting a day and even restarting
the Information Store service, the permissions do not take effect. When I view the msExchDelegateListLink attribute of the mailbox account, the group is not listed.
When I grant a user full permission, it works and updates the attribute. However, on occasion when I revoke the full access permission for a user is doesn't always remove that user from the msExchDelegateListLink attribute. So the mailbox
will still appear in Outlook, but the user isn't able to see new emails.
Any ideas on what may be going wrong?
Environment:
Exchange Server 2010 SP1 Standard
Windows Server 2008 R2 Standard
Outlook 2010 SP1 (tried without SP1 as well)
I was looking over Add-MailboxPermission on Technet (http://technet.microsoft.com/en-us/library/bb124097.aspx) and I noticed that it doesn't mention adding groups. Is this not possible?I never got a proper fix.
I worked around it by creating a script which gets the members of an AD Mail Enabled security group, and updates the full access based on the groups members.
Here's a script I'm running every hour which updates permissions. It's probably not the most efficient script ever, but it works. It has several benefits
1. Managers of the distribution group can add/remove mailbox members using OWA or through the address list
2. New members of groups are added to FULL Access Permissions
3. Members removed from the groups are removed from FULL access permissions
4. Automapping works :)
5. Maintains a log of access added / removed / time taken etc.
Obviously I have had to remove domain related information, replace with whatever your domain requirements are, and PLEASE debug it properly in your environent first, don't complain to me if it wipes out a load of access for you or something like that!
It takes about 5 minutes to run in my environement. Some formatting seems to have got messed up on here, sorry. I hope it is of use!
# Mailbox Permissions Setter for Exchange #
# v1.1 #
# This script will loop through all mailboxes in Exchange and find any where #
# the type is 'SHARED'. These should be determined to be a GROUP/SHARED mailbox #
# and access to these mailboxes are controlled by a single ACL, e.g. 'ACL_Shared_Mailbox'. #
# This script will add any members of these ACLs directly to the Full Access Permissions #
# of the mailbox and also remove them if they no longer need the access. #
# Script created by Jon Read, Technical Administration
# Recent Changes
# 15/11/2012
# 1.1 Added exclusions for ACLs that we don't want automapping to happen for
# 12/11/2012
# 1.0 Initial script
#Do not change these values
Add-PSSnapin *Ex*
$starttime = Get-Date
$logfile = "C:\accesslog.txt"
$logfile2 = "C:\accesslog2.txt"
$totaladditionstomailboxes = 0
$totalremovalsfrommailboxes = 0
$totalmailboxesprocessed = 0
$totalmailboxesskipped = 0
# Exclude any ACLs that shouldn't be processed here if they are used for a non-standard purpose and
# we don't want FULL access mapping to happen. Seperate array values with commas
$ExcludedACLArray = "DOMAIN\ACL_ExcludedExample"
Write-Output " " >> $logfile
Write-Output " " >> $logfile
Write-Output "#----------------------------------------------------------------#" >> $logfile
Write-Output "# Mailbox Permissions Setter for Exchange #" >> $logfile
Write-Output "# v1.1 #" >> $logfile
Write-Output "#----------------------------------------------------------------#" >> $logfile
Write-Output " " >> $logfile
Write-Output " " >> $logfile
Write-output "Start time $starttime ">> $logfile
Write-Output " " >> $logfile
Write-Output " " >> $logfile
# Set preferred DCs and GCs
$preferredDC = "preferredDC.domain"
$preferredGC = "preferredGC.domain"
Write-Output " PreferredDC = $preferredDC ">> $logfile
Write-Output " PreferredGC = $preferredGC " >> $logfile
Set-ADServerSettings -PreferredGlobalCatalog $preferredGC -SetPreferredDomainControllers $preferredDC
# The first part of this will ADD permissions to the mailbox, reading from an associated ACL.
# Check for all mailboxes where the type is SHARED. These are the only ones we would
# want to apply group mailbox permissions to.
foreach ($mailbox in get-mailbox -resultsize "unlimited" | where-object {$_.RecipientTypeDetails -eq "SharedMailbox"})
$totalmailboxesprocessed = $totalmailboxesprocessed + 1
Write-Output " " >> $logfile
Write-Output " " >> $logfile
Write-Output "|-------------------------------------------------------" >> $logfile
Write-Output "| MAILBOX ADDITIONS: $mailbox " >> $logfile
Write-Output "|-------------------------------------------------------" >> $logfile
$mailbox=$mailbox.ExchangeGuid.ToString()
# For each of them, get the distribution list applied to the mailbox (Starting DOMAIN\ACL_)
# We then need it to be turned into a string to use later.
#Declared $changes as 0. if this is set to 0 at the end of the mailbox job, we know no changes were made.
$changes = 0
foreach ($distributiongroup in get-mailbox $mailbox | Get-MailboxPermission | Where-Object {$_.User -like "DOMAIN\ACL_*" })
$skipACL = 0
#Get the distribution group and put the name in a useable format
$distributiongroup=$distributiongroup.user.tostring()
Write-Output "Found ACL $distributiongroup" >> $logfile
# Check if this distribution group needs to be excluded and if it shouldn't be processed
# then move onto the next ACL. This will stop FULL access being granted if the mailbox is
# used for a non-standard purpose. See the start of this script
# for where these are excluded (ExcludedACLArray)
foreach ($ACL in $ExcludedACLArray )
if ($distributiongroup -eq $ACL)
$skipACL = 1
Write-Output "ACL $distributiongroup is excluded so skipping mailbox " >> $logfile
$totalmailboxesskipped = $totalmailboxesskipped + 1
if ($skipACL -eq 0)
# Get each user in this group and for each of them, add try to add them to full access permissions.
foreach ($user in Get-DistributionGroupMember -identity $distributiongroup)
# Get the user to try, convert to DOMAIN\USER to use shortly
$user="DOMAIN\" + $user.alias.ToString()
# Check to see if the user we have chosen from the ACL group already exists in the full access
# permissions. If they do, set $userexists to 1, if they do not, leave $userexists set to 0.
# Set $userexists to 0 as the default
$userexists = 0
foreach ($fullaccessuser in get-mailbox $mailbox | Get-MailboxPermission)
# See if the user exists in the mailbox access list.
# Change $fullaccessuser to a useable string (matching $user)
$fullaccessuser=$fullaccessuser.user.tostring()
if ($fullaccessuser -eq $user)
$userexists=1
# Break out of foreach if the user exists so we don't unnecessarily loop
break
# Now we know if the user needs to be added or not, so run code (if needed) to add
# the user to full access permissions
if ($userexists -eq 0)
Add-MailboxPermission $mailbox –user $user –accessrights "FullAccess"
Write-Output "Added $user " >> $logfile
$changes = 1
$totaladditionstomailboxes = $totaladditionstomailboxes + 1
#Now repeat for other users in the ACL
#if changes were 0, then log that no changes were made
if ($changes -eq 0)
Write-Output "No changes were made." >> $logfile
Write-Output " " >> $logfile
Write-Output " " >> $logfile
Write-Output "---------------------------------------------------------------------------------" >> $logfile
Write-Output " FINISHED ADDING PERMISSIONS" >> $logfile
Write-Output "---------------------------------------------------------------------------------" >> $logfile
Write-Output " " >> $logfile
# The second part of this will REMOVE permissions from the mailbox, reading from an associated ACL.
## Check for all mailboxes where the type is SHARED. These are the only ones we would
## want to apply group mailbox permissions to.
foreach ($mailbox in get-mailbox -resultsize "unlimited" | where-object {$_.RecipientTypeDetails -eq "SharedMailbox"})
Write-Output " " >> $logfile
Write-Output " " >> $logfile
Write-Output "|-------------------------------------------------------" >> $logfile
Write-Output "| MAILBOX REMOVALS : $mailbox " >> $logfile
Write-Output "|-------------------------------------------------------" >> $logfile
$mailbox=$mailbox.ExchangeGuid.ToString()
#Declared $changes as 0. if this is set to 0 at the end of the mailbox job, we know no changes were made.
$changes = 0
# For the current mailbox, get a list of all users with FULLACCESS, and then for each of them
# check if they exist in the ACL
foreach ($fullaccessuser in get-mailbox $mailbox | Get-MailboxPermission | Where-Object {$_.Accessrights -like "FullAccess" })
# Get the security identifier (SSID) of the FULLACCESS user to store for later.
$fullaccessuserSSID=$fullaccessuser.user.SecurityIdentifier.ToString()
$fullaccessuser=$fullaccessuser.User.ToString()
#If user needs to be excluded then skip this bit
#Users added or removed will only start with 07 (07$, 07T, so only run if the user starts with this.
#This stops it trying to remove NT AUTHORITY\SELF and other System entries
if ($fullaccessuser -like "DOMAIN\07*")
# Set $userexists to be 0. if we find the use user needs to remain, then change it to 1.
$userexists=0
# Check if this user exists in the ACL, if not, remove.
foreach ($distributiongroup in get-mailbox $mailbox | Get-MailboxPermission | Where-Object {$_.User -like "DOMAIN\ACL_*" })
$distributiongroup=$distributiongroup.user.tostring()
#Write-Output "Found associated distribution group $distributiongroup" >> $logfile
# Get each user in this group and for each of them, See if it matches the user in the mailbox.
foreach ($user in Get-DistributionGroupMember -identity $distributiongroup)
# Get the user to try, convert to DOMAIN\USER to use shortly
$userguid = $user.Guid.ToString()
$user="DOMAIN\" + $user.alias.ToString()
if ($fullaccessuser -eq $user)
$userexists=1
#we have found the user exists so no need to continue
break
# If userexists = 0, then they are NOT in the ACL, and should be removed from
# the full access permissions. Run the code to remove them from full access.
#CONVERT FULLACCESSUSER TO GUID AND REMOVE $FULLACCESSUSERGUID NOT $USERGUID
if ($userexists -eq 0)
Remove-MailboxPermission -Identity $mailbox –user $fullaccessuserSSID –accessrights "FullAccess" -Confirm:$false
Write-Output "Removed $fullaccessuser " >> $logfile
$changes = 1
$totalremovalsfrommailboxes = $totalremovalsfrommailboxes + 1
# if changes = 0, no changes were made to this mailbox, so log this fact.
if ($changes -eq 0)
Write-Output "No changes were made." >> $logfile
#Put the time in a displayable format
$endtime = Get-Date
$runtime = $endtime - $starttime
$runtime = $runtime.ToString()
$runtime1 = $runtime.split(".")
$totaltime = $runtime1[0]
Write-Output " " >> $logfile
Write-Output " " >> $logfile
Write-Output "|-------------------------------------------------------------------------------------- " >> $logfile
Write-Output "| SCRIPT COMPLETE : STATS " >> $logfile
Write-Output "|-------------------------------------------------------------------------------------- " >> $logfile
Write-Output "| Total Mailboxes Processed : $totalmailboxesprocessed " >> $logfile
Write-Output "| Total Additions : $totaladditionstomailboxes " >> $logfile
Write-Output "| Total Removals : $totalremovalsfrommailboxes " >> $logfile
Write-Output "| Total Mailboxes Skipped due to ACL : $totalmailboxesskipped " >> $logfile
Write-output "| Start time : $starttime ">> $logfile
Write-output "| End time : $endtime ">> $logfile
Write-Output "| **END OF RUN** - Elapsed time : $totaltime " >> $logfile
Write-Output "|---------------------------------------------------------------------------------------" >> $logfile
Write-Output " " >> $logfile -
Using domain security groups in exchange security groups for Office 365
Hi
Is there a way to use O365 domain security groups in O365 exchange security groups. This can be done between O365 domain security groups and O365 SharePoint groups.
BR // IlleSorry I missed your reply.
I don't believe there is a way to do this yet, security groups used within exchange need to be mail-enabled security groups, these can't then be edited from the office365 portal, just the Exchange administrative centre portal.
It looks like you currently still need to keep these separate.
If you use DirSync and sync from your own domain then it is possible, since you manage the groups from your AD rather than Offfice365, but currently just in o365 there doesn't appear to be a way to do this.
Regards,
Denis Cooper
MCITP EA - MCT
Help keep the forums tidy, if this has helped please mark it as an answer
Blog: http://www.windows-support.co.uk
Twitter: LinkedIn: -
Is there a way to add images to the collection used in Photomerge Style Match?
When one uses the menu: Enhance->Photomerge® Style Match, there will be six images displayed to choose from. The path to them is (Mac):
/Application/Contents/Resources/models/ While this menu is only available in Expert mode, you end up in Guided when you choose it. I assume, therefore, that there is actually an Action or at least a script.
Simply adding an image wouldn't work, which I confirmed. Even rebuilding the MediaDatabase.db3 didn't help. But there must be more than just the simple jpeg that the app uses to perform the effect... or maybe not! ;-) All I'd like to know is if there is a way to add images to the list of choices.
Thanks!What version of photoshop elements and mac os x are you using?
Once your in the Style match screen you add images using the Green Plus button
(the screenshot is from photoshop elements 12) -
Using Document Sets when I add Default PDF the save location is wrong.
Using Document sets you can add "Default Documents" to load when you use this function. The file are stored in a separate document library, template location.
Once the user uses the function the file deploy and show in the right folder. The problem is when someone edits a PDF form from the folder and then tries to save, the default save location is back to the template location. I've lock
the document but it a pain for the user to have to thumb their way back to the right place to save.
Is this just a Adobe vs Microsoft fight?
See this:
https://support.mozilla.com/en-US/kb/Using+the+Adobe+Reader+plugin+with+Firefox -
How to trash using empty securely...It wont emty the trash after i clicked the remove all items?
How to empty trash using emtpty securely, it wont empty the trash after i clicked the remove all items? Using iMac 2011
If all else fails use Utilities> Terminal.
If there are several locked files in the Trash, you can unlock them all at the same time at the command line. Follow these steps:
Open Terminal. It's located in /Applications/Utilities.
Type:
chflags -R nouchg
Type one space (not pictured) after nouchg in the line above, so that it ends in "nouchg ". Do not press Return yet.
Type:chflags -R nouchg Type one space (not pictured) after nouchg in the line above, so that it ends in "nouchg ". Do not press Return yet.
Double-click the Trash icon in the Dock to reveal the contents of the Trash. If necessary, arrange the Finder window so that a portion of the Terminal window is still visible.
Press the Command-A key combination to select all files in the Trash.
Drag the files from the Trash to the Terminal window.
Note: This automatically enters the pathname for each file. This eliminates the need to individually empty multiple Trash directories, particularly when multiple disks or volumes are present.
Press Return. No special text message will be shown indicating that the command was successful.
Empty the Trash.
If the Trash does not empty or if you see a message in Terminal that says "usage: chflags [-R [-H | -L | -P]] flags file..." you most likely did not type the text in step 2 as indicated or did not leave a space. Repeat the steps if this happens. -
Can't add members to a collection
I'm following the how to on manual forms. I'm trying to create the collection that is used for validation. I keep getting a ORA-06550, PLS-00306 error wrong number or types of arguments in call to 'ADD_MEMEBERS'. I'm using the code below. Any help would be appreciated. Thanks, Elizabeth
declare
la_cks wwv_flow_global.vc_arr2;
begin
if apex_application.g_fcs.count > 0 then
la_cks := apex_application.g_fcs;
else
la_cks := apex_application.g_f06;
end if;
apex_collection.create_or_truncate_collection('UPDATE_LANG');
apex_collection.create_or_truncate_collection('INSERT_LANG');
for i in 1..apex_application.g_f02.count
loop
if apex_application.g_f02(i) is not null then
apex_collection.add_members(
p_collection_name => 'UPDATE_LANG',
p_001 => apex_application.g_f01(i),
p_002 => apex_application.g_f02(i),
p_003 => apex_application.g_f03(i),
p_004 => apex_application.g_f04(i),
p_005 => apex_application.g_f05(i),
p_006 => la_cks(i)
else
apex_collection.add_member(
p_collection_name => 'INSERT_LANG',
p_001 => apex_application.g_f01(i),
p_002 => apex_application.g_f02(i),
p_003 => apex_application.g_f03(i),
p_004 => apex_application.g_f04(i),
p_005 => apex_application.g_f05(i),
p_006 => la_cks(i));
end if;
end loop; end;Thanks, I thought for sure it would work. Here is the code I use to generate the report:
select apex_item.checkbox (1, ceah_people_lang_id,
'onclick="highlight_row(this,' || ROWNUM || ')"',
null,
'F1_' || LPAD (ROWNUM, 4, '0')) delete_checkbox,
apex_item.hidden(2,ceah_people_lang_id)
||
apex_item.select_list_from_query(3,language_id,'select language_name, language_id from foreign_language',null,'NO') language_id,
apex_item.hidden(4,ceah_people_id) ||
apex_item.select_list_from_query(5,proficiency,'select name, id from proficiency',null,'NO')
||apex_item.hidden (6, wwv_flow_item.md5(language_id, proficiency)) proficiency
from ceah_people_language where ceah_people_language.ceah_people_id = :P152_person_id
union all
select apex_item.checkbox
(1,
null,
'onclick="highlight_row(this,' || ROWNUM || ')"',
null,
'F1_' || LPAD (ROWNUM, 4, '0')) delete_checkbox,
apex_item.hidden(2,null) ||
apex_item.select_list_from_query(3,null,'select language_name, language_id from foreign_language',
'style="width:170px" ' ,
'YES',
'0',
'- Select Foreign Language -',
'f3_' || LPAD (9900 + ROWNUM, 4, '0'),
NULL,
'NO'
) language_id,
apex_item.hidden(4,null) ||
apex_item.select_list_from_query(5,null,'select name, id from proficiency',
'style="width:170px" ' ,
'YES',
'0',
'- Select Proficiency -',
'f5_' || LPAD (9900 + ROWNUM, 4, '0'),
NULL,
'NO'
||apex_item.hidden (6, null)
proficiency
from dual where :request = 'ADD_ROWS'
connect by level <= 2
And here is the code I use to generate the collection with your suggestive changes:
declare
la_cks wwv_flow_global.vc_arr2;
vchecked varchar2(1);
begin
if apex_application.g_fcs.count > 0 then
la_cks := apex_application.g_fcs;
else
la_cks := apex_application.g_f06;
end if;
apex_collecTion.create_or_truncate_collection('UPDATE_LANG');
apex_collecTion.create_or_truncate_collection('INSERT_LANG');
for i in 1..apex_application.g_f02.count
loop
vchecked := 'N';
if apex_application.g_f01(i) = apex_application.g_f02(i) then vchecked := 'Y';
end if;
if apex_application.g_f02(i) is not null then
apex_collection.add_member(
p_collection_name => 'UPDATE_LANG',
p_c001 => vchecked,
p_c002 => apex_application.g_f02(i),
p_c003 => apex_application.g_f03(i),
p_c004 => apex_application.g_f04(i),
p_c005 => apex_application.g_f05(i),
p_c006 => la_cks(i));
else
apex_collection.add_member(
p_collection_name => 'INSERT_LANG',
p_c001 => vchecked,
p_c002 => apex_application.g_f02(i),
p_c003 => apex_application.g_f03(i),
p_c004 => apex_application.g_f04(i),
p_c005 => apex_application.g_f05(i),
p_c006 => la_cks(i));
end if;
end loop; end;
Thanks for all of your help, Elizabeth -
Use of auxiliary class to add attributes to the schema
I need to add some attributes to the user class.
What are the pros and cons of using an auxiliary class versus adding the attributes directly to user?
Thanks,
Paolo
Paolo Tedesco - http://cern.ch/idmHi,
If you need mandatory attributes for all instances of a class (for whatever reason)
then modifying the built in class may be the way to go. However auxiliary classes are
"cleaner" in that they can be used to group related attributes together and more
flexible in that they can be dynamically (per class instance) or statically linked.
Probably the most relevant reference is:
http://msdn.microsoft.com/en-us/library/cc223213.aspx
One thing to note on that page is:
"The objectClass attribute of objects of class cl does not include the names of
statically linked auxiliary classes or the classes in their superclass chains."
So if you have applications (LDAP browsers, address books etc.) that rely on objectClass
to list attributes that might be an problem. My preference is to leave built in classes alone and modify them through auxiliaries.
Lee Flight -
Secure script to add PCs to the domain
Hello, we are currently being tasked to utilize VMWare Mirage to upgrade our remote PCs from Windows XP to Windows 7 and readd them to the domain in a secure manner over and internet/vpn connection. We are concerned with storing AD credentials on the PCs
in order to image the computers and also concerned with the script being used to join unauthorized PCs to the domain.
Is there a secure way to store the AD credentials on the images we are pushing down within a script?
Is there a way to pre-stage computer names in AD and only allow a certain username to join pre-staged PCs within AD?Hello, we are currently being tasked to utilize VMWare Mirage to upgrade our remote PCs from Windows XP to Windows 7 and readd them to the domain in a secure manner over and internet/vpn connection. We are concerned with storing AD credentials on the PCs
in order to image the computers and also concerned with the script being used to join unauthorized PCs to the domain.
Is there a secure way to store the AD credentials on the images we are pushing down within a script?
Is there a way to pre-stage computer names in AD and only allow a certain username to join pre-staged PCs within AD?
Maybe you are looking for
-
External drive not showing in fcp x but showing in finder
I have a two gig usb external hard drive formatted for Mac OS Extended, and fcp x won't show it in the Event Library, even though it is seen in the finder. I've put Logic Pro projects in there, but all I see is my other external firewire drive, 1 gi
-
Camera raw update fails in Photoshop Elements 9.0.3
Hi. Installing OEM software with a neu printer update camea raw fails. How do I fix it?
-
Error in SXMB_MONI: SAP:Code area="MAPPING" EXCEPTION_DURING_EXECUTE /SAP:C
Hi All When the Idoc is sent from ECC to XI after checking the message in the SXMB_MONI I get an error saying: <SAP:Code area="MAPPING">EXCEPTION_DURING_EXECUTE</SAP:Code> What is this error and how should I go about resolving it?
-
Any suggestions for programs that can convert mpeg1 to a format that can be edited in iMovie Version 8.0.6 (821) and/or iMovie HD Version 6.0.3 (267.2) Thanks
-
1 Sold to Party and N no. of Ship to Party "s?
Heloo , My Scenerio is like this follows - Please Provide me the solutions . Spencers Head Officer Order to me for 100 Quality of Articles and it directs 10 Branch (Outlets) to deliver . 1.But now my Question is how to map 10 different Ship to partie