Who is user 3004?

Similar Messages

• How to find who deleted user account

  Hi there,
  I need help from Security Specialists to find out who deleted user account in past in a R/3 46C system.
  I have already tried below methods and checked previous posts in this forum but no use -
  1. SUIM
  2. SM20
  3. SM21
  4. Report RSTBHIST
  5. ST03
  6. STAT
  7. SECR
  8. SM19
  Thanks in advance.

  Thanks Ben,
  I tried and got output as below -
  Clien     User     Modificati   Modifica   Changed by    PROFS
    900          304902       03.02.2007   15:11:23   107901            D
    900          304902       15.05.2007   13:39:42    AMOL            C ZRFCCPIC__
    900          304902         08.06.2007   12:28:56   AMOL            M FSTSTKCOUN  ZRFCCPIC__
  Which means user was last deleted on 03/02 by 107901 and then I recreated it on 15/05 and maintained on 08/06.
  But again today I found this user missing and thats the reason I 'm desparately looking for delete log.
  I didnt find latest deletion log anywhere.

• Who removed user from AD Universal secuirty group

  Hello , i am trying to find who removed user from universal AD group , i checked audit management policy is enabled but some how event is not getting generated or unable to find those events so please help how to find who did that job - removed the user
  from universal security group.
  And suppose if anybody is deleting and the logs should be generated on one of the local site Domain controller is that correct ? so anywhere or it can be generated on the member server. Any free third party tool who can help here .
  Thanks

  Here is another informative technet blog resource that helps to track all the changes made in active directory : http://blogs.technet.com/b/askpfeplat/archive/2012/03/05/how-to-track-the-who-what-when-and-where-of-active-directory-attribute-changes-part-i-the-case-of-the-mysteriously-modified-upn.aspx
  If you wish to audit such changes automatically, you may also consider on this automated solution (http://www.activedirectoryaudit.com/) that would be a better approach to audit all the critical changes
  into real time and get instant notification for through customized email notification.

• Oracle 9i on Windows 98: Who is user 'P08'?

  Hi there,
  I just installed Oracle Personal Edition 9.0.1.1.0 on my Win98 machine. I went with all the defaults, and told the installer to create a database for me. Everything seemed to install fine, and I wrote down the global name, SID, etc.
  I start the database via the Windows menu "Start: Programs: Oracle: Database Administration: Start Oracle9i Database". Type in the password, and everything starts fine.
  Then I go to the Oracle 9i Navigator. I see an icon that says "Local Database", so I click on it, and it says "Invalid username/password". Note: This is the first time that I have ever visited this database.
  I right click on "Local Database", and I see that this icon has a "Username: P08" and an obscured password.
  I have no idea who "PO8" is, the installer never mentioned anything about this user, I can't find any information about this user in the docs, and I have no idea what the password should be.
  I've tried the following passwords, but none of these work:
  PO8 (and p08, po8, pO8, etc).
  tiger (since that's what 'scott' uses)
  demo
  password
  test
  manager
  change_on_install
  "" (blank)
  What is the password? Who is this "PO8" user? It seems that P08 is a generic name for "Personal Oracle 8", Long postings are being truncated to ~1 kB at this time.

  (Try #2. The BBS truncated my post.)
  What is the password? Who is this "PO8" user? It seems that P08 is a generic name for "Personal Oracle 8", but I'm using 9i, and Oracle 8 has never been installed on this machine.
  And since this is a local database, I cannot change the password with an "ALTER USER P08 IDENTIFIED BY password" command in Sqlplus.
  Thanks for your help,
  -= Stefan Lasiewski

• SRM Post Installation - Webadmin and EBP users

  Hello SRM gurus,
  I am new to SDN but I am familiar with SAP Basis Administration. I have recently installed the SRM 5.0(NW04s). I configured the shopping cart link and the integrated ITS. I was asked to create userid for webadmin (who creates users through the browser). I searched through SDN but was not able to find it. Please let me know the procedure to get the webadmin and creation of EBP users. I appreciate your time and business. Thanks in advance. Waiting for your replies......
  Raj

  Hello Raj,
  1. Create webadmin user in SU01 transaction, assign SAP_BBP_STAL_ADMINISTRATOR role
  2. Go to USERS_GEN transaction and create user from existing SU01 user
  3. Go to PPOMA_BBP transaction and search the created webadmin user, Select position level and check the ROLE attributes. If no ROLE attributes are maintained, add SAP_BBP_STAL_EMPLOYEE
  4. logon to SRM with webadmin user
  Regards,
  Masa

• Exe created with Report Generation toolkit does not work for all users

  I created a exicutable with the report generation toolkit and it only works with some of my users. I use microsoft 2007 and anyone that has microsoft 2007 my exe works well. Most of my users that have microsoft 2010 are able to use my program as well. However, there is one user with 2010 and Windows 2007 that cant get my program to work.
  Any suggestions for troubleshooting this?
  Thanks

  The most likely issue is due to the fact that Microsoft changes the ActiveX object model of Office for each version of Office. The Report Generation Toolkit does a pretty good job of handling this, but it is not 100% effective. Search, for example on the "Set Cell Border" function and you will see what I mean. In these cases it's up to you to handle this issue. How you handle it really depends on your situation. For us to provide a more concrete answer you will need to provide further details, such as what toolkit function is "not working" (whatever that means), and who you "users" are. Is this an internal distribution? Are you selling this program? Is this code written for a project with a specific customer?

• Using Session Variables for User Login - sometimes they don't persist... what am I doing wrong?

  Hi all,
  I'm running a site that requires user login.  I approached the building of this site as almost a complete newb to CF (and dynamic coding in general), and it's been a great learing experience (with lots of help from you guys).
  However, I guess I never learned the correct way to handle a user login.  It seemed to me that I could just test the user-entered credentials against those stored in a database, then set a session variable containg that user's record number.  Then, not only would I have an easy way of knowing who this user was and therefore what info to serve him, but I could test for the existence of a valid login on every page in the protected folder, by adding this code to my application.cfc in that folder:
  <cfset This.Sessionmanagement=true>
  <cfset This.Sessiontimeout="#createtimespan(0,8,0,0)#">
     <cfif NOT isDefined ("session.username") or NOT isDefined ("session.password") or NOT isDefined ("session.storeID")>
       <cflocation url="../index.cfm" addtoken="no">
     </cfif>
  ...and it goes on to run a query and verify that the session.username and session.password match for the store defined by session.storeID.  If not, all session variables are cleared and it bounces you back to the login page.  When the user clicks Logout, all I do is delete all the session variables.
  This seemed to work great for like a year, but lately I've been getting reports that the login doesn't seem to persist for longer than approx. 20 minutes of inactivity.  You can see I specified session variables to remain active for 8 hours (I know that seems like a drastically long login, but it's what's necessary for this application).  I've only gotten this report from a few people, and I myself can't seem to duplicate it... I've tested an inactive login for 45 minutes now and it held.
  SO:  any reason you can think of why session variables would be spontaneously clearing for some people?  Would having your router reset its IP address invalidate the session or something?  Also, the problem seemed to begin appearing after my host upgraded all their servers to CF9... could there be any relation?
  And on a more general note... did I go about this completely the wrong way to begin with?  If so, what's the standard way to manage a login?
  Lots of questions, I know... thanks very much for any answers or suggestions!
  Joe

  Ian,
  Thanks very much - very helpful information.
  Sounds like passing the tokens in every request is probably the way to go for this.  I don't think it's likely that any users will be sharing links, unless they actually intend for the recipient to see their info anyway.
  Is that all I would have to do, is add the tokens to every path?  Would that guarantee that all the session variables would remain valid until timeout or being cleared?
  Again, thanks, you've been really helpful.
  Joe
  On Jun 23, 2010 4:37 PM, Ian Skinner &lt;[email protected]&gt; wrote:
  Unfortunately this is the nature of HTTP web applications.  There is NO state maintained from HTTP request to request.  This is by design in the HTTP protocol specifications.
  ColdFusion provides two methods to circumvent this limitation.  Each method has limitations and caveats.  They both rely on the passing of tokens between the client and the server with every request.  These tokens can be passed as cookies OR URL (GET) variables.  You are using the cookie method, which is the simpler and most common. You may be experiencing the limitation of this method.  If something happens to the cookies the session can be lost.
  You could pass the (CFID &amp; CFTOKEN) OR JESSIONID tokens through the URL query string with every request.  This requires one to add these values to every link, form action, cflocation or other request path in our application.  ColdFusion provides the session.urltoken variable to make this easier to do.  The tokens will be visible to the user.  Also if the links with an individual token is share with other users, via e-mail, chat, social networks, etc and one of these users utilize the link during the life of a session (8 hours apparently in your case).  Then that user will access the session of the original user.
  Cookie session management is by far the most common choice by CF developers.  If these methods do not meet your needs you would need to go beyond the HTTP limitations of web applications.  One might be able to accomplish this with a Flex|Air|Flash applications that can be configured to use a continuous connection to the server.  Thus not suffer the stateless nature of the normal HTTP request-response cycle.
  I do not know if a router resetting would cause cookies to be discarded or otherwise invalidated.  But I would not think it is beyond the relm of possibilities.

• Is it possible to identify the user?

  Hi,
  I know that I can check identity.name to see who the user is. But it seems that this property is only available during console, batch, menu and app initialization events.
  I have a date that is supposed to auto fill if it is blank. I want it to work on every machine except one, and I want the form to identify the user and if that user is a specific user, the date doesn't auto populate.
  If the identity object won't work, can anyone think of another way?
  Thanks.

  As documented in Adobe's Acrobat JavaScripting Manual, there are security restrictions with respect to the "identity" object. Those restrictions prevent one from directly accessing the "identity" object from a form field. You can access the properties from a folder level JavaScript. The following script when placed in Acrobat's application JavaScript folder will create and initialize application level variables that be accessed by any PDF opened by Acrobat:
  // Folder level script to create an application level variables for the "identity" objects properties
  var Identity = new Array();
  Identity.Corporation = identity.corporation;
  Identity.Email = identity.email;
  Identity.LoginName = identity.loginName;
  Identity.LoginName = identity.loginName;
  Identity.Name = identity.name;
  One can then add the following document level or field level javaScript to initialize fields within the PDF to the value of the application level variables:
  this.getField("loginName").value = Identity.LoginName;
  this.getField("name").value = Identity.Name;
  this.getField("by").value = "By: ";
  this.getField("by").value += Identity.Name;
  With version 7.0 or above, you can use a trusted function located as a document level script to retrieve the information:
  trustedIdentity = app.trustedFunction( function (sProperty) {
  var iProperty = "";
  app.beginPriv(); // explicitly raise privilege
  iProperty = identity[sProperty];
  app.endPriv();
  return iProperty;
  One can then add the following document level or field level javaScript to initialize fields within the PDF to the value of the application level variables:
  this.getField("loginName").value = trustedIdentity("loginName");
  this.getField("name").value = trustedIdentity("name");
  this.getField("by").value = "By: ";
  this.getField("by").value += trustedIdentity("name");

• How to get user 'logged in' to ironport web filter without launching IE

  We have an issue with some employees who use third party programs that traverse the Internet.  These programs are 100% allowed by the organization as they are required for day to day business.  Some programs go over the Internet to communicate for certain reasons, such as a live chat help support, or ordering products, etc..
  The problem is that some of these users log in and never even touch Internet Explorer for awhile.  They will go on and start working right away.  Well if they don't try to access an Internet site via IE, then the Ironport does not 'log them in', and they are known as unauthenticated.  Of course this doesn't happen with everyone.  There's nothing wrong with people coming in a little early and checking the local news online.
  We were thinking up if it's possible to have each user 'touch' the ironport web filter in some way during a logon script, unbeknown to the end user, so that they are 'signed in' and whatever Internet connected application they launch has access through to the Internet.  Right now they need to at least launch IE and go to some site (say Google or MSN) and via NTLM credentials transparently passed through IE7, 8 or 9, they can simply close the page and go about their business.  Note: they MUST go to an external site.... not an internally hosted one (such as our Intranet, time clock or HR self service pages).
  So is there any commands we can put in via kix or bat or something that will say "Hey Ironport, %username% just logged in at 10.x.x.x".  Then maybe to make it more advanced, a logoff script that says "Hey Ironport, %username% just logged OFF of 10.x.x.x".  This way when our hourly timeout happens, they aren't immediately booted from their Internet applications (if they don't keep an IE window open that is).
  Right now our ASA Firewall uses WCCP to forward port 80 to the ironport web filter.  The Ironport is a transparent proxy.
  Thanks!

  So it looks like you are moving the authentication from the Ironport S160 to the ASA5500 series firewall?
  I guess we are looking at something simpler, like a way to 'touch' the internet and pass NTLM credentials, because then the Ironport knows who the user is.
  If the user does not 'touch' the internet with IE, and say they use some other program that does not pass NTLM credentials (say Firefox or live chat program, or an ftp program, etc...) They are likely to be blocked, because the Ironport doesn't know who they are.
  Your link seems to lead to a complicated setup for something that seems so simple.  I'm not sure how that relates to an Ironport S160.. it seems to focus on the ASA5500. Also we want it to be completely 100% transparent to the end user.
  This is how it worked with a Barracuda web filter appliance...
  A DCAgent program sat on each domain controller. As users logged in or out of the domain, this agent passed this current activity to the Barracuda web filter appliance.
  The Barracuda appliance knew exactly who was logged in because of this little program on the domain controller(s) that kept it updated. Based on this, policies could be assigned based on Active Directory group memberships. ie) HR and Marketing can access Facebook, while others cannot.
  I guess I'm looking for similar functionality with the Ironport S160. If there's any way the domain controller, or even the client PC can say "Hey Ironport, %username% is logged on here at %ip_address%". That way the Ironport would know who they are, and there would be no unnecessary authentication boxes (besides the user logging into the windows domain). They could use internet connected apps that do not pass NTLM authentication. I guess the client PC or the domain controller would also have to tell the IronPort when they signed off, just so we don't have to deal with authentication timeouts. This way, say they are in our internet chat help program... after an hour, it will cut out and disconnect them - because the IronPort forgets who they are (unless they are actively using the internet with IE).
  So for now, we just use the bypass option for the affected internet services.  The default browser is IE, so the reality is that we are not suffering any tremendous inconvienence.  It's just that we want to ensure we have the best robust solution, and we can handle these types of situations with programs other than IE accessing internet resources.

• Disables AD User account in OIM 9.1 still user can access its account

  The following issue is happing on OIM Version: 9.1.0.1866.25
  When disabling a single AD resource, it will appear on IdM in status as Disabled, even though it remains accessible by the user. No change of password occurs.
  Where should I check and how can I fix that.
  Kind Regards,
  Silviu

  What task is attached to Disable of user? Ideally we have an adapter attached to disable user who disables user in target AD system when fired. Login to design console, open you process definition and open disable user task to see what adapter is attached.
  regards,
  GP
  Edited by: Gyanprakash Pandey on Feb 2, 2012 4:33 AM

• Is there a way for users to add products in the front-end using a Web-App?

  I am racking my brains trying to figure out a way to let users add products to the front-end on their own.
  I am building a site for a client who needs users to be able to create there own storefront, kind of like ebay. Here is exactly the functionality I want: Supplier Frontend Products Upload - Magento Connect
  There HAS to be a way to do this with a web app even if it means writing in some code...can anyone suggest a way to do this?

  In short, out of box no, but is possible.
  Solution 1: Hosted on BC, external interface that interfaces with BC API, requires external hosted server.
  Solution 2: Wait until v3 of the API comes out... no timeline from Adobe given. This would remove the need for the external API server.
  Can do both solutions for you but solution 2 wont work until adobe allows it.

• What is the Advantage of creation of user group through SUGR?

  Hello Masters,
  As per audit requirement I have maintained user groups for different sets of users through SUGR, but I am not getting except differenciating users (based on group), is there any other advantage? Can we assign role to a user group instead of assigning to list of users  or can we do any mass changes to an user group by giving only user group name.
  Regards,
  Nilutpal.

  Dear Neels,
  Apart from maintaining user group for Differnciation purpose you can also take the advantage on the following sectors:
  1. Follow the http://help.sap.com/saphelp_nw04/helpdata/en/ce/17533e5ff4d064e10000000a114084/content.htm link . From this you will come to know the use of user group in the authorisation area.
  2. User Groups also allow segregation of user maintenance, this is especially useful in a large organisation as you can control who your user admin team can maintain - an example would be giving a team leader the authority to change passwords for users in their team. 
  3. The authorization user group is used in conjunction with S_USER_GROUP authorization object. It allows to create security management authorization by user group. e.g. you can have a local security administrator only able to manage users in his groups, Help-Desk to reset password for all users except users in group SUPER, etc... 
  In case any issue, please feel free to reply.
  Regards,
  Nilutpal.

• Business users select whom to route dynamically

  Hi,
  Can BPM help in the following scenario:
  1.Bussiness users assign to who all(which users) from the roles in the next step (BPM model step)will the task be assigned.
  2.Suppose there is a select box in which bussiness users selects user to whom in the next step the job is assigned.

  Hi,
  This can be done by modifying the UI for the Business user so that they can view who all user are there in a particular role and can select the user and assign the work item to selected participant.
  Steps to follow:
  1) Make column called Assigned To: and add a component called list box/drop down list box where you need to fetch the participant w.r.t a particular role
  Note: make sure that only the business user can view this new column put some validation logic
  for each person in Fuego.Lib.Role(roleName : <Parametric Role>, parameter : <parameter to Parametric Role if present>).participants do
       if person.enabled then
            for each element in person.roles do
                 logMessage "participant id and Name: " + element.name     + "Id: " + element.id
                 //add the participant id/name into a list
            end
       end
  end     
  Iterate the list and display into your combo box drop down list - in jsp/BPM presentation
  2) When the business user select the user/participant and submit the work item should be assigned to the selected participant.
  Participant.next = “<Selected_Participant_Id>”;
  Hope the above will help you
  Bibhu

• BEx Analyzer : missing Selection screen for NON- SAP_ALL User

  we have upgrade our BW from 3.1 to BI 7.0. Now we are testing and detect that Queries which are started by User who has user specific roles (not SAP_ALL like we as developer) this Selection Screen is missing. This leads to a complete selection of all data of the cube and this leads to very long runtime or auto logout.
  What is wrong in our configuration?
  Has anybody made the same experience ?
  Thank You, Frank HInzmann
  Schindler Informatik Ebikon (Switzerland)

  Frank,
  Any chance that somehow that user has set personalisation on all the variable values?
  Regards
  Gill

• Remove GrantSendOnBehalfTo disabled user accounts - A novice at scripting

  Hello.  Can anyone help please
  In our exchange 2010 environment we have users who are granted send on behalf to access.  Obviously some users leave and I m finding that there are ghosts left behind which are causing issues with our team who add users into the grantsendonbehalfto
  option using the EMC.  Using the log view we coy out the command and then remove the disabled user from the command and then paste this into an Exchange Powershell command line.  This wrks because it is doing what Exchange EMC does which is rewrites
  the -GrantSendOnBehalfTo option in it new entirety.  
  The problem occurs because I need to remove these en-mass from approx 700 plus accounts.  
  I have tried to modify one user in order to get the script to work but it doesn't.
  This is the error message that happens when I run the script below against a known account with at least 2 disabled users in:-
  Couldn't find object "xxxxxxxx.xx.xxxxxxx.xxx.xx/DisabledUsers/2013-08/Gaynor Collins-Punter". Please make sure that i
   was spelled correctly or specify a different object. Reason: The recipient xxxxxxxx.xx.xxxxxxx.xxx.xx/DisabledUsers/2
  13-08/Gaynor Collins-Punter isn't the expected type.
      + CategoryInfo          : NotSpecified: (:) [], ManagementObjectNotFoundException
      + FullyQualifiedErrorId : F6498844
      + PSComputerName        : ex02-0029.xx.xxxxxxx.xxx.xx
  Am running the script from my local PC
  This is the script I have used.
  # Gather info use get-mailbox -resultsize unlimited$mailboxes = Get-Mailbox zplew1
  Foreach($mailbox in $mailboxes)
  for($i = ($mailbox.GrantSendOnBehalfTo.count)-1; $i -ge 0; $i--)
  $address=$mailbox.GrantSendOnBehalfTo[$i]
  $addressString=$address.addressString
  If($addressString -like "*disabled*")
  $mailbox.GrantSendOnBehalfTo.removeat($i)
  $info >> "C:\Scripts\grantsendonbehalfto.csv"
  $mailbox |set-mailbox -GrantSendOnBehalfTo $mailbox.grantsendonbehalfto
  }If you requiere any more info please let me know.

  #1 - I recommend posting in xchange forum fo rhow to do this
  #2 - Wen an account is disabled most on the information in the object is hidden.  YOu would need to undelete to use the object.
  #3 - Get list as text and validaye al values are not deleted accounts.  Remove deleted and save back.
  ¯\_(ツ)_/¯