Allowing only certain users (or groups) make profile changes

Similar Questions

• Allow only certain users to use the Security Server

  Hi all

  I'm looking at a way to allow users to work from home using a security server (works like a charm) BUT I don't want all my users can connect at home. This is the default behavior.

  Tags are an option, but it requires me to create a separate pool for users, who use desktop clone thin even as an "ordinary" users

  Is there a way to activate this feature (because it works in vpn etc.)?

  You can enable VPN for those users only. the other way is if you have the RSA in your environment, you can enable these people in a pool that would have required RSA authentication...  http://communities.VMware.com/thread/306690?TSTART=0

• How can I limit access (within my home group) for only certain user accounts on my 'portable' computer to view certain user accounts on my "desktop pc"?

  Hello

  I created a homegroup, in which my "Desktop PC" and "Notebook" are members. I have 4 user accounts on my desktop PC and 3 user accounts on my laptop. I wish that only certain user accounts on my laptop and desktop PC in order to access some user accounts on the other machine. I.e. "Sally" account user on my laptop only access account user 'Sally' on my desktop PC and vice versa. Rather than user account 'Sally' on laptop or desktop PC being able to access 'Martin' account on laptop or desktop PC.

  In other words, I wish that every Member of the family must be able to connect to my laptop or my desktop PC and access their files that are stored on the desktop originally.

  Can you help me?

  Thank you.

  Hello

  It seems that you want to restrict access to certain user accounts in the homegroup.

  I will definitely help you with this.

  I suggest you to refer to the advice given by David. F 24 August 2012 and check if it helps.

  http://answers.Microsoft.com/en-us/Windows/Forum/Windows_7-security/HomeGroup-how-to-identify-different-users-and/a0e41608-5691-43D0-8FB0-1a677690edef?msgId=c4104da0-64F5-42AD-8bb2-8734fcfd3962

  For more information, visit the following link.

  Homegroup: frequently asked questions

  http://Windows.Microsoft.com/is-is/Windows7/HomeGroup-frequently-asked-questions

  It will be useful. If you have any other questions, feel free to let us know. We will be happy to help you.

  Thank you.

• SSO allows only local users of OS and not?

  We are small: 3 guests with about 40 virtual machines.  I only need a server to do all my stuff vcenter, and that's how I ran through 4.1.

  I intend to do a simple install, during the upgrade to 5.1.  I'd do it rather _not_ deal with Single Sign-On Donostiarra, adding and according to my Active Directory if I can help it.  Reading of the vSphere vCenter Server 5.1 Upgrade Guide ESXi, around 30-31 pages, it appears I can indeed just use SSO with local users and not need to discover AD at all.  Here again, it is not exactly clear to me.

  Here's what he said:

  Page 30-31

  How vCenter Single Sign-On affects vCenter Server upgrades:

  When you upgrade to vCenter Server 5.1, the upgrade process installs vCenter Single Sign On first, then upgrades vCenter Server...

  In vCenter Server 5.1, so vCenter Single Sign-On is... on a computer that is joined to an Active Directory domain, Single Sign-On will automatically discover the existing Active Directory domain and add it as a source of identity for the process of installing Single Sign-On. If the Single Sign-On is not running on a virtual machine or physical machine that is in the same domain as Active Directory, you must use the vSphere Web Client to connect to vCenter Server and add the Active Directory domain to single SignOn.

  If you install vCenter Single Sign-On and vCenter Server on the same physical or virtual computer, Single Sign-On recognizes existing users of local operating system. After the upgrade, you can connect to vCenter Server with a local operating system user ID.

  In vCenter Server 5.1, the term ' OS local users "refers to users the machine host Single Sign-On instead of the host to vCenter Server or virtual machine. After the upgrade, so no super Admin does (the administrative user or group for the root folder), you must provide a valid user or group as a super administrator during installation.

  So I can just be local admin user on my server vCenter Server, install the SSO, then the rest and make?  No need to attach the AD?

  PS: my current vCenter 4.1 server is indeed a member of our AD (Windows Server 2008), but it's mostly just do WSUS and others.  I do not AD require otherwise.

  TL; Dr: Yes your assumption is correct, local users are working with SSO, it is not necessary for users of the AD.

  long version:

  I would still install it as a domain user, if Autodiscover fails, don't bother on this subject. As long as you use install Simple (I rather advise you to install the components one after the other) or install SSO in basic Mode, you will be able to use your local users.

  If you ever decide you need users AD they can always be added at a later stage.

  If you install SSO without using Simple install do not forget to install basic as Multisite mode and Mode HA do not support the local system users.

• Responsibility to allow only for user password resets (for personal help from the front desk)

  Hi all
  
  Someone managed to create a responsibility to allow only the password resets? The idea is to assign this responsibility to our office staff help password reset requests. They will not have the opportunity to do anything outside of search for users, and then reset the password. This would allow a large number of the number of tickets to be processed directly by our help desk staff.
  
  Any information would be greatly appreciated.

  Hello

  Create a custom liability (similar to the system administrator), which only has the (security > user > set) screen.

  Why don't you use reset them password 'features' "that comes with the application? See (Note: 399766,1 - FAQ of the Reset password feature) and (Note: 763352.1 - how to set "password forgotten"to work without treatment in 11i?) For more details.

  Kind regards
  Hussein

• Allow only authenticated users to access the internet

  Hi guys.

  I have a 5510 ASA with IOS 8.4. I want that only authenticated active directory of users can get through the firewall.

  I don't have any idea how to resolve this.

  Can someone give me a hint?

  WBR

  Robert Fenz

  Robert,

  You can also take a look at the ASA next feature:

  PIX / ASA: Passage of the Proxy for access network using GANYMEDE + and RADIUS Server Configuration Example

  http://www.Cisco.com/en/us/partner/products/HW/vpndevc/ps2030/products_configuration_example09186a00807349e7.shtml

  The foregoing applies only if you have a GANYMEDE + or RADIUS of a backend if authentication server server.

  Kind regards.

• Allow only specific users based on the list of users in a table

  We have a situation where we allow specific users that are stored in a table.
  

  create table ALLOW_USERS (username varchar2(30) );
  
  CREATE OR REPLACE TRIGGER USERS_TRIGGER
     AFTER LOGON
     ON DATABASE
  DECLARE
  BEGIN
    IF DBMS_STANDARD.LOGIN_USER NOT IN (SELECT USERNAME FROM ALLOW_USERS)
  
           THEN
                 RAISE_APPLICATION_ERROR (-20001, 'Unauthorized login');
         END IF;
  END;
  /
  
  Warning: Trigger created with compilation errors.
  
  SQL> show error
  Errors for TRIGGER USERS_TRIGGER:
  
  LINE/COL ERROR
  -------- -----------------------------------------------------------------
  3/3      PL/SQL: Statement ignored
  3/38     PLS-00405: subquery not allowed in this context

  How to use the subquery above the trigger? or is there a better way to achieve required results.
  
  -Thank you

  I'm surpised nobody reported to functions attribute Event for customer event triggers and ora_login_user in particular:

  CREATE OR REPLACE
    TRIGGER NOT_SYS.RESTRICTED_USERS_TRIG
      AFTER LOGON
      ON DATABASE
      DECLARE
          v_cnt NUMBER;
      BEGIN
          SELECT  COUNT(*)
            INTO  v_cnt
            FROM  not_system.ALLOW_RESTRICTED_USERS
            WHERE username = ora_login_user;
          IF v_cnt = 0
            THEN
              RAISE_APPLICATION_ERROR(-20001,'Unauthorized login');
          END IF;
  END;
  / 
  

  SY.

  Published by: Solomon Yakobson on June 3, 2013 15:43

• (new script) Allow only certain styles of paragraph break to next page/column

  Hi all

  As stated, I am very new to scripting. I did a few small scripts to automate the tasks of Photoshop and others. I'm trying to learn as much as possible, with the hope to achieve greater efficiency of our small production of Javascript. It is a daunting task, but I try my darnedest only.

  One of the objectives of the number one I's find a way to automate the pagination of records of weekly operations. These documents flow between 32 to 48 pages, with each page having 5 columns. Creating these pages is very systematic, so it would seem that this process should be able to automate, but there are challenges that I have bad to think about how to attack.

  One of the main tasks that need to be understood is to get reviews to go inside with the positions and subheadings always starting from the top of a page or column. Almost every copy comes in predetermined paragraph styles, so a script should easily be able to search for instances of each model. What to eb done is only allowing the flow of copy to break in some styles and not others... (counties, cities, etc.)

  For example: If you have the following...

  ----------------------

  Countyland < style 'County' >

  Utopiatown < style 'city' >

  46 Appletree Lane... $500,000 < ' list' of style >

  Sold by: Some Guy < ' list' of style >

  Purchased by: Guy other < ' list' of style >

  Mortgage: This bank < ' list' of style >

  Date: 14/12/11 < ' list' of style >

  Village of dystopia < style 'city' >

  47 route Orangeplant... $400,000 < ' list' of style >

  Sold by: Some Guy < ' list' of style >

  Purchased by: Guy other < ' list' of style >

  Mortgage: This bank < ' list' of style >

  Date: 14/12/11 < ' list' of style >

  ----------------------

  If the two recordings above would fall near the end of a column, the breaking of the next column should NOT happen anywhere except:

  -Before the County (causing the count to start at the top of the next column

  -Before the second city (Village of Dystopia, forcing the city to the top of the next column)

  -After the two (forcing some City/County is next to go at the top of the next column)

  So basically, I need to find a column breaks to PREVENT in a way where they should not occur. Inserting column breaks is one thing (I know not how to do this). Prevention is the issue, but that confuses me.

  Does anyone have any ideas of how to do such a thing? I know there a of the characters 'space nonbreaking'... is there or is there some sort of character "back breaking"? Or would it be possible to test for the paragraph at the bottom of the columns style and insert column breaks once he finds a suitable match?

  Am I going about this all wrong?

  Once again, any help or suggestions are more than welcome.

  Thank you very much.

  ~ Nate

  FYI... using InDesign cs5.5

  I don't know that you mean what version of InDesign you have. But if

  Is CS5 or CS5.5 you also a checkbox 'keep with the previous.

  If you could get all your styles 'normal listing' to 'keep up with.

  previous"and the initial styles to"keep with next", and I think that

  should do the trick.

  Ariel

• How do I give users access to the addition of other users and groups in weblogic * without * giving administrator rights

  Hello

  Before opening a SR Oracle for the same problem, just wanted to put it out there to see if we can provide a non administrator user access to the Weblogic administration Console so that it can log and ONLY add users and groups, but not change any setting in the administration console. We offer a personalized access? All grain specific to be accessible?

  Please don't give me the links where it says "give read-only access", giving "monitor."

  read only user cannot add new users/groups in the administration console. The administrator credentials can be provided to that user. It just has to be able to connect, go to security domains > myrealm and add new users and groups. nothing else.

  Please let me know.

  Thank you

  Dan

  Thanks Christian.

• Way to do so only certain people can call groups

  I was wondering if there was a way to make sure only certain people/roles can call a moderate group of Skype. Thank you

  I thought about it

• How to create user defined groups and users with custom permissions as only open and export in obiee 11 g?

  Hello

  I want to give as open & export to the level of permissions.

  How to create user defined groups and users with custom permissions as only open and export in obiee 11 g?

  For example, if the group permissions, inturn should reflect on the users.

  Please help me.

  Thanks in advance,

  A.Kavya.

  Your question is quite broad and fuzzy then I suggest the security catalog presentation to read documentation: http://docs.oracle.com/middleware/1221/biee/BIESC/mgrgrpsusers.htm#CIHIBJGD

  And I think that you mix you two things which are managed in different places:

  ) an object as read access permissions, write, delete... which control you through the object "Permissions" dialog box

  

  

  (b) functional privileges controlled through "Manage privileges" under "Administration".

  

• How to allow connect to user only from specified ip addresses?

  Hello.
  How to allow connect to user only from specified ip addresses?
  For example,.
  User1 can connect only from 192.168.1.10
  User2 can only connect from 192.168.1.11
  and etc...
  Thank you.

  Web says:

  CREATE OR REPLACE TRIGGER "A1_AFTER_LOGON" AFTER LOGON ON DATABASE BEGIN
  IF UPPER(SYS_CONTEXT('USERENV','IP_ADDRESS')) <> '192.168.1.10' THEN
  
  HOW TO FORBID ACCESS ????
  
  END IF;
  END;
  ALTER TRIGGER "A1_AFTER_LOGON" ENABLE
  

  How to deny access?

  Check the blog post that I've provided above

  RAISE_APPLICATION_ERROR(-20000, 'You don't have permission to login!');
  

• Only local users appear in the list of connection

  I installed recently to El Capitan on an iMac and have problems with the users network connection settings. The server is running the Mavericks with OS X Server 3

  The first problem is the login screen. If the value to the list only displays the users created locally on the iMac. It doesn't even have the option 'other '.  If I change to display the username and password I can connect to the network no problem accounts, but this is not what I want.

  File Vault is not lit. The parameters are almost all by default. It's one clean and installation other than the connection to the server and allowing the connection of the network user, I made no changes before my first attempt.

  Since then, I created other local and users made changes to the connection options for the test but nothing else.

  The profile on the Server Manager is configured to display the 'other' and a list of users on the network (I changed a couple of times for the test settings, but nothing changes).

  It may be unrelated, but I found that the other changes in the Profile Manager appear to have no effect. For example, I did one of the users of the network, a mobile account, but he is not ready you as mobile on the iMac.

  Can someone give me tips on where to find the next?

  Is there a reason that you use Server3?

• How can I remove comments from the users and groups

  I have my in my users and groups in the system preferences a user snd invited another user

  How can I remove them

  Go to Preferences system-> users and groups, and then press the lock to allow you to change the settings. Then choose 'user comments' in the sidebar and uncheck "Allow clients to connect to this computer". This will not make this option disappear, but after that you will not be able to use the Guest user.

  «Respect for the other user, simply choose it in the sidebar and press on the '-' button.» Make sure that no one uses this user.

• ACL to allow only FTP - various issues

  Asked me to develop a way to connect a server of the company not to one of my closet of 5509 running several VLANS over a couple of floors on my building. The 5509 has no RSM and is connected to the big 3 layer switch... 6509.

  I was told that I have to do the "secure" connection This server will make file xfer (probably ftp)

  Even if we have a firewall... the decision was taken to put the server in own vlan... say vlan 201 and hard give it an ip address of 10.4.201.11

  I learned to develop an ACL that will allow only ftp traffic.

  Here's my plan

  create a vlan 201 on the 6500 and 5509 and assign a 5509 port to it for the server

  I think the application the following ACL to my interface vlan 201 on the 6509.

  access-list 100 permit tcp 10.4.201.11 0.0.0.0 no matter what 20 eq

  access-list 100 permit tcp 10.4.201.11 0.0.0.0 no matter what eq 21

  access-list 100 deny ip any one

  On the 6509 applying the ACL

  IP access-group 100 to

  I have a few questions

  1. If I have the ports 20 and 21 licence cover me for ftp traffic?

  2. by encoding 0.0.0.0 in the acl that forces ip address of 10.4.201.11 to match or through it now?

  3. as far as I know deny it a whole will kill anything else

  4. I am concerned by a couple of other things... I don't know that thanks should be sent back as appropriate. I also wonder if I also need to apply leaving and entering?

  5. What saddens me really, it's that I have never done an ACL before and do not want to create a situation where I block the other traffic on the 2 switches... I guess that's the advantage to do it in one vlan separate... then I hope that if something "unexpected" happens when we applied it... it would only affect that the vlan 201.

  6: last question, if we had to go back for some reason any acl... I hear that they are difficult to change once in the config... A procedure to follow to get rid of the ip access-group 100 in 1st then remove... the fact second access list statements the other way would leave only the list still in the group.

  Thanks in advance for any helpful suggestions

  Hi Lane,

  Here are a few answers (in the same order as your questions)

  1. the answer is: it depends. FTP can operate in one of two modes: active and passive. Depending on the mode, the required ports are different. The following URL has a good explanation of the difference between the two;

  http://SlackSite.com/other/FTP.html

  As the server is under your control, I think that using Active FTP should be fine. Therefore, the two server ports you need to open are tcp/21 and tcp/20.

  2. a mask of 0.0.0.0 makes the access list on every bit of the network address that is specified. So what you've got is fine.

  3. access lists have all implicit "deny all" at the end of their kind that last statement is not really necessary, but it might be good to let in readability.

  4. because you want to make sure, a combination of inbound and outbound filtering is in order.

  5. what you do on this VLAN will affect that VLAN and that only one VLAN - you don't have to worry about an impact on anything else.

  6. it's okay. Remove the statement of 'ip access-group' under the interface before doing anything to the access list real himself.

  Here's how to set up the ACL:

  access-list 101 permit tcp any gt 1023 host 10.4.201.11 eq 20

  access-list 101 permit tcp any gt 1023 host 10.4.201.11 eq 21

  access-list 101 deny an entire

  !

  access list 102 permit tcp host 10.4.201.11 eq 20 all gt 1023

  access list 102 permit tcp host 10.4.201.11 eq 21 all gt 1023

  access-list 102 refuse a whole

  !

  interface vlan201

  IP access-group 102 to

  IP access-group 101 out

  Now, the above lists will be only to let the FTP server and not much else. Your server should use the DNS for some reason any? If so, you will need to drill holes in the ACL above to allow UDP/53 through.

  Hope that help - rate pls post if it does.

  Paresh