Commissioning of Applications using security groups - by application, or several apps by group?

I was curious how most was assigning applications. Would you recommend the creation of a group by the application or by using a group for several applications. The reason that I ask is that we have a group called "Basic Thinapp" which includes standard applications for all users, such as adobe reader, mozilla, flash, quicktime and some others so that all members of Thinapp Base gets our basic fixed package of applications.

The problem is that we want to install adobe reader locally on our virtual desktops because of the slow launch time and unable to show online them PDFs with IE. We use thinreg so when Adobe Reader icon is removed from the directory of our icon and when they the logoff and log back in, Adobe leaves behind a non-working icon that useless and users would have to remove it manually if they wanted to get rid of it. This does not seem the best approach.

I know that the best way to remove the app is to remove the users outside the group, ask them to logoff and log in again for the app to disappear. However, users would lose all basic applications. We could then put back them in the Group and forced to logoff and log back in again and they would get the base once again. That seems a lot to ask of users.

Creating a group by application seems to be more directors as well as all users will need to be placed in each groups.

Is there a better way to do this?

We mainly use the Application - approach of a group, but have a few groups with multiple applications.

With your case, I would do the following:

1. create a new group and put there also: all users in your group of basic thinapp

2 rebuild the thinapp adobe so that it uses this group

3. After all users have logged off at least once from step 2, replace your thinapp with the newly rebuilt thinapp

4. now, the Adobe Reader software works on his own group, you can delete users from this group, and after their next log off / log icon should disappear, because they are no longer allowed.

The only problem is that you need the thinapp riffle proberly file, so the thinapp must be in the file system until all users are connected at least once. And with the local profiles, connected only once on each computer with a profile of them.

Andreas

Tags: VMware

Similar Questions

Block traffic using security groups.

I want to block all traffic between two virtual machines, for which I created the security in Service named composer SG-WEB group.
In the DFW, I have two simple rules:
One rule that block traffic between the SG-WEB security group and another which helps everything. But I can still ping WEB1, WEB2 and vice versa. Of the ESXi if I look in the log of the FW I see traffic is allowed for the L2.
If instead of security groups, I use subnets, everything works fine. I know I have used security groups to identify the DFW traffic, but here does not at all, is this a bug or I'm missing some configuration required to achieve this?
Thank you.

What is the status of the VMware Tools in these virtual machines?

Sync phone to PC Client/Server applications use what security group to access the files on PC Win 7

Programs of client server that connects to the computer from a phone and store data on the PC as the synchronization programs have what user ID and are able to write to the disk by security group file permissions. Users authenticated Internet Explorer, system, administrators, customer ID current user appears on the phone and must be enabled (admin) and the password entered to connect. If the customer is logged as administrator? How can there be two users with the same user id? One by the PC and the other on the phone. If the phone connects the PC as a user in this group what id permissions?

Question 2: If I agree a technician to fix it to my PC and fix it, what is it connected as? and what group permissions is using? How to protect against the connection later?

Thank you

This issue is beyond the scope of this site and must be placed on Technet or MSDN

http://social.technet.Microsoft.com/forums/en-us/home

http://social.msdn.Microsoft.com/forums/en-us/home

Error ERR - 10768 current Application ID and security group ID are not the measures
Dear all,

I had the default below code in my login page and it was running fine.

(wwv_flow_custom_auth_std). Login
P_UNAME = >: P101_USERNAME,.
P_PASSWORD = >: P101_PASSWORD,.
P_SESSION_ID = > v ('APP_SESSION').
P_FLOW_PAGE = >: APP_ID | » : 1'
);

Then I replaced the code above with the code below, and now he's in error "error ERR - 10768 Application ID and current security group ID are not constant".
I can't understand what is wrong with the code. Please correct me where I am wrong.

declare
vpage_no number 4;
Start

If: P101_USERNAME = "DEMO" then
vpage_no: = 2;
on the other
vpage_no: = 1;
end if;

(wwv_flow_custom_auth_std). Login
P_UNAME = >: P101_USERNAME,.
P_PASSWORD = >: P101_PASSWORD,.
P_SESSION_ID = > v ('APP_SESSION').
P_FLOW_PAGE = >: APP_ID | vpage_no
);
end;
Yousuf,

You did not follow the convention used in the original, try:

P_FLOW_PAGE =>: APP_ID |': ' | vpage_no
);

Scott

A security group can be used as a reviewer?

Hello
A security group can be used as a (approvingly) examiner?
Thank you

Hello

No, you can select individual users of Eloqua as examiners.

edynamic expert Eloqua

Commissioning of AD security groups

Hey all,.
I tried to use strategies to access available to users with AD security groups, but realized recently that I can not available if the account has been reconciled. Now, I'm looking to get an idea of how this could be achieved. I have additional difficulties with just a couple basic provisioning:
(1) how to do a search in the table / tolerable for a client's staff.
(2) how service groups, if the user changes his 'role' (role1-> groups: ABC;-> role2 (revokeABC, provisionDEF))
Would appreciate any thoughts/ideas!
Thank you
Philipp

The code in relation to IOM 9.x are present at the following ADDRESS:

http://blog-OIM.blogspot.in/2010/11/OIM-API-usage.html

The codes above, which you can change with 11g API and breeds write your code.

In addition, if you want to set a sequence of jobs, then you can do so using the dependent task or on success (C) the response of the task

. Please take a look at the IOM doc. http://docs.Oracle.com/CD/E14899_01/doc.9102/e14763/about.htm

~ J

Access control and security group

Hi all
I need to know about the access control and what data are suitable for the security group and roles if I have the script like this:
i. There are 2 different app namely ARA (96 branches with different types of reports) and TRACS400 (6 branches with different types of reports)
II al ' ARA, users of Branch01 can NOT check Branch02.
III. different report type is measured by Branch01 and Branch02 are different.
IV. in Branch01, there are some reports are Read (Cannot download) only and some reports are read and write (downloadable).
My questions are:
1. from the above scenario, do I need create all the 96 security group and assign it to different leadership roles?
2. How can I control read and write access, as I have tested the READ access the user is still able to download the report.
3. How can I control to branch 01, report Type A is a read and report Type B read and write access?
4. I noticed that if I use the account, the security group can be used be limited to 50 only security groups. Is this good? I may be an application later in the future. These 2 request for test only. But if I do not use the account, there are any number of security groups that can be used?
Appreciate for your help.

Hi aziela

As mentioned by the friends of the forum, it is advisable to have the minimum security group given that its impact on the scalability of the application (rule). Accounts provide the best security solution of dimension view group.

Security group corresponds to the role, role is mapped to the users. The permissions are obtained at the level of role-SG.

Accounts are mapped directly to users. So you can have a precise control at the level of the user (eliminating the abstraction of the role).

All these aspects are impacting performance where rule of thumb is mentioned in the documentation. In general, if a user belongs to many groups and accounts then it will take more time to process the request of content for this user.

w.r.t. prohibiting the read-only users so that they will not be able to download content, there is a setting, please try option mentioned in this link http://docs.oracle.com/cd/E14571_01/doc.1111/e10792/e01_interface001.htm#CACCFHHA

WRT performance calculation, see http://docs.oracle.com/cd/E14571_01/doc.1111/e10792/c03_security003.htm#CSMSP143

Hope this helps

WebLogic security groups problem

Hello
Here's the thing. I am the security configuration of a portal application that I created on JDev. First, I created a group on Weblogic, namely "SecureGroup" (duh), as well as a few users to test, "user1" and "User2" and affected users as members of the "SecureGroup".
On JDev, I created a business role, "SecureGroup" and it is mapped to an application role, also newly created, called "SecureGroupAR". It is now time to assign resources.
I created a simple workflow with a view (*.jsff) just to display a text label. This taskflow was granted the application, "SecureGroupAR" role. When I ran the taskflow application of portal was not found. As I begin troubleshooting, I checked first to the Weblogic console by going to the home page >summary of the areas of security >myrealm >users and groups >user1 > and checked the group including user1 belongs to. strangely, there was no group assigned to this user!
Knowing that I saved my changes, and when the 'Activate changes' button in the upper left pane on the console of WL (view changes and restarts), I also clicked it to save any changes, if they have not already been registered. Problem is, the group shuttle keeps emptying on each others times I restart my app portal.
Can someone tell me what is happening?
Happy and grateful.
JDeveloper 11.1.1.7
WebLogic 10.3

Problem solved. In other words:

1. on your app, whether an ADF or a portal application, you create an application role and grant the necessary resources for this role (or roles, if you have several roles/groups)

2. this application role is mapped to a business role, which is in fact the group you created on WLS.

3. of JDev, you can choose to use policies, groups, users, etc., that you have created within JDev, or to use those already defined in WLS, simply by application--> the properties of the application-->, and then choose security options NOT TO migrate groups and users of JDEV, but instead, take those that are defined on a WLS.

I hope it helps someone as beginning in the ADF security!

See you soon,.

ORA-20001: unauthorized access (package for the undefined security group variable).
I'm creating an application that uses the authentication of the APEX and characteristics (work) registration and forgot password forms (does not work).

My I forgot the password is public (requires authentication). The user provides the user name and a secret answer, which are validated and then provides the new password. I try to use htmldb_util.reset_pw to reset the password of the user, but it does not work.

I have a process on the new password page call a PL/SQL anonymous block that looks like this (see below), where username = P16_ITEM1 and P18_ITEM1 = new password.

BEGIN
apex_040000.htmldb_util.reset_pw (V ('P16_ITEM1'), V ('P18_ITEM1'));
END;

I don't know how to send a message of success/failure of such PL/SQL block to the APEX, but that's a separate issue, I guess.

In any case, during the trial through SQL Developer as the user with APEX_ADMINISTRATOR_ROLE, I get the following error:

ORA-20001: unauthorized access (package for the undefined security group variable).
ORA-06512: at "APEX_040000.WWV_FLOW_FND_USER_API", line 22
ORA-06512: at "APEX_040000.WWV_FLOW_FND_USER_API", line 1220
ORA-06512: at "APEX_040000.HTMLDB_UTIL", line 1253
ORA-06512: at line 8 level

I've searched previous discussions and tried different suggestions with no luck.

I'm on Oracle DB 11g XE and APEX 4.x.

Any help will be appreciated. Thank you

Alex.
In any case, during the trial through SQL Developer as the user with APEX_ADMINISTRATOR_ROLE, I get the following error:

ORA-20001: unauthorized access (package for the undefined security group variable).

When executing code outside the Apex which depends on the security defined Apex group, perform the following steps before your own code:
```
wwv_flow_api.set_security_group_id(apex_util.find_security_group_id('YOUR_SCHEMA_NAME'));
```
Google "wwv_flow_api.set_security_group_id" for more details, like this blog:

http://www.easyapex.com/index.php?p=502

-Morten

http://ORA-00001.blogspot.com

How to use the Group condition in the ODI mappings

Hi Experts,
I have a requirement in the customization of BI applications. Can you please someone explain how to use the LISTAGG function in odi mapping.
I applied the LISTAGGR function at the level of mapping odi, but I get error below.
Mapping of ODI: ColumnName: ENAME Expression: LISTAGG (EMP. ENAME, ",") THE GROUP (RANKING BY EMP. ENAME)
Error:
ODI-1240: Flow LIST_AGG_FUN_USAGE fails during an operation of integration. This flow of charge table target EMP_BI.
ODI-1228: task failed LIST_AGG_FUN_USAGE (integration) on the scott_db of ORACLE target connection.
Caused by: java.sql.SQLSyntaxErrorException: ORA-00937: not a function of simple-group

Oracle query:
If I used this sql query in the database the correct result is.
SELECT DEPTNO, LISTAGG (ENAME, ',') WITHIN THE EMP EMP (ENAME CONTROL) GROUP. DEPTNO;
Output:
10 CLARK, KING, MILLER
20 ADAMS, FORD, JONES, SCOTT, SMITH
30 ALLEN, JAMES, MARTIN, BLAKE, TURNER, WARD

Please give your valid solutions, thanks in advance.
Kind regards
REDA

If you try in #ODI12C then in the set of properties, you can select the column which should be used to group by.

If it's 11g so its bit complicated. Simply replace the mapping with below codes.

LISTAGG (EMP. ENAME, ",") WITHIN GROUP (ORDER BY ENAME) / * sum() * /.

Magic!

Thank you

Chantal

Security group create a problem at the EBS UM provisioning
Hi Expert,

Currently, there are four security groups in my search for Lookup.EBS.SecurityGroup. Who I had reconciled EBS system.
If I add a liability without security group or with the safety of the 'STANDARD' group, it's okay. But I'm unable to add accountability as well as of other than STANDARD security group.
Is this problem of the IOM or EBS application problem? How can I solve it?

Kind regards
louisette
Yes this is EBS application deliver nothing to do with the IOM.

When we install application EBS, STANDARD security group get configured automatically.

When we create custom security group, we need to run 2 programs in system EBS which is responsible to set up the security groups with the set of APPLICATIONS.

I don't remember the name of the task of these programs in EBS. But, ask your administrator to do so. If you have admin EBS.

Let me know the results.

Kind regards
Nayan

How to remove applications from the app store

Of all my research, I'm sure it's impossible. But what the heck... Are you are my last hope.

I have two applications tab updates in my app store account (not iTunes).

One is iPhoto (fate updated 19/03/2015); and

Domain name Analyzer (update published on 25/03/2014)

Given that I'm currently running 10.11.3, I have more iPhoto on my computer; so it cannot be updated. However, the Apple App store thinks I should always download the update. Madness. I can not download it, I can't update. What I want to do, is remove the stinking albatross. But how?

Similarly, I don't have domain name Analyzer on my iMac, but can't re - download. When I go to its description in the app store, the says "Update" button, no download. Pressing just sends me to the update page. When I try to update, it stifles upward and gives the message "domain name Analyzer failed to download. Use the shopping page to try again". Sure. I could continue to do this for hours and it won't change a thing. I sent Softnik on my dilemma, but they have ignored me until now. I doubt they have a solution.

This happened for almost a year. So how can get rid you of these two? Any suggestion will be appreciated. I understand it is easy to delete the apps from iTunes. Why can't we easily remove applications on the App Store?

If the Mac App Store has not see the apps it would not offer updates. Verify that the applications are not on a connected drive or a partition mounted.

How can I read reviews of applications on the App Store for Apple TV?

How can I read reviews of applications on the App Store for Apple TV?

It is even possible to read or write reviews of applications on Apple TV?

Access is not for the comments on Apple TV. You need to get the title in iTunes or the App Store on an iOS. Reviews of iTunes can often be found using your favorite search engine.

TT2

Cisco Unity Connection (CUC) - import LDAP user based on the security group and then assign a model

Need to CUC automatically import users and assign a certain user or role model if they are added to a specific security group. (These are the help desk users). Username admin accounts they will use to sign in CUC differs from that there windows account that is linked to their profile of voicemail.

Current - now we must import new recruits and assign the correct model

Want - when a user is added to a security group in AD, so when CUC doing his nightly sync, it automatically import user and assign a preconfigured for the account and all user model is automatic and I have never import it back these users.

At the present time the course help desk users are already imported via LDAP and have the role that was.

Suggestions?

Not something that the UCA can do out of the box.

The UCC does not offer, is to do the LDAP synchronization and once they are in CUC, to import, choose the model.

The combination of several AD ACS 4.2 security groups

Hello

Our ACS is used for AAA for the wireless, the IOS CLI access and access to the unix server. For net admins and administrators unix, there are two levels, so indeed, we have 5 groups of individual devices that a user can be granted access.

User groups are defined in Active Directory.

I am looking for a way to combine information from several AD security groups to determine what a user can access. For example, a net administrator may or may not be a unix admin as well.

Is it possible to do other than to have to have a large number of ad groups with one for each combination of authorization privileges?

Thank you

Luke

HI Luke,.

Definition of mapping of the hybrid is the best way to achieve this.

Kind regards

~ JG

Note the useful messages

10	CLARK, KING, MILLER
20	ADAMS, FORD, JONES, SCOTT, SMITH
30	ALLEN, JAMES, MARTIN, BLAKE, TURNER, WARD

Commissioning of Applications using security groups - by application, or several apps by group?

Similar Questions

Maybe you are looking for