Modification of user passwords / privileges via API

I work with the API user in a custom user Manager utility to perform all the basic operations of an admin of luminaire (create, modify, delete).

Above all, the tool is very simple, but I'm looking to see if anyone else has experienced two elements that are irking me that exist as features of the Engine.EditUserDialog () method.

When you change an existing via the existing method of TS user, you can change the password & privileges without headaches.  However when you use the raw API none of these simple tasks seem trivial.

(1) when 'I' User.Password, the chain is (naturally) scrambled to prevent casual snooping.  In my view as dialog box * anyway, so not done wrong. However, TS doesn't seem to know if it is powered by the chain on the side 'set' of the equation is already coded and based on my tests, seems to be scrambling twice if no change is made to this field.  Is it possible to implement User.Password which will _not_ force a "scramble"?  (in case I want to put the password to the value it was already?)

Normally, I would just omit the 'set' action if I didn't change the value. But because of other circumstances (see below), I don't have that luxury this time.

(2) in the API User.Privileges is a property read-only even for administrators.  Is there a work around for this for when an administrator wants to upgrade/downgrade a user access?  It seems to me that the achievable only thing to do is copy the info from the old user object, destroy it and make the new user with the correct privilege container object.  Adjust assignments of UserGroupList is pretty easy, but there is no way to modify an existing user privileges...

Curious!

Hi Elaine,.

I think you just need to modify the members of a particular group.

That you have defined a new user Joe Brown as a technician but later, you will need to change to be an operator.

All you do is remove a GroupUser technician members and add operator GroupUser members. You need not resubmit the password.

Get a reference to Engine.UserGroup ("technician")

with this reference, get a picture of the User.Members

Find out where the user is in the table and remove this item

close the reference User.Members

Get a reference to Engine.UserGroup ("operator")

with this reference, get a picture of the User.Members

Add Joe Brown at the members table.

close the reference User.Members

Joe Brown will now be an operator and you do not have to change its coordinates.

I noticed that by using the User Manager to see the changes that I could see that Joe Brown had changed groups and it has been removed from a group, but it has not been shown in the new group.saving the user changes and disconnect and connect again the changes where now seen.

Then maybe you need to validate the user to the new group.

See if that helps

Concerning

Ray Farmer

Tags: NI Software

Similar Questions

  • Retrieve the list of users of DefaultDom via API

    Hi all

    I know we get retrieve list of users to a group by using findGroupMembers(). Is it possible that I can get the list of users who are part of DefaultDom using adobe provided API?

    Requesting help because I am not able to find any useful info on this.

    Thank you.

    ServiceClientFactory myFactory = ServiceClientFactory.createInstance (connectionProps);

    DirectoryManagerServiceClient dirClient = new DirectoryManagerServiceClient (myFactory);

    PrincipalSearchFilter psf = new PrincipalSearchFilter();

    psf.setSpecificDomainName ("DefaultDom");

    psf.setPrincipalType (UMConstants.PrincipalTypes.PRINCIPALTYPE_USER);

    psf.setRetrieveOnlyActive ();

    List principalList = dirClient.findPrincipals (psf);

    Pit iterator = principalList.iterator ();

    String oid = "";

    User testUser = null;

    While (pit.hasNext ()) {}

    testUser = (User) (pit.next ());

    System.out.println (TestUser.getCommonName ());

    }

  • Name generation and automatic user password (API or other)

    Hi all


    The company seeks to implement SSHRC and I wonder if there is an API, or something else that gives users a login ID and password automatically. It is EA assets in Oracle, but they do not use the system on a regular basis (field staff). We have more than 10 k EE that would require it to be assigned to them.

    A few notes:

    We are currently on 11i, not all users have an email address specific society or the connection.

    We must add the responsibility of the ESS/MSS to each user.


    Questions-suggestions that should I be concerned about would be appreciated.

    INTELLECTUAL PROPERTY

    Hi IP.

    There is a public API for it-
    FND_USER_PKG. CreateUser

    See definition for API above TOAD or Sql developer

    To add responsibilities to users using the API-

        FND_USER_PKG.AddResp(csr.user_name -- user_name
                                        ,'PER'
                                        ,'IRC_EMP_CANDIDATE' -- iRecruitment Employee Candidate
                                        ,'STANDARD'
                                        ,'Added via API'
                                        , SYSDATE
                                        , NULL);

    See you soon,.
    Vignesh

  • Perform a search using the API of HIS without informing the user password

    Hello

    I use the example in the doc http://docs.oracle.com/cd/E10390_01/doc/search.1018/b32515/oracle/search/query/webservice/client/OracleSearchService.html. I would like to create a custom search. However, I am facing problems because the API States that I should inform the user password. In this case, how can I make the search without entering the password? Theoretically, authentication was achieved by an SSO, and if so, how could I say to the API?

    If anyone has any suggestions,

    Kind regards

    Christian

    If your application knows with certainty that the user has been successfully authenticated by an external mechanism, then you must use the "connection proxy" function to run queries on behalf of this user.

    The proxy connection relies on a secret shared between your application and the server of ITS. This behavior is implemented by the Federation of the entities of confidence in global settings. The login name of the proxy is the name of the entity, and the password is entered directly in the page trust entities or search via the plugin of the identity, if option is selected on the trusted entities page.

  • OIM 11 g R2PS2 - how to decipher the user password while calling the OIMClient API

    Hello

    I have a client application that connects to OIM 11 g R2PS2. Users connect in the client application to trigger a request for service and the client application will submit applications to the IOM.

    Connection to the end users to the client application using OAM authentication. So I need to find a mechanism to get the end-user password so that I can use the same in the OIMClient API to connect to IOM.

    If I login as XELSYSADM in the client application, is it possible that I can ask the user password and decrypt the same? I tried to use the code below, but I'm getting null pointer exception.

    RS = stmt.executeQuery ("select USR_PASSWORD from USR where upper (USR_LOGIN) ='" + id + "'");

    If (rs! = null & & RS.) Next {}

    String encPwd = rs.getString ("USR_PASSWORD");

    System.out.println ("get the DB password:" + encPwd);

    try {}

    String decryptPwd = String.valueOf (CryptoUtil.getDecryptedPassword (encPwd, null));

    tcCryptoUtil.decrypt (encPwd, "DBSecretKey");

    System.out.println ("decrypted password:" + decryptPwd);

    oimClient.login (id1, decryptPwd.toCharArray ());

    } catch (Exception e) {}

    e.printStackTrace ();

    e return;

    }

    }

    Exception:

    < 13 November 2015 12:29:01 EST > < error > < XELLERATE. ACCOUNTMANAGEMENT > < BEA-000000 > < class/method: tcDefaultDBEncryptionImpl/initKeyStore some problems: {1}

    java.lang.NullPointerException

    at com.thortech.xl.crypto.tcCryptoHelper.loadKeyStore(tcCryptoHelper.java:145)

    at com.thortech.xl.crypto.tcDefaultDBEncryptionImpl.initKeyStore(tcDefaultDBEncryptionImpl.java:67)

    at com.thortech.xl.crypto.tcDefaultDBEncryptionImpl.getCipher(tcDefaultDBEncryptionImpl.java:99)

    at com.thortech.xl.crypto.tcDefaultDBEncryptionImpl.decrypt(tcDefaultDBEncryptionImpl.java:218)

    at com.thortech.xl.crypto.tcCryptoUtil.decrypt(tcCryptoUtil.java:122)

    at com.thortech.xl.crypto.tcCryptoUtil.decrypt(tcCryptoUtil.java:200)

    at oracle.iam.platform.utils.crypto.CryptoUtil.getDecryptedPassword(CryptoUtil.java:132)

    If you want to use the client of the IOM to send the request as long as the logged on user, IE of OAM session, then you might just get the context of the session of the user so the IOM customer queries will be made in this context. There is no need to decrypt the password for the user in this scenario.

    See rest of URL of excellent example illustrating this: Oracle Fusion Middleware security: authentication IOM API without the end user password

  • Invalid user password

    As the administrator of my computer, I created a user password recently for safety because my girls using my computer and I don't want to have administrative privileges. I write my password down and created a secret hint, but my password does not work and I can't get in the guest computer.

    Thank you. I looked again in other forums and found the same answer, and it worked. Thank you for for your time.

  • Control Panel - you cannot change user access privileges

    Today visited a customer who was a profile error at startup of Windows 7 (Home Premium).

    After a lot of unexpected problems, I found that the built-in Administrator account seemed to be missing (!) but I was able to create a user base at the command prompt, by using "net use XXX / add". Tried to add this user to the Administrators group, but it does not (unfortunately, with no error message).

    When I started, I could open the Control Panel, but when I tried to change the new user (for an admin), I was invited for an admin password, but the following option to change the user's privileges did NOT appear. Using the basic account for access to the regedit failed (as you know), but he confirmed that there are a couple of profiles on the machine, which has fewer values than the other.

    The cat of the user, it turns out that the PC was a buying opportunity, and he had also been in the hands of another, who had attempted a repair (after a failed upgrade). The user doesn't have to believe that the PC had been through Windows updates in the recent past.

    Thus, the result is that there are now 2 user ID Windows on the PC, a (Administrator) who gets an error in profile and a second (standard user) that allows to perform basic operations.

    I don't check the 'Guest' Windows built-in account, but I'm sure that (from what I've seen in a few hours) that someone in the past had just set a "standard" on the box and then eventually renamed account built-in "Administrator" as the user name.

    I don't like leaving my clients with no answered questions weigh on their PC, but this one has me relatively perplexed.

    My questions are:

    -is it possible to rename (or otherwise damage) on behalf of the default Windows administrator?

    -which might explain why the control panel will not allow you to change the type of the user?

    -If the account are accessible on the PC with administrator privileges has become corrupt, is the only viable solution to proceed to re - install Windows?

    Thanks in advance...!

    -is it possible to rename (or otherwise damage) on behalf of the default Windows administrator?

    -> Why would you damage the default admin account?

    -> Rename an account is superficial. You give only the existing account, a nickname, but the name remains behind.

    -which might explain why the control panel will not allow you to change the type of the user?

    -> With the help of an ordinary user plans to promote some administrator-level accounts is against the principles of security. This would make the concept of "account administrator" without value. You need to be logged under an administrator account to perform administrative actions.

    -If the account are accessible on the PC with administrator privileges has become corrupt, is the only viable solution to proceed to re - install Windows?

    -> With a used PC, the only viable option is to perform a destructive factory restore to make the machine 'as new '. It would be dangerous to use the PC in its current state. There could be more that a dog has fleas or virus it could be hacked that will create an interesting situation when the user deals with sensitive information (Internet banking, personal correspondence).

  • User passwords do not work at the level of the application after updating of the database

    Hello

    Working on the updating of the database user passwords do not work for front end users but the same passwords work at the db level.

    We backup before refresh and restraint after the update, but if the user tries to connect to db, they receive the error invalid password/username.

    but passwords are working at the level of the DB if reset us the password then it works fine, but we cannot do this for all users of all time. can someone share the knowledge or solution for this problem.

    DB version: 11.2.0.3

    operating system: AIX

    Thank you

    892574 wrote:

    Yes, the process is correct.

    We are capture passwords user via display SYS. USER$

    I didn't see any errors in the logs I see only out put modified user.

    Thank you

    Do you mean that you update the column SPARE4 of $ USER (which is a table, not a view)? I don't think it will work, because the password is salted with a random string that will be different in the two databases. It might work if you return to the use of passwords for 10g, which are salty with the user name. See here, the 10 GB hash stored in the PASSWORD column is the same in the two databases, but the 11g in SPARE4 hash is different:

    orclz >

    orclz > conn sys/oracle@orclz as sysdba

    Connected.

    orclz > create user fred identified by Ginger;

    Created by the user.

    orclz > select password, spare4 of user$ where name = 'FRED ';

    PASSWORD

    ------------------------------------------------------------------------------------------------------

    SPARE4

    ------------------------------------------------------------------------------------------------------

    9C592D45D54D1FB2

    S:DF5BEC6914DFF48B39261EAA4DCF5746A309E50E791F6F90FBF2F33A8CD5; H:22E34131E43CC3DF07440A0DC2A45F22

    orclz > conn sys/oracle@orcla as sysdba

    Connected.

    orcla > create user fred identified by Ginger;

    Created by the user.

    orcla > select password, spare4 of user$ where name = 'FRED ';

    PASSWORD

    ------------------------------------------------------------------------------------------------------

    SPARE4

    ------------------------------------------------------------------------------------------------------

    9C592D45D54D1FB2

    S:4FE5925E671719B9CA5904C42AAD965753CAC4891C31F1BA9B9DA83D3255; H:22E34131E43CC3DF07440A0DC2A45F22

    orcla >

  • IOM "Modify resource of stocked" via api does not change the resource

    Hello!

    I'm having a problem to make requests to "Change the provisioned resources" via api.

    Demand is well created in IOM and contains all data for the modification of the resource.

    Approval of the application is done well, the status of the request is "Request completed" but then there is no change in the form of the resource.

    Does anyone have an idea why this happens?

    TKS

    Solved!

    entity.setEntityKey (OIU_KEY);

    TKS

  • XDB user + password requested

    Hi, I use Oracle 11 g and Apex 4.2.2 on a Red Hat 4.4. I have files on a server which should be available for download via a link. I did a report of the apex which shows a list of links. (Files have the permissions 664 and the directory that contains the files has 757) When I select a link it appears a dialogue authenification Hat XDB user request and pwd. What sign is it? What I have to change something to the listener?

    Hello

    Check that this ANONYMOUS user password has not expired

    Kind regards

    Jari

  • How to blur a user password in OID?

    the user passwords are hashed, but how to get this password? Are kind there?

    Version of the OID = 10.1.4.2.0 / 10.1.2.0.2

    Hashed passwords cannot be retrieved as the hash is a one-way mathematical function. You can't compare the hashes. If you have any IOM you can decipher the password or use the API does it for you.

  • AFP://user: password@server + connect as?

    Hello

    before you move on to Sierra, to connect to my NAS, under Finder-> go-> connect to server, I used to type:

    AFP://user: password@server/share_name

    with no pop-up windows ' connect as '.

    Now, after the upgrade, after the command: afp://user: password@server, a "connect as" windows appears and it's annoying.

    Someone knows how to jump this window "connect as"?

    Thank you

    Daniele

    I think it has something to do with SMB being now the default connection for Sierra. I tried the syntax shown you and replaced "afp" with "smb", but still have the screen connect as . Even when you select the server in the left pane of the Finder, I always have to make a sign in as. It is used to remember how I connected and go immediately to the actions on the server, but no more. Always have to connect as.

  • circumvention of disapproval of length - Network.http.phishy.User - password?

    I need a PC unattended to connect to a Web page with basic authentication when the PC starts (for example power restored). I used to be able to get Firefox to start with the homepage with URL (https), including the username/password. Unfortunately, in last PC Restore, I forgot to turn off the automatic updates of Firefox new version has deprecated the length - network.http.phishy.user - password so stops the PC connection with popup that is the BIG problem on PC without supervision. No work around for this nice novelty? Thank you.

    Allow us only Google threads index marked RESOLVED, so that the power is in your hands.

    (Also, I noticed some people add strange unique strings of text to their positions so that they find them more easily in the future.)

  • Satellite A100 is locked because of the fingerprint BIOS & user password

    Hi all

    I have my A100 to my work, recognition of the TouchChip fingerprint a year ago. On initial installation, I recorded my fingerprint of the windows interface.
    Six months ago I had to reinstall windows XP due to infection by the virus that is not repairable. I have installed Windows XP Home edition and downloaded all the drivers and additional software from Toshiba's site.

    I him didn't record again my fingerprints, and I have NOT activated the TouchChip software this time. My problem was only an annoying message at the time the sign that said «you have not saved your fingerprint again...» "and that's it.
    After a 2 week out of town trip (My A100 was locked in my office, and powered OFF - no connection to the sector) at first start, software TouchChip is back from the dead!

    Screen 'TouchChip Bios Extension' appeared after plugging, and my finger is required to load WXP!
    When connecting user WXP dialogue the additional message "you have not saved your fingerprint again... is always here, but I cannot start the machine without my fingerprint." After some digging later in PowerProtector (?) I found an option that says 'enable or disable the use of fingerprints for system and user password BIOS' or something like that.

    I turn this off, and the machine asked to reboot. It was the last time I saw the office.
    After reboot, the system asks password. BUT I DID NOT PUT ANY SYSTEM OR USER PASSWORD!
    Is this possible?
    I did something wrong?
    What is the solution?
    I'm locked out; I don't know why and how the BIOS is locked with a password (so I can't unlock it).
    Please someone help.

    Best regards, Georgios

    I don't know what exactly A100 computer laptop you have, but it seems that the laptop came with the Vista operating system preinstalled.

    You have installed XP and drivers XP only from the Toshiba page.
    But from my understanding, the BIOS should be updated too! The Satellite A100 series supports a special XP BIOS version. If the BIOS was not updated the laptop might not run correctly.

    I don't know if it could have a negative influence on the fingerprint, but nothing is impossible!
    However, the fact is that the BIOS asks for the password. If you don't know this, you need to remove the other... and this can be done by a service provider authorized in your country.

    Request assistance from technicians and explain the whole story! Maybe they will remove the password for free!

    Bye and good luck

  • Satellite M70-129: user password controls access to the system at boot

    Hello

    1. from Toshiba Assist (password utility) I put the supervisor with string (text boards) owner password and then I put the user with chain owner password. But during startup BIOS only prompt you for the user password and his Rosary of owner. User mode many BIOS options are disable including the HW installation option.

    2. when I click on Toshiba HWSetup, he invites supervisor password. But if I get the supervisor (not 100% sure) password, it says invalid password. I also tried to change the Toshiba supervisor password, password help utility but failed.

    3. in the meantime due to virus attack, I had to reformat my laptop with Toshiba Recovery CD, sacrifice all my data. I bought this laptop in a few months.

    4. How can I completely remove the BIOS supervisor password and user. Help, please.

    Hello Anas

    You are right. If there is no possibility to remove the password, the service partner for this but it costs a bit.

    Otherwise I put t agree with you on the common problem on Satellite models, because it is a very serious thing and I really t think Toshiba may allow something like that to happen. If it's truth can you imagine what turbulence will be on the market, or perhaps to the press. I put t really believe in this theory.

Maybe you are looking for