Read only access ACS 5.3

Similar Questions

• Read only access (to hide part of the config)

  Is there a way to allow read-only access to only part of the config.  I have clients that require read-only access, but I don't want the portions to the config.

  For any help or suggestion would be greatly appreciated.  Thank you

  If they have a connection to enable level, they will be able to see the entire configuration (absence of passwords encrypted assuming you are using the service encryption password).

  You can make more granular connections and prevent customers from, say, the ability to run arbitrary commands such as "show run". For example you could setup a given user to be alllowed to run 'show interface status' etc. NX - OS has this ability almost "cooked in the oven-in." IOS systems, to a little more work.

  Here's a guide to how to do if you use GANYMEDE for AAA:

  https://supportforums.Cisco.com/docs/doc-15765

  If you use local authentication, you can do similar things, using cli views or levels of privilege:

  http://www.Cisco.com/en/us/docs/iOS/12_2t/12_2t13/feature/guide/ftprienh.html

  http://www.Cisco.com/en/us/docs/iOS/12_3t/12_3t7/feature/guide/gtclivws.html

  http://www.NetworkWorld.com/community/node/57553

  I hope this helps.

• Active DataGuard: ora-16000 database opened for read-only access

  Hi all

  Application, I get the error message "ora-16000 database opened for read-only access, while my primary database is up/open for read/write." When I stopped the standby database, the application works very well.

  Please suggest what could be the reason and the solution for the same.

  OS: RHEL - 5.3

  Oracle: 11.2.0.1.

  Kind regards

  Ronak Masudi

  Patch 9322138 ORA-16000 on recursive SQL on standby database Query rewrite

  I wouldn't be sure if tha applies to your scenario. What you might want to check is this host = xxxx in your tnsnames file points to the right machine or resolve the correct IP addresses. Perahps you have confused primary and standby.

• You have read-only access to the inventory of the Oracle

  I try to install on the AIX machine, I get the below error please help
  
  Hostname resolved - xxxxxx
  Supported operating system - AIX
  You have read-only access to the inventory of the Oracle
  Failure to meet all the prerequisites can lead to unsatisfactory results. If you have errors, please see the help or documentation for more information.

  There is a file. Oracle.properties which is an inventory of the oracle. Search and find which directory it is located, you may need to change the permissions to have full access. It is used during the installation to determine which products can be installed and what needs to be upgraded

• Read only access to the database

  Hi all
  
  I am unable to give read-only access to a newly created in the Oracle database user. I grant only read permission to the user, but the problem, it's that this user is able to delete data from a table or schema.
  
  Must only give 'Read only' access to the user who will be sql query for any table, schema, etc.
  
  
  I followed the steps.
  
  1 creation of the user
  
  2 granted suite privilege
  
  CREATE SESSION
  
  SELECT_ANY_TABLE;
  
  SELECT_ANY_DICTIONARY
  
  Please guide on the same.

  user8934591 wrote:
  Hello

  I created the user "MFC".

  and granted 'create the Session '.

  Thank you and best regards,

  Fine. But I asked PUBLIC.

• Setup error: you have read-only access to the inventory of oracle

  Hi guys,.
  
  In some versions of Linux, for example. Fedora, Ubuntu... every time I install the Hyperion product, I get this error "you have read-only access to the oracle inventory." and also the interesting thing, if this error comes Oracle does not settle "OpenLDAP' which is required to run shared services.
  
  With Oracle Enterprise Linux, and everything seems fine. and I did not get the above error also OpenLDAP is installed.
  
  any help would be appreciated. attached is the screenshot of the error.
  
  [https://docs.google.com/leaf?id=0BwB5xiYJ_HGwMDZkNjQ1OTEtMDg4Zi00NGM3LTk5NDAtYzE1ZmJkZTcyMzU0 & hl = en]
  
  Thank you

  Supported versions of linux, with you have found problems.
  I thought it was just Oracle Enterprise 4/5 and Red Hat Enterprise 4/5 that are supported.

  See you soon

  John
  http://John-Goodwin.blogspot.com/

• How to limit the request for read-only access

  We are the migration of 7.1 to version 11.1. As part of the Cup on the activities, I need to keep the old server on read-only for a few days and then completely block access. Can you please let me know if there is a simple way to limit read only access on Server 7.1, instead of changing the security settings of all groups on the server?
  
  Grateful for your help!

  What would you say to put the databases in read-only mode until you delete access.

  Esscmd - BEGINARCHIVE
  MAXL - [alter database | http://download.oracle.com/docs/cd/E10530_01/doc/epm.931/html_esb_techref/maxl/ddl/statements/altdb.htm] archive to start at app.db...

  There are equivalent commands out of read-only mode, the links will take you to the information you need.

  See you soon

  John
  http://John-Goodwin.blogspot.com/

• Need to have read-only access

  I need apply the changes on the DB (add a new table and modify some...), I'm looking to make the database in "READ ONLY" mode, so that users cannot add or change anything on DB, during the time I work in production - the reason is that we have an operation of the NOC who need a/access of non-stop service to DB.

  When I alter DATABASE READ ONLY, I see that I can't even access the app APEX...

  Any help will be appreciated.

  Mehr

  Hi Mehr,

  This is not possible, just because access APEX made writing APEX allot of things in the database, like for example session information. In a database of reading, this is not possible.

  The only solution creates a database not readonly 2nd where you simply store your APEX application, and where you use links from database for all your tables/packages/views/etc to your database read only.

  Kind regards

  Joni

• Create a read-ONLY access account, DOHAD

  People,

  We use the OID with OAM, as SSO at EBS.

  IO is 11.1.1.7.0.

  Can I create a read-only account in OID, this account can connect in DOHAD, to just able to do the read-only?

  Thank you

  Ashish

  People,

  Read this document, 746612.1 that will show you how to create an account only in OID.

  BUT also read this also: 1924840.1 very Important.

  Thank you

  Ashish

• ACS read only access to devices

  We are using ACS ver 4.2 and trying to setup users with limited access to our switches and routers.  Here's what we did:

  (1) created a user in ACS

  (2) create Shell permission Set - ReadOnly command

  Unmatched orders - deny

  Commands added

  Show

  output

  * This should limit the user to show command and exit only (correct)?

  3) established a group - support with the following parameters of GANYMEDE.

  Shell (exec) is checked

  Privilege level is check with 15 as the assigned level

  Assign permission to command Shell Set for any network - selected device

  ReadOnly - set current shell command authorization

  When the user connects to the router/switch, it seems that he has full access.  It can enter the enable config terminal command command.  Everything we want it to be able to do is to issue the command show.

  Any help would be appreciated.

  Please refer to this document

  http://www.Cisco.com/en/us/products/sw/secursw/ps2086/products_configuration_example09186a00808d9138.shtml

  and compare the config as you well say ACS config looks OK on the switch/router, you must also do the following command

  aaa authorization config-commands aaa authorization commands 0 default  group tacacs+ local aaa authorization commands 1 default  group tacacs+ local aaa authorization commands 15 default group tacacs+ local 

• need to create a user with read-only access only two tables

  I am trying to create a user who has access to only two tables in a table space. Please tell me what privileges required and I need to go read on this two tables
  
  
  Best regards
  Atiq

  GRANT SELECT ON SCHEMA.TABLENAME TO USERNAME;
  

• Delegate read-only for an OU select employee group

  I'm delegating read-only access to all the user accounts on a specific OU in one of our areas.

  When I add the group to the list of access with special permissions - Read all properties - it allows users to this group to change password for all accounts and group memberships in the ORGANIZATIONAL unit.

  I just want what they see information = name, address, telephone number, email, postal address and group memberships.

  What Miss me?

  any help is appreciated.

  This issue is beyond the scope of this site (for consumers) and to be sure, you get the best (and fastest) reply, we have to ask either on Technet (for IT Pro) or MSDN (for developers)
  http://social.technet.Microsoft.com/forums/en-us/home s/fr-U.S./Accueil
  http://social.msdn.Microsoft.com/Forum
  
  
  If you give us a link to the new thread we can point to some resources it

• Read only mapping

  Dear,

  Could you just confirm that with FDMEE 1.1.2.3.x you can't grant only read access to a user or a group of users?

  He read / write access or not at all (not even read in this case).

  Thanks a lot for what confirms.

  Fix.  There is no way to grant read-only access to load map data.

• DataGuard open read only mode: PING [ARC2]: unable to connect before Heartbeat "keeps." The error is 88.

  Hello

  I created a data guard with 1 physical and 1 relief database.

  Database: 11.2.0.4 - Enterprise edition

  Everything is OK, if the wait is still in State of Mount.

  but.

  When I want to open the day before in read-only mode, log shipping is stop.

  I found az error in the primary newspaper:

  PING [ARC2]: Unable to connect to the standby Heartbeat "keeps." The error is 88.

  
  

  The newspaper of Eve:

  alter database open read only

  AUDIT_TRAIL initialization parameter is changed to OS, as DB is NOT compatible to the database open with read only access

  Wed Dec 03 12:02:02 2014

  SMON: enabling cache recovery

  Dictionary check start

  Verification of the complete dictionary

  Database character set is AL32UTF8

  No Resource Manager plan active

  off replication_dependency_tracking (no replication multimaster async found)

  Physical standby database opened for read only access.

  Completed: alter database open read only

  Wed Dec 03 12:02:03 2014

  Mo 4977 db_recovery_file_dest_size is 2.29% used. It is a

  user-specified limit on the amount of space that will be used by the present

  for the files related to the recovery of databases and does not reflect the amount of

  space available in the underlying file system or ASM diskgroup.

  Thanks for your help and sorry for my bad English.

  LACI

  Oracle error: ORA-00088

  Error description:
  Cannot be executed by the shared server

  Cause of the error:
  Debug command issued on a shared server.

  Action:
  Run the command again using a dedicated server.

• ALTER USER on read-only database link db

  Oracle 11.2.0.3.6

  Solaris 10

  I have a primary database and one Active Data Guard standby database physical.  My read-only database users must be able to change their password for read-only standby.  I tried to create a stored procedure with an ALTER USER inside statement and then to have my user call the stored procedure of the unalterable standby by: MIMI EXEC. CHGPWD@PRIM ();

  This translates into:

  ERROR on line 1:

  ORA-16000: database opened for read-only access

  ORA-06512: at "MIMI. CHGPWD', line 27

  ORA-06512: at line 1

  How can I allow a user who cannot access the read-only database to change their password for read-only standby?

  Here my stored procedure:

  CREATE OR REPLACE PROCEDURE MIMI. CHGPWD IS

  -CREATE OR REPLACE PROCEDURE CHGPWD IS

  sql_stmt VARCHAR2 (200);

  BEGIN

  sql_stmt: = 'ALTER USER MIMITEST IDENTIFIED BY 111111';

  EXECUTE IMMEDIATE sql_stmt;

  END CHGPWD;

  /

  Ah, I got it!  I had to create a public synonym for my stored procedure, and then create another stored procedure and use the synonym.  This is explained in the documentation of Oracle packages and PL/SQL procedures coding under the section 'referring to remote objects.  Here is what I have from the beginning to the end (My SID is MIMI and the unique name on the primary is MIMI_A):

  Read-only mode ensures:

  ALTER SYSTEM SET GLOBAL_NAMES IS FALSE SCOPE = BOTH;.

  Elementary school:

  ALTER SYSTEM SET GLOBAL_NAMES IS FALSE SCOPE = BOTH;.

  CREATE THE PUBLIC DATABASE LINK MIMI_A.WORLD WITH THE HELP OF "MIMI_A";

  ALTER SYSTEM SET GLOBAL_NAMES IS TRUE SCOPE = BOTH;.  (I need to have this true on my primary game)

  CREATE OR REPLACE PROCEDURE MIMI. CHGPWD IS

  Working directory;

  BEGIN

  dbms_job. Submit (job,' BEGIN EXECUTE IMMEDIATE "ALTER USER MIMITEST IDENTIFIED BY 666666";) END ;') ;

  END;

  /

  CREATE CHGPASS SYNONYM PUBLIC FOR MIMI. CHGPWD@MIMI_A.WORLD;

  CREATE OR REPLACE PROCEDURE MIMI. LOCAL_PROCEDURE IS

  BEGIN

  CHGPASS;

  END;

  /

  GRANT EXECUTE MIMI. CHGPWD TO MIMITEST;

  GRANT EXECUTE MIMI. LOCAL_PROCEDURE TO MIMITEST;

  Read-only mode ensures:

  Mimi/oracle/1120308 > sqlplus mimitest

  SQL * more: Production of the 11.2.0.3.0 version Fri Sep 19 15:55:56 2014

  Copyright (c) 1982, 2011, Oracle.  All rights reserved.

  Enter the password:

  Connected to:

  Oracle Database 11 g Enterprise Edition Release 11.2.0.3.0 - 64 bit Production

  With partitioning, OLAP, Data Mining and Real Application Testing options

  SQL > exec MIMI. LOCAL_PROCEDURE;

  PL/SQL procedure successfully completed.