restrictions of the user via tac +.

Similar Questions

• Restriction of the user in TMS

  Hello

  Tried to limit the user login to TMS thanks to remove default user rights, but it did not.

  Tried to add advertisements and advertising connectivity test is also success but it doesnot restrict.

  Kind suggest how to limit users.

  Thank you

  VJ

  See Cisco TMS Admin guide starting on page 23 ;)

  http://www.Cisco.com/c/dam/en/us/TD/docs/Telepresence/infrastructure/TMS...

  Sent by Cisco Support technique iPad App

• Get the email of the user via LDAP

  I would like to send an email via APEX whenever a request is rejected. I want to send to the user who made the request through the system. This user has been authenticated via LDAP (Active Directory) in another application, when he sent this request. Therefore, his e-mail address is located in the sound profile AD with that it authenticates. All applications are listed in a report in another application (which uses the same LDAP authentication scheme) where they can be reviewed, rejected or accepted. When the user clicks the button refuse, it updates the status of the query in the database and sends an e-mail message to a hardcoded email address. I want to send to the user who made the request.
  
  Is it possible to use this LDAP session (because I'm connected to the application via LDAP, I take for granted that there must be an LDAP session valid in use), or what I need to connect to the server again? If it's the latter, then how can I do? I can't hard-code just my own credentials of the service, that would be nuts.
  
  I thought I could use a script like this and call it in a process page, but I know I'm missing something.

  create or replace function Get_Mail(p_user in varchar2)
  return varchar2 
  is
          l_attrs         dbms_ldap.string_collection;
          l_message       dbms_ldap.MESSAGE;
          l_entry         dbms_ldap.MESSAGE;
          l_vals          dbms_ldap.string_collection;
          l_user     varchar2(256);
          l_user2      varchar2(256);
          l_mail          varchar2(256);
          l_ldap_server     varchar2(256)         := '****';
          l_domain     varchar2(256)         := '****';
          l_ldap_port     number              := 389;
          l_retval     pls_integer;
          l_session     dbms_ldap.session;
          l_username      varchar2(256)         := NULL;
          l_password      varchar2(256)         := NULL;
  begin
  
  dbms_ldap.use_exception := TRUE;
  
  l_user2       := p_user||'@'||l_domain;
  
  l_user       := l_username||'@'||l_domain;
  l_session := dbms_ldap.init (l_ldap_server, l_ldap_port);
  l_retval  := dbms_ldap.simple_bind_s (l_session, l_user, l_password);
  
  l_attrs(1) := 'email';
  l_retval   := dbms_ldap.search_s (ld => l_session, base => '****', scope => dbms_ldap.scope_subtree, 
  filter =>'&(userPrincipalName='|| l_user2 || ')(objectClass=user)', attrs => l_attrs, attronly => 0, res => l_message);
  
  l_entry := dbms_ldap.first_entry (ld => l_session, msg => l_message);
  l_vals  := dbms_ldap.get_values (ld => l_session, ldapentry => l_entry, attr => l_attrs(1));
  
  l_mail := l_vals(1);
  return l_mail;
  
  exception
    when others then
    begin
      dbms_output.put_line (' Erreur #' || TO_CHAR (SQLCODE));
      dbms_output.put_line (' Message: ' || SQLERRM);
      l_mail := NULL;
      return l_mail;
    end;
  end Get_Mail;

  Any ideas?
  
  Best regards
  Mathieu

  I found the solution, thanks to the work of John Edward Scott and Scott Spendolini "Pro Oracle Application Express". So, for those who are interested:

  I created two types:

  create or replace type
  ty_ldap_query as object(
  dn varchar2(200),
  attribute_name varchar2(100),
  attribute_value varchar2(100));
  

  create or replace type tbl_ty_ldap_query
  as table of ty_ldap_query;
  

  Next, I created the LDAPQuery routine:

  create or replace function LDAPQuery(
   p_host in varchar2,
   p_port in varchar2,
   p_user in varchar2,
   p_password in varchar2,
   p_dn_base in varchar2,
   p_filter in varchar2,
   p_attributes in varchar2)
   return tbl_ty_ldap_query PIPELINED is
  
   v_result tbl_ty_ldap_query := tbl_ty_ldap_query(ty_ldap_query(NULL, NULL, NULL));
  
   retval PLS_INTEGER;
   v_session DBMS_LDAP.SESSION;
   v_attrs DBMS_LDAP.string_collection;
   v_message DBMS_LDAP.MESSAGE;
   v_entry DBMS_LDAP.MESSAGE;
   v_dn VARCHAR2 (256);
   v_attr_name VARCHAR2 (256);
   v_ber_elmt DBMS_LDAP.ber_element;
   v_vals DBMS_LDAP.string_collection;
   b_first BOOLEAN := TRUE;
   v_dn_identifier VARCHAR2(200);
   v_attributes apex_application_global.vc_arr2;
  
   BEGIN
    retval := -1;
    DBMS_LDAP.use_exception := TRUE;
    v_session := DBMS_LDAP.init (p_host, p_port);
    retval := DBMS_LDAP.simple_bind_s (v_session, p_user, p_password);
  
    v_attributes := apex_util.STRING_TO_TABLE(p_attributes, ',');
    for i in (v_attributes.first)..(v_attributes.last)
    loop
     v_attrs(i) := v_attributes(i);
    end loop;
  
    retval := DBMS_LDAP.search_s (v_session, p_dn_base, DBMS_LDAP.scope_subtree, p_Filter, v_attrs, 0, v_message);
    retval := DBMS_LDAP.count_entries (v_session, v_message);
    v_entry := DBMS_LDAP.first_entry (v_session, v_message);
    WHILE v_entry IS NOT NULL
    LOOP
     v_attr_name := DBMS_LDAP.first_attribute (v_session, v_entry, v_ber_elmt);
     WHILE v_attr_name IS NOT NULL
     LOOP
      v_vals := DBMS_LDAP.get_values(v_session, v_entry, v_attr_name);
     IF v_vals.COUNT > 0
     THEN
      FOR i IN v_vals.FIRST .. v_vals.LAST
      LOOP
       v_dn_identifier := dbms_ldap.GET_DN(v_session, v_entry);
       pipe row (ty_ldap_query(v_dn_identifier, v_attr_name, v_vals(i)));
      END LOOP;
     END IF;
     v_attr_name := DBMS_LDAP.next_attribute (v_session, v_entry, v_ber_elmt);
    END LOOP;
    v_entry := DBMS_LDAP.next_entry(v_session, v_entry);
   END LOOP;
   retval := DBMS_LDAP.unbind_s(v_session);
  END LDAPQuery;
  

  And I asked it in this way:

  select
   attribute_value
  from
   table(LDAPQuery('', '', '', '', '', '&(!(logonCount=0)(objectClass=User)(sAMAccountName=))', 'mail'))
  

  In the book he said I could do it (instead of using LDAP filters):

  where
  dn = 'CN=jes,CN=Users,DC=domain,DC=localdomain'
  

  But it wouldn't work for some reason any. In any case, it's working now.

  Best regards
  Mathieu

• How to assign the client to the user via the API of the IOM

  Hi all
  
  Can someone tell me which method I should use to assign a customer to the user using the API of the IOM...
  
  Thanks in advance

  I think the problem culd be with the wrong import statement.

  You must add the import statement below to assign roles admin sectarian

  Import oracle.iam.platformservice.api.AdminRoleService;

  HTH

• Restrictions of the user through DADS.conf

  Hello
  
  
  
  I created a database user and given that the user select the only rights on certain tables in my database. Then, I set an entry DADS.conf specifying the name of user and password as the PlsqlDatabaseUsername and the PlsqlDatabasePassword.
  
  
  
  For example:
  
  
  
  create user testuser identified by testpass;
  
  grant select on my_table testuser;
  
  
  
  Then in my DADS.conf file
  
  
  
  
  
  & lt; Location/maps/apex & gt;
  
  Order deny, allow
  
  AllowOverride None
  
  PlsqlDocumentProcedure wwv_flow_file_mgr.process_download
  
  Docs PlsqlDocumentPath
  
  PlsqlDatabaseConnectString server.domain.com:1521:mydb ServiceNameFormat
  
  PlsqlNLSLanguage AMERICAN_AMERICA. AL32UTF8
  
  PlsqlAuthenticationMode Basic
  
  SetHandler pls_handler
  
  PlsqlDocumentTablename wwv_flow_file_objects$
  
  Testuser PlsqlDatabaseUsername
  
  Apex PlsqlDefaultPage
  
  PlsqlDatabasePassword testpass
  
  PlsqlRequestValidationFunction wwv_flow_epg_include_modules.authorize
  
  Allow all the
  
  & lt; / location & gt;
  
  
  
  
  
  Yet, that the user still has access update to database tables that I granted only select access rights.
  
  
  
  Is there some why to control this?
  
  
  
  
  
  Don

  The user in the DAD creates the database session. For security reasons, this user should have any right other that "create session". When your application is running (using any DAD) all SQL and PL/SQL is parsed as the scheme designated as the owner or the scheme of the analysis of the application.

  Scott

• limit the number of vms that are turned on by the user via vcenter

  Is it possible to limit the total number of vms turned on by user? If joe can create as many virtual machines as he wants, but he cannot have than 5 virtual machines powered at the same time.

  I thought about it, but I'm not a big fan of resource pools.

  It is interesting because ALL things made of ESX, pools are my absolute favorite, you can do a lot with swimming pools.  Even monitor the pools by a group of permissions, restrictions, segregation, performance, ease of management... This list is long...

  Pools are the BEST thing about ESX overall in my opinion, I think that you are missing a very crucial feature.

• Show/hide fields based on the user's selection

  I know little of Javascript, but my first attempts to integrate it in Acrobat are bothersome. I have created a simple form where the user via a check box the number of people that he or she must register, then the form shows that several fields to complete. I tried to make it work with a single field, before I add more.

  In this example, I'm trying just to get the second hidden registered field if the user checks only 1 person to register. (I already know that I have issues when it comes to hide several fields).

  If (event.target.value == "0") {}

  this.getField("Registrant2").display = display.hide;

  }

  Given that I do not know what is the value of exports, try this:

  If (event.target.value! == 'Off') {}

  this.getField("Registrant2").display = display.hidden;

  }

  You can add an else clause so that the field is displayed when the check box is not selected:

  If (event.target.value! == 'Off') {}

  this.getField("Registrant2").display = display.hidden;

  } else {}

  this.getField("Registrant2").display = display.visible;

  }

  If this does ' t work, you don't maybe not the correct domain name. Verify that the console (Ctrl + J) to see all JavaScript errors are reported.

• Allow the user to change the items in web application that they have not submitted

  Is there a way to allow a user to change/remove the elements of web app that they have not submitted?

  I did more than 400 pieces for the user via a .csv spreadsheet. I want the user to be able to change or remove these via an editing page of web app, I'll set up, but because I downloaded the .csv file, apparently, that another user cannot do this.

  At present, the only way that I know that this is so by the user submitting each element individually.

  Anyone know of a way to attribute everything to this user as if what he presented to them? Perhaps via the .csv file?

  Yes. In admin, you can change each element of WebApp to be attributed to a customer with the "presented by" in the section 'other Options '.

  You can also import/export this value, but in the CSV file, it is labeled as 'EntityId' - and you must use the system ID/ID of the entity of the client here.

  Otherwise, to allow anyone (who is connected) to change any element of WebApp, you must change the setting in the configuration of this WebApp by checking the option "anyone can edit items.

• OID 11.1.1.6 - belonging to the user group management

  Dear,

  Is there a way of OIDS to manage the users, via a specific user attribute group membership?

  You all know that in AD for example, it is an attribute of the user "memberof" that could be used for this purpose I tried looking in OID for a similar attribute and actually found this a "orclMemberOf", however I can't figure out exactly how to use it. I tried editing through DOHAD, but got an error "constraint violation". I also tried to use ldapsearch as mentioned in this post Oracle Fusion Middleware security: group membership Fast searches within the OID with the attribute of orclMemberOf, but the attribute is not returned in the search results.

  Any ideas... ? We just want to know if the only way to manage the belonging to a group is done using the attribute 'uniquemember' of the group, or if it can be configured on the user object.

  Thank you

  White

  That can only means that is not your attribute to multiple values of the group.

  The default value for the OID, groups have an objectclass of groupOfUniqueNames and their membership multi value attribute is uniqueuniquemember.

  So lets say, you want to know the groups the admin account is a member, your application would be as follows:

  (uniqueMember = cn = orcladmin, cn = Users, dc is sampledomain, dc = com)

  This would release all memberships that belongs to the user.

  -Kevin

• Need help with deprovision as a single resource to the user using API profile

  Hello
  I need to write a little code, where I can layout only one resource profile of the user via the API of the IOM. Please help me to start coding.
  
  Thank you
  Kalpana.

  Change your code to do this

  String oiuKey = resultset.getStringValue ("User-Object Instance to User.Key");

  You must pass the oiuKey method revokeObject no Object Key

  See more details here revokeObject method [IOM] - howto?

• How to provide custom information to the user in the InfoBar

  In a previous thread (authorization re - data charges Essbase without erasing existing data it has been suggested that it is possible to provide information to the user via the 'information' window. I guess that this refers to the information bar window that appears when performing different tasks in web client FDM?
  
  If so, how you get there? The Administrator's guide is only seems to point to Administration | Web settings, where you can customize the behavior of the information bar. But is it possible to load the message and set the type of message (info, warning, error) from a script of the event?

  Yes, you can fill a script of the event. There is an accelerator of General utility to "Display the information bar Message".

• Create a schema of the user with the same name and tables within this scheme

  I am a newbie with Oracle.
  I installed my first Oracle 10 g database in my life.
  I need to create a user and a new schema with the same name.
  Subsequently, I need to create tables in this schema using the * isqlPlus.
  I got to create the user via the Oracle Enterprise Manager Console.
  I tried to create a schema through the same tool, but I have not found a possibility to do using GUI.
  Is it possible to do so through Oracle Enterprise Manager Console?
  What are the permissions the user must have access isqlPlus to create the tables in the schema?
  
  Thank you!!!
  
  Felipe

  A schema is just a collection of objects belonged to a particular user. If you do not need to create a separate schema: the schema is created automatically when you create the user.

  To connect to the database, a user must CREATE SESSION privilege. To create a table, the user has the CREATE TABLE privilege and should be given a quota on any tablespace will be created in the table. If you don't care management quota or limit the storage space that a user can create tables, you can grant the user the UNLIMITED TABLESPACE privilege. If you care the management of quota, you must run commands like

  ALTER USER <>
    QUOTA <>
    ON <>
  

  for each tablespace for the user to be able to use.

  Justin

• Vault to Oracle set up rules to restrict the user and the type of application that can connect

  Oracle 11 g 2 (11.2.0.4.3)

  RHEL 6

  Hi all

  We are experiencing a few problems to configure the following condition:

  Users A, B, and C will not be able to connect via SQLPLUS.

  So I took note of the political examples on how to Set Up database Vault (Doc ID 972477.1() -section restrict access to the database (sqlplus) unwanted tools:

  However, it doesn't evaluate the rule in the rule set correctly. The rule set is as follows:

  DVF. F$ MODULE! = ' SQL * MORE AND DVF. F$ SESSION_USER NOT IN ("USERA", "USERB", "USERC")

  This rule allows all users to connect except those defined in the rule. And it applies also to the developer SQL (and all other connections). If I change to be 'IN' he also allows users in the list, but no one else. In addition, somewhere I think it evaluates it as "OR" rather than "AND". What I want to do is:

  IF user IN ("USERA", "USERB", "USERC") AND SYS_CONTEXT ('USERENV', 'MODULE') = ' SQL * MORE

  SO, do not allow the user to connect.

  Note: The factor (MODULE) has been created by me and her expression is SYS_CONTEXT('USERENV','MODULE')

  Any help on this would be greatly appreciated.

  I tested these rules and they work:

  (1) ((upper (sys_context ('userenv', 'module')) like '%%') and (not in sys_context ('userenv', 'session_user') ('A', 'B'))) or ((upper (sys_context ('userenv', 'module')) like ' % %') and DEVELOPER (not in sys_context ('userenv', 'session_user') ('A', 'B'))))

  (2) ((upper (sys_context ('userenv', 'module')) not like ' %PLUS%')) or ((upper (sys_context ('userenv', 'module')) not like ' % DEVELOPER %'))))))

  I'm blocking users A and B to connect from SQL * more and SQL Developer

  -set the rule defined for all THE TRUE evaluation

• DUN connection Bluetooth for Pocket PC, Vista and the user rights restricted

  Hallo,

  I managed to establish a DUN connection to my smartphone WM5 Pocket QTEK 9100 Bluetooth-based and the Toshiba Stack, latest version. My laptop is an X 200 - 21 d with Vista Home Premium.

  Everything works although I do not change the Vista user to a user with restricted rights, for the user with the Bluetooth utility administrator rights has created a new DUN connection and a new modem with a virtual COM port. The user with restricted rights is not allowed to set up a new connection, but it is necessary to connect to the smartphone with the Bluetooth utility. On the administrative account the option button to allow the connection to call other users is disabled and grayed out, so there is sort now open it up to other users.

  How can I set up a Bluetooth DUN connection for a user with restricted rights?

  Thank you in advance!

  If the user restricted use the same DUN like the Admin Setup?

  If Yes, then you can use "Bluetooth-> custom Mode settings". This allows you to
  Select the "Standard 33600 Modem" from the list that has been set up before
  the admin. So every ONE that has been configured by the administrator can be used by the
  User restricted with this method. Restricted users cannot install hardware, so
  If the administrator has not installed a modem, then also the restricted user cannot use it.

  The Admin can pre-install a modem with Bluetooth stack installation.
  This is useful if the restricted user should be able to configure a DUN connection
  with the advanced modem settings which are not used by the administrator.

  This should be possible if the file "as.ini" has a line "MODEMINST = 1".

• Access to the internet via 'comments' or another user account

  When I try to access the internet via the "guest" account, I get the message... "Internet explorer has stopped working"... and I can't accest internet from any other account on this computer, except the administrative account or 'guest'.  What gives?

  You mean any other admin account or standard account?
  This isn't a good idea to use the guest user account check this: http://technet.microsoft.com/en-us/library/bb418978.aspx
  Create a new standard user account to check.