Type of transaction SOUL in the management of users (additional access authorization)

We are looking for use the feature "Request additional access" self-service in the user management to allow existing users to request additional responsibilities (we're on EBS 12.1.3, all user access is entirely in EBS without integration of SSO).

I was able to set up so that it works very well if no approval is required for the new responsibility, but we would also like some requiring approval of line manager/supervisor until responsibility is granted - documentation related to the management of users tells us that we can add a Type of Transaction SOUL in the field "Type of Transaction for approval" when creating a new registration process , but nothing more than that. I wonder if someone could point me to any more detailed documentation that would help us to work on the question of whether we can use an existing transaction of the SOUL - or how to create a new one for this particular task?

Thank you.

Andrew

In case anyone else has this problem in the future, I connected an SR and support pointed me to a really useful note on My Oracle Support on how to do

How to create the Type of Transaction for approval of the SOUL. B or higher? (Doc ID 420387.1)

Tags: Oracle Applications

Similar Questions

  • How will I know where all the reports of users has access

    Hi gurus,

    We use the Hyperion Financial Reporting 9.3.1 & we have 80 reports & 750 users. How will I know where all the reports of users has access. Where can I find this information. I checked the SSP, it only shows the provisioing details, but not the name of the report. I also checked the Essbase.sec but no use. Where can I get the info. Kindly help me.


    Kind regards
    Kris...

    There is no tool of Hyperion to display easily groups and security filters.

    But it really depends on how you set up your security model.

    Normally, you add users into groups and assign these groups to essbase and reports (via the BEEP groups) cubes, so you can check reports have access to correct group and the users are in a good group.

    There is a security tool to export available here, hosted by Applied Olap, and underground work Olap-based:
    http://www.appliedolap.com/free-tools/Advanced-Security-Manager

    Best regards, Iain

  • Type of SSID to deport the traffic from users of the Intranet of DMZ

    Hello

    We would like to use a pair of WLCs in the DMZ, to have the traffic of a specific SSID directly deported to the demilitarized zone.

    This might look like as a guest, but in our case, that it would be more a BYOD deployment, allowing devices mobile Internet surfing, but without having access to the Intranet at all.

    I found a good number of guide for the deployment of Cisco Guest access with anchors etc... but many are old, I did some research for BYOD but everything seems very general.

    About http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Mobility/emob73dg/emob73/ch10GuAc.html

    Mobile devices will use x auth 802.1 with certificates or PEAP, so no portal, the webauth or sponsors in this context.

    I try to post my question here:

    On the DMZ WLC I need to create the same SSID that we have in the Intranet, but type SSID should be normal (WLAN) or the LAN or remote LAN?

    And if I am not mistaken, that I need to create a new interface that will be used for user data traffic, on the WLCs in the DMZ, this aspect should be settled on the SSID as well?

    Thanks for your support,

    One you want as an anchor, on this controller if you click on create it will appear as a local, for the foreign controller to highlight the address IP of the anchor to drop down and then click on create a mobility anchor.

    Given the DMZ as an anchor your controller.

    DMZ controller: Local

    Intranet controller: controller of DMZ IP address

  • Best practices for the management of user access in ESXi host without 'root '.

    What is the best way to make the management of the user access to the ESXi host after you disable the default root account. Is it better to create induvidual accounts

    Via vCenter or intergrate Active directory or any other specific way.  Please help me to clarify this point. Thanks in advance for your answers.

    With the release of ESXi 5.1 it is possible to create an account on the ESXi host and assign them Full Admin privileged but there are a lot of admins of loggin in each ESXi host and user account creation.

    I would like suggestions to add the ESXi to AD and add the authorization based on domain accounts.

  • Track the activities of users while accessing the request of ADF

    Hello

    We have an obligation to follow all the activities of the user while accessing our ADF application such as what pages users navigate login to connect, what are the user of the actions performed on a particular page as button click... etc and what queries are invoked for this page.

    Please suggest the best approach to implement this.

    Do we need to write code to catch all that information or us to have predefined tools / frameworks for this specific feature.

    Thank you

    KT

    Well, you must first know what info to follow exactly. This isn't a simple task, because you'll find yourself with a lot of info, most do not used any time. Here, you have to work with the customer to know what it takes to follow when. Second task is to think about how to store the info in the comic book, so that you can see later what action belongs to which user in the right timeline. Third part is to find a way to store the info at runtime in a way that the application always responds to user events. Here, you will need to take into account, that you can not use the same operation to store the info, but must be guaranteed the right timeline in the db of the track. I suggest using a jms queue that your application writes the measures to follow in and another process reads the queue and stores them in the comic book.

    Timo

  • Definition of the properties on the managed Bean user interface component:

    Hello

    I use jdev 11.1.1.1.0 version.
    In Managed bean, I get the component by using the id given in page .jspx.
    the code I am uisng is:

    FacesContext fc = FacesContext.getCurrentInstance ();
    UIComponent uc = (UIComponent) fc.getViewRoot () .findComponent ("it32");


    Here, the component is sometimes RichColumn and sometimes RichInputtext.
    In the case of RichInputText, I need to set the readonly property to true/false depending on some condition .i found no setReadOnly() ant on the UI component.

    so I think to convert the UIcomponent type RichInputText or RichColumntype. (if I convert the means I get methods like setReadOnly(), setVisible())
    How is it possible.

    (or is anyway to set the "readonly", 'visible' properties on UIcomponent itself in the Managedbean without conversion).


    PLs help me
    Sanchez.

    Hello

    You can get the instance of the component or use UIComponent.getAttributes () .put (attributeName, attributeValue); For example:

    theComponent.getAttributes().put("readOnly", Boolean.TRUE);

    Kind regards

    ~ Simon

  • Roles really simplify the management of users?

    I am trying to establish a role where I can add users to become members of the role to execute select statements on another scheme of.

    I cut the code to generate the "Grant Select on table_xxx to < new_role >" and run it. The 1600 various odd given that all appear on the new role. I give membership to a user of vanilla with nothing except create session to this role. And the user can select count (*) by means of a simple test.

    However, if I directly grant the same access to a table, the user can make a selection in the schema? What gives.

    Can you please explain what is happening here or help with what I'm missing here. See you soon.


    PS: If the granting of 1600 odd selects (for each of the objects) for EACH user is the answer, why anyone would use roles? Still reeling from the discovery that after 11 iteration of Oracle, there are still NO grant select on < schema > < user >.

    You need to activate your role before you start using it.
    Run this query and check:
    Select * from session_roles;

    If the output of the above query is 'no rows selected', this means that you don't have any active role.

    You have two options in this case:
    (1) role play OR
    (2) Alter user role default all;

  • prevent the SSL VPN user to access ASA cli

    Hello

    I set up multiple users on my ASA in its local database.

    These users are used for the ssl vpn connection, but the problem I have is that users

    also have SSH access. Is it possible to avoid this?

    Thank you

    Hello Raf,

    If you do something like this:

    username xxx attributes

    type of remote access service

    the user should not get access CLI more.

    Kind regards

    Bastien

  • Is it possible to restrictions to the remote desktop users to access the Internet?

    I'm really stuck on this.

    All clients connect to the server by using Remote Desktop Session of work.

    The condition is now, I want to connect internet connection server.

    I intend to install TeamViewer so I can access the server when I go on vacation, if a problem occurs or the customer need my help something.

    The boss, don't want any employee not be able to access the internet, so now I'm stuck with it.

    Forget to mention, I'm using Windows Server 2008 R2 x 64.

    Is it possible to do this?

    I tried to look for possible ways on GPEDIT. MSC to make the restriction, but it seems that there is not something like that.

    Please help and sorry for my bad English.

    Thanks for all the help.

    This issue is beyond the scope of this site and must be placed on Technet or MSDN

    http://social.technet.Microsoft.com/forums/en-us/home

    http://social.msdn.Microsoft.com/forums/en-us/home

  • The locked but user can access with other users

    Hi all

    I blocked a user in oracle and trying to "Account is locked out" displaying messages of connection.

    But I am able user from other users query tables. How do I block it?

    For example:

    I had blocked a user User1. When I logged in a user named USER2 and when I call SELECT * FROM USER1. Table_name, displays the data.

    I need to block this question from other USERS.

    Help, please

    Thanks in advance...

    Account lockout does not prevent others to get access on user objects. The only change is that the user won't be able to connect more.

    To block others access to objects of this scheme can be done by defining the privileges of law for other users, or with the vault of the database by creating a Kingdom

    around this blocked scheme (DV requires an additional license).

  • After the removal of the malware "IE cannot display the webpage" - a user only

    After removing various malware with Symantec Endpoint Protection 11, MalwareBytes 1.46 and the Microsoft Malicious Software Removal Tool, the user who received the malware (all detected instances are found on their profile or in the system restore points) can not access all the Web sites with IE 7:

    "IE cannot display the webpage."

    The administrator account, or another standard account have the problem.

    I tried to open IE with 'no Add-ons' when you are connected to the consumer - same result.

    I have reset the Internet Explorer settings on the tab 'Advanced' Internet Explorer (inetcpl.cpl) - same result.

    Once more, the other two users can access Internet without problem.

    The 'user' can access the network otherwise - e-mail, drives mapped to the server, etc...

    One option: delete and re-create the profile of the user in question.

    But before resorting to that, is there another option?

    If I deleted Internet Explorer components in his profile, would they be recreated (correctly)?

    System Restore is not an option, because the troubleshooting procedure indicated that we should delete because they could just bring back the malware. And indeed, the malware has been detected in several snapshots.

    Have you tried to double check the proxy in Internet Explorer?

    Try going to the Internet Option-> setting connection and LAN, check the setting and be sure to correctly configure other users.

    You can also try to contact Symantec Support for more help with this problem.

  • Error with the utility of the provision to users

    I'm trying to syncronize Hyperion Planning users with the utility available to users (run the command cmd provisionusers). I did it with success some weekes there, but now I have this message when I run the command:

    EPMCSS-07004: impossible to allow the action of the user. Main is null. Provide the main valid user for access to [GET_USER_BY_IDENTITY]

    What it means? How can I solve it?

    Command to provision users work if started for all users, but does not work for a single user.

    The problem by using the utility available to users for a single user has already been mentioned as a Bug 7330744 bug: CANNOT RUN PROVISION USERS for UNIQUE USER UTILITY. Development commented in this bug that utility supply to users is designed for synchronization in bulk and is not necessary to synchronize to a single user. The simple fact of this user in planning record will trigger the synchronization.

  • Type [0] unknown calculation for the dynamic calculation. Only default agg/formula/time balance operations are managed.

    Hi all

    I came across this error last Monday. I tried all the recommendations and configurations and nothing seems to work to solve the problem.

    Here is the error message-

    [Game Sep 24 12:04:27 2015] Local, ARPLAN, ARPLAN, Ess.Tee@MSAD_2010/9240/Error (1012703)

    Type [0] unknown calculation for the dynamic calculation. Only default agg/formula/time balance operations are managed.

    [Game Sep 24 12:04:33 2015] Local, ARPLAN, ARPLAN, Ess.Tee@MSAD_2010/9240/Warning (1080014)

    Abandoned due to the State [1012703] [0x2e007c (0x56042d17.0xeadd0)] transaction.

    [Game Sep 24 12:04:33 2015] Local, ARPLAN, ARPLAN, Ess.Tee@MSAD_2010/8576/Warning (1080014)

    Abandoned due to the State [1012703] [0x40007d (0x56042d18.0x781e0)] transaction.

    [Game Sep 24 12:04:34 2015] Local, ARPLAN, ARPLAN, Ess.Tee@MSAD_2010/736/Info (1012579)

    Total time elapsed Calc [Forecast.csc]: [621,338] seconds

    The script I'm running-

    SET CACHE HIGH;

    SET MSG SUMMARY;

    LOW GAME REVIEWS;

    UPDATECALC OFF SET;

    SET AGGMISSG

    GAME CALCPARALLEL 2;

    SET CREATEBLOCKONEQ

    SET HIGH LOCKBLOCK;

    FIX ('FY16', 'Final', 'Forecasts', '11 + 1 forecasts', 'prediction of 10 + 2', '9 + 3 forecast', '8 + 4 forecasts', "forecast 7 + 5", "6 + 6 forecast", "forecast 5 + 7", 'forecast of 4 + 8', '3 + 9 forecast', 'forecast 2 + 10', '1 + 11 forecasts')

    DIFFICULTY (@IDESCENDANTS ('entity'))

    CALC DIM ("account");

    ENDFIX

    DIM CALC ("entity", "Currency");

    ENDFIX

    In the essbase.cfg I have already included-

    NETDELAY 24000

    NETRETRYCOUNT 4500

    /Calculator cache settings

    CALCCACHEHIGH 50000000

    CALCCACHEDEFAULT 10000000

    200000 CALCCACHELOW

    Lockblock/set limits

    CALCLOCKBLOCKHIGH 150000

    CALCLOCKBLOCKDEFAULT 20000

    CALCLOCKBLOCKLOW 10000

    Please suggest if there is a way to fix this error. I get a similar error for other calculations as well.

    Kind regards

    EssTee

    And you are positive that no one came in a new Member at level 0 as dynamic Calc?

    What are the versions do you use?

  • Looking for example of the Manager to OBTAIN with the PL/SQL source type

    Hello

    I currently have a Manager GET job with a running QUERY source type in ADR 3.0.  The call returns the number of records (hundreds, or even thousands of 10) in JSON and allows the user to navigate through the results.

    The call accepts several parameters that I convey just in the place where the clause of the query in the Manager.  Data is retrieved by the beach date (s).

    To prevent queries runaway with ranges for a long time, I've implemented a logic in the sql statement to limit the applicant.  The applicant requested an error thrown instead.  There are other limits that I'm imposing on other entries I need to provide useful errors for example.

    I would like to change the call GET use PL/SQL type instead of the type of REQUEST so that I can do validation on entries and send useful return error messages if necessary, however I can't find examples online.

    Are there any examples (or alternatives) would be greatly appreciated.

    Thank you

    Anthony

    Hello

    You can use the Pipelined functions to generate your recordset plsql and then just use a select statement of the function in the pipeline in the service definition.

  • Cannot start the managed server - unable to get the property of the transaction log.

    I have a server that is managed in a cluster to a single member. The field is simple - server admin and a cluster, the cluster member.

    I can boot is no longer this server. When I try to start, he left after the following message:

    < BEA-000362 > < server failed. Reason: Failed to get the property of the transaction log. Make sure that the migratable Transaction Recovery Service is migrated on the current server before restarting.

    I've checked everything I can think or offers documentation of the error. There is only one target migratable in the field, the managed server. automatic migration is not enabled. I deleted the store by default from the file system, and it gets recreated at startup (so not a problem of permission of system files). I have Activate Server registration to any Transaction scope weblogic debug debugging tab, no additional messages are coming around this message.

    Target only shows migratable are hosted on the managed server and not the last migration status.

    So I'm puzzled. Can anyone suggest what I should look at?

    WebLogic 10.3.5, JDK 1.6.0_29 (64-bit), RHEL 5.6

    Published by: SteveElkind on August 28, 2012 11:54

    Hi Steve,.

    Then remove the cluster migratable option, it will sort your problem.

    Kind regards
    Kal

Maybe you are looking for