vCOps of roles and responsibilities

Similar Questions

• Re: Script to retrieve vCenter roles and responsibilities

  Hello guys,.

  I need a script to do the following

  The script should generate the following details in a csv format: vCenter roles and responsibilities-> AD groups assigned to this role-> privileges assigned to this role.

  vCenter roles name (List of all roles)

  Details on using (Inscription on the groups or users added to the particular role)

  List each of the role privilege. For example: data center-> Global etc...

  Thank you

  VK

  Hello

  Always try to LucD scripts, it is one of the best scripter, check below one of his screenplay

  http://communities.VMware.com/message/1642302

  Thank you

• Roles and responsibilities of dba oracle in the development team

  What should be the role and responsibilities of dba oracle in the development team?
  
  Application dba should have identification information of the oracle db box on user?

  Hi, working as a Application DBA as production s/n, while the resolution of problem ALS would not apply to them. Apart from this change in the pressure of the team will be there.

  These are points to remember.
  Test Db creation for the environmental testing,
  Replication of schema of POC
  replication of the DB for the installation of the interface.
  User, space management.
  Roles and security management
  Space of prediction - this will be useful when you estimate for storage
  you will need to give application implemented for the Production DBA with correct specification.
  store schema changes
  Ensure that shas good script to provide the DBA of Production team.
  Deployment of the application.
  performance optimization...

  All the environment memory /CPU statistisc need to check at regular intervals. If issues to escalte the INFRASTRUCTURE team

  HTC

  Tippu

• Security roles and workflow management groups

  People,

  There is a section on Workflow management groups and security roles in vCloud Request Manager Installation and Configuration Guide - Guide of Directors Chapter 5 and 6. I have difficulty working on the relationship between the two settings.

  My first question is around the goal of the WM default checkbox that the specific guide is used to set the default user workflow management group.

  What would a never used default WM? I mean, what would he ever substitute the other workflow management groups that you define.

  In addition, in the guide, it say cloud Blueprint Admin and Asset Manager security role is a combination of the Admin of Blueprint of cloud and the Asset Manager. Is cloud Blueprint Admin & Asset Manager being the two groups of workflow management, reasonable to assume that a security role is composed of workflow management groups?

  And when I select agent, I do not see a cloud Blueprint Admin and Asset Manager security role listed?

  Finally, is there a way to determine the exact permissions that contains a workflow management group/security role?

  Thank you

  Cormac

  The Group Management (WM) default workflow is largely an artifact of vSM based vRM.

  VSM, a group of WM is a collection of agents used to apply security and route of tasks, among other responsibilities. (For the purpose of vRM, an agent can defined as users who have access to the vRM admin interface).

  vRM mainly use WM groups as a way to deliver relevant communications to users based on their responsibilities for example vCD Admins, Asset Managers etc. vRM does not require other functions related to WM groups.

  For functional reasons, vSM requires that each officer with access to the capabilities of WM belong at least a WM group. In addition, at least one of these groups must be designated the default WM for this officer group. These functional reasons are not immediately relevant to the specific use of vRM rest however case the constraint. Suffice to say for vRM, every WM user must have a WM group by default even if this information must never be used.

  Roles and groups are separate entities. A role defines a set of privileges to access a particular functional area of the admin interface for example a role WM sets permissions to interact with the workflow. of the roles of management (CM) configuration sets permissions to review and modify records in the repository of vRM.

  A special role of WM can be associated with one or more groups WM. When this WM role is assigned to a user, that user inherits groups associated with this role, WM allowing to simplify the administration of groups. An individual user can also have other WM assigned groups to them directly, complementary to those inherited from their role of WM.

  At an abstract level, vRM defines three types of users of the admin interface:

  1 vCD Admins

  2. plan Admins

  3. managers

  However, the security of MSM model requires that each individual user must be implemented with several components. By default, vRM sets a "Asset Managers" WM Group of what assets all managers must belong. However, WM groups cannot be used to give access to the features as well, so a separate from the "Asset Managers" WM role is obliged to grant access to these features asset managers. By default, the role of "Asset Manager" WM is associated with the "Asset Managers" group such that any user who is assigned the role automatically belongs to the Group also. There is also a separate 'Asset Managers' CM role that gives asset managers they need to the repository vRM for example the possibility to add new licenses for software products.

  This model of definitions is repeated for 3 personas above with a group and several roles defined for each. When an administrator assigns a user to one of these characters they should assign the groups and roles appropriate according to the documentation. They should not need to be concerned by the distinctions between each component.

  The role of the "Plan Director Admin and Asset Manager" reflects that a user may need to be asset manager and a Director of Blueprint. Because a user can have a role to the maximum by functional area, vRM provides a compound that provides two sets of permissions. However, a user can belong to several groups WM, so it is never necessary to provide a composite group.

  The role of composite is there; just maybe not where you expect to find. Blueprint Admins do not need to access WM, so there is not a 'Blueprint' Admin or a composite WM role. Blueprint Admins do need access to configuration management so it's an "Admin blueprint" and a role of CM composite.

  The details of the user screen provides:

  • a summary of all groups to which a user belongs

  • provides a 'Détails' button to drill down on each role assigned to the user to inspect the permissions granted by this particular role

  You must be a vCD Admin to see areas of the screen.

• CUCM: Roles and permissions for Reset/restart of the phone or apply Config

  Can someone tell me what the authorization must be added to a role to allow a user to this role of restart/reset (or apply config - same thing really) a phone device?

  The popup once you press reset/retart or apply config shows just "user is not authorized to access this page."

  Thank you

  Ben.

  Hi Ben,

  What is your version CUCM? you use any custom for these end-users role which reset/restart?

  If so, please add privileges to read/set up-to-date for the resource ' Voice Mail pilot web pages "to the custom role and check.

  Please check this bug ID: CSCug29903

• Cannot access to roles and features (Server Manager)

  Cannot access to roles and features (Server Manager).
  Server Terminal server runs on Windows 2008 R2.
  I have an error (0 x 80080005 (CO_E_SERVER_EXEC_FAILURE)).
  c:\Windows\System32\ServerManager\Cache directory is empty.
  EventLog error EVENT 1000 ID Watch:
  Name of the failing application: TrustedInstaller.exe, version: 6.1.7601.17514, time stamp: 0x4ce7989b
  Name of the failed module: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
  Exception code: 0 x 40000015
  Offset: 0x000000000002a84e
  ID of the process failed: 0 x 2230
  Start time of application vulnerabilities: 0x01cd507bac023aca
  The failing application path: C:\Windows\servicing\TrustedInstaller.exe
  Path of the failing module: C:\Windows\system32\msvcrt.dll
  Report ID: e9bab27e-bc6e-11e1-a34e-000c29dc7c68
  -Program and features show installed updates. (The server is updated when you run a Windows Update)
  I've done so far:
  -Uninstall Symantec Endpoint Protection
  -Restart on the 2008 media to replace C:\Windows\winsxs\pending.xml
  -Ran that the System Update Readiness Tool for Windows 2008 R2 and no errors are reported on CheckSUR.log and CheckSUR.persist.log
  -A ran a free registry Cleanner
  What should we consider?
  Thank you

  Hello

  Your question is more complex than what is generally answered in the Microsoft Answers forums. It is better suited for the IT Pro TechNet public. Please ask your question in the following forum.

  Windows Server 2008 R2 General:

  http://social.technet.Microsoft.com/forums/en-us/winservergen/threads

  Concerning

• Cannot run script queued for roles and privileges

  
  

  Hi all;

  
  

  I'm recreating a u1 user and also try to attempt to define the roles and privilege from the file put on hold.

  but I get the error message.
  

  
  

  $ cat f1.sql

  GRANT CONNECT to u1

  Grant RESOURCE to u1

  Grant CREATE SESSION to u1

  Grant UNLIMITED TABLESPACE to u1

  Grant CREATE TABLE to u1

  Grant CREATE ANY TABLE to u1

  Grant CREATE the CLUSTER to u1

  Grant CREATE SYNONYM to u1

  Grant CREATE VIEW to u1

  Grant CREATE SEQUENCE to u1

  Grant CREATE ANY SEQUENCE to u1

  Grant CREATE DATABASE LINK to u1

  Grant CREATE PROCEDURE for u1

  Grant CREATE TRIGGER to u1

  Grant CREATE TYPE U1

  GRANT CREATE OPERATOR to u1

  Grant CREATE INDEXTYPE U1

  SYS > create the u1 user identified by u1;

  Created by the user.

  SYS > @f1.sql;

  5

  DB version is 11.2.0.1 on redhat 4.7

  Thank you

  Where are you semicolons?  Each command must end with a semicolon.

  Hemant K Collette

• Portal of WC - need information about the Migration or DB tables for roles and users/groups.

  Hello

  We are to modernize the WebCenter portal for a client of 11.1.1.3.0 to 11.1.1.8.0.

  Anything can let me know the procedure of migration or the involved DB tables that store the roles and the "user groups &" under the administration of security.

  A manual level by recreating all roles and users and groups one by one is my last option.

  Thank you

  Jean Claude

  Hello.

  Do not recreate it manually.

  The documentation must guide for PS2 - PS7 migration explaining step by step what to do regarding the security / policies.

  Read it slowly and carefully.

  Using WLST backup/export/import of your policy store scripts / qualifications.

  Following links can help you understand the WLST Scripts for the migration of security:

  http://docs.Oracle.com/CD/E29542_01/core.1111/e10043/addlsecfea.htm#JISEC3639

  Custom security infrastructure controls WLST - 11g Release 1 (10.3.6)

  We have migrated many times of 11.1.1.4/5 to 11.1.1.8. Always on the PS3 (11.1.1.4) version.

  11.1.1.3 to 11.1.1.4 was the biggest change from my point of view. I never had the opportunity to PSx PS2.

  For migration tasks, my recommendation is to ask for doubts or things not clearly in Support of Oracle documentation.

  Kind regards.

• Role and authorization in VC for each user

  Hello world
  I want to pull-out user role and permissions for all users exist in the VC findout this privilege they have and that members that they belong and also at what level of Powercli script in csv. Any help on this appreciated.

  Thank you
  vmguy

  You want to say that the XML file attached to your previous answer?

  Yes, I did. And it is empty (except for the XML framework).

  This seems to indicate that the script was not able to retrieve the roles and permissions.

  Led me to believe that the 'Get-View Manager' does not work for one reason or the other.

• Associate roles and permissions to users who are on a database

  Hello
  
  I want to achieve secure authentication I used the Configuration of the ADF, but I discovered that I can't put my users to my database. I can just create users with roles in Jdeveloper.
  
  don't you how we can put users in Jdeveloper and associate the roles and permissions?

  If you don't want to use the Adf security, you must use a custom security implementation or use a traditional J2EE security implementation.

  Remember, ADF is little wild for newbes, just be patient and read the documentation (it is useful).

  If you have any more questions, and then close the case.

  Jhon

• Adding roles and permissions

  Hello

  I am trying to install a role and authorization in vCenter 4.1 so that another user of vCenter 'read only' access can display CapacityIQ. Documents say to seek a role capacity IQ, but I have not found one. By the documentation.

  Procedure
  1. reboot the vSphere Client.
  2. Add the global privilege CapacityIQ in a new or existing role.
  3 right click on the folder root of the server vCenter in the inventory tree and select Add permission.
  4 in the dialog box assign permissions, assign the new role or existing user that accesses CapacityIQ.

  The global privilege CapacityIQ there simply isn't. How can I add this to so I can grant the necessary access?

  Thoughts anyone?

  Best regards

  Edward L. Haletky

  Host communities, VMware vExpert,

  Author: VMware vSphere and Virtual Infrastructure Security,VMware ESX and ESXi in the 2nd business edition

  Podcast: the Podcast for security virtualization of resources: the virtual virtualization library

  Hey Ed,.

  I see my Caron, there is a privilege 'CapacityIQ' in the category 'Global' of roles. What do you see in your environment? I do not see a role 'default' created by Caron, so think you must associate a user with this privilege. I'm running the 1.5.0 last version of Caron, if this can help

• Dump the roles and permissions

  I want to empty the roles and privileges for my virtual Center for audit purposes. How can I do this? Sorry for not not googling and asking questions here directly.

  Get-PSSnapin -Registered | Add-PSSnapin -ErrorAction SilentlyContinue
  Connect-VIServer -Server myVC.fqdn -User myUser -Password myPass
  
  $si = Get-View ServiceInstance
  $am = Get-View $si.Content.AuthorizationManager
  
  $am.RoleList | % {
   $_.Name
   $_.Privilege | Sort | % { "`t" + $_ }
  } | Out-File c:\dumpRole.txt | Notepad c:\dumpRole.txt
  

• Trying to auto generate roles and privileges

  Hello all,.
  
  Oracle 11g v11.2.0.1.0 on Windows Server 2008 Enterprise
  
  I have a database with many schemas. One of the patterns is referred to as the CM_MASTER schema in that it was granted the following: s/n, create user, drop user, alter user, create any table, select any table and a few others, all with the clause "with admin option".
  
  We have developers who need to select only the access to tables and views non-maitre patterns. My plan was to create a unique ROLE for each schema, then grant select on each table and discovers in this scheme to this unique role. Then grant the role appropriate to every developer therefore giving them only read access.
  
  I can accomplish the above manually when you are logged in as the CM_MASTER schema.
  
  I am creating a procedure owned and run by the schema CM_MASTER which creates a new role and then give this role. The procedure accepts a parameter that contains the username of the target schema. The procedure is able to create the role (create a role scott_r) successfully.
  
  However, I get an error of insufficient privileges (see below), after that the role was created, trying to issue the command "grant select on scott.some_table to scott_r" via "immediate execution".
  
  Any ideas, what privilege (s) the user needs CM_MASTER to be able to issue the grant (s) for the role?
  
  Error message below:
  
  exec ('scott') gen_schema_role;
  Error report:
  ORA-01031: insufficient privileges
  ORA-06512: at "CM_MASTER. GEN_SCHEMA_ROLE', line 30
  ORA-06512: at line 1
  01031 00000 - "insufficient privileges".
  
  
  The procedure code is below:
  Utl_file.put_line commands have been added for debugging, but nothing came out.
  When the "immediate execution" lines are commented, the utl_file.put_line command output displays the correct SQL create and grant statements.
  
  create or replace
  procedure gen_schema_role (p_db_user in varchar)
  as
  v_role_name varchar2 (30);
  
  v_bat_out utl_file.file_type;
  
  cursor get_object_names is
  Select object_name dba_objects
  where owner = upper (p_db_user)
  and object_type in ('TABLE', 'SEE')
  and status = "VALID".
  and object_name not like "DR$ %.
  and object_name not like '% XT;
  
  Start
  
  v_bat_out: = utl_file.fopen ('SR_BACKUP', 'Create_Roles.sql', 'W');
  
  v_role_name: = substr (p_db_user, 1, 28). '_r';
  
  UTL_FILE.put_line (v_bat_out, ' ');
  UTL_FILE.put_line (v_bat_out, 'create role' | v_role_name);
  
  run immediately "create role" | " v_role_name; < <-this seems to work, the role is created
  
  for a get_object_names in
  loop
  UTL_FILE.put_line (v_bat_out,' grant select on ' | p_db_user |) '.' || a.object_name | « à » || v_role_name);
  
  run immediately ' grant select on "| p_db_user | '.' || a.object_name | « à » || v_role_name;
  end loop;
  
  UTL_FILE.fclose (v_bat_out);
  
  end gen_schema_role;
  
  
  
  Thank you
  Snyds

  Hello

  It seems that CM_MASTER needs to GRANT any OBJECT PRIVILEGE.

  And this should be given directly to him (not by the role DBA, which you shouldn't use anyway)

  My guess is, however, that this will not work unless scott has actually created his own one or more tables.

  Concerning
  Peter

• Duplicate roles and profiles of school boards

  Hello
  I've created a few profiles with special roles and fields of metadata in my Complutense University of Madrid.
  I did all the work in my computer and now I want to change the machine (computer) and I don't want to lose all my work.
  Are there any ideas how to duplicate all my profiles and roles (my setup) to another computer?
  NOTE: I want to duplicate my environment custom of the AAU.
  Eran z

  For that, you have the Administration-> Comfig Admin of Migration (Migration of Configuration Utility).

  http://download.Oracle.com/docs/CD/E17904_01/doc.1111/e10792/c06_migration.htm#CHDBIJAJ

  Kind regards
  Boris

• Roles and owner Details

  Hello
  
  We use an Oracle 8i server.
  
  We need to extract the roles and names of owner created the roles. Please let us know in which data dictionary table, I'll have these details.
  
  Note: I already checked DBA_ROLES, ROLE_TAB_PRIVS and ROLE_SYS_PRIVS. I do not have the details.
  
  Thank you
  Suri

  A role is simply called a collection of privileges, there is no owner. As far as I know, there is no simple way to determine which user created a role.

  If by "we need extract roles and names of owner created the roles ', you hear really want to know which users have specific roles, then something like:

  SELECT grantee, granted_role
  FROM dba_role_privs
  WHERE granted_role IN ()
  

  John