Re: Group form permission issue
The user has a Fixed license? From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Pandi C Sent: Thursday, January 21, 2016 2:19 PM To: arslist@ARSLIST.ORG Subject: Reg: Group form permission issue ** Hello_ Administrator User not able to access the remedy Group form. We have removed and updated Administrator permission again on the user people record, even though getting attached below error message when trying to open Group form url. ARERR[9264] You have no access permission to the form Group. Kindly check and let me know if anyone face this issue??? for the solution. -- C.Pandi _ARSlist: "Where the Answers Are" and have been for 20 years_ This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
Re: Parameter which controls Change Request open\modify
It’s on the Application Preferences form. You can set it to bring up a new ticket or the one you just saved. Settings for Incident, Problem, Change… Dave From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Gordon Frank Sent: Friday, October 30, 2015 9:40 AM To: arslist@ARSLIST.ORG Subject: Parameter which controls Change Request open\modify ** Hello, I believe there is a parameter which controls the immediate workflow of Change Requests. I can't remember it. The scenario is: 1. Bring up Change Request - New 2. Submit a New Change Request 3. The submitted change request is echoed back to the Change Request screen for further modification or "Next Stage." I know I'm going to say "That's Right!" when someone reminds me, but I am currently having a Senior moment. Thanks up front! -- [Crab] Gordon M. Frank ITIL V3 Foundation Certified Security + Certified Mobile: 410-689-9373 _ARSlist: "Where the Answers Are" and have been for 20 years_ This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
Re: SSO / AREA LDAP question
Yes, we have the plugin and we can get sso to function. The issue is that we get random lockouts for the users when they are coming in through the mid-tier. It doesn't happen to everyone at the same time. There have been times where it does not affect a given user for several days. Then they log in and they get locked out, like I said it seems pretty random. For instance, I log in and usually don't see the lockout issue whereas my co-developer logs in and almost instantly gets locked out. Then after resetting his domain id he is fine for several hours and then we both start getting locked out. We are troubleshooting with our AD team but it isn't looking promising. I was hoping that someone who is using the BMC supplied SSO code experienced this and was able to solve the issue. Thanks Dave From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Yogesh Ketkar Sent: Thursday, March 14, 2013 12:43 PM To: arslist@ARSLIST.ORG Subject: Re: SSO / AREA LDAP question ** Hello David, >> As it was explained to me and through reading the SSO integration white >> paper capturing the user ID should be all that is needed to get the user >> logged in at that point. I think there is some confusion here. For SSO to work in general with Midtier, there has to be some work done on 2 ends, the Midtier end and the ARServer end. AR Server (either form based or AREA LDAP based) needs username/password combination for authentication by default. You can have some chaining setups where some users will get authenticated against Form and other using LDAP which people typically do when they have AREA LDAP setup and they setup user password as BLANK in user form for users which need to be authenticated against LDAP. But AR Server, by default, will not authenticate a user unless password is supplied. BMC whitepaper says that once you have overridden DefaultAuthenticator on Miditer side, you can bypass login page and as you said, you are getting username somehow. Now this username and some TOKEN has to be passed back to AR Server and you need to write an custom AREA plug-in which will validate username/TOKEN combination, may be talking to some SSO server or in some way. Point is, unless you write a custom AREA plug-in SSO will not work. Also in your case, it sounds like, you are satisfied by just having extracted username from the browser (IE) and you want AR Server to authenticate the user just based on that. Regards, Yogesh From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Lotz, David Sent: Thursday, March 14, 2013 12:37 AM To: arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG> Subject: SSO / AREA LDAP question ** Hello list, Remedy 7.5 Oracle 10g Mid-Tier is patch 3 3 app servers 3 mid tier servers I am having a peculiar problem and thought I would ask the list if anyone had seen a similar issue. We are attempting to implement SSO with the BMC supplied plugin and appear to be successful but (yes there is probably always a but) users are randomly being locked out of the Domain when in the mid-tier. We have only implemented SSO for the mid-tier and I have a portion of a mid-tier log that I have specific question about. /* Wed Mar 13 2013 09:22:41.1950 */ AREAVerifyLoginCallback /* Wed Mar 13 2013 09:22:41.1950 */ Connecting via SSL(host= port=636, certPath=c:\ldap_certs) /* Wed Mar 13 2013 09:22:41.1950 */ connect timeout previously: -1 /* Wed Mar 13 2013 09:22:41.1950 */ connect timeout used: 35000 /* Wed Mar 13 2013 09:22:41.1950 */ ldap_simple_bind("cn=", hidden) /* Wed Mar 13 2013 09:22:41.1950 */ After the bind /* Wed Mar 13 2013 09:22:41.1950 */ ldap_search_ext("", 2, "cn=") /* Wed Mar 13 2013 09:22:41.2110 */ ldap_simple_bind("CN= /* Wed Mar 13 2013 09:22:41.3200 */ Bind: Invalid credentials (LDAPERR Code 49) 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 775, v1db1 /* Wed Mar 13 2013 09:22:41.3200 */ Found user but password is bad /* Wed Mar 13 2013 09:22:41.3200 */ LicenseMask=0 LicenseWrite=0 LicenseFTS=0 LicenseReserved1=0 Notification=3 Email= LoginStatus=2 ModificationTime=0 /* Wed Mar 13 2013 09:22:41.3200 */ Groups= I know that when LDAP is used for authentication a bind happens for the user defined in the AREA LDAP Configuration form, and when that is successful another bind is done for the actual user logging into the system. As you can see in the log excerpt it does this when using the SSO Plugin as well. We are only using SSO when logging in through the web. As it was explained to me and through reading the SSO integration white paper capturing the user ID should be all that is needed to get the user logged in at that point. We are pulling the user ID from the header of the IE page and using it afte
SSO / AREA LDAP question
Hello list, Remedy 7.5 Oracle 10g Mid-Tier is patch 3 3 app servers 3 mid tier servers I am having a peculiar problem and thought I would ask the list if anyone had seen a similar issue. We are attempting to implement SSO with the BMC supplied plugin and appear to be successful but (yes there is probably always a but) users are randomly being locked out of the Domain when in the mid-tier. We have only implemented SSO for the mid-tier and I have a portion of a mid-tier log that I have specific question about. /* Wed Mar 13 2013 09:22:41.1950 */ AREAVerifyLoginCallback /* Wed Mar 13 2013 09:22:41.1950 */ Connecting via SSL(host= port=636, certPath=c:\ldap_certs) /* Wed Mar 13 2013 09:22:41.1950 */ connect timeout previously: -1 /* Wed Mar 13 2013 09:22:41.1950 */ connect timeout used: 35000 /* Wed Mar 13 2013 09:22:41.1950 */ ldap_simple_bind("cn=", hidden) /* Wed Mar 13 2013 09:22:41.1950 */ After the bind /* Wed Mar 13 2013 09:22:41.1950 */ ldap_search_ext("", 2, "cn=") /* Wed Mar 13 2013 09:22:41.2110 */ ldap_simple_bind("CN= /* Wed Mar 13 2013 09:22:41.3200 */ Bind: Invalid credentials (LDAPERR Code 49) 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 775, v1db1 /* Wed Mar 13 2013 09:22:41.3200 */ Found user but password is bad /* Wed Mar 13 2013 09:22:41.3200 */ LicenseMask=0 LicenseWrite=0 LicenseFTS=0 LicenseReserved1=0 Notification=3 Email= LoginStatus=2 ModificationTime=0 /* Wed Mar 13 2013 09:22:41.3200 */ Groups= I know that when LDAP is used for authentication a bind happens for the user defined in the AREA LDAP Configuration form, and when that is successful another bind is done for the actual user logging into the system. As you can see in the log excerpt it does this when using the SSO Plugin as well. We are only using SSO when logging in through the web. As it was explained to me and through reading the SSO integration white paper capturing the user ID should be all that is needed to get the user logged in at that point. We are pulling the user ID from the header of the IE page and using it after removing the domain information. My question is if that is all true and we accept that if the user is logged into the network and able to access it through the web page why is AREA LDAP trying to do the bind with the user information instead of just a search and acknowledgement that the user exists on the network? Is there a way to turn off the second bind for Mid-Tier only? Also, has anyone run into a problem like this before? I can be logged into the tool for hours and not be locked out. Then one of my co-workers attempts to login and gets locked out repeatedly. Any help would be greatly appreciated. We use a load balancer before the mid-tier and then again before the application server. The problem doesn't appear to be linked to any server in the pool. I have repeatedly gone through the SSO setup for each server and they are identical and appear to be correct. I have used SSL and non SSL connections and there doesn't appear to be a problem with any of the certificates. David Lotz Fifth Third Bank Enterprise Solutions-Enterprise Applications Remedy Application Team email: david.l...@53.com mailto:david.l...@53.com> P:513.534.3371 F:513.534.3421 MD:1090W2 This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
Re: SRM Console and hiding buttons
I found out how to do this after I asked the question. Thanks for the response though Any idea how to do the same thing for the "Request Now" button? It's not configurational and I can't find anything that actually builds the HTML or whatever is being used in the Display field. Dave From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Pierson, Shawn Sent: Monday, May 07, 2012 3:02 PM To: arslist@ARSLIST.ORG Subject: Re: SRM Console and hiding buttons ** Log in to the Application Administration Console and go to the Advanced tab, then select SRM > Advanced > Preferences and you can turn the Cart functionality via the "Show Cart" field, or are you trying to do this on a case by case basis? Thanks, Shawn Pierson Remedy Developer | Energy Transfer This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"
SRM Console and hiding buttons
Hello, I have a question about SRM 7.6.00. We are running a 7.5.00 environment with SRM 7.6.00 and are trying to disable or hide the buttons "Add to Cart" and "Request Now" in SRM. Realizing that it would be a pretty much all or nothing sort of thing has anyone ever done this? Clearly it isn't as easy as disabling a button on an AR form because of how Data Visualization fields work. Also, everything that I have been able to find so far indicates that it isn't something BMC wants you to do. David Lotz Fifth Third Bank Enterprise Solutions-Enterprise Applications Remedy Application Team email: david.l...@53.com mailto:david.l...@53.com> P:513.534.3371 F:513.534.3421 MD:1090W2 This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"