Re: Blocking Users from PRD Server for Testing After Upgrade
Thanks Ken LJ! I should be able to use the workflow method pretty quickly (have a PRD upgrade coming up next week) and start planning to possible work with LJ's suggestion in the future! It seems no matter how much I've planned and instructed users in the past there's always some bonehead who'd making updates immediately following a PRD upgrade but before testing is completed ... I'd just like to have better control this time. Thanks again - You guys rock! Trez Moreland Remedy Administrator Maryland Department of Information Technology ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: Where the Answers Are
Re: Blocking Users from PRD Server for Testing After Upgrade
If you do not mind your users having Admin rights during the test, you could just assign the 8users Administrator rights during the testing, enable Admin only mode, and reverse after testing. This his you can still have users from different Assignee Groups in your test. The only drawback is that you will not be able to see any user right related issues during your test. /Jan On Sep 20, 2011, at 16:49 , Trez Moreland wrote: Hi All: ARS 7.1 SQL2005 Win2003 on VMWare Virtual Environment We’re doing a PRD upgrade next week (ARS 7.1 to 7.6.04 SP1) and we’d like to block users from connecting while we perform some testing of custom apps. Problem is – we can’t leave the AR Server in Admin mode because we need users from specific Assignee Groups to perform the tests. I’m throwing the question at our network and security admins – but thought I’d ask the ARSLIST group the question first. Any insight into the best way to blocks all but a specific group of test users? Thanks, Trez Moreland Remedy Administrator Maryland Department of Information Technology ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: Where the Answers Are ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: Where the Answers Are
Re: Blocking Users from PRD Server for Testing After Upgrade
Thanks Ken Frederick for the quick reply. Good ideas! I have a fairly small test group about (8 testers) - problem is - some of my user base authenticates via LDAP and a smaller # (about 25) use Remedy authentication w/password management. Someone suggested using a combination approach. The suggestion was that I consider exporting user data for those who authenticate via Remedy (user name password ), turn off LDAP completely, delete password for Remedy authenticaters, assign testers passwords in User form, complete testing, then import the passwords back into the User form. Worst case would be about 20 users could potentially have to change their passwords ... Makes me a little nervous though. Any thoughts? ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: Where the Answers Are
Re: Blocking Users from PRD Server for Testing After Upgrade
Trez, This will require a bit of setup, but it's designed specifically for this scenario. Remedy Deployable applications have a 'state'...by default the state of the application is 'Production', but you can change this state to 'Maintenance'This invokes the 'Test' roles mapping. Or in other words, Remedy has built in 'test' mode of applications. When the application state is in 'Maintenance', the role mapping changes to the Test groups, instead of the 'Production' groups, so only people with Test permissions can access the application. So, you will need to go through the users that you want to be test users, and all of the applications to define/configure your 'test permissions', and then grant those test users the test permissions, and you are good...swap the application mode and the 'normal' users no longer even have permission to the application, but your test users do. -Original Message- From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Trez Moreland Sent: Wednesday, September 21, 2011 7:29 AM To: arslist@ARSLIST.ORG Subject: Re: Blocking Users from PRD Server for Testing After Upgrade Thanks Ken Frederick for the quick reply. Good ideas! I have a fairly small test group about (8 testers) - problem is - some of my user base authenticates via LDAP and a smaller # (about 25) use Remedy authentication w/password management. Someone suggested using a combination approach. The suggestion was that I consider exporting user data for those who authenticate via Remedy (user name password ), turn off LDAP completely, delete password for Remedy authenticaters, assign testers passwords in User form, complete testing, then import the passwords back into the User form. Worst case would be about 20 users could potentially have to change their passwords ... Makes me a little nervous though. Any thoughts? ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: Where the Answers Are ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: Where the Answers Are
Re: Blocking Users from PRD Server for Testing After Upgrade
Another approach is to create a filter with execute on create delete and modify. Add all of the forms to it. Set the condition to match the users in the test group set the else action the throw an error. Then you can just enable the filter during testing and disable it when doen. Ken. -Original message- From: Trez Moreland tmorel...@dbm.state.md.us To: arslist@ARSLIST.ORG Sent: Wed, Sep 21, 2011 13:28:40 GMT+00:00 Subject: Re: Blocking Users from PRD Server for Testing After Upgrade Thanks Ken Frederick for the quick reply. Good ideas! I have a fairly small test group about (8 testers) - problem is - some of my user base authenticates via LDAP and a smaller # (about 25) use Remedy authentication w/password management. Someone suggested using a combination approach. The suggestion was that I consider exporting user data for those who authenticate via Remedy (user name password ), turn off LDAP completely, delete password for Remedy authenticaters, assign testers passwords in User form, complete testing, then import the passwords back into the User form. Worst case would be about 20 users could potentially have to change their passwords ... Makes me a little nervous though. Any thoughts? _ __ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: Where the Answers Are *** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept for the presence of computer viruses. www.Hubbell.com - Hubbell Incorporated** ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: Where the Answers Are
Blocking Users from PRD Server for Testing After Upgrade
Hi All: ARS 7.1 SQL2005 Win2003 on VMWare Virtual Environment We’re doing a PRD upgrade next week (ARS 7.1 to 7.6.04 SP1) and we’d like to block users from connecting while we perform some testing of custom apps. Problem is – we can’t leave the AR Server in Admin mode because we need users from specific Assignee Groups to perform the tests. I’m throwing the question at our network and security admins – but thought I’d ask the ARSLIST group the question first. Any insight into the best way to blocks all but a specific group of test users? Thanks, Trez Moreland Remedy Administrator Maryland Department of Information Technology ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: Where the Answers Are
Re: Blocking Users from PRD Server for Testing After Upgrade
If you are using AREA authentication (where you leave the password in Remedy blank) you can simply put in a dummy password in Remedy for the users you don't want to have access. When you want them to have access just remove the password in Remedy and it will use the AREA authentication to authenticate against your LDAP (Active Directory) server. Fred -Original Message- From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Trez Moreland Sent: Tuesday, September 20, 2011 9:50 AM To: arslist@ARSLIST.ORG Subject: Blocking Users from PRD Server for Testing After Upgrade Hi All: ARS 7.1 SQL2005 Win2003 on VMWare Virtual Environment Were doing a PRD upgrade next week (ARS 7.1 to 7.6.04 SP1) and wed like to block users from connecting while we perform some testing of custom apps. Problem is we cant leave the AR Server in Admin mode because we need users from specific Assignee Groups to perform the tests. Im throwing the question at our network and security admins but thought Id ask the ARSLIST group the question first. Any insight into the best way to blocks all but a specific group of test users? Thanks, Trez Moreland Remedy Administrator Maryland Department of Information Technology ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: Where the Answers Are
Re: Blocking Users from PRD Server for Testing After Upgrade
Depending on the size of your testing group it may be quicker to use Frederick's idea but in reverse... In other words disable the LDAP authentication altogether and give the test users a local remedy password. Ken -Original Message- From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Grooms, Frederick W Sent: Tuesday, September 20, 2011 11:34 AM To: arslist@ARSLIST.ORG Subject: Re: Blocking Users from PRD Server for Testing After Upgrade If you are using AREA authentication (where you leave the password in Remedy blank) you can simply put in a dummy password in Remedy for the users you don't want to have access. When you want them to have access just remove the password in Remedy and it will use the AREA authentication to authenticate against your LDAP (Active Directory) server. Fred -Original Message- From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Trez Moreland Sent: Tuesday, September 20, 2011 9:50 AM To: arslist@ARSLIST.ORG Subject: Blocking Users from PRD Server for Testing After Upgrade Hi All: ARS 7.1 SQL2005 Win2003 on VMWare Virtual Environment Were doing a PRD upgrade next week (ARS 7.1 to 7.6.04 SP1) and wed like to block users from connecting while we perform some testing of custom apps. Problem is we cant leave the AR Server in Admin mode because we need users from specific Assignee Groups to perform the tests. Im throwing the question at our network and security admins but thought Id ask the ARSLIST group the question first. Any insight into the best way to blocks all but a specific group of test users? Thanks, Trez Moreland Remedy Administrator Maryland Department of Information Technology ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: Where the Answers Are *** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept for the presence of computer viruses. www.Hubbell.com - Hubbell Incorporated** ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: Where the Answers Are