htan
Member
How do you restrict SYSADMIN role from being assigned in Role Relationship program? We have a Help Desk role for help desk to do all user creation related tasks including create new user, assigning role, change user password. I am stuck with restricting SYSADMIN role being assigned to a user.
I have tried setting up row security on F95921, and that results in no one can see all existing role records that had been assigned to the users. I have tried setting up row security on F0092 so SYSADMIN role can only be viewed, but any type of row security will result in sign in error in the log that looks like below.
4924/5216 MAIN_THREAD Tue Dec 18 09:53:21.999000 Jdb_ctl.c3488
Starting OneWorld
4924/5216 WRK:Starting jdeCallObject Tue Dec 18 09:53:26.843000 jdecsec.c343
Unable to fetch proxy info: the client must call jdeSecValdiateUserByPwd or jdeSecValidateUserByToken first
4924/5216 WRK:Starting jdeCallObject Tue Dec 18 09:53:26.859000 jdecsec.c343
Unable to fetch proxy info: the client must call jdeSecValdiateUserByPwd or jdeSecValidateUserByToken first
4924/5216 WRK:Starting jdeCallObject Tue Dec 18 09:53:26.859001 jdecsec.c343
Unable to fetch proxy info: the client must call jdeSecValdiateUserByPwd or jdeSecValidateUserByToken first
4924/5216 MAIN_THREAD Tue Dec 18 09:53:26.968000 Jdb_ctl.c1148
JDB4100001 - Failed to validate Env handle
When asking for help from Oracle, the developer there replied, "We recommend restricting important application access only to SYSADMIN." But I thought it is ridiculous to have CNC admin to do mundane tasks like assigning role to users.
Do you have a creative idea to resolve this situation?
HT
8.12/8.96F1 SQL Server 2000 Windows 2003
I have tried setting up row security on F95921, and that results in no one can see all existing role records that had been assigned to the users. I have tried setting up row security on F0092 so SYSADMIN role can only be viewed, but any type of row security will result in sign in error in the log that looks like below.
4924/5216 MAIN_THREAD Tue Dec 18 09:53:21.999000 Jdb_ctl.c3488
Starting OneWorld
4924/5216 WRK:Starting jdeCallObject Tue Dec 18 09:53:26.843000 jdecsec.c343
Unable to fetch proxy info: the client must call jdeSecValdiateUserByPwd or jdeSecValidateUserByToken first
4924/5216 WRK:Starting jdeCallObject Tue Dec 18 09:53:26.859000 jdecsec.c343
Unable to fetch proxy info: the client must call jdeSecValdiateUserByPwd or jdeSecValidateUserByToken first
4924/5216 WRK:Starting jdeCallObject Tue Dec 18 09:53:26.859001 jdecsec.c343
Unable to fetch proxy info: the client must call jdeSecValdiateUserByPwd or jdeSecValidateUserByToken first
4924/5216 MAIN_THREAD Tue Dec 18 09:53:26.968000 Jdb_ctl.c1148
JDB4100001 - Failed to validate Env handle
When asking for help from Oracle, the developer there replied, "We recommend restricting important application access only to SYSADMIN." But I thought it is ridiculous to have CNC admin to do mundane tasks like assigning role to users.
Do you have a creative idea to resolve this situation?
HT
8.12/8.96F1 SQL Server 2000 Windows 2003