Search Results

Search found 10800 results on 432 pages for 'e3 group'.

Page 47/432 | < Previous Page | 43 44 45 46 47 48 49 50 51 52 53 54  | Next Page >

  • InfoPath Getting SharePoint Group Information

    - by anon
    I have an InfoPath form embedded in an aspx page on a SharePoint site. How do I bind the SharePoint user groups to a drop-down list on my form? What I've tried so far is to create a data connection to a web service (method GetGroupCollectionFromWeb) to pull the data. Next, I open the list box properties, select "Look up values from an external data source", select the data source, assign the entries, and I get the following error: "You must select a repeating group or field." What I don't understand is that since the method I am calling is called GetGroupCollectionFromWeb, isn't the return value a collection? And aren't collections repeating by definition? What am I missing, and is there a workaround? Thank you.

    Read the article

  • group by, order by, with join

    - by Scarface
    Hey guys, quick question, I have this query, and I am trying to get the latest comment for each topic and then sort those results in descending order (therefore one comment per topic). I have what I think should work, but my join always messes my results up. Somehow, it seems to have sorted the end results properly, but has not taken the latest comment from each topic instead it seems to have just taken a random comment. If anyone has any ideas, would really appreciate any advice SELECT * FROM comments JOIN topic ON topic.topic_id=comments.topic_id WHERE topic.creator='admin' GROUP BY comments.topic_id ORDER BY comments.time DESC table comments is structured like id time user message topic_id table topic is structured like topic_id subject_id topic_title creator timestamp description

    Read the article

  • SQL where clasue to work with Group by clasue after performing a count()

    - by Matt
    Tried my usual references at w3schools and google. No luck I'm trying to produce the following results. QTY is a derived column | Position | QTY -------------------- 1 Clerk 2 2 Mgr 2 Here's what I'm not having luck with: SELECT Position, Count(position) AS 'QTY' FROM tblemployee Where ('QTY' != 1) GROUP BY Position I know that my Position is set up as varchar(255) Count produces a integer data and my where clasue is accurate so that leads me to believe that that Count() is jamming me up. Please throw up an example so I can reference later. Thanks for the help!

    Read the article

  • After grouping by, can I refer to the elements of the original IEnumerable in a LINQ query?

    - by michielvoo
    Example: from OriginalObject in ListOfOriginalObjects group new CustomObject { X = OriginalObject.A, Y = OriginalObject.B } by OriginalObject.Z into grouping select new GroupOfCustomObjects { Z = grouping.Key, C = OriginalObject.C, group = grouping } In the select part of the query, I'd like to add a property (OriginalObject.C) to the type GroupOfCustomObjects. But it seems that OriginalObject is out of scope in that part of the query. I can sort of understand why, since I am not grouping on that property and I am also not making that property part of CustomObject that I'm grouping. One workaround is to add a property C to CustomObject and the in the GroupOfCustomObjects read the value of the first CustomObject in the grouping. My issue with that is that I'm adding a property to an object that doesn't need it (CustomObject), just to be able to add it to the GroupOfCustomObjects. I hope I have explained this properly! Is there a way to refer to the OriginalObject that the query starts with? Thanks!

    Read the article

  • Translate SQL to LINQ query - group/join/filter

    - by Paddy
    I have the following query: SELECT S.[FlowOrder], S.[DESCRIPTION], COUNT(I.ID) FROM WorkFlowStatus AS S INNER JOIN Item AS I ON S.ID = I.StatusID WHERE I.Installation = '1' GROUP BY S.[Description], S.[FlowOrder] ORDER BY S.[FlowOrder] Which gives me the count of an item, grouped by a foreign key to workflow, outputting the descriptive name from my FK table. I've go this far with the LINQ query (using LINQ-to-SQL) in the background: var items = from s in _entities.WorkflowStatus join i in _entities.Items on s.ID equals i.StatusId into Statuses orderby s.FlowOrder select new {s.Description, ItemCount = Statuses.Count() }; How do I get the where clause in the SQL into this LINQ query?

    Read the article

  • Finding group maxes in SQL join result

    - by Gene
    Two SQL tables. One contestant has many entries: Contestants Entries Id Name Id Contestant_Id Score -- ---- -- ------------- ----- 1 Fred 1 3 100 2 Mary 2 3 22 3 Irving 3 1 888 4 Grizelda 4 4 123 5 1 19 6 3 50 Low score wins. Need to retrieve current best scores of all contestants ordered by score: Best Entries Report Name Entry_Id Score ---- -------- ----- Fred 5 19 Irving 2 22 Grizelda 4 123 I can certainly get this done with many queries. My question is whether there's a way to get the result with one, efficient SQL query. I can almost see how to do it with GROUP BY, but not quite. In case it's relevant, the environment is Rails ActiveRecord and PostgreSQL.

    Read the article

  • Rails group validation with just one error message

    - by Victor
    The following validation code in the model: validates :formatted_address, :zip, :city, :state, :country, :presence => true, :message => "is incomplete. Please enter full address." is displayed when either of the fields are empty. Let's say now :address and country are empty, 2 errors are displayed: Formatted Address is incomplete. Please enter full address. Country is incomplete. Please enter full address. How can I group the error message in the validation to just show one error message if either of the fields validated does not exist? Address is incomplete. Please enter full address. Thanks.

    Read the article

  • How to SUM columns on multiple conditions in a GROUP BY

    - by David Liddle
    I am trying to return a list of Accounts with their Balances, Outcome and Income Account Transaction ------- ----------- AccountID TransactionID BankName AccountID Locale Amount Status Here is what I currently have. Could someone explain where I am going wrong? select a.ACCOUNT_ID, a.BANK_NAME, a.LOCALE, a.STATUS, sum(t1.AMOUNT) as BALANCE, sum(t2.AMOUNT) as OUTCOME, sum(t3.AMOUNT) as INCOME from ACCOUNT a left join TRANSACTION t1 on t1.ACCOUNT_ID = a.ACCOUNT_ID left join TRANSACTION t2 on t1.ACCOUNT_ID = a.ACCOUNT_ID and t2.AMOUNT < 0 left join TRANSACTION t3 on t3.ACCOUNT_ID = a.ACCOUNT_ID and t3.AMOUNT > 0 group by a.ACCOUNT_ID, a.BANK_NAME, a.LOCALE, a.[STATUS]

    Read the article

  • Algorithm to Group All the Cycles Together

    - by Ngu Soon Hui
    I have a lot of cycles ( indicated by numeric values, for example, 1-2-3-4 corresponds to a cycle, with 4 edges, edge 1 is {1:2}, edge 2 is {2:3}, edge 3 is {3,4}, edge 4 is {4,1}, and so on). A cycle is said to be connected to another cycle if they share one and only one edge. For example, let's say I have two cycles 1-2-3-4 and 5-6-7-8, then there are two cycle groups because these two cycles are not connecting to each other. If I have two cycles 1-2-3-4 and 3-4-5-6, then I have only one cycle group because these two cycles share the same edge. What is the most efficient way to find all the cycle groups?

    Read the article

  • I can't Distinct, Sum, or Count from 3 tables with group clauses

    - by Rio Inggit Dharmawangsa
    I'm still learning linq, now i'm getting confused. I need data for report from 3 tables, I get the result, but it's duplicate. I have used distinct but it's not working, n I need data to be sum still not working. Here is my query, can somebody explain what's wrong? var report= (from u in myDb.TBL_TRANSAKSI_MKN_MNMs.AsEnumerable() where u.TGL_TRANSAKSI.Value.Date.Equals(dateTimePicker1.Value.Date) join l in myDb.TBL_DETAIL_TRANSAKSIs.AsEnumerable() on u.ID_NOTA equals l.ID_NOTA join m in myDb.TBL_MKN_MNMs.AsEnumerable() on l.ID_MKN_MNM equals m.ID_MKN_MNM group new { u, l, m } by new { m.NAMA_MKN_MNM, m.HARGA_JUAL, u.TGL_TRANSAKSI, l.ID_MKN_MNM, u.USERNAME, l.Jumlah } into grp select new { MakanMinum = grp.Key.NAMA_MKN_MNM, HargaJual = grp.Key.HARGA_JUAL, Stok = grp.Sum(groupedthing => groupedthing.l.Jumlah), Tanggal = grp.Key.TGL_TRANSAKSI, Jumlah =(grp.Key.HARGA_JUAL * grp.Sum(groupedthing => groupedthing.l.Jumlah)), Total = grp.Sum(grouptotal => grp.Key.HARGA_JUAL * grp.Sum(groupedthing => groupedthing.l.Jumlah)), Username = grp.Key.USERNAME }).Distinct();

    Read the article

  • Group by clause return latest row information

    - by I Like PHP
    below is my table structure table_movie_info i_movie_id |movie_actor_id |movie_actress_id |movie_director_id | movie_producer_id 48 | 5 | 9 | 66 | 21 48 | 6 | 15 | 88 | 22 48 | 7 | 12 | 77 | 23 one more table is table_movie movie_id | movie_year | movie_genre_id |movie_rating 1 | 2009 | 6 | 8 2 | 2001 | 5 | 7.5 48 | 2007 | 3 | 6.8 now i need total movie information using both table,i write below query SELECT * FROM table_movie_info LEFT JOIN table_movie ON movie_id = i_movie_id WHERE i_movie_id=48 GROUP BY i_movie_id above query return only one row , but i need such type of information movie_id=48, actors_id list=5,6,7 acttress_id list=9,15,12 etc.. please tell me the optimized query which h return complete information i need. thanks for helping me always.

    Read the article

  • Getting the most recent entry per group in a select statement

    - by TheObserver
    I have 3 tables to join to get table1.code, table1.series, table2.entry_date, table3.title1 and I'm trying to get the most recent non null table3.title1 grouped by table1.code and table1.series. select table1.code, table1.series, max(table2.entry_date), table3.Title1 from table3 INNER JOIN table2 ON table3.ID = table2.ID INNER JOIN table1 ON table2.source_code = table1.code where table3.Title1 is not NULL group by table1.code, table1.series, table3.Title1 seems to give me all entries with a non null title1 instead of the most recent one. How should I structure the query to just pick the newest version of Title1 per code & series?

    Read the article

  • MySQL - Conflicting WHERE and GROUP BY Statements

    - by TaylorPLM
    I have a query returning the counts of some data, but I do NOT want data that has a null value in it... As an example, the code rolls stats from a clicking system into a table. SELECT sh.dropid, ... FROM subscriberhistory sh INNER JOIN subscriberhistory sh2 on sh.subid = sh2.subid WHERE sh.dropid IS NOT NULL AND sh.dropid != "" ... GROUP BY sh.dropid An example of the record set returned would look like this... 400 2 3 4 5 6 401 2 3 6 5 4 NULL 2 3 4 5 1 There are some other where clauses, and a few more selects (as I said, using the count aggregate) that are also within the query. There is also an order by statement. Again, the goal is to keep the NULL data out of the preceding record set. Could someone explain to me why this behavior is occurring and what to do to solve it.

    Read the article

  • Identifying when there is more than 1 in a group based on grouped field

    - by Brian Cascone
    Sorry for the bad description it is tough to explain in one sentence. I have a dataset that has Cause field (RootCause) and an ID field (GroupID). Both can be many things but I need to identify where a GroupID has a multiple different rootcauses. for example: RootCause GrpId AAA 111 BBB 222 CCC 111 I am looking to be able to identify that GrpId 111 has two different RootCauses. This is what I have so far: Select [RootCause], GrpId, Count(GrpID) as CntGrpId From DB.dbo.Table Where DatatypeField <> '' Group BY [RootCause],GrpId This results set visualy gives me enough information to identify what I am looking for, but i need something better. I am looking to return only the ones that have multiples. Any ideas? Thanks

    Read the article

  • Group Objects by Common Key

    - by Marshmellow1328
    I have a list of Customers. Each customer has an address and some customers may actually have the same address. My ultimate goal is to group customers based on their address. I figure I could either put the customers in some sort of list-based structure and sort on the addresses, or I could drop the objects into some sort of map that allows multiple values per key. I will now make a pretty picture: List: A1 - C1, A1 - C2, A2 - C3, A3 - C4, A3 - C5 Map: A1 A2 A3 C1 C3 C4 C2 C5 Which option (or any others) do you see as the best solution? Are there any existing classes that will make development easier?

    Read the article

  • mysql count(*) left join group by - the number of files in a folder

    - by Flavius
    Hi I have the following tables CREATE TABLE `files` ( `fileid` int(11) NOT NULL AUTO_INCREMENT, `filename` varchar(255) NOT NULL, `filesize` int(11) NOT NULL, `folder` int(11) NOT NULL, PRIMARY KEY (`fileid`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; CREATE TABLE `folders` ( `directoryid` int(11) NOT NULL AUTO_INCREMENT, `directoryname` varchar(255) NOT NULL, PRIMARY KEY (`directoryid`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; How to get a list of all folders and the number of files they hold, including folders who have no (zero) files? Recursion must not be taken into account. Found it select folders.directoryid, folders.directoryname, count(files.fileid) as no_files from folders left join files on files.folder = folders.directoryid group by folders.directoryid, folders.directoryname I hope it will help someone.

    Read the article

  • Need help with a sub query/group/order (get latest comment for each ordered topic)

    - by Scarface
    Hey guys I have a query that currently finds the latest comment for each of a user's topics and then orders topics by that comment's timestamp. What I want to do is expand on this query's use and print the latest comment for each topic. The problem with this query is that while it orders the topics correctly, it prints seemingly random comments for each topic. I am trying to implement a sub query but I am not quite sure how to approach it. I was thinking that I just had to somehow use this query to get the comments. If anyone has any ideas I would really appreciate it. Here is what I think I need to add SELECT * FROM comments where topic_id='$topic_id' ORDER BY timestamp DESC LIMIT 1 Here is the query I need to modify SELECT topic.topic_title, topic.content_type, topic.subject_id, topic.creator, topic.description, topic.topic_id,comments.message,comments.user FROM comments JOIN topic ON topic.topic_id = comments.topic_id WHERE topic.creator = '$user' AND comments.timestamp > $week GROUP BY topic_id ORDER BY MAX(comments.timestamp) DESC

    Read the article

  • MySQL Group Results by day using timestamp

    - by Webnet
    I need to take the following query and pull the total order counts and sum of the orders grouped by day. I'm storing everything using timestamps. SELECT COUNT(id) as order_count, SUM(price + shipping_price) as order_sum, DAY(FROM_UNIXTIME(created)) as day FROM `order` WHERE '.implode(' AND ', $where).' I need to group by DAY but when I do for this past weekend's sales it takes my order_count and makes it 1 instead of 3. How can I pull the above values grouped by day? NOTE: The implode is used ONLY to define the time period (WHERE created = TIMESTAMP AND <= TIMESTAMP)

    Read the article

  • Any idea why this query always returns duplicate items?

    - by Kardo
    I want to get all Images not used by current ItemID. The this subquery but it also always returns duplicate Images: EDITED select Images.ImageID, Images.ItemStatus, Images.UserName, Images.Url, Image_Item.ItemID, Image_Item.ItemID from Images left join (select ImageID, ItemID, MAX(DateCreated) x from Image_Item where ItemID != '5a0077fe-cf86-434d-9f3b-7ff3030a1b6e' group by ImageID, ItemID having count(*) = 1) image_item on Images.imageid = image_item.imageid where ItemID is not null I guess the problem is with the subquery which I can't avoid duplicate rows: select ImageID, ItemID, MAX(DateCreated) x from Image_Item where ItemID != '5a0077fe-cf86-434d-9f3b-7ff3030a1b6e' group by ImageID, ItemID having count(*) = 1 Result: F2EECBDC-963D-42A7-90B1-4F82F89A64C7 0578AC61-3C32-4A1D-812C-60A09A661E71 F2EECBDC-963D-42A7-90B1-4F82F89A64C7 9A4EC913-5AD6-4F9E-AF6D-CF4455D81C10 42BC8B1A-7430-4915-9CDA-C907CBC76D6A CB298EB9-A105-4797-985E-A370013B684F 16371C34-B861-477C-9A7C-DEB27C8F333D 44E6349B-7EBF-4C7E-B3B0-1C6E2F19992C Table: Images ImageID uniqueidentifier UserName nvarchar(100) DateCreated smalldatetime Url nvarchar(250) ItemStatus char(1) Table: Image_Item ImageID uniqueidentifier ItemID uniqueidentifier UserName nvarchar(100) ItemStatus char(1) DateCreated smalldatetime Any kind help is highly appreciated.

    Read the article

  • pam auth via winbind, howto map primary group for users?

    - by dr gonzo
    I have unix users authenticating to an PDC (via winbind) and want to have the primary group of those users a local unix group (e.g. www-data). users have the group "domain users" with gid 10006 (as the gid winbind mapping) idmap uid = 10000-20000 idmap gid = 10000-20000 winbind enum groups = yes winbind enum users = yes winbind use default domain = yes winbind nested groups = yes but want that the primary group is 33 for all users (www-data) how to achieve that?

    Read the article

  • Quick guide to Oracle IRM 11g: Classification design

    - by Simon Thorpe
    Quick guide to Oracle IRM 11g indexThis is the final article in the quick guide to Oracle IRM. If you've followed everything prior you will now have a fully functional and tested Information Rights Management service. It doesn't matter if you've been following the 10g or 11g guide as this next article is common to both. ContentsWhy this is the most important part... Understanding the classification and standard rights model Identifying business use cases Creating an effective IRM classification modelOne single classification across the entire businessA context for each and every possible granular use caseWhat makes a good context? Deciding on the use of roles in the context Reviewing the features and security for context roles Summary Why this is the most important part...Now the real work begins, installing and getting an IRM system running is as simple as following instructions. However to actually have an IRM technology easily protecting your most sensitive information without interfering with your users existing daily work flows and be able to scale IRM across the entire business, requires thought into how confidential documents are created, used and distributed. This article is going to give you the information you need to ask the business the right questions so that you can deploy your IRM service successfully. The IRM team here at Oracle have over 10 years of experience in helping customers and it is important you understand the following to be successful in securing access to your most confidential information. Whatever you are trying to secure, be it mergers and acquisitions information, engineering intellectual property, health care documentation or financial reports. No matter what type of user is going to access the information, be they employees, contractors or customers, there are common goals you are always trying to achieve.Securing the content at the earliest point possible and do it automatically. Removing the dependency on the user to decide to secure the content reduces the risk of mistakes significantly and therefore results a more secure deployment. K.I.S.S. (Keep It Simple Stupid) Reduce complexity in the rights/classification model. Oracle IRM lets you make changes to access to documents even after they are secured which allows you to start with a simple model and then introduce complexity once you've understood how the technology is going to be used in the business. After an initial learning period you can review your implementation and start to make informed decisions based on user feedback and administration experience. Clearly communicate to the user, when appropriate, any changes to their existing work practice. You must make every effort to make the transition to sealed content as simple as possible. For external users you must help them understand why you are securing the documents and inform them the value of the technology to both your business and them. Before getting into the detail, I must pay homage to Martin White, Vice President of client services in SealedMedia, the company Oracle acquired and who created Oracle IRM. In the SealedMedia years Martin was involved with every single customer and was key to the design of certain aspects of the IRM technology, specifically the context model we will be discussing here. Listening carefully to customers and understanding the flexibility of the IRM technology, Martin taught me all the skills of helping customers build scalable, effective and simple to use IRM deployments. No matter how well the engineering department designed the software, badly designed and poorly executed projects can result in difficult to use and manage, and ultimately insecure solutions. The advice and information that follows was born with Martin and he's still delivering IRM consulting with customers and can be found at www.thinkers.co.uk. It is from Martin and others that Oracle not only has the most advanced, scalable and usable document security solution on the market, but Oracle and their partners have the most experience in delivering successful document security solutions. Understanding the classification and standard rights model The goal of any successful IRM deployment is to balance the increase in security the technology brings without over complicating the way people use secured content and avoid a significant increase in administration and maintenance. With Oracle it is possible to automate the protection of content, deploy the desktop software transparently and use authentication methods such that users can open newly secured content initially unaware the document is any different to an insecure one. That is until of course they attempt to do something for which they don't have any rights, such as copy and paste to an insecure application or try and print. Central to achieving this objective is creating a classification model that is simple to understand and use but also provides the right level of complexity to meet the business needs. In Oracle IRM the term used for each classification is a "context". A context defines the relationship between.A group of related documents The people that use the documents The roles that these people perform The rights that these people need to perform their role The context is the key to the success of Oracle IRM. It provides the separation of the role and rights of a user from the content itself. Documents are sealed to contexts but none of the rights, user or group information is stored within the content itself. Sealing only places information about the location of the IRM server that sealed it, the context applied to the document and a few other pieces of metadata that pertain only to the document. This important separation of rights from content means that millions of documents can be secured against a single classification and a user needs only one right assigned to be able to access all documents. If you have followed all the previous articles in this guide, you will be ready to start defining contexts to which your sensitive information will be protected. But before you even start with IRM, you need to understand how your own business uses and creates sensitive documents and emails. Identifying business use cases Oracle is able to support multiple classification systems, but usually there is one single initial need for the technology which drives a deployment. This need might be to protect sensitive mergers and acquisitions information, engineering intellectual property, financial documents. For this and every subsequent use case you must understand how users create and work with documents, to who they are distributed and how the recipients should interact with them. A successful IRM deployment should start with one well identified use case (we go through some examples towards the end of this article) and then after letting this use case play out in the business, you learn how your users work with content, how well your communication to the business worked and if the classification system you deployed delivered the right balance. It is at this point you can start rolling the technology out further. Creating an effective IRM classification model Once you have selected the initial use case you will address with IRM, you need to design a classification model that defines the access to secured documents within the use case. In Oracle IRM there is an inbuilt classification system called the "context" model. In Oracle IRM 11g it is possible to extend the server to support any rights classification model, but the majority of users who are not using an application integration (such as Oracle IRM within Oracle Beehive) are likely to be starting out with the built in context model. Before looking at creating a classification system with IRM, it is worth reviewing some recognized standards and methods for creating and implementing security policy. A very useful set of documents are the ISO 17799 guidelines and the SANS security policy templates. First task is to create a context against which documents are to be secured. A context consists of a group of related documents (all top secret engineering research), a list of roles (contributors and readers) which define how users can access documents and a list of users (research engineers) who have been given a role allowing them to interact with sealed content. Before even creating the first context it is wise to decide on a philosophy which will dictate the level of granularity, the question is, where do you start? At a department level? By project? By technology? First consider the two ends of the spectrum... One single classification across the entire business Imagine that instead of having separate contexts, one for engineering intellectual property, one for your financial data, one for human resources personally identifiable information, you create one context for all documents across the entire business. Whilst you may have immediate objections, there are some significant benefits in thinking about considering this. Document security classification decisions are simple. You only have one context to chose from! User provisioning is simple, just make sure everyone has a role in the only context in the business. Administration is very low, if you assign rights to groups from the business user repository you probably never have to touch IRM administration again. There are however some obvious downsides to this model.All users in have access to all IRM secured content. So potentially a sales person could access sensitive mergers and acquisition documents, if they can get their hands on a copy that is. You cannot delegate control of different documents to different parts of the business, this may not satisfy your regulatory requirements for the separation and delegation of duties. Changing a users role affects every single document ever secured. Even though it is very unlikely a business would ever use one single context to secure all their sensitive information, thinking about this scenario raises one very important point. Just having one single context and securing all confidential documents to it, whilst incurring some of the problems detailed above, has one huge value. Once secured, IRM protected content can ONLY be accessed by authorized users. Just think of all the sensitive documents in your business today, imagine if you could ensure that only everyone you trust could open them. Even if an employee lost a laptop or someone accidentally sent an email to the wrong recipient, only the right people could open that file. A context for each and every possible granular use case Now let's think about the total opposite of a single context design. What if you created a context for each and every single defined business need and created multiple contexts within this for each level of granularity? Let's take a use case where we need to protect engineering intellectual property. Imagine we have 6 different engineering groups, and in each we have a research department, a design department and manufacturing. The company information security policy defines 3 levels of information sensitivity... restricted, confidential and top secret. Then let's say that each group and department needs to define access to information from both internal and external users. Finally add into the mix that they want to review the rights model for each context every financial quarter. This would result in a huge amount of contexts. For example, lets just look at the resulting contexts for one engineering group. Q1FY2010 Restricted Internal - Engineering Group 1 - Research Q1FY2010 Restricted Internal - Engineering Group 1 - Design Q1FY2010 Restricted Internal - Engineering Group 1 - Manufacturing Q1FY2010 Restricted External- Engineering Group 1 - Research Q1FY2010 Restricted External - Engineering Group 1 - Design Q1FY2010 Restricted External - Engineering Group 1 - Manufacturing Q1FY2010 Confidential Internal - Engineering Group 1 - Research Q1FY2010 Confidential Internal - Engineering Group 1 - Design Q1FY2010 Confidential Internal - Engineering Group 1 - Manufacturing Q1FY2010 Confidential External - Engineering Group 1 - Research Q1FY2010 Confidential External - Engineering Group 1 - Design Q1FY2010 Confidential External - Engineering Group 1 - Manufacturing Q1FY2010 Top Secret Internal - Engineering Group 1 - Research Q1FY2010 Top Secret Internal - Engineering Group 1 - Design Q1FY2010 Top Secret Internal - Engineering Group 1 - Manufacturing Q1FY2010 Top Secret External - Engineering Group 1 - Research Q1FY2010 Top Secret External - Engineering Group 1 - Design Q1FY2010 Top Secret External - Engineering Group 1 - Manufacturing Now multiply the above by 6 for each engineering group, 18 contexts. You are then creating/reviewing another 18 every 3 months. After a year you've got 72 contexts. What would be the advantages of such a complex classification model? You can satisfy very granular rights requirements, for example only an authorized engineering group 1 researcher can create a top secret report for access internally, and his role will be reviewed on a very frequent basis. Your business may have very complex rights requirements and mapping this directly to IRM may be an obvious exercise. The disadvantages of such a classification model are significant...Huge administrative overhead. Someone in the business must manage, review and administrate each of these contexts. If the engineering group had a single administrator, they would have 72 classifications to reside over each year. From an end users perspective life will be very confusing. Imagine if a user has rights in just 6 of these contexts. They may be able to print content from one but not another, be able to edit content in 2 contexts but not the other 4. Such confusion at the end user level causes frustration and resistance to the use of the technology. Increased synchronization complexity. Imagine a user who after 3 years in the company ends up with over 300 rights in many different contexts across the business. This would result in long synchronization times as the client software updates all your offline rights. Hard to understand who can do what with what. Imagine being the VP of engineering and as part of an internal security audit you are asked the question, "What rights to researchers have to our top secret information?". In this complex model the answer is not simple, it would depend on many roles in many contexts. Of course this example is extreme, but it highlights that trying to build many barriers in your business can result in a nightmare of administration and confusion amongst users. In the real world what we need is a balance of the two. We need to seek an optimum number of contexts. Too many contexts are unmanageable and too few contexts does not give fine enough granularity. What makes a good context? Good context design derives mainly from how well you understand your business requirements to secure access to confidential information. Some customers I have worked with can tell me exactly the documents they wish to secure and know exactly who should be opening them. However there are some customers who know only of the government regulation that requires them to control access to certain types of information, they don't actually know where the documents are, how they are created or understand exactly who should have access. Therefore you need to know how to ask the business the right questions that lead to information which help you define a context. First ask these questions about a set of documentsWhat is the topic? Who are legitimate contributors on this topic? Who are the authorized readership? If the answer to any one of these is significantly different, then it probably merits a separate context. Remember that sealed documents are inherently secure and as such they cannot leak to your competitors, therefore it is better sealed to a broad context than not sealed at all. Simplicity is key here. Always revert to the first extreme example of a single classification, then work towards essential complexity. If there is any doubt, always prefer fewer contexts. Remember, Oracle IRM allows you to change your mind later on. You can implement a design now and continue to change and refine as you learn how the technology is used. It is easy to go from a simple model to a more complex one, it is much harder to take a complex model that is already embedded in the work practice of users and try to simplify it. It is also wise to take a single use case and address this first with the business. Don't try and tackle many different problems from the outset. Do one, learn from the process, refine it and then take what you have learned into the next use case, refine and continue. Once you have a good grasp of the technology and understand how your business will use it, you can then start rolling out the technology wider across the business. Deciding on the use of roles in the context Once you have decided on that first initial use case and a context to create let's look at the details you need to decide upon. For each context, identify; Administrative rolesBusiness owner, the person who makes decisions about who may or may not see content in this context. This is often the person who wanted to use IRM and drove the business purchase. They are the usually the person with the most at risk when sensitive information is lost. Point of contact, the person who will handle requests for access to content. Sometimes the same as the business owner, sometimes a trusted secretary or administrator. Context administrator, the person who will enact the decisions of the Business Owner. Sometimes the point of contact, sometimes a trusted IT person. Document related rolesContributors, the people who create and edit documents in this context. Reviewers, the people who are involved in reviewing documents but are not trusted to secure information to this classification. This role is not always necessary. (See later discussion on Published-work and Work-in-Progress) Readers, the people who read documents from this context. Some people may have several of the roles above, which is fine. What you are trying to do is understand and define how the business interacts with your sensitive information. These roles obviously map directly to roles available in Oracle IRM. Reviewing the features and security for context roles At this point we have decided on a classification of information, understand what roles people in the business will play when administrating this classification and how they will interact with content. The final piece of the puzzle in getting the information for our first context is to look at the permissions people will have to sealed documents. First think why are you protecting the documents in the first place? It is to prevent the loss of leaking of information to the wrong people. To control the information, making sure that people only access the latest versions of documents. You are not using Oracle IRM to prevent unauthorized people from doing legitimate work. This is an important point, with IRM you can erect many barriers to prevent access to content yet too many restrictions and authorized users will often find ways to circumvent using the technology and end up distributing unprotected originals. Because IRM is a security technology, it is easy to get carried away restricting different groups. However I would highly recommend starting with a simple solution with few restrictions. Ensure that everyone who reasonably needs to read documents can do so from the outset. Remember that with Oracle IRM you can change rights to content whenever you wish and tighten security. Always return to the fact that the greatest value IRM brings is that ONLY authorized users can access secured content, remember that simple "one context for the entire business" model. At the start of the deployment you really need to aim for user acceptance and therefore a simple model is more likely to succeed. As time passes and users understand how IRM works you can start to introduce more restrictions and complexity. Another key aspect to focus on is handling exceptions. If you decide on a context model where engineering can only access engineering information, and sales can only access sales data. Act quickly when a sales manager needs legitimate access to a set of engineering documents. Having a quick and effective process for permitting other people with legitimate needs to obtain appropriate access will be rewarded with acceptance from the user community. These use cases can often be satisfied by integrating IRM with a good Identity & Access Management technology which simplifies the process of assigning users the correct business roles. The big print issue... Printing is often an issue of contention, users love to print but the business wants to ensure sensitive information remains in the controlled digital world. There are many cases of physical document loss causing a business pain, it is often overlooked that IRM can help with this issue by limiting the ability to generate physical copies of digital content. However it can be hard to maintain a balance between security and usability when it comes to printing. Consider the following points when deciding about whether to give print rights. Oracle IRM sealed documents can contain watermarks that expose information about the user, time and location of access and the classification of the document. This information would reside in the printed copy making it easier to trace who printed it. Printed documents are slower to distribute in comparison to their digital counterparts, so time sensitive information in printed format may present a lower risk. Print activity is audited, therefore you can monitor and react to users abusing print rights. Summary In summary it is important to think carefully about the way you create your context model. As you ask the business these questions you may get a variety of different requirements. There may be special projects that require a context just for sensitive information created during the lifetime of the project. There may be a department that requires all information in the group is secured and you might have a few senior executives who wish to use IRM to exchange a small number of highly sensitive documents with a very small number of people. Oracle IRM, with its very flexible context classification system, can support all of these use cases. The trick is to introducing the complexity to deliver them at the right level. In another article i'm working on I will go through some examples of how Oracle IRM might map to existing business use cases. But for now, this article covers all the important questions you need to get your IRM service deployed and successfully protecting your most sensitive information.

    Read the article

  • would a composite design pattern be useful for group membership?

    - by changokun
    I'm trying to think about the best way to handle group memberships on a website. People sign up and select checkboxes in a list of interests. Every week we send out interest-themed emails to those members that indicated that interest. however i store the information in the database, while i am working with the lists and generating lists of email addresses or manipulating group memberships, the composite design pattern looked interesting. it would be easy to populate the group, then do some aggregating functions that say... generate the list of email addresses based on the interests. but i'm not sure i'm seeing any other advantages. i do need something scalable, and flexible. thoughts?

    Read the article

  • ADO program to list members of a large group.

    - by AlexGomez
    Hi everyone, I'm attempting to list all the members in a Active Directory group using ADO. The problem I have is that many of these groups have over 1500 members and ADSI cannot handle more than 1500 items in a multi-valued attribute. Fortunately I came across Richard Muller's wonderful VBScript that handles more than 1500 members at http://www.rlmueller.net/DocumentLargeGroup.htm I modified his code as shown below so that I can list ALL the groups and its memberships in a certain OU. However, I'm keeping getting the exception shown below: "ADODB.Recordset: Item cannot be found in the collection corresponding to the requested name or ordinal." My program appears to get stuck at: strPath = adoRecordset.Fields("ADsPath").Value Set objGroup = GetObject(strPath) All I am doing above is issuing the query to get back a recordset consisting of the ADsPath for each group in the OU. It then walks through the recordset and grabs the ADsPath for the first group and store its in a variable named strPath; we then use the value of that variable to bind to the group account for that group. It really should work! Any idea why the code below doesn't work for me? Any pointers will be great appreciated. Thanks. Option Explicit Dim objRootDSE, strDNSDomain, adoCommand Dim adoConnection, strBase, strAttributes Dim strFilter, strQuery, adoRecordset Dim strDN, intCount, blnLast, intLowRange Dim intHighRange, intRangeStep, objField Dim objGroup, objMember, strName ' Determine DNS domain name. Set objRootDSE = GetObject("LDAP://RootDSE") 'strDNSDomain = objRootDSE.Get("DefaultNamingContext") strDNSDomain = "XXXXXXXX" ' Use ADO to search Active Directory. Set adoCommand = CreateObject("ADODB.Command") Set adoConnection = CreateObject("ADODB.Connection") adoConnection.Provider = "ADsDSOObject" adoConnection.Open = "Active Directory Provider" adoCommand.ActiveConnection = adoConnection adoCommand.Properties("Page Size") = 100 adoCommand.Properties("Timeout") = 30 adoCommand.Properties("Cache Results") = False ' Specify base of search. strBase = "<LDAP://" & strDNSDomain & ">" ' Specify the attribute values to retrieve. strAttributes = "member" ' Filter on objects of class "group" strFilter = "(&(objectClass=group)(samAccountName=*))" ' Enumerate direct group members. ' Use range limits to handle more than 1000/1500 members. ' Setup to retrieve 1000 members at a time. blnLast = False intRangeStep = 999 intLowRange = 0 IntHighRange = intLowRange + intRangeStep Do While True If (blnLast = True) Then ' If last query, retrieve remaining members. strQuery = strBase & ";" & strFilter & ";" _ & strAttributes & ";range=" & intLowRange _ & "-*;subtree" Else ' If not last query, retrieve 1000 members. strQuery = strBase & ";" & strFilter & ";" _ & strAttributes & ";range=" & intLowRange & "-" _ & intHighRange & ";subtree" End If adoCommand.CommandText = strQuery Set adoRecordset = adoCommand.Execute adoRecordset.MoveFirst intCount = 0 Do Until adoRecordset.EOF strPath = adoRecordset.Fields("ADsPath").Value Set objGroup = GetObject(strPath) For Each objField In adoRecordset.Fields If (VarType(objField) = (vbArray + vbVariant)) _ Then For Each strDN In objField.Value ' Escape any forward slash characters, "/", with the backslash ' escape character. All other characters that should be escaped are. strDN = Replace(strDN, "/", "\/") ' Check dictionary object for duplicates. 'If (objGroupList.Exists(strDN) = False) Then ' Add to dictionary object. 'objGroupList.Add strDN, True ' Bind to each group member, to find member's samAccountName Set objMember = GetObject("LDAP://" & strDN) ' Output group cn, group samaAccountName and group member's samAccountName. Wscript.Echo objMember.samAccountName intCount = intCount + 1 'End if Next End If Next adoRecordset.MoveNext Loop adoRecordset.Close ' If this is the last query, exit the Do While loop. If (blnLast = True) Then Exit Do End If ' If the previous query returned no members, then the previous ' query for the next 1000 members failed. Perform one more ' query to retrieve remaining members (less than 1000). If (intCount = 0) Then blnLast = True Else ' Setup to retrieve next 1000 members. intLowRange = intHighRange + 1 intHighRange = intLowRange + intRangeStep End If Loop

    Read the article

  • How to get foreignSecurityPrincipal from group. using DirectorySearcher

    - by kain64b
    What I tested with 0 results: string queryForeignSecurityPrincipal = "(&(objectClass=foreignSecurityPrincipal)(memberof:1.2.840.113556.1.4.1941:={0})(uSNChanged>={1})(uSNChanged<={2}))"; sidsForeign = GetUsersSidsByQuery(groupName, string.Format(queryForeignSecurityPrincipal, groupPrincipal.DistinguishedName, 0, 0)); public IList<SecurityIdentifier> GetUsersSidsByQuery(string groupName, string query) { List<SecurityIdentifier> results = new List<SecurityIdentifier>(); try{ using (var context = new PrincipalContext(ContextType.Domain, DomainName, User, Password)) { using (var groupPrincipal = GroupPrincipal.FindByIdentity(context, IdentityType.SamAccountName, groupName)) { DirectoryEntry directoryEntry = (DirectoryEntry)groupPrincipal.GetUnderlyingObject(); do { directoryEntry = directoryEntry.Parent; } while (directoryEntry.SchemaClassName != "domainDNS"); DirectorySearcher searcher = new DirectorySearcher(directoryEntry){ SearchScope=System.DirectoryServices.SearchScope.Subtree, Filter=query, PageSize=10000, SizeLimit = 15000 }; searcher.PropertiesToLoad.Add("objectSid"); searcher.PropertiesToLoad.Add("distinguishedname"); using (SearchResultCollection result = searcher.FindAll()) { foreach (var obj in result) { if (obj != null) { var valueProp = ((SearchResult)obj).Properties["objectSid"]; foreach (var atributeValue in valueProp) { SecurityIdentifier value = (new SecurityIdentifier((byte[])atributeValue, 0)); results.Add(value); } } } } } } } catch (Exception e) { WriteSystemError(e); } return results; } I tested it on usual users with query: "(&(objectClass=user)(memberof:1.2.840.113556.1.4.1941:={0})(uSNChanged>={1})(uSNChanged<={2}))" and it is work, I test with objectClass=* ... nothing help... But If I call groupPrincipal.GetMembers,I get all foreing user account from group. BUT groupPrincipal.GetMembers HAS MEMORY LEAK. Any Idea how to fix my query????

    Read the article

  • how to group data in a list

    - by prince23
    I need to group data of a list in c# ex: i have a data like this in a list c# i have a class called information.cs with these properties name,school, parent ex data name school parent kumar fes All manju fes kumar anu frank kumar anitha jss All rohit frank manju anill vijaya manju vani jss kumar soumya jss kumar madhu jss rohit shiva jss rohit vanitha jss anitha anu jss anitha now taking this as an input i wanted the output to be formated with a Hierarchical data when parent is all means it is the topmost level kumar fes All. what i need to do here is i need to create an object[0] and then check in list whether kumar exists as a parent in the list if it exista then add those items as under the object[0] as a parent i need to create one more oject under **manju fes kumar anu frank kumar** what i wanted do here is iterate through the list anD then check the parent level based on name school parent kumar fes All -->obj[0] manju fes kumar -->obj1[0] anu frank kumar -->obj1[1] for obj1-- obj[0] will be parent like this i need to genarte a list or observation class anitha jss All-->obj[1] vanitha jss anitha -->obj1[0] anu jss vanitha -->obj2[0] here obj2[0]--obj1[0]--obj[1] will be an parent like this i need to create a list or an observationclass hope my Question is clear what i am trying ask you people. i wanted to know how i can create an observationclass. any help would be really great. hope my question is clear

    Read the article

< Previous Page | 43 44 45 46 47 48 49 50 51 52 53 54  | Next Page >