I have a Tableau workbook I want to share to the team. I have wildcard filters set to change across all pages when an individual enters their name. However, I do not want the individuals to see their peer's info.
Looking for a way to sort of have something prompt the user to enter a password (something similar) to have the filter automatically change to their name??? that way when they receive the workbook, they can only see their information.. All help would be greatly appreciated!
Thank you
Yes it is called row level security. By providing the specific username per attribute it will do this for you. Check this out: http://kb.tableau.com/articles/knowledgebase/row-level-security-and-user-filters
Related
client has 2 different domains (due to acquisition) in one M365 tenant and wants to make sure they don't see each other in contacts using Address Book Policies. I have been able to do my best to separate them by using Company field however I am stuck with how to handle their Mail-Enabled Security Groups.
I made an address list called "Client1AddressList" and set the -IncludedRecipients to "MailGroups" which is great and brings every group in, however it doesn't care about the domain whether it is allstaff#client1.com or allstaff#client2.com.
I thought maybe adding on a -RecipientFilter to the end of the Set-AddressList would help, but I cant figure out what that filter would look like to tell it to only add groups that have an email of *#client1.com
Thank you any geniuses out there that can lend a hand!
I have a user tables where one user is admin. In the admin dashboard, I want to show all users escaping the admin.
I have used
_context.AspNetUsers.Skip(1).ToListAsync()
but it only skips the first row.
I also thought about OrderBy that specific username at first then skip, but don't know the combination.
Can anyone help me? Thank you.
I've been working on a project that allows users in our domain to edit 3 Active Directory Attributes on their own Object, this has been written in Python and the only issue I have now is user permissions on these attributes.
Two of these are custom, the third is the Location(physicalOfficeDeliveryAddress).
I have looked everywhere and only found documentation on how to give permission for users in a group for these attributes but for ALL users or limited by group.
I'm looking to apply the permission under the Identity Reference: NT AUTHORITY\SELF so that users may only edit their own attributes.
In less words, I'm looking to write a script that will delegate permissions for three specific attributes to ALL users in the domain but only for themselves(NT AUTH\SELF).
I have a loop that will perform it for each user, I just have hit a brick wall in what to include in the loop..
Any help would be appreciated.
NT AUTHORITY\SELF is one of Windows' well-known SIDs, with a SID of S-1-5-10.
So you do it the same way you would for any other account, but grant the permissions to S-1-5-10 instead.
If you show us the code you're working with, we might be able to help you with where to plug in that value, if you need.
I have a login module in my application of AS400(rpg400).Here user name and password are verified and only if password matches the user is given access to the Menu screen which further contains rpg programs to navigate to subsequent modules.
What i now want to achieve is when the user is verified, the logged in user name must appear in every screen or rather every rpg screen called.(ie user session must be maintained)Please refrain from guiding on admin properties.This is from a low level point of working.
Below is a PF on users:
USER PF
A R USRREC
A USER 10A
A PWD 10A
A USRTYP 2A
A K USRTYP
Keyed on user type.How can i allow the logged in person's variable accessible to all pgms?
5250 displays aren't like HTML. There's no CSS that can be used as a standard template. You will need to specifically design every display to make it look the way you want it to. For this specific question, that means that you will put a user ID field on every display panel you want to see it on.
If I were designing this, I'd probably pass the user ID as a parameter to each RPG program, but there are many ways to pass information around.
Data area in QTEMP
Database file in QTEMP
LDA
User space in QTEMP
Environment variable (*JOB)
Passing the user ID as a parameter has the advantage that there is never a stale object that needs to be cleaned up. If a person has two user IDs - say she works in Accounting and Accounts Payable - and needs to sign off and back on to this internal security system, subsequent CALLs simply pass the proper parameter.
All of this could be avoided if the system could use the built-in IBM security. Then you could use the user profile that is part of the job name - see the Program Status Data Structure, positions 254-263 to get that within an RPG program. If you could use the IBM user profile, you wouldn't have to pass anything around; each program would be able to retrieve that information on its own; I'd put that into a service program so it's easy to reuse.
Sounds like an ideal use for the local data area or a regular data area created in QTEMP.
RPG: Data Area Data Structure
RPG: Data-Area Operations
If you are using the same user ID that they used to log onto the system, then you can use the USER keyword in your display files.
Do you really need to store user ID and password in a file that is inherently less secure than the way the operating system does it already? This opens a set of issues that you probably don't need to touch.
You can call a CL program or procedure which can use the CHKPWD command to enter their system password. Monitor for an error, and sign them off if there's a problem. Their password is secure (assuming you are using an SSL connection).
If you feel very strongly that you must have a separate password, consider storing a secure one way hash of the password. When they later enter their password, compute the hash on what they enter and compare it to the stored hash.
If you are asking users to enter a password after they are already logged on, then it seems safe to assume you are trying to address some security concern[s], so it seems reasonable to try to help you do so in a secure manner. This is a start.
I am using the Facebook Graph API and Facebook Connect to make an authentication system in Wordpress. The Connect part goes all ok, the Facebook Graph goes ok as well.
But: How do I fetch the Facebook Alternate Name? I searched the docs at http://developers.facebook.com/docs/reference/fql/user/, but found no trace of it. Any ideas?
The main idea is that privacy is a concern, and the system goes better nickname based than just last name based. If the Alternate Name is empty I just ask the user to enter a nickname.
I think that it is not exposed yet, when i was looking for this, i made a work around...
I know that if you use the search_tokens field at user table, the array will have the alternate name... If you have luck, the array will contain the first, middle, last, and the alternative name, so, compare the arrays to the names, and exclude the know names, the other one is the alternative name....
Look this bug:
https://developers.facebook.com/bugs/371978199536659/