Apps/Environment 8.0.3 - Enterprise Server Crystal v10


We are going through a total security redesign - Reclass, etc..

That said I "locked" down our 'HelpDesk' user to limit access to EMPLOYEE, PAEMPLOYEE - the basic 'sensitive data'. Well, after doing this I realized that we have quite a few Reports on Law Enterprise that dump a .csv, or .xls into a Law Dir: /prod/apps/print/crystalreports/Payroll and then a Interface engine that grabs the file and processes it for a payroll download. That said, the helpdesk account is no longer able to:

- Run the reports - authenticate to the PROD
- Write to ANY FTP location

I can sign in to LID with the acct though...?

The weird things are - I changed this helpdesk acct BACK to SECADMIN (Full access!). And it still does not worl???? What is going on here?
Also, another weird thing is that the FTP locations where the reports dump to now have directory ownership as 110091 - No idea what this number is, and it appears to have replaced helpdesk?
VERY ODD!

Directory permissions are too weird to respond to here, but for the LAUA security I'd recommend a 'secinteg -f' followed by 'bldsecdict -d'

And do an IOS cache refresh if your helpdesk uses Portal.

We are remote hosted by Siemens

My condolences. Does that mean you have no command line access? The IOS Cache refresh is run from the browser: http://your.servername.here/servlet/IOSCacheRefresh

Can you run that? It will prompt for your Portal username/password. We run that after each laua change to take effect in Portal.

-GW