VB -- Hi Basically - I don't think you will be able to practically pull off your security goal.
OK - brainstorming here. (And I can have my facts wrong (are they still considered facts?) -- I have not done some of this in awhile -- but I thought I would throw out some ideas) You could write a filter on GET (which hardly anybody does) -- that returns an error message if client_type != your preferred client. But - I don't know if the ODBC stuff would call a GET anyway. Thing is -- I think that would be a performance problem. Plus - from memory -- I can write an API program -- that tells the API what client type I am - so it is getaroundable (made that word up). Sidenote/question - does the ARServer have an option to only listen to requests from certain API versions? I vaguely remember that being discussed as an option. (I never have needed it). This whole discussion came up internally at Kinetic Data when we released Kinetic Link. It allows you to do API calls very easily -- and it turns out -- lots of stuff is available to the API - that you would not normally see from the User Tool. Example - -a full list of forms that you have access to -the full list of fields on a form that normally would be hidden from view -ability to do any QBE you want - not controlled by workflow (form level, column level and row level permissions are still enforced -- however developers are lazy and the permissions are a pain in Remedy (probably all systems) therefore lots of stuff is open that probably should not be) The Remedy API should be your friend and help you. However -- to write an API program is a pain. That is why Klink exists -- I recommend taking a look at it. Also - XMLGateway (I have never seen it) -- but the concept is the same -- is probably worth looking at too. Let me know if you do solve it -- it is an interesting problem. OK -- totally new idea here. (I don't know the business need so this could be totally irrelevant) 1) Throw out the WUT. 2) Write a custom front end intended to be driven by the web. 3) Modify IPSec to only allow access to the ARServer from the webserver. 4) All "client" activity is done by way of the custom web front end. OK another option. 1) Setup a Citrix Server -- feed the WUT from that 2) Modify IPSec on ARServer to only allow traffic from the Citrix Server OK -- gotta run -- the kids are ready for bed -- and so is the dad :) -John On Wed, Apr 23, 2008 at 4:00 PM, Viswanathan Balakumar < [EMAIL PROTECTED]> wrote: > ** > > HI, > > > > Is there a way to make some remedy logins (either by name / group > permission) to access ONLY User tool and Can not access Remedy data through > any other way like Remedy ODBC \ APIs. > > > > For Information security reasons, we want some logins to be used only with > in the User tool and throw an error when used in Crystal Reports \ Remedy > ODBC \ APIs. > > > > May be like using APIs \ monitoring the Logins \ any other way … > > > > Any related information will be helpful. > > > > *Thanks,* > > *VB* > > > __Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are" > html___ -- John David Sundberg 235 East 6th Street, Suite 400B St. Paul, MN 55101 (651) 556-0930-work (651) 247-6766-cell (651) 695-8577-fax [EMAIL PROTECTED] _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are"
