This is another question about SharePoint 2013 workflows and the use of the User Profile Service.
At this moment, I've developed some workflows which function properly. However I've been trying to get the User Profile Service disabled, because I don't need it. After reading a lot of topics, I'm aware that the UPS is used by the Workflow Manager, and thus disabling the UPS will break the workflows; authentication errors are thrown when trying to execute a workflow.
I was wondering if it possible to disable this authentication, and thus to be able to run a SharePoint 2013 workflow without having the UPS enabled. I'm asking this because we can't sync User Profiles with our AD, as we aren't granted the permission to replicate from the AD. This causes to have blank User Profiles.
Anyone can help?
Having the User Profile Service enabled doesn't mean that user profiles will be sync'd from Active Directory. User Profile Service and User Profile Synchronisation service are two different services.
Sync will occur only if you enable the sync service, configure the sync by configuring the connection etc.
Related
I'd like users to be able to login to my Django app using their Microsoft personal, work or school account.
I have no interest in any profile or other data from the user's account. I just want authentication.
I've been playing with django-allauth and and Azure portal and have successfully set things up so I can log in with my personal outlook.com account. I've set the AD tenants up to allow for personal and institutional accounts.
I've successfully served the .wellknown json and was able to verify the app in Azure.
I run into trouble when I try to log in with a Microsoft 365 work or school account.
The consent form shows the app as "unverified" and indicates that the app wants profile information and to store data.
I ended up in a rabbit hole of Microsoft AD documentation about MPN IDs and such.
Before I go further I want to know if I what I want to do is even possible.
Keeping in mind that I'm not interested in profile information, can I achieve authentication in Django with a users Microsoft Work or School account?
If so, what do I have to do?
I'm currently building a web application that works with the Gmail API. I'm waiting for approval from Google's security team to have a proper OAuth connection, but I noticed that users can pre-approve your application by searching within the API Controls settings by your App ID.
This setting is located in the Google Account via: Admin Panel > Security > API Controls > App Access Control.
I noticed that if a user does this before they try to connect your app it doesn't go against your 100 account limit within Google Developer Console while in beta.
My question is, could you have this as permanent solution to get around the Google OAuth application if Google never approves you? Of course, through this method the user is still giving permission, just curious if this has been done by anyone before.
Yes, this is allowed when all your users are Google Workspace users, and is listed under exceptions to verification requirements here: https://support.google.com/cloud/answer/9110914?hl=en. If your application is meant for a broad set of users, completing app verification is necessary.
Yes, this is allowed when all your users are Google Workspace users, and is listed under exceptions to verification requirements here: https://support.google.com/cloud/answer/9110914?hl=en. If your application is meant for a broad set of users, completing app verification is necessary.
Help
I have installed WSO2 IS (5.10) and Analytics (5.8), on separate servers, following the WSO2 IS documentation. I am successfully getting authentication events received into Analytics and can view them (after many headaches with IS insisting on using ports and SSL that I never told it to use - another story).
Now I can log into the dashboard, (/portal, admin/admin), and I see the IS events. Where do I manage portal users, permissions, and authentication? I want to add additional viewers (via LDAP) but can't even find a place to change the admin password, never mind manage additional users.
Nor can I find any documentation on how to manager users in Analytics. Any help is appreciated.
We have two WFE servers and Application server for the SharePoint. User profile service is configured and we want use it. But User Profile Synchronization Service stays on starting state and after a while stops, then it makes the forefront identity manager services disabled too.
I just checked the farm user account access and also configure the service again and again to fix this issue.
The stuck on starting issue can be a real pain to deal with. Spencer Harbar wrote an article a few years ago that I, unfortunately, have to refer to from time to time. It's very comprehensive and there are several things that could cause the problem but it usually comes down to incorrect permissions on either a windows service, a SharePoint service, a DB, or issues in forefront. Bookmark this one... it will be your friend :)
http://www.harbar.net/articles/sp2010ups2.aspx
Make sure that the farm account is added to the local administrator group during starting and provisioning User Profile Sync Service service.
For more details check
User Profile Synchronization Service Stuck on Starting
User Profile Synchronization Service Starting then Stopped in SharePoint
We have some security requirements from customer, so we need to configure/develop detailed audit logging which will log user actions done in Carbon Management console - i.e. datasource modification, service modification in WSO2 ESB.
Is there any way do this using included log4j?
We are using WSO2 Enterprise Service Bus 4.8.1 and WSO2 Application Server 5.2.1
WSO2 products has an audit log which can be found in the repository/logs folder. But the problem is, this audit log has very little audit information. Reason is as follows.
WSO2 products are built using a collection of reusable osgi componentns. For example, for data sources related operations we have one component and for proxy related operations we have another.
Now, the problem here is, these individual components has not put enough audit logs to cover the user operations. Therefore, your requirement seems to be difficult to achieve.
There are some extension points in WSO2 products where you can use to do your own tasks upon certain actions such as user login, user creation. For example, you can implement a certain interface and print whatever log you want upon a successful user login or a failed login attempt. But, those extension points are limited mostly to user management related operations.
All the HTTP communication done with the server is already logged in HTTP access logs in CARBON_HOME/repository/logs. You can use a log analyzer tool or even grep to capture any desired user action.
Ex: To get the log ins to datasources page use
cat http_access_2016-06-02.log | grep "GET /carbon/ndatasource/index.jsp"