Publish RD Gateway and Web Access with One-Time Password (OTP) / Two-factor Authentication WITHOUT ISA/TMG server

Similar Messages

• One Time Password (OTP) on mobile/email required in Oracle Apps R12

  Dear All,
  Good Day! Hope you all are doing well.
  My management needs OTP on mobile/email for log-in into Oracle APPs R12 for some key users in our Organization.
  Let me explain the requirement is detail, When user log-in to oracle apps by entering his/her user name and password then system send an email or send sms on mobile for One time password. When user provide this OTP then he is able to log-in to the Oracle Apps.
  Any body have some idea then please guide.
  Regards,
  Saquib.

  Hi,
  Based on our experience, if the NTLM error occurs, please check the password.
  Regards,
  Mike
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

• Apple ID - Two Factor Authentication (and why I stopped using it)

  The Apple devices I use every day consist of the following:
  2009 MacBook Pro 17" (home)
  iPhone 6 (home)
  2012 MacBook Pro Retina (work)
  My home devices are all logged in using my Apple ID as usual, and my work laptop uses a Apple ID specific to work, but with my personal Apple ID logged in for iMessage and FaceTime (pretty standard, I presume, for people with full-time work laptops they can bring home, etc.). Now, since I have multiple devices which are constantly syncing everything back and forth, whether it be something as simple as my contacts or as delicate and near and dear to my heart as my photo collection, I felt that maybe I should use two factor authentication for my home Apple ID, just to be on the safe side. I recognize that the two factor authentication only protects iMessage and FaceTime currently, but I implemented it with hopes that someday they will incorporate everything about iCloud and other services synced between Apple devices that you would assume should be covered by a two factor authentication update/overhaul.
  I liked this idea very much, as I use two factor for almost everything I can, but things started to fall apart one day when I had to switch to a temporary work laptop and decided to log in to iMessage with a new app specific password, as you would need to on a new device (unless you wrote down the original iMessage password, which is a terrible thing to do). When I went to create my new iMessage password for work laptop B, I decided to revoke work laptop A's iMessage password while it went in for repairs. This wasn't so bad until something seemed funny about my phone, as it was asking for me to log into iMessage again. Now, I had created a separate password for work laptop A's iMessage when I first logged in a while back, as well as a separate password for the temporary work laptop B so it didn't interfere with my other generated passwords. Apparently this didn't matter.
  I continued and created a new app password for my phone, but when I got home, wouldn't you know it, I had to log into iMessage on my home laptop again as well. I had to create a new password for that, which seemed to work for a while, but then I was prompted to enter my iMessage password on my phone again once I revoked my home laptop's iMessage password. Not following? No, me either. It seemed to me that creating separate app specific passwords for me to use across my devices didn't stay as separate as I thought they should, but instead they somehow seemed to be dependent on one another. Since I had a frustrating time trying to activate iMessage again on my iPhone and laptops on multiple occasions while this was happening, I decided to disable two factor authentication altogether.
  I suppose I should ask a question here, so here goes: has anyone else encountered this horrific two factor authentication/app specific password management issue for their own account? Have you been able to resolve it, and if so, any helpful suggestions? Thanks!

  I had also thought that initially, but after turning it on, I went to sign into iMessage with my Apple ID and regular Apple ID password, but it prompted me to create an app specific password to sign in since I had two factor authentication on, as it wouldn't let me use my regular Apple ID password to log in (which I could use to log in for everything else but iMessage and FaceTime). It was nice since I was prompted to provide a code sent to an Apple device of my choosing when signing into the Apple ID management site or iCloud.com, but forcing me to create app specific passwords for iMessage and FaceTime is kind of ridiculous and frustrating. Maybe there's a way to have two factor authentication without the need for app specific passwords? Or if not, then perhaps that would be a great option to present users when turning that feature on.

• CSV file for users who have one-time password email address

  Hi Guys,
  I am trying to extract the list of users who have one-time password email address in FIM or users who have registered with one-time password reset authentication workflow. I need to get their email addresses in CSV file.
  Regards
  Sarwar
  Sarwar

  Take a look at:
  http://social.technet.microsoft.com/wiki/contents/articles/3616.how-to-use-powershell-to-export-all-users-who-have-registered-for-self-service-password-reset-sspr.aspx
  The script queries a WorkFlow called "Password Reset AuthN Workflow" and returns its ObjectID, then uses it to do a new query searching for "Users" with these parameters:
  AuthN WorkFlow Registered = ObjectID of "Password Reset AuthN Workflow"
  The script exports these details to a CSV.
  Also, all OTP email addresses should be stored in the "msidmOneTimePasswordEmailAddress" attribute in the FIM Portal.

• How does schedule with RESTful API a Webi report for a group of users ("Schedule For" to "Schedule for specified users and user groups" with one or more users/groups)?

  SAB BO 4.1 SP1
  Does it have an RESTful API to schedule a Webi report with the parameter to specify a group of users ("Schedule For" to "Schedule for specified users and user groups" with one or more users/groups)?

  Hello Ricardo,
  have you try a call like this one ?
      <schedule>
        <name>"test"</name>"
        <format type=\"webi\"/>
        <destination>
          <inbox>
           <to>userId1,userId2,userId3,groupId1,groupId12</to>
          </inbox>
        </destination>
      </schedule>
  Regards
  Stephane

• Secure RD Web Access with Azure MFA

  We are keen to deploy RD Web Access for external users but can't find any guidance on securing it with Multi-Factor Authentication (MFA - formerly PhoneFactor).
  We currently use MFA with our RD Gateway for users who connect directly to VMs via RDP but want to give other users access to RemoteApps via RD Web Access with the same two factor authentication.
  Cheers for now
  Russell

  Hi,
  Thank you for posting in Windows Server Forum.
  I am afraid that still there is no direct MFA for RD Web but need to login through RD Gateway which can access as follow. A Remote Desktop login request to RD Gateway that includes Azure MFA looks like this:
  1. User logs into RD Web Access and double clicks a RemoteApp (or desktop connection)
  2. The user’ login credentials for the website are used to validate the user (Web SSO), so no need to give them again.
  3. The user then gets an SMS text message on their smart device that provides them a 6 digit numeric code (the one-time password).
  4. The user replies to the text message by inputting this 6 digit code and adding their unique pre-defined PIN to the end of the sequence – Azure MFA includes the option to require the user know a predefined unique PIN as well, so that replies to a text message
  have to come from the user.
  5. The user is authenticated, and the RemoteApp (or desktop connection) opens.
  More information.
  Step By Step – Using Windows Server 2012 R2 RD Gateway with Azure Multifactor Authentication
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  TechNet Community Support
  Dharmesh,
  I owe you an apology, I'd forgotten that when you access RD Web Access you're only downloading an RDP file which then uses the RD Gateway to connect the client to the RemoteApp. If we already have the RD Gateway in place and configured with MFA this will
  produce the required result.
  Sorry
  Russell

• Difference between BLOCK DATA and WEB ACCESS BLOCK?

  Currently my account shows I have both BLOCK DATA and WEB ACCESS BLOCK in place. I did this a couple of years to prevent data charges. Works perfectly. Now I'm trying to upgrade one of my lines to a Kin Onem because of the WiFi option and when I add the phone to my shopping cart and go to the Select Features & Services Page I see a message at the bottom that says: Features We Needed To Remove (Because they're incompatible with your phones or plan) - Block Web Access.
  It looks like I don't have a choice when ordering the phone, but what exactly will removing the Web Access block do? Maybe I have to turn it off anyway to use the WiFi anyway right? I just don't want to incur any data charges.
  Someone please help. Thank you!

  "Data block" actually blocks your phone's ability to connect to the 3g data network. What this means is your phone can't create an internet connection on a cellular network. Web Access block specifically blocks the browser/mobile web on your phone from making a connection. Unblocking mobile web will not cause your phone to be able to connect to the cellular data network (resulting in 1.99/mb charges), but will allow the browser on the kin to connect while you're using wifi.

• Is it possible to have your whole family on one apple id or is it better to have each person have there own? If each has their own does each id have to buy their own music and apps? How does find my iphone work with one apple id or two?

  Is it possible to have your whole family on one apple id or is it better to have each person have there own? If each has their own does each id have to buy their own music and apps? How does find my iphone work with one apple id or two? also I am going to be going off to college soon should I make an itunes id for my self and how will I get all the music from the old id?

  Is it possible to have your whole family on one apple id or is it better to have each person have there own?
  Yes, it is possible. 1 apple ID can be associated with up to 10 devices.
  If each has their own does each id have to buy their own music and apps?
  Yes, all purchases are non-transferable.
  How does find my iphone work with one apple id or two?
  Every device associated with one apple ID through Find my iPhone is tied to that Apple ID; Find my iPhone will work in the same way with up to ten devices associated with one apple ID. You cannot enable Find my iPhone for one device across two apple IDs
  I am going to be going off to college soon should I make an itunes id for my self and how will I get all the music from the old id?
  If you have authorized a computer with the old apple ID, you can transfer old media purchased through the old to other devices via iTunes. This doesn't mean the media purchases through the old apple ID it transferred to the new account. If you plan to make future purchases and don't wish to share them with others, make your own apple ID.

• I have a new phone and when asked do iwant to start this as a new phone or do a back up from my last back up. i chose the last back up option and it has taken all my recent photos texts and call off and replaced them with ones frow about 18 months ago.

  I have a new phone and when asked do i want to start this phone as a new phone or back up from last backup, i chose to back up from last back up and have had my recent photos texts and call replaced with ones from about 18 months ago. is there any way of undoing this?

  Welcome to the Support Communities. This Apple doc may be of interest:
  Channel Member Code of Conduct
  Kings74 wrote:
  They told my friend that the phone was not available in Black, that was the 5, and that the 5s was only available in silver and gold..
  A minor point, but it may avoid a little confusion if, instead of saying "black" in reference to the iPhone 5s, say "space gray":
  "iPhone 5s — Available in silver, gold, and space gray" (Source)

• EM Application Log and Web Access Log growing too large on Redwood Server

  Hi,
  We have a storage space issue on our Redwood SAP CPS Orcale servers and have found that the two log files above are the main culprits for this. These files are continually updated and I need to know what these are and if they can be purged or reduced down in size.
  They have been in existence since the system has been installed and I have tried to access them but they are too large. I have also tried taking the cluster group offline to see if the file stops being updated but the file continues to be updated.
  Please could anyone shed any light on this and what can be done to resolve it?
  Thanks in advance for any help.
  Jason

  Hi David,
  The file names are:
  em-application.log and web access.log
  The File path is:
  D:\oracle\product\10.2.0\db_1\oc4j\j2ee\OC4J_DBConsole_brsapprdbmp01.britvic.BSDDRINKS.NET_SAPCPSPR\log
  Redwood/CPS version is 6.0.2.7
  Thanks for your help.
  Kind Regards,
  Jason

• I bought CS4 a while back, and only loaded it one time on a PC with Windows XP operating system...

  I bought CS4 a while back, and only loaded it one time on a PC with Windows XP operating system. I understand I can load it 2 times. Will it work if I load it on Windows 8?

  You won't know until you try. These older versions were never extensively tested or certified on Win 8, but it should work for the most part iuf you follow the necessary procedures liuek turning off UAC and otehr fancies that may get in the way.
  Mylenium

• Hi, I have a CS6 design and web premium with the product number. I need the serial number to activate my product. Where can I get it please?

  Hi, I have a CS6 design and web premium with the product number. I need the serial number to activate my product. Where can I get it please?

  Yes i did! with the prrof of the payment etc...
  Kind regards
  Meilleurs salutations
  Mit freundlichen Grüssen
  De Oliveira Claudia
  2014-11-21 16:21 GMT+01:00 Beverley Gray <[email protected]>:
      Hi, I have a CS6 design and web premium with the product number. I
  need the serial number to activate my product. Where can I get it please?
  created by Beverley Gray <https://forums.adobe.com/people/Beverley+Gray>
  in Downloading, Installing, Setting Up - View the full discussion
  <https://forums.adobe.com/message/6951051#6951051>

• Pros and Cons between BEx client and Web access

  Dear all,
  I am quite new to BI 7.0 and have some question about frontend tools.
  I am looking for a comparison material describing pros and cons of BEx client application and Web access in BI 7.0.
  There are many tools in BEx suite and I am a bit confused about what fuctionality each tool has or what to consider to choose the right tool.
  Thanks a lot in advance and appreciate any input.
  Regards,
  Kazuya

  Hello,
  Shortly speaking there are 4 tools and you need at least 2 of them:
  1. Query Designer: you need it always as this is a tool for defining queries
  2. Web Application Designer: you need it if you want create web reports
  3. Report Designer: only if you want create formatted reports in web
  4. BEx Analyzer: if you want to run queries in Excel (Analyzer is an add-in)
  Help on BEx:
  [http://help.sap.com/saphelp_nw70/helpdata/en/b2/e50138fede083de10000009b38f8cf/frameset.htm]
  -> BI Suite: Business Explorer
  Regards, Karol

• Remote Desktop Gateway Support One Time Passwords?

  We are considering setting up a Remote Desktop Gateway server so users can remote control their office desktop PCs from home without needing VPN.
  The plan is for it to only be a secure pass-through from the Internet to their desktop PC.  There will be not be any terminal services login or web apps hosted on the server.  We have not decided if RDWeb will be available.  It is likely that
  users will just use a RDP client such as the Microsoft MSTSC.exe Remote Desktop client in Windows or similar app for iOS, Android or OSX rather than use a browser to reach their PC.
  I noticed that most RDP clients, mobile apps and web browsers have an option to remember credentials so they can log in without typing credentials the next time they connect.  This will be a security threat if their PC is stolen and not encrypted.  Is
  there any way to provide access, but prevent users from reusing saved passwords to connect to the Remote Desktop Gateway without using smart cards?
  I had that the idea of having some kind of one time password system to authenticate through the RD Gateway so saved passwords would be useless.  What does Remote Desktop Gateway support that can do this?

  Hi,
  Thanks for your posting in Windows Server Forum.
  I consider that you are trying to find the solution as per below article. Please go through carefully.
  1. Configuring the TS Gateway OTP Scenario
  2. RD Gateway deployment in a perimeter network & Firewall rules
  Hope it helps!
  Thanks,
  Dharmesh

• How to deploy connection (Mac OS X Yosemite to Windows RDS) through the RD Gateway with Two Factor authentication (Safenet OTP) on Session host?

  Good day!
  Could you please help me? How to deploy connection (Mac OS X Yosemite to Windows RDS) through the RD Gateway with Two Factor authentication on Session host? How to open an authentication dialog that is the same as in Windows when logging on to network resources
  in Windows (Windows Security)?
  Our test environment: We have one RDS 2012 R2 server (all roles in one) and one session host in collection. On the session host installed Safenet Network Logon and it under GPO which disable all authentication, only OTP.

  Hi Sir,
  It seems that you are going to integrate 3rd party product into AD for authentication .
  I would suggest you to contact the vendor of Safenet for this deployment  scenario  :
  http://www.safenet-inc.com/multi-factor-authentication/authentication-management/safenet-authentication-manager-express-samx/
  Best Regards,
  Elton Ji
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] .