ERecruiting - External Users in a distributed scenario
In an integrated scenario, I understand the relationship between, US, CP, P, NA and other objects.
Just for informational purposes, if I am on a distributed scenario, where I have ECC and ERC on different systems, is there a difference in how the external users (US) object and the related object relationships are created?
Thoughts appreciated.
Hi Sunil,
As per my understanding there is not much difference.
When an external user registers, NA,BP & CP are created.
If this person is hired, during the hiring action, P,BP & CP are created. But the NA object needs to be now connected to the newly created CP. This is usally done during synchronization. I also think the BADI HRSYNC_P needs to be active to take care of this. The older connection of NA to the old CP will then be obsolete.
If i am not mistaken, before the setting up of ALE(one of the steps), it is required to activate the above mentioned BADI in the your main HR system.
Regards,
Sowmya
Similar Messages
-
Hello all, first of all thank you for reading this post. Please bare with me, I am new with this environnement. I have had several problems in past week trying to configure a local sharepoint server 2013, most of it went well but now I am stuck and I badly
need help! I intend to make sharepoint available through the Ethernet connection in my office.
Here is my config:
Sharepoint 2013 (local)
Microsoft SQL 2012
Microsoft Server 2012
I am able to access the sub-site I created in the Sharepoint Central Administration Web Application.
My first problem is, I created another Web Application with the following URL config http://intranet.[domain].com but I am not able to access it through my browser. It seems to point to bad IP I probably configured accidentally a CNAME on my hosting Cpanel
with the IP 192.168.1.199. So, When I ping the URL I do not get any connection. Just that it couldn't connect to 192.168.1.199. Now I added a CNAME on my CPANEL for the URL http://intranet.[domain].com --> 127.0.0.1. Is this the correct way to do it?
More information: The DNS manager has been configured following this tutorial:
Create SharePoint 2013 Web Application
http://www.youtube.com/watch?v=yW7LT99eUMs
I am not too sure of the proper configuration for the IIS Manager.
Anomymous Authentication is enabled
Windows Authentication is enabled
Everything else is disabled.
My second problem is that I cannot invite any user to the site. Even the one that have the email corresponding to our domain. Will I be able to invite parent domain users if the Web Apllication is properly configured with the CNAME on the Cpanel?
I tried to activate the External user invitation feature from Site Collection Features but it's not in the list. I am logged in as an administrator but next to the wrench it says "System Account" (with an arrow pointing down) so I guess this is
the "logged in user as..."? Am I missing something here?
Any advices would be greatly welcomed. I've run out of ideas.
Much appreciated,
HerbHello Ramu, thank you for your fast reply.
Quote Ramu: "You have to create A record called intranet.your-domain.com points to your SharePoint Server
IP and also loop back ip address in the host file entry on the SharePoint server(127.0.0.1 intranet.SharePoint.com)"
Is this a record on our corporate website Cpanel? What should I put in the "Address" field of
the Record (we do not have static IP)?
For the loop back, is this on the DNS Manager of our local Sharepoint 2013 server?
Quote Ramu: "3.
if you want to publish this externally, then your site needs to publish in your Network and it should points to your public static IP in your public domain control panel(Cpanel)."
In the first scenario where I only want intranet access, should everything be OK with the above mentionedconfiguration a DNS Record:
Which address should it be for the record?
Should I assign a fix IP to our server like 192.168.1.55?
What if another desktop computer gets an IP conflict with the server
fix IP, or what if we have to shut down the server everyday will the server IP change ?
General question: From what I understand, it is possible to put a DNS Record on the public Cpanel from our corporate website with a local IP that will only be resolved
if accessed through the local network? Ex.: Name: intranet.[our-corporate-public-domain].com, Address: 192.168.1.55 ?
Much appreciated RAMU.
Regards,
Herb -
INTERNAL and EXTERNAL users authentication via OAM
Hi ,
We have a scenario where in a resource is protected by OAM and we want the internal users in the system to access the resource w/o and authentication , However at the same time we want the external users should be challenged by OAM for credentials .
How to implement such a scenario ?
Any ideas would be helpful ..
Thanks
SidMore details (architecture etc) would be needed to suggest any kind of solution.
Also content served is static or dynamic ? If content is dynamic then backend component (app) would expect identity to be propagated to it. This could be potential issue if internal user wont authenticate.
If it is static content then you can make use of rewrite rules / rewrite conditions to filter ip address (internal users should have some ip address range). Although you may have to do multiple url rewrite at apache level to by pass authentication.
One another solution is to implement zero sign on experience via WNA for internal users. WNA would take advantage of user's login to desktop. Hope this helps. -
RDS - .local domain and external users. Best way to get rid of SSL warnings
I am evaluating MS RDS as a possible solution for a VDI implementation at the college I work for. When we setup our AD years ago we set it up as a .local domain. I am running into issues with the .local machine name on the connection broker for
external users. I know for internal domain systems we can setup the self signed .local cert as a trusted root cert to bypass the self signed untrusted warning but for the bulk of our users which will be using systems external to our domain they
will get the SSL warning about the self signed certificate when they try to connect to a remote app or a desktop.
Initially I thought if I setup a local AD CA that we could setup a trust relationship with the SSL cert. After further reading I believe that this would only work for systems internal to our domain and we would still have the issue with external devices.
The other option would be to tell our users to click the box to never display the warning message again and to go on or to add the self signed cert to their trusted list. Of course when ever you ask the user to do something there will be issues. We
have also found that in our testing that we can not seem to connect via the web portal with a macbook. We get an error that there is a problem with the trust relationship with the server after we login and click on an app or a desktop to connect. We
have been able to connect with iOS devices.
We could of course rename the .local domain to a .edu domain which would permit us to use our wildcard certificate but that is a major undertaking that we don't want to cross at the moment. I think I might have some up with a solution and wanted to
bounce the idea off of those on this forum.
If we setup a second domain on campus that is not a .local. Join the non internet facing RDS systems to this new domain that would have a SSL cert that was trusted and then setup a full trust relationship between the two domains such that users and
systems in one domain could communicate with the systems in the other domain would that remove the certificate warnings for external users?Hi AKlein,
Initially I thought if I setup a local AD CA that we could setup a trust relationship with the SSL cert. After further reading I believe that this would only work for systems internal to our domain and we would
still have the issue with external devices.
Just add the root CA certificate of the internal CA into Trusted Root Certification Authorities store on external clients manually (or through group policy if there is an external domain), then SSL certificate warning would be gone.
We could of course rename the .local domain to a .edu domain which would permit us to use our wildcard certificate but that is a major undertaking that we don't want to cross at the moment.
Yes, renaming domain is not recommended due to its complexity.
If we setup a second domain on campus that is not a .local. Join the non internet facing RDS systems to this new domain that would have a SSL cert that was trusted and then setup a full trust relationship between
the two domains such that users and systems in one domain could communicate with the systems in the other domain would that remove the certificate warnings for external users?
If you are setting up a new domain with two way trust, then root CA certificate of the internal CA still needs to be distributed manually (or through group policy). If you are setting up a child domain, then enterprise CA would be trusted within the same
forest.
As long as there are enough external users and devices to manage, an external private network exists and extra domain management tasks are acceptable, then setting up a new domain is a good choice since domain provides secure boundary.
Or, you could just create a new site from the other network location, which saves you from creating a new domain, new users and trust.
Best Regards,
Amy
Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected] -
External users can communicate web server, Internal users can't communicate
Hi All,
This Babu, I have Cisco - 1941 and ASA 5510, ISP was terminated on Router point ot point connectivity(10.10.10.0/30). Router isdie ip is Public ip
(49.49.49.1/28), firewall inside ip is 49.49.49.2 and i have done nating in firewall with private ip 192.168.1.0/24.
we have web server, this is also connected in Intranet, this internal ip was 192.168.1.13 nat with publi ip 49.49.49.13.
In this scenario all external users can communicate with web server ie www.example.com. but internal users can't communicate with www.example.com
All internal user able to ping the web server with 192.168.1.13 successfully and get the internet also.
Please help me, what is the problem...Hi Jereen,
my user tried the following :
- went to http://oraclepartnernetwork.oracle.com/
- at top of the page, click on the "Register / Sign In" link.
- entered user name [email protected], and password (he tried also with a reset system generated password)
- got "Invalid Login" Error
so it seems the issue is not with beehive online, but with SSO to start with...
my other sun.com users have the same issue. Could it be a restriction on Sun.com domain ?
I understand now my issue is not with beehive online, so don't hesitate to redirect me to the appropriate support team if necessary.
Thanks a lot for all your help
christian -
hiii
<b>Is it possible to send mail from SAP to External user??????if possible does BASIS people had to do something???</b>
I want to send the email from sap to external user([email protected]).My mail will consist of some changes made in production order(CO03). for which i had created the BADI. That part is over now i want to send the mail.
<b>I got many sample programs in sdn but when i enter the email address it execute but mail is not sent.....I want to know by just executing Zprogram mail will be sent or there is some role for BASIS also..............</b>
Thanking you.
Regards.There is a transaction called SCOT that needs to be configured
http://www.sap-basis-abap.com/sapbs035.htm
http://www.sap-img.com/basis/basis-faq.htm
http://help.sap.com/saphelp_nw2004s/helpdata/en/2b/d925bf4b8a11d1894c0000e8323c4f/frameset.htm -
Creating a link for external users to view my project
Hi -
I want to share my RoboHelp project with external users that do not have access to my company's internal server if I publish there. Is there a way to create a link to my project that I can just share with other people?
Thanks!Hello again
Are you clicking the "view result" link? If so, the CHM should simply open. However, there are a host of things that can go wrong along the way and to figure out what may be happening we need to ask all sorts of questions.
Did you click View Result after it finished? If so, what happened? An error? Nothing? What?
Where are you attempting to compile the help? When you look at the properties of your Single Source Layout recipe, where are you pointing the output folder to? What is the file name?
Are you able to open and view other CHM files? Do you know what a CHM file is?
As you can see, there are many questions to answer. And probably others I failted to think of.
Cheers... Rick
Helpful and Handy Links
RoboHelp Wish Form/Bug Reporting Form
Begin learning RoboHelp HTML 7, 8 or 9 within the day!
Adobe Certified RoboHelp HTML Training
SorcerStone Blog
RoboHelp eBooks -
Public SharePoint Online Site with External User Portal
Hello Everyone,<o:p></o:p>
My company switched over to Office 365 a few months ago, and now would like to start using our Public SharePoint site to share information (documents
pertaining to their orders/drawings/etc.) with our customers (external users).<o:p></o:p>
<o:p> </o:p>
I have seen documentation on how to share documents with individual users, but we were looking to do something a little bit different. We would ultimately
like to have a public site with generic company information (like hours, about us,directions etc.) that anyone can see.
We would also like to use SharePoint as almost an "FTP type" service where we could post documents and share them with individual
external
users. HOWEVER, instead of sharing individual documents, we were wondering if there was a way that an external user (that we have granted
access) could sign into the public SharePoint site, and then see information that ONLY pertains to them.
I have been doing some research on this, and I haven't seen that anyone else has tried this. Has anyone had any luck? Or would you have suggestions on how to make
this work? I had originally posted this question on the Office 365 SharePoint forum, and they suggested posting this question here. Any help would be appreciated. Thanks!Hi,
did you finally manage to get what you requested here above ? Indeed, I am also struggling to set up the same (public website with individual content sharing with external authentified user).
For external user, I am quite sure that we need to go through MS ID creation (I have created some test users using https://login.live.com).
Our public website is done and (almost) working. I have then created a sub-site for the same, this one to manage permission based on authentified user
But I am stuck when trying to assign a document library with relavant permission.
Would be great to share our feedback and I have searched a lto on the web and did not find any satisfying answer to this design (If there is any... here is my doubt...)
Thanks in advance
stef -
Excel Services Connectivity on Sharepoint 2013 for external user
Currently , external user is able to refresh the data on sharepoint site through browser. the data connection is pointing the one of the external data source. But how can an external user (Internet user which accessing sharepoint through internet) download
a copy of excel in sharepoint library and open the excel workbook with data refresh ability at client machine ?
Do we need client machine to be able to access / ping the external data source?
Thanks.Thanks for the response.
They want to perform data analysis and design their own report with own template , for example : to remove subtotal from the powerpivot tables which we cannot change the formatting at the excel services at browser level.
So if i understand correctly, we need to get the client machine to be able to access to the database server directly to get the access to the cube for data analysis although we had this odc file connection setup, am i right?
For internal user, network team should open port / access for them to access database server directly.
For external user, either to open public access to the database server directly or setup a VPN connection for the external user to access the database server in their secure network.
Let me know if i understand this correctly.
Thanks. -
SharePoint Online External Users
So I was taking SharePoint online for a test drive a few days ago. While I was looking at how users are given permissions to list and libraries I realize something that might
make or break SP Online for me. The out-of-the-box SharePoint Online implementation gives you one private site collection and one public website. Let just focus on the public website in this example. Now, by default the public website is at least viewable
to everyone. But what if I created a survey on my public website and only wanted members of the site to have access to it. I know that you can "Share Site" with external users. But can you allow visitors to your site the ability to create their own account,
and in turn fill out the survey? And of course without purchasing a license for every person filling the survey.
Jeffrey T McFarlandI'm not sure about making content on your public site private, but you can make content on your private sites public. You basically turn on external users for the entire Office 365 SharePoint Online account. Then you can optionally disable it
for certain site collections. That way, you can control who has access to what. This article might be helpful in explaining how external users works in SharePoint Online:
http://office.microsoft.com/en-us/sharepoint-online-enterprise-help/share-a-site-with-external-users-HA102476183.aspx -
Hi TechNet,
I have an MS SharePoint Online (SharePoint Plan 2) team site, quite simple, one document library etc.
I have successfully added all users (E3) within the organisation to groups, and permissioned correctly.
I have added myself (separate organisation, also Office 365 E3) as an External User, and have access to the website without any problems by authenticating with my Organization account e-mail address.
I have a single user (separate organisation, also Office 365 E3), who's setup is identical to mine (Also Office 365 E3).
However, when this user is added as an External User, they are unable to login, and get "Sign In is not complete":
That didn't work
We're sorry, but [email protected] can't be found in the CLIENT1.sharepoint.com directory. Please try again later, while we try to automatically fix this for you.
Correlation ID: dc1f7f9c-092b-20b8-7b35-89348ba22f71
Date and Time: 3/20/2014 7:06:55 AM
URL: https://CLIENT1.sharepoint.com/
User: [email protected]
Issue Type: Partner User Invalid.
I then remove the user using the Site Collection, and using the PRofile Manager, and using Remove-SPOUser, and using Remove-SPOExternalUser. Which is great, he's gone. However when I go to add him back to a group, as soon as I type his e-mail address, it
'Resolves' into his full name! If I have completely(?) removed him form the site, how is he being resolved? And therefore me trying to remove him to re-add him to try and solve the user/directory/auth issue is not working.
Furthermore, upon clicking on said client's username inside SharePoint (after I've 'added him back' of course), his ID, in format: i:0#.f|membership|live.com#[email protected] has an entirely different e-mail address, his Microsoft Account!
I'm assuming he must have been already signed into his Microsoft Account when he clicked on the External User e-mail invite? If so, I clearly do not want this, how can I remove lal traces of his Microsoft Account, given that I have gone to the lengths as
detailed above?
I have already completed these steps: http://community.office365.com/en-us/forums/148/p/228263/709905.aspx
Some possible further reading regarding Microsoft ID's and Organization ID's:
http://sergeluca.wordpress.com/2013/09/23/sharepoint-online-and-external-users-this-invitation-has-already-been-accepted-with-another-account-bug-or-feature/
Please let me know if you need any more information regarding this issue, and thanks in advance to anyone who can shed some light on this situation for me and anyone whom encounters it in the future.
Regards,
Evanly.Hi Scott,
Thank you so much for taking the time to read and respond to my issue.
Certainly, it makes sense that regardless of where the invitation it sent, the user would authenticate with their Microsoft ID.
In my case, I want the user to authenticate using their Microsoft Organisation ID, that they use for their seperate Office 365 account.
This is the way I was able to log in, and worked great. With my client, they are unable to access Sharepoint because once they sign in with their Microsoft Organisation / Office 365 ID, they are told they are not in the directory, because their Microsoft
ID is in the directory and it doesn't match up.
I am simultaneously trying to 1) Remove all traces of this users Microsoft ID, which so far using the above steps, has been unsuccessful; and 2) Invite the user using his Microsoft Organisation ID, and have him authenticate with that (which is proved to
work, as my account uses this).
Looking forward to any more suggestions. Thanks in advance! -
Problem with links for external user
Hi,
We´re using SAP NetWeaver Portal 2004s SPS 10 and we have a problem with links within notification-mails:
The link to the document (e.g. within a subscription mail) consists of "http:///...". Only user using the portal within our network can open this links. All external user can´t open this links. How can I change the URL so that our external user can open the links, too?
Thanks for help,
Sven KellerWe already have another URL for external usage. My problem is how to define that created links to documents and folder are automatically using the external URL.
If somebody receives an email (e.g. subscription) the URL to the folder is:
http://<portalserver>:51000/irj/go/km/navigation/documents/Public Documents/Documentation
But it should be:
https://<externalportal>/irj/go/km/navigation/documents/Public Documents/Documentation
Message was edited by:
Sven Keller -
Hi friends,
I wrote this code to send mail to external user from sap.
It did not work properly can anyone help me to send email to extenal user.
The return code after executing the function module is 2.
DATA: OBJPACK LIKE SOPCKLSTI1 OCCURS 2 WITH HEADER LINE.
DATA: OBJHEAD LIKE SOLISTI1 OCCURS 1 WITH HEADER LINE.
DATA: OBJBIN LIKE SOLISTI1 OCCURS 10 WITH HEADER LINE.
DATA: OBJTXT LIKE SOLISTI1 OCCURS 10 WITH HEADER LINE.
DATA: RECLIST LIKE SOMLRECI1 OCCURS 5 WITH HEADER LINE.
DATA: DOC_CHNG LIKE SODOCCHGI1.
DATA: TAB_LINES LIKE SY-TABIX.
Creating the document to be sent
DOC_CHNG-OBJ_NAME = 'OFFER'.
DOC_CHNG-OBJ_DESCR = 'abcd'.
OBJTXT = 'aaaaaaaaaaa:'.
APPEND OBJTXT.
OBJTXT = 'bbbbbbbbbb'.
APPEND OBJTXT.
OBJTXT = 'ccccccccccccc.'.
APPEND OBJTXT.
DESCRIBE TABLE OBJTXT LINES TAB_LINES.
READ TABLE OBJTXT INDEX TAB_LINES.
DOC_CHNG-DOC_SIZE = ( TAB_LINES - 1 ) * 255 + STRLEN( OBJTXT ).
RECLIST-RECEIVER = mail address.
RECLIST-REC_TYPE = 'U'.
RECLIST-COM_TYPE = 'INT'.
RECLIST-NOTIF_DEL = 'X'.
RECLIST-NOIF_NDEL = 'X'.
APPEND RECLIST.
Creating the entry for the compressed document
CLEAR OBJPACK-TRANSF_BIN.
OBJPACK-HEAD_START = 1.
OBJPACK-HEAD_NUM = 0.
OBJPACK-BODY_START = 1.
OBJPACK-BODY_NUM = TAB_LINES.
OBJPACK-DOC_TYPE = 'RAW'.
APPEND OBJPACK.
Creating the document attachment
(Assume the data in OBJBIN are given in BMP format)
OBJBIN = ' \O/ '. APPEND OBJBIN.
OBJBIN = ' '. APPEND OBJBIN.
OBJBIN = ' / \ '. APPEND OBJBIN.
DESCRIBE TABLE OBJBIN LINES TAB_LINES.
OBJHEAD = 'picasso.bmp'. APPEND OBJHEAD.
Creating the entry for the compressed attachment
OBJPACK-TRANSF_BIN = 'X'.
OBJPACK-HEAD_START = 1.
OBJPACK-HEAD_NUM = 1.
OBJPACK-BODY_START = 1.
OBJPACK-BODY_NUM = TAB_LINES.
OBJPACK-DOC_TYPE = 'BMP'.
OBJPACK-OBJ_NAME = 'ATTACHMENT'.
OBJPACK-OBJ_DESCR = 'Reproduction object 138'.
OBJPACK-DOC_SIZE = TAB_LINES * 255.
APPEND OBJPACK..
Sending the document
CALL FUNCTION 'SO_NEW_DOCUMENT_ATT_SEND_API1'
EXPORTING
DOCUMENT_DATA = DOC_CHNG
PUT_IN_OUTBOX = 'X'
COMMIT_WORK = 'X'
TABLES
PACKING_LIST = OBJPACK
OBJECT_HEADER = OBJHEAD
CONTENTS_BIN = OBJBIN
CONTENTS_TXT = OBJTXT
RECEIVERS = RECLIST
EXCEPTIONS
TOO_MANY_RECEIVERS = 1
DOCUMENT_NOT_SENT = 2
OPERATION_NO_AUTHORIZATION = 4
OTHERS = 99.
IF SY-SUBRC NE 0.
MESSAGE ID SY-MSGID TYPE SY-MSGTY NUMBER SY-MSGNO
WITH SY-MSGV1 SY-MSGV2 SY-MSGV3 SY-MSGV4.
ENDIF.Hi,
Check in SCOT t-code whether it has been properly configred to send the mails
Regards,
siva chalasani. -
Unable to message external user
Hi All,
When attempting to message an external user, I see the error:
When contacting your support team, reference error ID 504 (source ID 239)
Turning on Event Logging shows:
A SIP request made by Lync failed in an unexpected manner (status code 80ef01f8). More information is contained in the following technical data:
RequestUri: sip:[email protected]
From: sip:[email protected];tag=removed
To: sip:[email protected];tag=removed
Call-ID: removed
Content-type: application/sdp;call-type=im
v=0
o=- 0 0 IN IP4 removed
s=session
c=IN IP4 removed
t=0 0
m=message 5060 sip null
a=accept-types:text/plain multipart/alternative image/gif text/rtf text/html application/x-ms-ink application/ms-imdn+xml text/x-msmsgsinvite
Response Data:
504 Server time-out
ms-diagnostics: 1041;reason="Peer server pool is out of service";Peer="sip.externaldomain.com";Port="5061";source="sip.mydomain.com";OriginalPresenceState="0";CurrentPresenceState="0";MeInsideUser="No";ConversationInitiatedBy="6";SourceNetwork="5";RemotePartyCanDoIM="Yes"
From what I've read, it seems I need to do something with certificates. Is that correct?Hi Lisa, thanks for the reply.
Which certificate? Is it a certificate from the other organisation?
The certificate for external edge interface.
You need to assign a public certificate to external edge interface.
Please also check the federated organization have public certificate for their external edge interface and the DNS SRV record for federation is created correctly for the federated organization.
Best Regards,
Lisa Zheng
Lisa Zheng
TechNet Community Support -
SharePoint 2013 CAL and External users
Hi,
We are setting up an extranet site(SharePoint 2013 standard version) on Rackspace, Both employee and non-employee will use this site. Employee will use company existing SAML 2.0 based authentication and non-employee will use FBA to login to
the portal.
I would like to know if we need to buy CAL for external users(non-employee)? What is the definition of external users?
Thanks,
PatCheck out this post and this should answer all you questions.
http://social.technet.microsoft.com/forums/sharepoint/en-US/0756aaa7-b307-4793-b019-bc58d4ace8b2/sharepoint-foundation-fba-on-internet-licensing
Thanks, Danny Hickman IT Support Specialist
Maybe you are looking for
-
MacBook (late 2008) is really slow
Hi folks, so here's the situation. My gf's late 2008 MacBook ist annoyingly slow. I have 8 tabs open in Safari and when going back and forth between those tabs it gives me the spinning beachball for like 30 seconds. Sometimes it even reloads the whol
-
HP Pavilion x360 Toucpad is erratic
This is a new system purchased J it an 15. I have not used much as I am converting my data from Mac to PC. I have from the beginning been having serious issues with the touchpad cursor or any controls being all over the place and just doing what
-
Returns order to Vendor with delivery
Hi, I am doing returns order to vendor with delivery. Shipping data has been determined during return order creation, but delivery is not getting created. Please guide me through this....
-
VAT Belgium balance at months end 0
Hello experts, Customers sometime have at months end the balance between VAT payable and deductable becomes 0. Nevertheless VAT authorities want to see 0 in box 71 on the declaration. Can anyone explain how to configure this? Thanks and regards. Wal
-
Mac Photoshop CS5 – Menus Too Long (yes really !)
I've just bought Photoshop CS5 to stay on the upgrade path. I have to say I'm rather disappointed, the new features don't seem to work as advertised, and I'm finding a few glitches – one of which is the subject of the post. In designing (or redesign