EXTERNAL USER VERIFICATION PROCESS V2

I posted this on the security forum w/ no response, hence trying here
We have a large number of users from different companies. They need to login to access the information on the site, pertinent to their own company. Now, when a user leaves their own employer, we would like to disable their login. Presently we verify the users credentials, by sending periodic emails to the users and disabling those whose emails bounce back. This is tedious and prone to error, as things like spam filters or server problems can cause spurious bounces.
Any experiences or suggestions regarding this? Thanks

Hi,
It doesn't matter where user exits. If we have radius accounting enabled on the ASA and ACS. It will surely log the session with username. However make sure that you have selected the username under the logged attributes.
In order to check this go to system configuration > logging > radius accounting > click on configure > move the username under logged attributes table and try again.
Detailed steps:
To configure CiscoSecure ACS to perform RADIUS accounting using CSV,       perform these steps:
In the navigation bar, click System             Configuration.
Click Logging. The Logging Configuration page             appears.
Select CSV RADIUS Accounting.
Confirm that the Log to CSV RADIUS Accounting             report check box is selected. If it is not selected, select it             now.
In the Select Attributes To Log table, make sure             that the RADIUS attributes you want to see in the RADIUS accounting log appear             in the Logged Attributes list. In addition to the standard             RADIUS attributes, there are several special logging attributes provided by             CiscoSecure ACS, such as Real Name, ExtDB Info, and Logged             Remotely.
Please let me know if that works.
HTH
Regards,
JK
Plz rate helpful posts-

Similar Messages

  • EXTERNAL USER VERIFICATION PROCESS

    Any tips, guidelines, or best practices on this topic?
    We have a large number of users from different companies. They need to login to access the information on the site, pertinent to their own company. Now, when a user leaves their own employer, we would like to disable their login. Presently we verify the users credentials, by sending periodic emails to the users and disabling those whose emails bounce back. This is tedious and prone to error, as things like spam filters or server problems can cause spurious bounces.
    Any experiences or suggestions regarding this? Thanks

    Hi Harshita.....
    Actually DTW template is there in SAP by oBankPages name. Whatever transactions you did related to your bank all that are present in your bank statement. You need to just arrange the bank statement in you template else you can fill the manual enties into the process external bank statement window in SAP. Then only it will come to RHS of the recon window......
    Regards,
    Rahul

  • How to hide some folders in a woprkspace from some external users?

    Hi
    We manage a workspace that has both Internal external users. We have a requirements in a way that external users can only see some folders they have access to. What is the best way to accomplish.
    I reviewed an article in "How to" section which describes how to use ACLS to hide some folders from certain users (https://beehiveonline.oracle.com/External_06_howto.html).
    But this process is cumbersome as we need to go to exh folder and revoke permission for selected users. And also if we add any new folders to the workspace that folder will default be accessible to the external users also. We want by default any new folders do not have access to this group of users except the ones we provide access to.
    How can we do it?
    Regards
    Ram Uppu

    Ram,
    We have a new process which is much more easily used - the https://beehiveonline.oracle.com/External_06_howto.html page has been upfdated to show the new process.
    phil

  • ACS 4.2.1.15 External User Database 'Authen DLL '

    Having CSACSE-1113-K9 with ACS 4.2.15.
    I want to confiure windows user database under extrenal user database but i get an error  (attached) 'An error has occured while processing the Authen DLL Configure pagebecasue an error occured....'
    External User Database----->database configuration --->Windows Database------>Configure.
    I tried to stop the services and start agian but the same issue.
    Th eappliance is secondary (backup) ACS. On the primary it is working fine.
    Any help would be appreciated.
    Regards,
    BJ

    Hi Abdul,
      Can you check if the remote agent on the windows server box is running the same 4.2.1.15 version as well.
    Like if  ACS -4.2.1.15   then make sure that remote agent is also 4.2.1.15
    or
    if ACS is running 4.2.1.15 patch 2 then remote agent should also be 4.2.1.15 patch 2
    Let me know if the version is same and if not then install the remote agent correctly and try again.

  • How external users can upload files in document library hosted in onpremise SharePoint?

    Hi all,
    We have setup a document library(DL) in SharePoint site hosed on-premise with no direct access from public zone/internet being an intranet solution. We have some external users who need to upload some files that needs to go in this document
    library. These files are quite confidential in nature so security is a prime requirement. Following are the couple of options I have in mind:
    1. External users upload their file in their designated folder to secure FTP using their own credential set. And also there is a background process (kind of directory watcher) that keep looking at the all the folders
    and moves the files to document library
    2. We host a single page application which has One time password (OTP) kind of feature. External user comes to the secure site to specify Vendor team name and mobile number. OTP is generated and user is asked to specify the password along with file
    they would like to upload. This page also maps the vendor name with respective folder in DL and moves the files to SharePoint there on the fly.
    Pls. share your opinion about these approaches. Also welcome your thoughts if there is any other better option.
    Thanks.

    Hi,
    I agree with the Margriet, the first option is simple and safe, the users could not access the document library directly.
    For security, it is an importance for users not access the document library directly, it will reduce the risk of the documents in the library.
    Thanks,
    Jason
    Forum Support
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
    [email protected]
    Jason Guo
    TechNet Community Support

  • Find email address of external user that accepted invitation

    Invited external user created a Microsoft account because organizational email didn't work.  User forgot email address-password.  It is possable to see this email address somewhere.  Invitation history shows organizational email. 
    My gut reaction is to delete their account, reinvite and tell them to create a new Microsoft account.

    Hi,
    According to your description, you want to reset password for a user account.
    What did you mean for "Microsoft Account"? Was it a Microsoft account like outlook.com/hotmail.com or domain.com?
    If it was a Microsoft account like outlook.com or hotmail.com, the user can reset the password as the process of forgetting password.
    If it was like domain.com, it could be achieved using “Active Directory Users and Computers” in DC server.
    Refer:
    Feel free to reply if there are still any questions.
    Best regards
    Wendy Li
    TechNet Community Support

  • Deployment verification process

    Hello Experts
    Do we have a process to verify that Deployment of OBIEE11g from DEv - Test - Prod is done successfully . especially the security part. If one application role was missed in WLS, how do I know that? We need a verification process to verify the environment is expected after finish the deployment.
    Edited by: 894860 on Jan 7, 2013 11:30 PM

    Hi User,
    There is no traditional verification process..
    You can have a checklist for the movement of the Dev-Test-Prod.
    make sure that all the checklist is moved.
    Then you can have a testing cheklist (for Security testing as well) to be followed in dev,test and Prod.
    same has to be checked in production env as well.
    Basically more of documantation required than the technical work.
    after all production enviroment will also have some issue my frend....Nothing is gona be perfect at first shot.
    Mark if helpful/Correct
    fiaz

  • Send email from SAP to External User ..........

    hiii
    <b>Is it possible to send mail from SAP to External user??????if possible does BASIS people had to do something???</b>
    I want to send the email from sap to external user([email protected]).My mail will consist of some changes made in production order(CO03). for which i had created the BADI. That part is over now i want to send the mail.
    <b>I got many sample programs in sdn but when i enter the email address it execute but mail is not sent.....I want to know by just executing Zprogram mail will be sent or there is some role for BASIS also..............</b>
    Thanking you.
    Regards.

    There is a transaction called SCOT that needs to be configured
    http://www.sap-basis-abap.com/sapbs035.htm
    http://www.sap-img.com/basis/basis-faq.htm
    http://help.sap.com/saphelp_nw2004s/helpdata/en/2b/d925bf4b8a11d1894c0000e8323c4f/frameset.htm

  • Creating a link for external users to view my project

    Hi -
    I want to share my RoboHelp project with external users that do not have access to my company's internal server if I publish there. Is there a way to create a link to my project that I can just share with other people?
    Thanks!

    Hello again
    Are you clicking the "view result" link? If so, the CHM should simply open. However, there are a host of things that can go wrong along the way and to figure out what may be happening we need to ask all sorts of questions.
    Did you click View Result after it finished? If so, what happened? An error? Nothing? What?
    Where are you attempting to compile the help? When you look at the properties of your Single Source Layout recipe, where are you pointing the output folder to? What is the file name?
    Are you able to open and view other CHM files? Do you know what a CHM file is?
    As you can see, there are many questions to answer. And probably others I failted to think of.
    Cheers... Rick
    Helpful and Handy Links
    RoboHelp Wish Form/Bug Reporting Form
    Begin learning RoboHelp HTML 7, 8 or 9 within the day!
    Adobe Certified RoboHelp HTML Training
    SorcerStone Blog
    RoboHelp eBooks

  • Public SharePoint Online Site with External User Portal

    Hello Everyone,<o:p></o:p>
    My company switched over to Office 365 a few months ago, and now would like to start using our Public SharePoint site to share information (documents
    pertaining to their orders/drawings/etc.) with our customers (external users).<o:p></o:p>
    <o:p> </o:p>
    I have seen documentation on how to share documents with individual users, but we were looking to do something a little bit different. We would ultimately
    like to have a public site with generic company information (like hours, about us,directions etc.) that anyone can see.
    We would also like to use SharePoint as almost an "FTP type" service where we could post documents and share them with individual
    external
    users. HOWEVER, instead of sharing individual documents, we were wondering if there was a way that an external user (that we have granted
    access) could sign into the public SharePoint site, and then see information that ONLY pertains to them.
    I have been doing some research on this, and I haven't seen that anyone else has tried this. Has anyone had any luck? Or would you have suggestions on how to make
    this work? I had originally posted this question on the Office 365 SharePoint forum, and they suggested posting this question here. Any help would be appreciated. Thanks!

    Hi,
    did you finally manage to get what you requested here above ? Indeed, I am also struggling to set up the same (public website with individual content sharing with external authentified user).
    For external user, I am quite sure that we need to go through MS ID creation (I have created some test users using https://login.live.com).
    Our public website is done and (almost) working. I have then created a sub-site for the same, this one to manage permission based on authentified user
    But I am stuck when trying to assign a document library with relavant permission.
    Would be great to share our feedback and I have searched a lto on the web and did not find any satisfying answer to this design (If there is any... here is my doubt...)
    Thanks in advance
    stef

  • Excel Services Connectivity on Sharepoint 2013 for external user

    Currently , external user is able to refresh the data on sharepoint site through browser. the data connection is pointing the one of the external data source. But how can an external user (Internet user which accessing sharepoint through internet) download
    a copy of excel in sharepoint library and open the excel workbook with data refresh ability at client machine ?
    Do we need client machine to be able to access / ping the external data source? 
    Thanks.

    Thanks for the response.
    They want to perform data analysis and design their own report with own template , for example : to remove subtotal from the powerpivot tables which we cannot change the formatting at the excel services at browser level.
    So if i understand correctly, we need to get the client machine to be able to access to the database server directly to get the access to the cube for data analysis although we had this odc file connection setup, am i right?
    For internal user, network team should open port / access for them to access database server directly.
    For external user, either to open public access to the database server directly or setup a VPN connection for the external user to access the database server in their secure network.
    Let me know if i understand this correctly.
    Thanks.

  • SharePoint Online External Users

    So I was taking SharePoint online for a test drive a few days ago. While I was looking at how users are given permissions to list and libraries I realize something that might
    make or break SP Online for me. The out-of-the-box SharePoint Online implementation gives you one private site collection and one public website. Let just focus on the public website in this example. Now, by default the public website is at least viewable
    to everyone. But what if I created a survey on my public website and only wanted members of the site to have access to it. I know that you can "Share Site" with external users. But can you allow visitors to your site the ability to create their own account,
    and in turn fill out the survey? And of course without purchasing a license for every person filling the survey.
    Jeffrey T McFarland

    I'm not sure about making content on your public site private, but you can make content on your private sites public.  You basically turn on external users for the entire Office 365 SharePoint Online account.  Then you can optionally disable it
    for certain site collections.  That way, you can control who has access to what.  This article might be helpful in explaining how external users works in SharePoint Online: 
    http://office.microsoft.com/en-us/sharepoint-online-enterprise-help/share-a-site-with-external-users-HA102476183.aspx

  • Can't Login to SharePoint as an invited External User / Can't Remove All Traces of External User with Microsoft Account

    Hi TechNet,
    I have an MS SharePoint Online (SharePoint Plan 2) team site, quite simple, one document library etc.
    I have successfully added all users (E3) within the organisation to groups, and permissioned correctly.
    I have added myself (separate organisation, also Office 365 E3) as an External User, and have access to the website without any problems by authenticating with my Organization account e-mail address.
    I have a single user (separate organisation, also Office 365 E3), who's setup is identical to mine (Also Office 365 E3).
    However, when this user is added as an External User, they are unable to login, and get "Sign In is not complete":
    That didn't work
    We're sorry, but [email protected] can't be found in the CLIENT1.sharepoint.com directory. Please try again later, while we try to automatically fix this for you. 
    Correlation ID: dc1f7f9c-092b-20b8-7b35-89348ba22f71
    Date and Time: 3/20/2014 7:06:55 AM
    URL: https://CLIENT1.sharepoint.com/
    User: [email protected]
    Issue Type: Partner User Invalid.    
    I then remove the user using the Site Collection, and using the PRofile Manager, and using Remove-SPOUser, and using Remove-SPOExternalUser. Which is great, he's gone. However when I go to add him back to a group, as soon as I type his e-mail address, it
    'Resolves' into his full name! If I have completely(?) removed him form the site, how is he being resolved? And therefore me trying to remove him to re-add him to try and solve the user/directory/auth issue is not working.
    Furthermore, upon clicking on said client's username inside SharePoint (after I've 'added him back' of course), his ID, in format: i:0#.f|membership|live.com#[email protected] has an entirely different e-mail address, his Microsoft Account! 
    I'm assuming he must have been already signed into his Microsoft Account when he clicked on the External User e-mail invite? If so, I clearly do not want this, how can I remove lal traces of his Microsoft Account, given that I have gone to the lengths as
    detailed above?
    I have already completed these steps: http://community.office365.com/en-us/forums/148/p/228263/709905.aspx
    Some possible further reading regarding Microsoft ID's and Organization ID's:
    http://sergeluca.wordpress.com/2013/09/23/sharepoint-online-and-external-users-this-invitation-has-already-been-accepted-with-another-account-bug-or-feature/
    Please let me know if you need any more information regarding this issue, and thanks in advance to anyone who can shed some light on this situation for me and anyone whom encounters it in the future.
    Regards,
    Evanly.

    Hi Scott,
    Thank you so much for taking the time to read and respond to my issue.
    Certainly, it makes sense that regardless of where the invitation it sent, the user would authenticate with their Microsoft ID.
    In my case, I want the user to authenticate using their Microsoft Organisation ID, that they use for their seperate Office 365 account.
    This is the way I was able to log in, and worked great. With my client, they are unable to access Sharepoint because once they sign in with their Microsoft Organisation / Office 365 ID, they are told they are not in the directory, because their Microsoft
    ID is in the directory and it doesn't match up.
    I am simultaneously trying to 1) Remove all traces of this users Microsoft ID, which so far using the above steps, has been unsuccessful; and 2) Invite the user using his Microsoft Organisation ID, and have him authenticate with that (which is proved to
    work, as my account uses this).
    Looking forward to any more suggestions. Thanks in advance!

  • Problem with links for external user

    Hi,
    We´re using SAP NetWeaver Portal 2004s SPS 10 and we have a problem with links within notification-mails:
    The link to the document (e.g. within a subscription mail) consists of "http:///...". Only user using the portal within our network can open this links. All external user can´t open this links. How can I change the URL so that our external user can open the links, too?
    Thanks for help,
    Sven Keller

    We already have another URL for external usage. My problem is how to define that created links to documents and folder are automatically using the external URL.
    If somebody receives an email (e.g. subscription) the URL to the folder is:
    http://<portalserver>:51000/irj/go/km/navigation/documents/Public Documents/Documentation
    But it should be:
    https://<externalportal>/irj/go/km/navigation/documents/Public Documents/Documentation
    Message was edited by:
            Sven Keller

  • Send email to external user using fm 'SO_NEW_DOCUMENT_ATT_SEND_API1'

    Hi friends,
    I wrote this code to send mail to external user from sap.
    It did not work properly can anyone help me to send email to extenal user.
    The return code after executing the function module is 2.
    DATA: OBJPACK LIKE SOPCKLSTI1 OCCURS  2 WITH HEADER LINE.
    DATA: OBJHEAD LIKE SOLISTI1   OCCURS  1 WITH HEADER LINE.
    DATA: OBJBIN  LIKE SOLISTI1   OCCURS 10 WITH HEADER LINE.
    DATA: OBJTXT  LIKE SOLISTI1   OCCURS 10 WITH HEADER LINE.
    DATA: RECLIST LIKE SOMLRECI1  OCCURS  5 WITH HEADER LINE.
    DATA: DOC_CHNG LIKE SODOCCHGI1.
    DATA: TAB_LINES LIKE SY-TABIX.
    Creating the document to be sent
    DOC_CHNG-OBJ_NAME = 'OFFER'.
    DOC_CHNG-OBJ_DESCR = 'abcd'.
    OBJTXT = 'aaaaaaaaaaa:'.
    APPEND OBJTXT.
    OBJTXT = 'bbbbbbbbbb'.
    APPEND OBJTXT.
    OBJTXT = 'ccccccccccccc.'.
    APPEND OBJTXT.
    DESCRIBE TABLE OBJTXT LINES TAB_LINES.
    READ TABLE OBJTXT INDEX TAB_LINES.
    DOC_CHNG-DOC_SIZE = ( TAB_LINES - 1 ) * 255 + STRLEN( OBJTXT ).
    RECLIST-RECEIVER = mail address.
    RECLIST-REC_TYPE = 'U'.
    RECLIST-COM_TYPE = 'INT'.
    RECLIST-NOTIF_DEL = 'X'.
    RECLIST-NOIF_NDEL = 'X'.
    APPEND RECLIST.
    Creating the entry for the compressed document
    CLEAR OBJPACK-TRANSF_BIN.
    OBJPACK-HEAD_START = 1.
    OBJPACK-HEAD_NUM   = 0.
    OBJPACK-BODY_START = 1.
    OBJPACK-BODY_NUM   = TAB_LINES.
    OBJPACK-DOC_TYPE   = 'RAW'.
    APPEND OBJPACK.
    Creating the document attachment
    (Assume the data in OBJBIN are given in BMP format)
    OBJBIN = ' \O/ '. APPEND OBJBIN.
    OBJBIN = '     '. APPEND OBJBIN.
    OBJBIN = ' / \ '. APPEND OBJBIN.
    DESCRIBE TABLE OBJBIN LINES TAB_LINES.
    OBJHEAD = 'picasso.bmp'. APPEND OBJHEAD.
    Creating the entry for the compressed attachment
    OBJPACK-TRANSF_BIN = 'X'.
    OBJPACK-HEAD_START = 1.
    OBJPACK-HEAD_NUM   = 1.
    OBJPACK-BODY_START = 1.
    OBJPACK-BODY_NUM   = TAB_LINES.
    OBJPACK-DOC_TYPE   = 'BMP'.
    OBJPACK-OBJ_NAME   = 'ATTACHMENT'.
    OBJPACK-OBJ_DESCR = 'Reproduction object 138'.
    OBJPACK-DOC_SIZE   = TAB_LINES * 255.
      APPEND OBJPACK..
    Sending the document
    CALL FUNCTION 'SO_NEW_DOCUMENT_ATT_SEND_API1'
         EXPORTING
              DOCUMENT_DATA = DOC_CHNG
              PUT_IN_OUTBOX = 'X'
              COMMIT_WORK   = 'X'
         TABLES
              PACKING_LIST  = OBJPACK
              OBJECT_HEADER = OBJHEAD
             CONTENTS_BIN  = OBJBIN
               CONTENTS_TXT  = OBJTXT
               RECEIVERS     = RECLIST
          EXCEPTIONS
               TOO_MANY_RECEIVERS = 1
               DOCUMENT_NOT_SENT  = 2
               OPERATION_NO_AUTHORIZATION = 4
               OTHERS = 99.
    IF SY-SUBRC NE 0.
    MESSAGE ID SY-MSGID TYPE SY-MSGTY NUMBER SY-MSGNO
    WITH SY-MSGV1 SY-MSGV2 SY-MSGV3 SY-MSGV4.
    ENDIF.

    Hi,
    Check in SCOT t-code whether it has been properly configred to send the mails
    Regards,
    siva chalasani.

Maybe you are looking for

  • Error when integrating Adobe form in Webdynpro

    Hi,         Anyone tell me whts this error? How to solve this? The following error text was processed in the system AD0 : WebDynpro Exception: ADS: com.adobe.ProcessingException: Could not retrieve a password for credential: ReaderRights(200.101). Th

  • How to insert a JPG file from file system to Oracle 10g?

    I have developed a schema to store photos as BLOB which store the text description as CLOB original filename, file size. I also use ctxsys.context to index TEXT_DESCRIPTION in order to perform Oracle Text Search and it works. I would like to insert s

  • Tolerance Limits - Error message: SV033

    Hi Guys, I am trying to add a new entry on  the below transaction: IMG - Material Managment - Logistics Invoice Verification - Invoice Block - Set Tolerance Limits But I got the error message: SV033 - "Specify the key within the work area". Does anyo

  • Regd : Integration Object : Selection of Envelope for Creating Schema(XSD)

    Hi Have Created a Integration Object, to Create an XSD File we can hit the "Generate Schema" Button under Siebel Tools Level After that i am Selecting a Business Service Called "EAI XML XSD Generator" after this within the Wizard an Option called *"S

  • Out of memory error, Urgent!!!

    Hi All, I know there have been a lot of posts for this topic, but none of them seem to address my problem. So please help me out!!! I have written an GUI application that if you open and close for up to certain times, say 10 times, then you will get