Extranet Management (External Users)
Dear all,
we are working with JAM to support Project Collaboration. All of our employees are working with groups related to projects.
But we also startet to work with people from outside the company, mostly customers.
So they invite external group members to single groups.
I would like to know if someone else has experience in working with external users.
1) We have sometimes issues with their initial log on - the users get locked or the invitation cannot be opened in the browser. We know that there are specific browser settings required, which are fulfilled, but there must be something missing in some cases. Was someone facing similar issues and how did you fix that?
2) How do you handle password reset? we always have to open a case for JAM support.
thank you in advance
Regards, Julia
Hi Julia: Send me your customer support ticket number & I can look into it for you.
Rich
Similar Messages
-
External users cannot manage a persistent chat rooms - result in "Internal Server Errors"
Hi All,
I have small Lync setup based on a Standard Edition server, with the Persistent Chat server co-located on the SE. User within the organisation can manage chat room just fine via the web interface, yet external users are presented with an Internal Server
Error.
Looking at IIS, I can see an Application added to the Lync Internal Web site for Persistent Chat (which points to a physical location of "C:\Program Files\Microsoft Lync Server 2013\Web Components\PersistentChat\Int"), and on the Lync External
site, I see a virtual directory pointing to "C:\Program Files\Microsoft Lync Server 2013\Web Components\PersistentChat\Ext".
Trying to navigate to the external site (on port 4443) on the SE server results in the following error:
Detailed Error Information:
Module
IIS Web Core
Notification
BeginRequest
Handler
Not yet determined
Error Code
0x80070021
Config Error
Configuration section not allowed to be set below application
Config File
\\?\C:\Program Files\Microsoft Lync Server 2013\Web Components\PersistentChat\Ext\web.config
Requested URL
https://localhost:4443/PersistentChat/RM/?clientlang=en-US&id=72C81A04-8B9F-4F12-BBA1-422915236795
Physical Path
C:\Program Files\Microsoft Lync Server 2013\Web Components\PersistentChat\Ext\RM\
Logon Method
Not yet determined
Logon User
Not yet determined
Config Source:
8: <system.webServer>
9: <modules>
10: <remove name="PreAuthModule" />
Any ideas?
Cheers
ChrisIf this is the one I think I've seen, Graham Cropley blogged about it:
http://www.lyncexch.co.uk/persistent-chat-december-2014-cu-500-internal-server-error/
Check out Fix #1.
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
SWC Unified Communications
This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.
Very nice, and thank you again. Interesting article, and it appears that the issues persist even after the February 2015 CU.
Chris -
Setting up Remote Management for external users
Hi All,
We currently have a zenworks 10.3 environment set up and all appears to be working well on the LAN with regards to being able to remote control machines etc. We are now looking to expand the remote control to enable support staff to remote control machines outside of our LAN.
From what I understand so far through reading the zenworks documentation, is that we would need some kind of proxy server setup in the DMZ that will listen for requests from the client device and forward these on to the agent. There will inevitably need to be firewall changes etc etc... but i guess my question is to you guys who I expect have set some this up in your own environments, is how have you guys gone about achieving this? Its evident that there may be more than one way to achieve this, but would be useful to know the correct way of doing this?
I know the question is a little vague, but this is the first time we’ve looked into the remote management externally - and this is where all the knowledge is :)
ThanksMartyu89,
It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.
Has your problem been resolved? If not, you might try one of the following options:
- Visit http://support.novell.com and search the knowledgebase and/or check all
the other self support options and support programs available.
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.novell.com)
Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.novell.com/faq.php
If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.
Good luck!
Your Novell Product Support Forums Team
http://forums.novell.com/ -
Public SharePoint Online Site with External User Portal
Hello Everyone,<o:p></o:p>
My company switched over to Office 365 a few months ago, and now would like to start using our Public SharePoint site to share information (documents
pertaining to their orders/drawings/etc.) with our customers (external users).<o:p></o:p>
<o:p> </o:p>
I have seen documentation on how to share documents with individual users, but we were looking to do something a little bit different. We would ultimately
like to have a public site with generic company information (like hours, about us,directions etc.) that anyone can see.
We would also like to use SharePoint as almost an "FTP type" service where we could post documents and share them with individual
external
users. HOWEVER, instead of sharing individual documents, we were wondering if there was a way that an external user (that we have granted
access) could sign into the public SharePoint site, and then see information that ONLY pertains to them.
I have been doing some research on this, and I haven't seen that anyone else has tried this. Has anyone had any luck? Or would you have suggestions on how to make
this work? I had originally posted this question on the Office 365 SharePoint forum, and they suggested posting this question here. Any help would be appreciated. Thanks!Hi,
did you finally manage to get what you requested here above ? Indeed, I am also struggling to set up the same (public website with individual content sharing with external authentified user).
For external user, I am quite sure that we need to go through MS ID creation (I have created some test users using https://login.live.com).
Our public website is done and (almost) working. I have then created a sub-site for the same, this one to manage permission based on authentified user
But I am stuck when trying to assign a document library with relavant permission.
Would be great to share our feedback and I have searched a lto on the web and did not find any satisfying answer to this design (If there is any... here is my doubt...)
Thanks in advance
stef -
Hi TechNet,
I have an MS SharePoint Online (SharePoint Plan 2) team site, quite simple, one document library etc.
I have successfully added all users (E3) within the organisation to groups, and permissioned correctly.
I have added myself (separate organisation, also Office 365 E3) as an External User, and have access to the website without any problems by authenticating with my Organization account e-mail address.
I have a single user (separate organisation, also Office 365 E3), who's setup is identical to mine (Also Office 365 E3).
However, when this user is added as an External User, they are unable to login, and get "Sign In is not complete":
That didn't work
We're sorry, but [email protected] can't be found in the CLIENT1.sharepoint.com directory. Please try again later, while we try to automatically fix this for you.
Correlation ID: dc1f7f9c-092b-20b8-7b35-89348ba22f71
Date and Time: 3/20/2014 7:06:55 AM
URL: https://CLIENT1.sharepoint.com/
User: [email protected]
Issue Type: Partner User Invalid.
I then remove the user using the Site Collection, and using the PRofile Manager, and using Remove-SPOUser, and using Remove-SPOExternalUser. Which is great, he's gone. However when I go to add him back to a group, as soon as I type his e-mail address, it
'Resolves' into his full name! If I have completely(?) removed him form the site, how is he being resolved? And therefore me trying to remove him to re-add him to try and solve the user/directory/auth issue is not working.
Furthermore, upon clicking on said client's username inside SharePoint (after I've 'added him back' of course), his ID, in format: i:0#.f|membership|live.com#[email protected] has an entirely different e-mail address, his Microsoft Account!
I'm assuming he must have been already signed into his Microsoft Account when he clicked on the External User e-mail invite? If so, I clearly do not want this, how can I remove lal traces of his Microsoft Account, given that I have gone to the lengths as
detailed above?
I have already completed these steps: http://community.office365.com/en-us/forums/148/p/228263/709905.aspx
Some possible further reading regarding Microsoft ID's and Organization ID's:
http://sergeluca.wordpress.com/2013/09/23/sharepoint-online-and-external-users-this-invitation-has-already-been-accepted-with-another-account-bug-or-feature/
Please let me know if you need any more information regarding this issue, and thanks in advance to anyone who can shed some light on this situation for me and anyone whom encounters it in the future.
Regards,
Evanly.Hi Scott,
Thank you so much for taking the time to read and respond to my issue.
Certainly, it makes sense that regardless of where the invitation it sent, the user would authenticate with their Microsoft ID.
In my case, I want the user to authenticate using their Microsoft Organisation ID, that they use for their seperate Office 365 account.
This is the way I was able to log in, and worked great. With my client, they are unable to access Sharepoint because once they sign in with their Microsoft Organisation / Office 365 ID, they are told they are not in the directory, because their Microsoft
ID is in the directory and it doesn't match up.
I am simultaneously trying to 1) Remove all traces of this users Microsoft ID, which so far using the above steps, has been unsuccessful; and 2) Invite the user using his Microsoft Organisation ID, and have him authenticate with that (which is proved to
work, as my account uses this).
Looking forward to any more suggestions. Thanks in advance! -
How can I Manage Multiple Users?
My wife and I both want to organize and edit our digital photos with PSE10. Up until now, I have managed all of our photos by myself, and I have synchronized all data on both of our computers (and backed up all of our data to an external harddrive). Now that my wife also wants to organize and edit our photos on her computer, I am finding it difficult to synchronize the PSE Catalogs and photos on our two computers. So, I am looking for a better procedure.
Should I (and can I) keep my PSE Catalog & Photos on:
(1) an External Harddrive (which would be connected to only one computer at a time, while that computer user is organizing and editing photos), or
(2) on a Home Network location where both users could access the photos for organizing and editing (with a "lockout" for photos which are being edited by the other computer user)?
Are there other good or better procedures for managing multiple users of PSE?
My computer is running Win7 Home Premium 64-bit.
My wife's computer is running Windows Vista Home Premium 32-bit.Thank all of you for your replies.
Re SOFTWARE CHOICES:
I decided that my wife and I will each use different software on our different computers.
I decided NOT to upgrade my wife's software from "Windows Live Photo Gallery" (WLPG) to "Adobe Photoshop Elements 10" (PSE). After a detailed discussion of my wife's wishes, I discovered that she only wants to (1) move our pictures into folders, (2) cull the pix, and (3) create "Album" folders (with only our most memorable pix) to be printed as 8.5" x 11" pages for the Albums. She wants me to crop, edit, add captions, and print the Album pages. See the image at the bottom for our current Photo Mgmt Plan.
I will continue to use "Lightroom" (Lr).
Re SYCHRONIZATION:
I decided that we both can use the same picture files. I use "GoodSync" to sychronize files between my computer and my wife's computer (and between my computer and my backup HDD).
My wife's "WLPG" does NOT appear to use a database. My changes (including "Keyword" edits or adds) show up in her "WLPG" program, when picture files have been changed by myself in "Lr" and sychronized with her computer.
After my wife adds folders and/or changes the folder contents, I sync her computer with mine. I open her folders (which are now also on my computer) in "Lr", and "Import" any of her new and duplicate pictures into "Lr". Surpisingly and thankfully, the pictures that have been moved to a new folder by my wife do NOT show up in "Lr" in the previous folder (i.e. I do NOT have to find and delete any "Missing" images which were in the previous folder location).
Re MULTIPLE USERS OF A DATABASE:
I do not need to use this now, but I read that "Lr" is designed to work with the "Lr" database (and pictures) on an external HDD.
Thank all of you again for your very helpful replies. -
SharePoint 2013 CAL and External users
Hi,
We are setting up an extranet site(SharePoint 2013 standard version) on Rackspace, Both employee and non-employee will use this site. Employee will use company existing SAML 2.0 based authentication and non-employee will use FBA to login to
the portal.
I would like to know if we need to buy CAL for external users(non-employee)? What is the definition of external users?
Thanks,
PatCheck out this post and this should answer all you questions.
http://social.technet.microsoft.com/forums/sharepoint/en-US/0756aaa7-b307-4793-b019-bc58d4ace8b2/sharepoint-foundation-fba-on-internet-licensing
Thanks, Danny Hickman IT Support Specialist -
Hello all, first of all thank you for reading this post. Please bare with me, I am new with this environnement. I have had several problems in past week trying to configure a local sharepoint server 2013, most of it went well but now I am stuck and I badly
need help! I intend to make sharepoint available through the Ethernet connection in my office.
Here is my config:
Sharepoint 2013 (local)
Microsoft SQL 2012
Microsoft Server 2012
I am able to access the sub-site I created in the Sharepoint Central Administration Web Application.
My first problem is, I created another Web Application with the following URL config http://intranet.[domain].com but I am not able to access it through my browser. It seems to point to bad IP I probably configured accidentally a CNAME on my hosting Cpanel
with the IP 192.168.1.199. So, When I ping the URL I do not get any connection. Just that it couldn't connect to 192.168.1.199. Now I added a CNAME on my CPANEL for the URL http://intranet.[domain].com --> 127.0.0.1. Is this the correct way to do it?
More information: The DNS manager has been configured following this tutorial:
Create SharePoint 2013 Web Application
http://www.youtube.com/watch?v=yW7LT99eUMs
I am not too sure of the proper configuration for the IIS Manager.
Anomymous Authentication is enabled
Windows Authentication is enabled
Everything else is disabled.
My second problem is that I cannot invite any user to the site. Even the one that have the email corresponding to our domain. Will I be able to invite parent domain users if the Web Apllication is properly configured with the CNAME on the Cpanel?
I tried to activate the External user invitation feature from Site Collection Features but it's not in the list. I am logged in as an administrator but next to the wrench it says "System Account" (with an arrow pointing down) so I guess this is
the "logged in user as..."? Am I missing something here?
Any advices would be greatly welcomed. I've run out of ideas.
Much appreciated,
HerbHello Ramu, thank you for your fast reply.
Quote Ramu: "You have to create A record called intranet.your-domain.com points to your SharePoint Server
IP and also loop back ip address in the host file entry on the SharePoint server(127.0.0.1 intranet.SharePoint.com)"
Is this a record on our corporate website Cpanel? What should I put in the "Address" field of
the Record (we do not have static IP)?
For the loop back, is this on the DNS Manager of our local Sharepoint 2013 server?
Quote Ramu: "3.
if you want to publish this externally, then your site needs to publish in your Network and it should points to your public static IP in your public domain control panel(Cpanel)."
In the first scenario where I only want intranet access, should everything be OK with the above mentionedconfiguration a DNS Record:
Which address should it be for the record?
Should I assign a fix IP to our server like 192.168.1.55?
What if another desktop computer gets an IP conflict with the server
fix IP, or what if we have to shut down the server everyday will the server IP change ?
General question: From what I understand, it is possible to put a DNS Record on the public Cpanel from our corporate website with a local IP that will only be resolved
if accessed through the local network? Ex.: Name: intranet.[our-corporate-public-domain].com, Address: 192.168.1.55 ?
Much appreciated RAMU.
Regards,
Herb -
SharePoint tool to create External Users and Groups
Our organization is currently looking for a product that will allow us to create user account and group for users outside the organization (e.g Clients, subcontractors, etc.) and that will only need to access to our external SharePoint Collaboration site.
We have one product right now but it is very problematic. For example if one of our clients need to change their email address which is their username it won't allow it so the account has to be re-created with the new email address and the permissions re-configured
all over again. The groups created using the tool called Roles most of the times don't work. We are testing our SharePoint 2013 environment so we thought it is a good time to find something new. If you know of some products that I can check please let
me know. I will really appreciate itHi,
According to your post, my understanding is that you wanted to create user account and group for users outside the organization.
External User Management seems to be a solution. It allows for easy management of external users and roles.
More information:
http://ventigrate.codeplex.com/wikipage?title=External%20User%20Management
Best Regards,
Linda Li
Linda Li
TechNet Community Support -
How to hide some folders in a woprkspace from some external users?
Hi
We manage a workspace that has both Internal external users. We have a requirements in a way that external users can only see some folders they have access to. What is the best way to accomplish.
I reviewed an article in "How to" section which describes how to use ACLS to hide some folders from certain users (https://beehiveonline.oracle.com/External_06_howto.html).
But this process is cumbersome as we need to go to exh folder and revoke permission for selected users. And also if we add any new folders to the workspace that folder will default be accessible to the external users also. We want by default any new folders do not have access to this group of users except the ones we provide access to.
How can we do it?
Regards
Ram UppuRam,
We have a new process which is much more easily used - the https://beehiveonline.oracle.com/External_06_howto.html page has been upfdated to show the new process.
phil -
Sharepoint 2013 online/office 365.
I am creating site collection programmatically using sharepoint Auto hosted app.
Now i want to set "Allow external users who accept sharing invitations and sign in as authenticated users" programmatically after site collection creation.
Is it possible through code? If yes please let me know how to do it?
Najitha SidhikFor SharePoint 2013 Online, check below links:
http://office.microsoft.com/en-us/office365-sharepoint-online-small-business-help/manage-sharing-with-external-users-HA102849862.aspx
http://office.microsoft.com/en-us/office365-sharepoint-online-enterprise-help/manage-external-sharing-for-your-sharepoint-online-environment-HA102849864.aspx
https://www.nothingbutsharepoint.com/sites/eusp/Pages/SharePoint-Online-2013-Sharing-with-External-Users.aspx
http://blogs.office.com/2013/11/21/sharepoint-online-improves-external-sharing/
Please ensure that you mark a question as Answered once you receive a satisfactory response. -
External user - no subscription found
Hi,
I added an external user (=> using a Microsoft ID) in my Azure AD. When this user tries to access our Azure Administration Link, there is no subscription found for him.
I made this user an Administrator for Azure, but with no success.
Any idea what is wrong here?
Any help is highly appreciated,
thanks a lot in advance
AlexHi Alex,
When you say you made the user Administrator for Azure, did you make then user an admin of Azure AD or of the subscription? The user needs to be a co-administrator of a subscription in order to sign in to the management portal, via Settings > Administrators.
See http://msdn.microsoft.com/en-us/library/azure/dn629581.aspx.
Thanks,
Justin [MSFT] -
Hi,
1) Internal User expected exception:
Exception: Payments,apply credits,disputes and print are not supported when multiple customer/currency transactions are selected
2) External User is throwing below error instead of throwing above exception.
Error
You are trying to access a page that is no longer active.
The referring page may have come from a previous session. Please select Home
to proceed.
found this MACCHECK from fnd logs of external user payment.
MACCHECK: . Parameter failing validation is :mode. The parameter mode with value MultiPay could not be recognized as part of Server's response on the previous request. Incoming URL is : /OA_HTML/OA.jsp?page=/oracle/apps/ar/irec/endeca/webui/EndecaDummyPG . Current URL is : /OA_HTML/OA.jsp?page=/oracle/apps/ar/irec/endeca/webui/OIREndecaCustHomePG&akRegionApplicationId=222&_ti=1125493452&oapc=10&retainAM=Y&addBreadCrumb=N&oas=6-LL4ndIUFLX-2zjQAQD6A.. . Referer URL is : https://<hostname>:4443/endeca/web/ar/customer?doAsUserLanguageId=en_US&languageId=en_US . HTTP Request Method is : POST
can someone please help.
Thanks,
RRSWell, I compared my classpath between my windows batch file and the
makefile (that comes with the samples installation) on Solaris and realized
that I am using different sets of jars.
So, I removed the extra jars from the makefile to narrow down the
problem. If I remove the /opt/SUNWam/lib/servlet.jar from the makefile,
I can reproduce this problem on the Solaris box as well.
When I include this servlet.jar on my windows machine the program works!
Only jars I have in my classpath are amclientsdk.jar and servlet.jar which
I have copied from my installation (/opt/SUNWam/lib) on the Solaris box.
Just the same way, by copying the am_services.jar, saaj-api.jar, and jaxm-api.jar,
from the Solarix box to the windows machine,
I am also able to pull the assertions from the Access Manager.
I installed Sun Java Enterprise System 2005Q1 on a Solaris 10 machine.
During the installation, I configured to install the Access Manager
in Sun Application Server.
Why do I need to have different set of jars on the windows machine
for the Access Manager client SDK ?
Could you please point me to a download link where I could download
the correct Windows Access Manager Client SDK for
Sun Java System Access Manager 6.0 (Sun JES 2005Q1)?
Thanks. -
RDS - .local domain and external users. Best way to get rid of SSL warnings
I am evaluating MS RDS as a possible solution for a VDI implementation at the college I work for. When we setup our AD years ago we set it up as a .local domain. I am running into issues with the .local machine name on the connection broker for
external users. I know for internal domain systems we can setup the self signed .local cert as a trusted root cert to bypass the self signed untrusted warning but for the bulk of our users which will be using systems external to our domain they
will get the SSL warning about the self signed certificate when they try to connect to a remote app or a desktop.
Initially I thought if I setup a local AD CA that we could setup a trust relationship with the SSL cert. After further reading I believe that this would only work for systems internal to our domain and we would still have the issue with external devices.
The other option would be to tell our users to click the box to never display the warning message again and to go on or to add the self signed cert to their trusted list. Of course when ever you ask the user to do something there will be issues. We
have also found that in our testing that we can not seem to connect via the web portal with a macbook. We get an error that there is a problem with the trust relationship with the server after we login and click on an app or a desktop to connect. We
have been able to connect with iOS devices.
We could of course rename the .local domain to a .edu domain which would permit us to use our wildcard certificate but that is a major undertaking that we don't want to cross at the moment. I think I might have some up with a solution and wanted to
bounce the idea off of those on this forum.
If we setup a second domain on campus that is not a .local. Join the non internet facing RDS systems to this new domain that would have a SSL cert that was trusted and then setup a full trust relationship between the two domains such that users and
systems in one domain could communicate with the systems in the other domain would that remove the certificate warnings for external users?Hi AKlein,
Initially I thought if I setup a local AD CA that we could setup a trust relationship with the SSL cert. After further reading I believe that this would only work for systems internal to our domain and we would
still have the issue with external devices.
Just add the root CA certificate of the internal CA into Trusted Root Certification Authorities store on external clients manually (or through group policy if there is an external domain), then SSL certificate warning would be gone.
We could of course rename the .local domain to a .edu domain which would permit us to use our wildcard certificate but that is a major undertaking that we don't want to cross at the moment.
Yes, renaming domain is not recommended due to its complexity.
If we setup a second domain on campus that is not a .local. Join the non internet facing RDS systems to this new domain that would have a SSL cert that was trusted and then setup a full trust relationship between
the two domains such that users and systems in one domain could communicate with the systems in the other domain would that remove the certificate warnings for external users?
If you are setting up a new domain with two way trust, then root CA certificate of the internal CA still needs to be distributed manually (or through group policy). If you are setting up a child domain, then enterprise CA would be trusted within the same
forest.
As long as there are enough external users and devices to manage, an external private network exists and extra domain management tasks are acceptable, then setting up a new domain is a good choice since domain provides secure boundary.
Or, you could just create a new site from the other network location, which saves you from creating a new domain, new users and trust.
Best Regards,
Amy
Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected] -
UCES licensing - External Users
Has anyone had experience in regards to external user licensing and UCES. For example, I have a customer that will want to use the customer e Services. I have them create the user id and password, and they are able to perform the e services. Is this external user considered an SAP user and impacts to my licensing ? for example I may have 5000 people sign up for e Services in one month, ? how does that impact licensing from an SAP/Database level. Do I need a specific SAP License for this type of external user ? I have an SAP UCES solution and it's using an Oracle Db, and the UME to manage the users ?
Any help appreciated. ...Andrew:
With the caveat that I am not in licensing...
E-services users are not considered users for licensing purposes (at least in terms of for SAP seats - vaguely similar to how HR ESS is licensed - people enter time but are not considered professional users unless they . The individual e-services account users have identities but map in the backend to a generic e-services user.
Maybe you are looking for
-
Background program is not working properly,when i am using job_open ,submit
hai , i am using job_open ,submit and job_close for scheduling one program background and use submit to another program ,all are working properly but it is working as a forground program not as abackground program. i want to work it as a background p
-
Can I transfer apps on an ipad account to another account?
Okay so on our ipad, the account that was there to download apps and games are my mom's account and I also bought some games since she let me and lets me use her ipad and buy things on it. but i want to make a new account with my own email (well i cu
-
How do i get this effect in the video 0:7 - 0:8 That the lines come together and build a logo? pls h
How do i get this effect in the video 0:7 - 0:8 That the lines come together and build a logo? pls help me http://www.youtube.com/watch?v=mfU8bZDKAMQ&list=HL1352499622&feature=mh_lolz
-
The i movie progressbar is stuck in one place for more than an hour
and under the bar written "building project" will i be able to access my projects again if I will force the program to quit?? (The last thing i did before it started to load was to mark the clips from one project and than i swiped to another project
-
Office 2007 Documents Keep asking for credentials
Hi All Gurus - Is there any issue with SP 2013 and Office 2007? We are trying to access office documents using IE 11, it prompts for credentials first time after compture reboot. Once given credentials it works fine whole day. but users who reboot th