Got MMR working, need to enable SSL (for both for MMR and external access)

Similar Messages

• Use Same URL for Internal and External Access for CRM 2015 IFD

  I have setup a CRM2015 server for IFD access.
  ADFS and CRM are on separate servers.
  CRM server all roles
  ADFS 2.0 server.
  Using the internal URL I am able to access CRM without entering my details (as expected)
  Using the external URL I am authenticated by ADFS as expected and can sign in.
  We have an internal domain domain.local
  We have an external domain domain.com (the certificate is for *.domain.com)
  We have a DNS zone created internally for domain.com.
  CRM URLs
  internal : internalcrm.domain.com
  External : externalcrm.domain.com
  I would like all users to use the same link regardless of them being internal or external, but I would like so that any user who is on the domain is automatically logged in without entering their username and
  password. What is the best way to do this?
  I have tried creating a cname record on the internal domain.com zone pointing externalcrm.domain.com to internalcrm.domain.com but that didn't work, I still get the ADFS sign in page.
  Thanks

  So fair warning, what you're asking for isn't really a supported deployment method of CRM.
  That said, you should be able to do some DNS trickery internal to your network that points your "crm.domain.com" to "crm.domain.local" and then hopefully CRM will treat the connection as if it came from an internal network.
  Otherwise, you're likely going to have to accept that everyone gets the ADFS login page internal and external to your network.
  The postings on this site are solely my own and do not represent or constitute Hitachi Solutions' positions, views, strategies or opinions.

• Single URL for internal and external CRM access when using IFD

  Hello,
  At one of our client site I have setup IFD on CRM 2011. This IFD is behind TMG. My client is a big corporation therefore all CRM components including CRM, ADFS and SQL are on separate servers.
  I have configured IFD using single url https://orgname.contoso.com Their IT staff wants to know why can't they use single URL for internal and external access where internal users are nto prompted for authentication
  when logging on to the CRM server. I know you can do URL re-write in ADFS but they want to know the reason "why internal users can't use the same IFD URL and don't get prompted for their credentials". Text below is from their IT staff.

  There are several approaches to your question.  You need to set up both an internal and an external relying party trust. If you use the external URL, it will always direct you to the signin page, if you use the internal URL, it will resolve you single
  sign on.
  I've configured IFD for CRM multiple times, and this is how it works. CRM looks at the URL. If you use the external URL (org.domain.com), it will prompt for credentials. So what you are asking for, a single URL that works single sign on internally and prompts
  externally really isn't possible.
  What I recommend is:
  1. make the external URL available internally
  2. Configure all outlook clients against the external URL, that way you won't have to reconfigure when someone goes internal to external
  3. Have users who are primarily internal use the internal URL for the web client, which will resolve single sign on
  4. Have users who are primarily external use the external URL for the web client
  For #1, since you only need to enter the credentials when you first configure CRM, it is in all effects single sign on.
  One thing I haven't tried that may work is using IIS redirect internally to redirect the external URL to the internal URL. There is also a powershell script in the IFD guide that you can use to make the outlook client switch between the internal and external
  URL's, but nothing that will give you a single URL that works as the internal relying party trust when internal and the external relying party trust when you are external.

• How to enable SSL for policy service?

  Hi all,
  My application is using SunONE's C API to communicate with the Identity Server.
  In order to enable SSL, I have changed the following lines in amconfig.properties:
  com.sun.am.namingURL = https://id01.core.development.net:443/amserver/namingservice
  com.sun.am.policy.am.loginURL = https://id01.core.development.net:443/amserver/UI/Login
  com.sun.am.policy.am.library.loginURL = https://id01.core.development.net:443/amserver/UI/Login
  After operating these changes, everything continued to work fine...but then, I checked with a network sniffer what data is being sent to IS:
  - The login and naming data were over SSL
  - Policy and session items were plain HTTP
  My questions are:
  1. How to enable SSL for policy evaluation requests?
  2. How to enable SSL for sessionservice requests?
  3. What are the changes required on the server/client?
  Many thanks,
  Dan

  There might a better different forum for this question.

• I need a serial Number for lightroom and photoshop. Its working on the imac already, I am paying. Now want to install on the mac book. There are no adobe-mails...

  I need a serial Number for lightroom and photoshop. Its working on the imac already, I am paying. Now want to install on the mac book. There are no adobe-mails...

  dear jeff,
  its both the newest versions downloaded at adobe.com <http://adobe.com/>
  after testing i signed the contracted and i am paying
  the mail with the serial number got lost
  both apps are working on my imac
  now the should be installed on my book
  there are no informations in creative cloud about my problem.
  Am 04.03.2015 um 22:41 schrieb Jeff A Wright <[email protected]>:
  I need a serial Number for lightroom and photoshop. Its working on the imac already, I am paying. Now want to install on the mac book. There are no adobe-mails...
  created by Jeff A Wright <https://forums.adobe.com/people/JeffAWright> in Creative Cloud Download & Install - View the full discussion <https://forums.adobe.com/message/7252990#7252990>
  Berndh38291059 what version of Photoshop and Lightroom are you installing?  Do you receive any specific error messages?
  If the reply above answers your question, please take a moment to mark this answer as correct by visiting: https://forums.adobe.com/message/7252990#7252990 and clicking ‘Correct’ below the answer
  Replies to this message go to everyone subscribed to this thread, not directly to the person who posted the message. To post a reply, either reply to this email or visit the message page:
  Please note that the Adobe Forums do not accept email attachments. If you want to embed an image in your message please visit the thread in the forum and click the camera icon: https://forums.adobe.com/message/7252990#7252990
  To unsubscribe from this thread, please visit the message page at , click "Following" at the top right, & "Stop Following"
  Start a new discussion in Creative Cloud Download & Install by email <mailto:[email protected]dobe-v7.hosted.jivesoftwa re.com> or at Adobe Community <https://forums.adobe.com/choose-container.jspa?contentType=1&containerType=14&container=47 86>
  For more information about maintaining your forum email notifications please go to https://forums.adobe.com/thread/1516624 <https://forums.adobe.com/thread/1516624>.
  Bernd Hoff
  Fotoproduktion
  Stoffeler Str. 26
  D- 40227 Düsseldorf
  +49 211 37 05 14
  +49 171 642 42 07
  [email protected]
  berndhoff.de

• Enabling SSL for Oracle Enterprise Manager 10.1.3.1 is Failing!!!

  Hi All,
  I have followed the steps described in
  http://download-uk.oracle.com/docs/cd/B31017_01//core.1013/b28940/em_app.htm#BABCEEAH.
  However when I am trying to start the application server using 'opmnctl startall' the server is not starting and some timeout is getting generated in the log file.
  Is it that enabling SSL will only make the EM console secured? Then how to enable SSL for other soa components like - BPEL,ESB,OWSM? Are there any documentations available?
  Also please let me know how can I enable SSL for Oracle Application server console?
  Please any advice will be appreciated. I am in the middle of a project delivery.
  Thanks

  Hi,
  Let me first highlight the installation that I have done. I have installed SOA components with 'basic installation' mode.
  The log file under <ORACLE_SOA_HOME>/opmn/config/ has generated the following stack:-
  08/07/25 11:03:34 Start process
  08/07/25 11:03:37 WARNING: XMLApplicationServerConfig.overwriteSiteConfigPort Port assignment is ignored: web-site not found in the server OC4JServiceInfo id: default-web-site protocol: http hostname: null port: 8890 description: null
  08/07/25 11:03:37 WARNING: XMLApplicationServerConfig.overwriteSiteConfigPort Port assignment is ignored: web-site not found in the server OC4JServiceInfo id: secure-web-site protocol: https hostname: null port: 1156 description: null
  08/07/25 11:03:47 log4j:WARN No appenders could be found for logger (wsif).
  08/07/25 11:03:47 log4j:WARN Please initialize the log4j system properly.
  08/07/25 11:03:53 WARNING: OC4J Service: ascontrol-web-site with protocol: https and port: 1156 was not declared in opmn.xml
  08/07/25 11:03:53 Oracle Containers for J2EE 10g (10.1.3.1.0) initialized
  08/07/25 11:03:53 WARNING: OC4J will not send ONS ProcReadyPort messages to opmn for service: OC4JServiceInfo id: default-web-site protocol: http hostname: null port: 8890 description: null
  08/07/25 11:03:53 default-web-site hostname was null
  08/07/25 11:03:53 WARNING: OC4J will not send ONS ProcReadyPort messages to opmn for service: OC4JServiceInfo id: secure-web-site protocol: https hostname: null port: 1156 description: null
  08/07/25 11:03:53 secure-web-site hostname was null
  On the command prompt I am getting the following error:-
  opmn id=CALTP8BB32:6203
  0 of 1 processes started.
  ias-instance id=home.CALTP8BB32.cts.com
  +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  ias-component/process-type/process-set:
  default_group/home/default_group/
  Error
  --> Process (index=1,uid=301928631,pid=2944)
  failed to start a managed process after the maximum retry limit
  Log:
  D:\product\SOASuite\opmn\logs\\default_group~home~default_group~1.log
  --------------------------------------------------------------+---------
  ias-component | process-type | pid | status
  --------------------------------------------------------------+---------
  OC4JGroup:default_group | OC4J:home | N/A | Down
  ASG | ASG | N/A | Down
  Please let me know where am I going wrong?
  Thanks,
  Mandrita.

• Hello, I've got a Upgrade-Version of CS5.5 for Windows and changed to a Mac. Now I need the Mac-Version. I tried to install the Download from Adobe. Unfortunatly it didn't accept my password. I guess cause of the Upgrade-Version or the Windows Version I o

  Hello, I've got a Upgrade-Version of CS5.5 for Windows and changed to a Mac. Now I need the Mac-Version. I tried to install the Download from Adobe. Unfortunatly it didn't accept my password. I guess cause of the Upgrade-Version or the Windows Version I own. My System: Mac OS X 10.6.8, 2,8 GHz. Thanks for answers! Greetings, Eva

  Here is a link to the info regarding platform swaps.
  Order product | Platform, language swap
  If you want to try to contact Adobe support to try to get an exception, Start Here  after selecting relevant responses choose "Still need help? Contact us." and the chat contact (or phone) option.

• Enable SSL for URL context

  I'm unsuccessful in my attempts to find documentation that details how to enable SSL for URL (context) in Apache. I currently have https secured communication enabled between clients and the oracle http server, but i would like to also extend this security to individual app components like the OWSM control, gateway, policy manager, etc. Please help if you know how to setup SSL for URL in Apache.
  Thanks in advance.

  Pl see if this MOS Doc can help
  How To Configure SSL For Discoverer 11g [ID 1359491.1]
  HTH
  Srini

• Enable SSL for SQL used by ConfigMgr

  Hello guys,
  My DBA has decided to enable SSL encryption for an instance of SQL Server that is in use by our ConfigMgr.
  some background setup: Windows 2008 R2, SQL Server 2008, ConfigMgr 2007 R2
  My question is, how is enabling SSL for the SQL server will affect our ConfigMgr environment?
  Is there's anything I should change in ConfigMgr in case the SSL was enforced e.g all communication should use https instead of http?
  Sorry for being blunt here as we don't have this SSL on SQL setup before.
  Please share your suggestion & thoughs, really appreciate it! Thank you.
  ---Pat

  Just another reason not to use a shared SQL Server.
  First, I would bring this up as an issue to management -- folks shouldn't just be able to change configuration on something that your system depends upon without it being approved by you. There are ramifications and costs associated with any change such
  as this.
  Next, as far as ConfigMgr goes, I've never ever seen a discussion on it so doubt that it is supported; however, ultimately, the actual SQL connection is just something used by ConfigMgr, not created or controlled by ConfigMgr. ConfigMgr uses a System DSN
  based ODBC connection to connect to the DB on site system's with roles that directly connect to the DB. Thus, *in theory*, you could modify the connection string to use SSL.
  If you can't convince management that what the DBA did was reckless and costly, then you should open an advisory case with Microsoft via CSS to discuss your options -- this will cost $$$.
  Jason | http://blog.configmgrftw.com

• I have been working on a wedding slideshow for days and have over 3,000 pictures in albums on iPhoto.  It suddenly will not open without upgrading to Aperture and I can't find any of my photos!!!!

  I have been working on a wedding slideshow for days and have over 3,000 pictures in albums on iPhoto.  It suddenly will not open without upgrading to Aperture and I can't find any of my photos!!!!  I need these photos, to complete the video, not to mention I don't want to lose them. I have had trouble ever since upgrading  to Maverick.

  Try the following:
  1 - launch iPhoto with the Command+Option keys held down to open the First Aid window.
  2 - Run Option #4, Rebuild Database.

• I have no sound for games in my iPad. I have tried the reset but it does not work. The speakers work as I have sound for music and videos.

  I have no sound for games in my iPad. I have tried the reset but it does not work. The speakers work as I have sound for music and videos.

  Try this  - Reset the iPad by holding down on the Sleep and Home buttons at the same time for about 10-15 seconds until the Apple Logo appears - ignore the red slider - let go of the buttons. (This is equivalent to rebooting your computer.) http://support.apple.com/kb/ht1430
  Check your settings. The iPads have a small switch on the right edge. http://support.apple.com/kb/ht1430 It can be used as a rotation lock to keep the screen from automatically reorienting itself as you move around, but you need to have the tablet’s settings configured properly. That same switch, right above the volume buttons, can also be set to function instead as a mute button to silence certain types of audio.
  If the switch is set to work as a mute button, you can change its purpose to “screen-rotation lock” by tapping the Settings icon on the home screen. On the Settings screen, tap General on the left side, and on the right side of the screen flick down to “Use Side Switch to.” Tap to select Lock Rotation or Mute to set the button’s function. Even if you set the side switch for your preferred use, you can still mute the Mini or lock the screen. Just double-click the Home button, and when the panel of apps appears along the bottom edge of the screen, flick the row from left to right with your finger. Tap the icon on the far left side of the row to either lock the iPad’s screen or mute the iPad’s alerts, notifications and sound effects. Music, podcasts and video are not muted unless you turn the volume all the way down.
  iPhone: No sound or distorted sound from speaker
  http://support.apple.com/kb/ts5180
  iPhone: Can’t hear through the receiver or speakers
  http://support.apple.com/kb/ts1630
  http://www.atreks.com/app-no-sound-on-ipad-4-%E2%80%93-what-to-do/
  To solve some sound problems, just follow these simple steps
  1. Go to Settings
  2. Tap on General
  3. Tap on Reset
  4. Tap on Reset All Settings
  What this effectively does is to reset some of your Settings to factory default. It’s not a complete removal of settings. It removes all of your preferences for Wi-Fi, Bluetooth, Do No Disturb, Notifications, General, Sounds, Brightness & Wallpaper and Privacy. It doesn’t affect your data. All of your email accounts will remain intact, as well as any SMS text or iMessages.
   Cheers, Tom

• I got a new email, changed my email for itunes and now it won't let me

  I got a new email, changed my email for itunes and now it won't let me even listen to my songs I purchased under my old email! I even got to where apple knows I changed it and they deleted my old email information. What am i supposed to do?? Please help, thanks

  Contact iTMS
  http://www.apple.com/support/itunes/musicstore/email/

• HT4796 will turbotax transfer from my broken hp laptop to a new mac or do I need to buy turbotax for mac and start over with my pc 2011 turbotax file

  will turbotax transfer from my broken hp laptop to a new mac or do I need to buy turbotax for mac and start over with my pc 2011 turbotax file

  You'd have to ask Intuit. They might give you a cross-license to download and install the Mac version.

• Help! Need a good laptop for school and editing. Budget is around $800 (Canadian).

  I'm looking for a laptop for around $800 Canadian, I'm starting a science and technology program in high school so I will need decent graphics performance for editing and 3D modelling. My budget is a bit flexible but only by around $100 for a significantly better product. I've had my eye on the Lenovo y40-80 but some people say it's great and other call it a dissapointment. I was thinking about either ASUS, Lenovo, or MSI.  Any suggestions would be helpful, Thanks.

  I own an ASUS and a MSI laptop.  A little advice for you.... Visit the store and see if you can play a YouTube video.one laptop display appears dimmer and not so brightthe other laptop does a very poor job of rendering colors (especially with skin)Can't say this is a problem with today's newer machines.  But it was something that has troubled me.

• Need RICEF Security specfifications for Interfaces and Conversions

  Hi All,
  I need RICEF security specfications for Interfaces and Conversions. Can anyone provide any input on this.
  Regards
  Plaban

  Hi Plaban,
  Thanks for the detailed explanation. As mentioned, as per my knowledge there is no specific guideline/template that you may adapt while designing the security design for the Interfaces and Conversions.
  However, the most common issues that occurs with IDOCs is with file interfaces are related to file permissions, file ownership and character conversions moving between platforms.
  Ensure that the appropriate authorization (read/write and with filters) authorization is provided. Identify the various levels of authorizations required and implement the same.
  Further, most issues with ALE interfaces are with RFC user ID permissions. Ensure that the appropriate and only the Required authorization is provided to these IDs. This way you can tighten the authorization to the specific level. You may need to completely test the functionality before implementing this.
  It is always important to understand these limitations during the functional design. If any specific additional functionality is required, you may need to have a custom based solution.
  Hope this answers your question!!
  Warm Regards,
  Raghu