Hiding the direct access to fields in a class

Similar Messages

• Can we add users to the 'Manage Access Request' field to process site access request in SharePoint Online?

  Hi,
  I have a requirement in which I have to assign couple of email ids to the "Manage Access Request" field to process site access requests. And, this is possible using server object model but I have to achieve this on SharePoint Online with the help
  of CSOM.
  There are two properties which control the access request configuration, first is "RequestAccessEnabled", a Boolean flag which turns on or off the access request feature for the site. The second property defines one or more email addresses where
  requests will be sent to. It is named "RequestAccessEmail".
  The above both properties are available for server object model but not for CSOM.
  So, is there any other workaround or way to achieve the sane in CSOM?
  Thanks,

  I don't think there is a programmatic workaround for SharePoint Online.  But the email address is just used for Notification.  Anyone with Manage Permissions can approve Access Requests.  If you create an email distribution list for the multiple
  addresses that should be notified you should be able to add the email address for the distribution list into the Access request email field using the user interface.
  Paul Stork SharePoint Server MVP
  Principal Architect: Blue Chip Consulting Group
  Blog: http://dontpapanic.com/blog
  Twitter: Follow @pstork
  Please remember to mark your question as "answered" if this solves your problem.

• Connect to the database straight from the direct access of form builder

  What do i have to put in the direct access of form builder and procedure builder to connect to the database without have to do it once i4ve enter into form or procedure builder, I know i have to put user/password and connect string but in which order or which characters do i have to use.
  Thanks in advance.

  thanks jdendas, that works with forms but not with procedure builder, if i put that it does not start the session with the procedure builder.
  Thanks anyway-

• How to use Direct Access URL in the FORM tag

  I want to substitute the pageid url (/servlet/page?_pageid=161&_dad=portal30&_schema=PORTAL30) with the direct access urls (pls/portal30/url/page/my_page) to address the pageid conflict between development server and production server.
  It works perfectly fine in the redirection code such as:
  self.location.href="/pls/portal30/url/page/next_page". But I got "Page can not be found" error message when I use it in the <FORM> tag:
  <FORM ACTION="/pls/portal30/url/page/next_page" METHOD="POST" NAME="my_form">
  Does anyone out there know how to use the direct access url inside the <FORM> tag? I am trying not to write a bunch of code just to retrieve and insert the pageid at the run time.
  Thanks in advance.
  Arthur

  Use condition. If you are validating a record, just out the desired check in the condition field for that specific item.
  Thanks
  Nagamohan

• ICS update: can I use the combination of face-lock/pattern lock and direct Access Lock?

  I just updated ICS on Bionic. I cannot use the Direct Access Lock with face-lock or pattern lock.
  Is there a way to do (well I prefer not to download apps to do it)?

  see replies in your other thread:
  https://community.verizonwireless.com/message/901528#901528

• Access metadata fields through a custom Service Class

  Hi all,
  I have to create a custom component for Oracle Content Server. I need to access metadata fields from a custom Service Class.
  Can you directly access metadata through a java class or to pass parameters (metadata fields) from a web page to java class? How?
  Are there other solutions?
  Thanks, ale

  I'm not sure if I understand exactly what you are after, but here is some information.
  If your url is http://someserver/idc/idcplg?IdcService=CUSTOM_SERVERY&Parm1=A&Parm2=B
  Then in your java code you can use the binder.getLocal method to get those values.
  String strParm1 = binder.getLocal("Parm1");
  you may have to use binder or m_binder (depends on the variable name in your specific situation).

• Network Positioning of a Windows Server 2012 R2 Direct Access & VPN Server

  Reposted moved from Windows Server Forums- Security
  Hi
  I'm in the process of creating a new active directory forest with a single domain using AD.Contoso.com to use the Microsoft example. The reason I have decided on AD.XXXXXXXXX.com is to get way from using split horizon (Split Brain) DNS. The requirements
  for our new domain are :-
  2012 R2 AD
  Direct Access & VPN
  Exchange 2013 OWA, Active Sync Outlook Anywhere (Possibly a Hybrid Config where we have on premises mailboxes and some exchange online mailboxes Office 365 etc)
  Lync 2013 ?
  SharePoint 2013 ?
  Microsoft Active Directory Certificate Services
  System Center Configuration Manager 2012 R2
  Two way trusts between old forest and new to enable Transition/Migration
  Ok so that's what I'm aiming for so now the question.
  They are allowing me to purchase a next Generation Firewall may be a Barracuda NG firewall or a Cisco ASA X series so I need some advice on what type of network topology I should configure. I've read that using the two NIC configuration for
  the 2012 R2 Direct Access Server is preferable, one nic on the internal network one on the perimeter. The problem I have with this is that it bridges the internal network and the perimeter bypassing the backend Firewall see image
  The other alternative is to dispense with the perimeter network use the Direct Access server with a single NIC and setup the NG Firewall in a three-legged config with the DA server on the DMZ.
  So all you security experts out there what would be your design for this simple domain? we don't need any HA or Load Balancing.
  Thanks
  Simon

  Ok I'm not sure we are going to get any advice on this subject but one last effort. Our budget can only stretch to one next generation firewall so I'm considering the following three legged firewall design with a two NIC 2012 R2 Direct
  Access server. If someone could validate this configuration or suggest an alternative then I would be grateful.

• Configuration of Direct Access 2012

  Good morning.
  I have tried to set up Direct Access from what I see is pretty much a 30-40 minute job, but has turned out to be something of a pain. Having followed the video on youtube for Windows Server 2012 with Basic PKI configuration and Windows 7 clients. I
  have set up a working DA server with no issues and all green ticks.
  Here's a run down.
  I have a DC (2012) with the CA already installed.
  I have a virtual DA (2012) set up with the advanced settings.
  I have a a TMG 2010 server as the firewall with a Non-Web Publishing rule designed to forward HTTPS requests to the DA on the internal network.
  The set up went as planned and I followed the instruction to set up the PKI and all computers have picked up a computer Certificate for the CA so that the internal root is validated.
  The Certificates that I chose for the DA server were as follows;
  DirectAccess-NLS.mydomain.local
  remote.my-external-domain-name.co.uk
  both published from my internal CA so that the root of the certificates were valid.
  I have a Third party wildcard cert ( *.my-external-domain-name.co.uk ) for TMG to allow other connection such as VPN and web access.
  DA Config:
  Step 1: Remote Clients
  I set up the DA server as per the video, set the DirectAccessClient group, and in the
  Network Connectivity Assistant The resource was filled in with the
  http://diectaccess-WebProbeHost URL.
  Step 2: Remote Access Server
  The Network Topology was set to Behind an edge device (with single network adapter), and then is says to type in the 'PUBLIC NAME' used by clients to connect to the Remove Access Server. Here I typed in the external DNS
  name remote.my-external-domain-name.co.uk.
  Network Adapters had the one ethernet and an IPv6 address. The
  Select Certificate sued to authenticate IP-HTTPS connections has the CN=remote.my-external-domain-name.co.uk.
  Authentication is set to AD and I used the root certificate of the CA for
  use computer certificates. I also Enabled windows 7 client computers to connect via DirectAccess.
  Step 3: Infrastructure Servers
  Network Location Sevrer had the NLS is deployed on this server with the
  DirectAccess-NLS cert.
  DNS had the internal domain and the DirectAccess-NLS. the Internal domain was pointing to the IPv4 address of the DA. I read that I need to put the external name suffix of remote.my-external-domain-name.co.uk entry in and pointed that
  to the internal DA IPv4 address also.
  DNS Suffix List was set automatically and I also added my external domain name just in case.
  Managerment was straight forward and I pointed to our System Centre 2012 R2 server.
  Upon clicking finish and applying the GPO policies everything went according to plan. All green ticks. I did a GPupdate on the client I was testing and the GPO policies came through.
  Now the issue I have is that on the internal network I get the Last Error 0x80190190 unable to connect to server. Now I am sure that this should say active as it is inside the network. I get the same error out side. When I check the DA server for
  netsh int https sh int  it returns the value that client authentication = NONE. I set it up to use computer certificates and even is I uncheck that it does not change. 
  It there a straight forward thing I missed or is it to do with publishing in TMG. Internally the direct access client will not connect as it will find the NLS in the internal DNS as I have the host record for both the server FQDN and the DirectAccess-NLS
  potining to the IPv4 address. I also have the external remote.my-external-domain-name.co.uk entry in the internal DNS to point to the internal IPv4.
  I have opened the ports for 443, 62000 on the DA for the IIS inbound and outbound. 
  I have a windows 8 client but need to test it as Windows 8 is supposed to work just like that.
  What am I doing wrong here?? Any ideas would be much appreciated. 

  Thank you for this Jordan.
  I have now got it working. The next step is to make sure my applications are all using Names rather than IP addresses.
  I have basically setup the system as per my original thread that follows, NOT in BOLD.
  I have tried to set up Direct Access from what I see is pretty much a 30-40 minute job, but has turned out to be something of a pain. Having followed the video on youtube for Windows Server 2012 with Basic PKI configuration and Windows 7 clients. I have
  set up a working DA server with no issues and all green ticks.
  Here's a run down.
  I have a DC (2012) with the CA already installed.
  I have a virtual DA (2012) set up with the advanced settings.
  I have a a TMG 2010 server as the firewall with a Non-Web Publishing rule designed to forward HTTPS requests to the DA on the internal network.
  The set up went as planned and I followed the instruction to set up the PKI and all computers have picked up a computer Certificate for the CA so that the internal root is validated.
  The Certificates that I chose for the DA server were as follows;
  DirectAccess-NLS.mydomain.local
  remote.my-external-domain-name.co.uk
  both published from my internal CA so that the root of the certificates were valid.
  I have a Third party wildcard cert ( *.my-external-domain-name.co.uk ) for TMG to allow other connection such as VPN and web access.
  DA Config:
  Step
  1: Remote Clients
  I set up the DA server as per the video, set the DirectAccessClient group, and in the Network Connectivity Assistant The resource was
  filled in with the http://diectaccess-WebProbeHost URL.
  Step
  2: Remote Access Server
  The Network Topology was set to Behind
  an edge device (with single network adapter), and then is says to type in the 'PUBLIC NAME' used by clients to connect to the Remove Access Server. Here I typed in the external DNS name remote.my-external-domain-name.co.uk.
  Network Adapters had the one ethernet and an IPv6 address. The Select
  Certificate sued to authenticate IP-HTTPS connections has the CN=remote.my-external-domain-name.co.uk.
  Authentication is set to AD and I used the root certificate of the CA for use
  computer certificates. I also Enabled windows 7 client computers to connect via DirectAccess.
  Step
  3: Infrastructure Servers
  Network Location Sevrer had the NLS
  is deployed on this server with the DirectAccess-NLS cert.
  DNS had the internal domain and the DirectAccess-NLS. the Internal domain was pointing to the IPv4 address of the DA. I read that I need
  to put the external name suffix of remote.my-external-domain-name.co.uk entry in and pointed that to the internal DA IPv4 address also.
  DNS Suffix List was set automatically and I also added my external domain name just in case.
  Managerment was straight forward and I pointed to our System Centre 2012 R2 server.
  Upon clicking finish and applying the GPO policies everything went according to plan. All green ticks. I did a GPupdate on the client I was testing and the GPO policies came through.
  I have set up TMG as per the isa.org forum  
  http://www.isaserver.org/articles-tutorials/general/implementing-windows-server-2012-directaccess-behind-forefront-tmg-part2.html .
  @ Jordan - I ensured that I had a separate external IP address for the requests from the clients to TMG as I publish websites internally.
  I used a third party wildcard cert for the IP-HTTPS connect part in DA Config Step 2.
  All the rest of the DA set up was pretty much out of the box as stated above. 

• JSP, Struts preventing direct access

  In a web application using Struts framework
  how can the direct access via the .do link can be avoided. I want users to use the button to move to the next page and i dont want to allow the direct access via do link.
  and
  when one page is visited and some work is done there. Then the user
  goes to some other page and visits the previous page. However, in
  that case my form is not initialized. How can this problem be solved?

  You can't avoid the .do link altogether. I am assuming that you have two page. First with 1.do and second with 2.do and you don't want the user to go directly to 2.do.
  To overcome this problem, you can write the logic on the second page to redirect it back to the first page. If they have directly gone to 2.do. The difference between button and the direct access is that first one can be post or get and the second one will be get call. Pls let me know if you need more clarifications on this.
  Try creating the form bean of session scope. In this case what will happen that the formbean will have the data captured earlier .. I mean aprtial of the data and that you can retrieve and set it th enext time.

• Direct Access on windows 2012 with OTP

  Hello everyone,
  i've just finished setting up Direct Access 2012 with Gemalto's OTP solution for a client,
  i have an issue though, without OTP all is working fine, and when i activate OTP with all the certificates and stuff when i enter the OTP code on my client it looks like its not validating it.
  on the Direct Access Server i get this error:
  Erreur : Challenge returned.
  source: RemoteAccess-RemoteAccessServer
  ID: 10042
  i have absolutely no errors on my radius server... any idea on why the server is rejecting my requests ?
  thanks for the help
  Hitch Bardawil

  Hi
  I deployed this scenario for a Customer of mine a few months ago with GEMALTO. It's a little bit tricky but possible. For some trroubleshooting tips have a look at one of my blog posts :
  http://danstoncloud.com/blogs/simplebydesign/archive/2013/10/26/the-0x80040008-directaccess-otp-case.aspx.
  At last for your OTP operating in Challenge/response mode. It's not possible. It's a NPS limitation :
  http://technet.microsoft.com/fr-fr/library/jj618331.aspx"The OTP
  provider used requires the user to provide additional credentials in the form of a RADIUS challenge/response exchange, which is not supported by Windows Server 2012 DirectAccess OTP."
  BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

• Routing back to Direct Access Clients - is this possible?

  Hi,
  We have been using direct access for the past few months successfully, however the one problem we are still having is we can't use programs that require a route back to the Direct Access client (such as managing a Hyper-V machine on the local lan), using SourceOffsite
  or even using Remote Desktop to remote onto a direct access client or ping the direct access client.
  Our local LAN uses Ipv4 and we can route fine to the Direct Access clients from the Direct Access Server where the tunnel terminates but not from any other machine on the network. Do I need to change the direct access configuration to allow this or do I need
  to somehow create a route on my LAN for the direct access clients?
  Thanks in advance
  David

  I found out how to do this in this useful article and tested it and it is working fine - thanks.
  http://www.packtpub.com/article/configuring-manage-out-to-directaccess-clients

• Direct Access DNS resolution local domain network

  Hey guys,
  some information to my test environment...
  My direct access server and my DC are based on Windows Server 2012 R2. The direct access server has one nic. Port 443 requests are forwarded through an firewall to the direct access server. The configuration for direct access is based on the built in assistens
  to configure it.
  On client side i am using Windows 8.1 x64.
  Now the to my problem...
  If I do an ping or a gpupdate when i am not connected to my local company network, the server responds and gpupdate/ping works fine. As soon as i am connected to my local company network i am not able to do a gpupdate or a ping (error in resolving dns).
  But i am able to use nslookup to query names.
  Anyone a suggestion where the problem could be?

  Hi,
  It seems that this problem is caused by the issue of Network Location Server.
  Does the client know that it is connected to the local network?
  When the client connects to the local network, it should show "Connected to network locally or through VPN".
  Here is the screenshot of my lab server,
  Aslo, we can use the command below to verify this,
  netsh dns show state
  The Machine location should be "Inside corporate network"  when the client is connected to the local network.
  If the client doesn't know that it is inside the corporate network, please check if client can access the Network Location Server.
  Best Regards.
  Steven Lee
  TechNet Community Support

• Direct Access for Non Domain Machines

  Hi,
  In My IT-infra, there is multiple machines that is out my Office network & Domain..
  Can we join these machines in domain via Direct Access implementation ? or for implementing Direct Access we required to join those non domain & out of office network machine to Domain first ?
  secondly, can we implement the Direct access without any public certificate purchase, and without any IPV6 configuring in internal network,machines and in servers .currently i am using IPv4  IP on all Machines & Servers.
  I have gone through the Direct Access Technet guide but i feel very complex document there ...can you please brief me about direct access implementation in simpale way, i want to implement direct access to join the internet based client machines  to
  domain and manage via/for SCCM ...
  Shailendra Dev

  Correct, DirectAccess clients must be domain joined. Also, only Windows 7 Ultimate, Windows 7 Enterprise, or Windows 8 Enterprise clients are able to be DirectAccess connected, so that may also make a difference to your situation. I see many customers deploy
  DirectAccess for those Win7/Win8 domain-joined systems, and then make use of the traditional (RRAS) VPN on the same DirectAccess server for connecting any other operating systems or non-domain-joined machines. Those would just have to launch a manual VPN connection,
  where the DirectAccess connections are of course automatically connected.
  You don't "have" to use an SSL certificate that you purchased from a public CA, but you really should. It is definitely a best practice to use a trusted public certificate on your DirectAccess server. Further, if you have Windows 8 client computers,
  you don't even need to distribute the machine certificates inside your network, but it is also a best practice that you do this anyway, to strengthen the authentication process.
  No, you do not need IPv6 inside your network at all for DirectAccess to work.
  Sounds like you might be interested in some additional reading on DA, here are the two books available on the subject:
  https://www.packtpub.com/virtualization-and-cloud/microsoft-directaccess-best-practices-and-troubleshooting
  https://www.packtpub.com/networking-and-servers/windows-server-2012-unified-remote-access-planning-and-deployment

• Cannot view history of direct access users connecting to Forefront UAG

  Hi, I'm trying to get a list of the users that have been connecting through UAG Direct Access for the past month. I've tried using the methods shown in the technet articles about monitoring of UAG Direct Access either using Powershell or the TMG event loggin
  console, using this links:
  http://technet.microsoft.com/en-us/library/gg313776.aspx
  http://technet.microsoft.com/en-us/library/gg313783.aspx
  Using the TMG event logging I see a lot of data from a few days back, even if the filter is set to 30 days, and the log is supposed to be up to 8GB in size before overwriting. The info that it shows is only about sessions to the portal trunk and not direct
  access. I know this because on the UAGModuleID column there is no there are no "connected" or "managed" sessions, all are SessionMgr, UserMgr, Filter and RDG mainly.
  Through powershell I tried running the following commands after importing the module according to the article:
  Get-Directaccessusers -showhistory $true and no results are shown.
  Get-Directaccessusers -showhistory $true -starttime "1/6/2015 8:00AM" and no results shown
  Get-Directaccessusers -showhistory $true -starttime "1/6/2015" no results
  Get-Directaccessusers -showhistory $true -starttime "1/2/2015 8:00AM" -Endtime "1/11/2015 8:00PM" no results
  Get-Directaccessusers -showhistory $true -username user = no results.
  Get-Directaccessusers -username user = no results
  the only command that shows any data is just Get-Directaccessusers but that shows the current Direct Access users, no history.
  I checked the Registry HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\e-Gap\von\MonitorMgr\sql-builtin-log registry key and it is on 1.
  Any ideas on how can I get more history data on the direct access users connecting through UAG?
  Please let me know.
  Appreciated it.
  Thank you!
  Eduardo Rojas

  Russel,
  the problem has been solved now! The final thing missing was just a check in a  checkbox.
  Below a comprehensive explanation that may help others.
  We basically did what you proposed:
  We sent a ping from one of the DA-Clients to the TS-Farm members. Since we got replies, we knew that IPv6 communication generally is okay. The answer received was an IPv6. In this scenario we had not yet given any IPv6 to the farm-members! Thus we knew it must
  be comming from the DA DNS-Proxy. There are a number of DA-GPOs and one of them is dictating the net portion of the IPv6 to be used in DA-communication, appended by a hex-translation of the target computers IPv4. Therefore the DA DNS-Proxy is taking the GPO-set
  IPv6-value, adds the IPv4 in hex and sends it  back as an ICMP echo.
  With this in place and working correctly one can ping any domain host from any DA-Client. This is configured when initially setting up DA and is handled by the wizzard. Once DA is installed this should all be in place without extra user interaction.
  We then took those IPv6 answeres and turned them into fixed IPv6es of the farm-members (each member its own IPv6). So far so good, but this is where it still did not work. Evaluation of the Connection Broker log showed that the redirect reply still included
  only the IPv4 of the target farm-member. With that (after a short while) we realized that one has to set a
  check in the Connection Brokers Settings, so that the IPv6 LAN-Connection will be used for redirects as well and not only the IPv4 LAN-connection..... How stupid is that? :-)
  But as we all know - in dealing with server configuration - you should always "know before you go". But even though you may think you do, when finally arriving you know you didn't.... And that's what we call experinece.
  Thanks to Russel for your interest and help.
  Brgds Ralf

• Stopping direct access to ECC

  we have earlier created few users in the ECC clients and the consultants are accessing it directly , now we want them to acess the system using SOLMAN only ...
  How can we stop the direct access to the ECC system , should we remove their login ID's from the ECC ..
  Please advice
  Regards

  Hi,
  You can't remove their user IDs in ECC otherwise they won't be able to connect remotely using the Trusted RFC. What can be done in that case is to distribute the saplogon.ini and to prevent its modification. Then you just have to remove the entry for connecting your ECC to prevent users from doing it.
  But whenever your SolMan will be down, the users won't be able to access the ECC...
  Hope it helps,
  Best regards,
  Stéphane.