Meeting access for external participants

Similar Messages

• SharePoint application access for external users

  Hi Everyone
  I hosted a SharePoint (2013) web application on port 29963 in Win 2012 VM.  In order to access it externally I add it to AAM  as below.
  AAM Settings
  Internal URL
  Zone
  Public URL for Zone
  http://owlag-web001:29963
  Default
  http://owlag-web001:29963
  http://intranet.owla.co.za:84
  Intranet
  http://intranet.owla.co.za:84
  IIS BINDINGS
  Allunassigned        29963
  HOSTS File
  172.18.1.205:84   intranet.owla.co.za
  Please can anybody check this settings and let me know if incorrect.
  Regards
  Prashanth
  SharePoint Administrator

  Hi Prashanth,
  check this thread, there are some things you need to do, like make sure DNS is properly configured
  https://social.technet.microsoft.com/forums/sharepoint/en-US/d106d7b1-b62d-4ec9-a7fe-521540d65bad/externalinternet-access-to-sharepoint-server-2010
  http://sharepoint.stackexchange.com/questions/42738/using-sharepoint-url-without-port-number
  Kind Regards,
  John Naguib
  Technical Consultant/Architect
  MCITP, MCPD, MCTS, MCT, TOGAF 9 Foundation
  Please remember to mark your question as answered if this solves your problem

• Accessibility for external drive.......

  Ive just purchased one of these external hard drives......
  http://www.currys.co.uk/gbuk/iomega-minimax-desktop-external-hard-drive-2-tb-sil ver-and-white-07023323-pdt.html?srcid=867&xtor=AL-89
  It will sit under my Apple Airport Extreme Base Station, and will be connected to the AEBS via USB. I can then connect my other drives into the back of this new one, as and when need be, due to the built in hub.
  Anyway, if I partition the drive and move my iTunes media onto the drive - I will be able to access it fine from my system - but if I purchase an Apple TV, for example, will it be able to connect to the iTunes library on the external drive, without my MacBook being switched on?? So, in other words, would the Apple TV see the media n the external drive completely independently without relying on another system running iTunes itself?

  IftiBashir wrote:
  Would the process be the same as if the drive was connected directly?
  yes.
  with the drive connected to the AEBS and mounted on your desktop, i would copy the entire iTunes folder (not just the iTunes music folder) over.
  then, launch iTunes while pressing option on your keyboard. when prompted, click on +choose library+ and select the iTunes folder you just copied to the airdisk.
  Or would I be better off connecting the drive directly initially for the transfer, then removing it and connecting it to the AEBS?
  no.
  JGG

• LSO: Instructor Portal for external instructors

  Hi,
  I would love to know, what your experience with this scenario is;
  Instructors are 3rd party and need to access the instructor portal from outside the organisation's firewall. The HCM system, of course, is on the other side of the firewall, so not accessible for the instructor.
  So, we'd need to set up the LSO or part of it outside the firewall and replicate the necessary data from the core system to this one.
  Ideally, instructors should be able to
  - see courses and delegates
  - communicate w learners in a collaboration room
  - upload material to share with learners
  - capture delegate assessments
  - see course assessments
  How do you manage the requirement to have some data outside the firewall, but as much as possible behind it?
  What are the tech options you use/considered to provide instructor access whilst guranteeing highest possible security?
  You may not use this scenario, but have similar challenges with access for external delegates.
  Any ideas and exlerience will be appreciated.
  Regards
  Sven

  Since you are asking, I myself would not feel comfortable exposing the services externally. Mainly because your "clone" system will have sensitive data and the services being exposed are part of the HR module. Although I'm not an advocate for Cloud based systems, this and also some other LSO topics are where the SAP on Premise solution really lacks behind. I'm sure there are plenty of implementations out there similar to what you are planning but that doesn't mean it's a best practice. Theoretically as long as your infrastructure is safe (firewalls, reverse proxies, SAP solutions up to date on security and properly configured, etc.), I guess you would be able implement it. I myself would look at other options (custom implementation of the required external services, mix of Cloud and on Premise, etc.).

• Configure a sharepoint 2013 site for external and internal access

  I need to configure a local install of sharepoint 2013 so that users can access it internally and externally using windows/AD authentication. The internal and external addresses are different.
  I have bound an external ip to the domain for external access.
  I have created Alternate Access mapping, and bound the host header but I get a file not found message for external access.
  Have I missed something here? why the error and how can it be fixed. Step by step process would be appreciated.

  Hi Luis,
  According to your description, my understanding is that the error occurred when accessing the site externally.
  The most common cause for this is that the IIS host header is configured incorrectly. The 404 will appear because we are hitting a different IIS web site and not the one we are intended to.
  Here is a similar issue for you to take a look:
  http://stackoverflow.com/questions/14953322/sharepoint-2013-404-not-found-while-accessing-site-collection-from-outside
  More references:
  http://technet.microsoft.com/en-us/library/cc261814(v=office.15).aspx
  http://technet.microsoft.com/en-us/library/cc263208(v=office.15).aspx
  Best regards.
  Thanks
  Victoria Xia
  TechNet Community Support

• Is there a way for my macbook air (running Lion) to access an external hard drive on my Imac (running snow leopard) specifically for Iphoto and itunes?

  Is there a way for my macbook air (running Lion 10.7.2) to access an external hard drive on my Imac (running snow leopard 10.6.8) specifically for Iphoto and itunes?

  Yes. For those two applications specifically there is sharing. This presumes both computers are on and connected to the same network.
  In iPhoto, enable sharing by (on the iMac) going to the iPhoto menu > Preferences > Sharing > check Share my photos. You can either share the entire library or only selected albums. Now on your MacBook Air, in iPhoto, go to the same preference pane and select Look for shared photos.
  iTunes has something similar. In the iTunes menu > Preferences > Sharing > check Share my library on my local network. On the other computer, look in the left column for SHARED and select the iMac. You can now play that music on the MacBook Air.
  There are other ways to share files but for those two applications this is the simplest way.
  Best of luck.

• Access to my Office 365 third-party app for external user : "a User account is not registered for the account"

  In my third-party web application of Office 365, I want to have access to the contacts, events and emails of all the users from the organizations who installed my app. The thing is I don't want that all these users have to grant me access, I just want one
  admin of the org to grant access for my app and then be able to retrieve the data I need for all the users.
  To test for one organization, I logged in as the admin and proceed to the Oauth2 authentication to retrieve the access token and in the first request (the GET one to retrieve an authorization code) i add the parameter
  prompt=admin_consent.
  With this access token, I can access the data (emails, contact, event) of the admin
  for instance for the contacts
  uri: https://outlook.office365.com/ews/odata/Users(adminemail)/Contacts
  but not the data of the other users of this org with this uri
  uri: https://outlook.office365.com/ews/odata/Users(useremail)/Contacts
  The only thing I can do is retrieve an access token for each user but it supposed that each user has to authorize the access to the app but it's very cumbersome. So, i don't see what enables the parameter prompt=admin_consent and how to use it. Does anybody
  know what it does?
  And my question is: how can I do to access the data of all the users of one organization when the access has been granted by one admin?
  Thank you!

      
  This was answered on StackOverflow by Dushyant Gill.  http://stackoverflow.com/questions/25316175/access-to-my-office-365-third-party-app-for-external-user-a-user-account-is-n/25316678#25316678
  You are sending the OAuth request to a tenant specific endpoint of Azure AD. Note the {key_provided} part of your Url - that part represents the tenantid or a registered domain name of an Azure AD tenant. Azure AD throws this error is the user signing in
  is not a user in that tenant.
  Multi-tenant applications like yours have two options:
  Perform home realm discovery yourself and send the SSO request to the correct tenant-specific endpoint of Azure AD: when a new Azure AD organization signs-up for your application, record its tenant ID, and registered domain names. On your login page, ask
  the user for their email and try to discover what Org they belong to using the suffix the email.
  Use the common endpoint of Azure AD. Instead of the {key_provided} part of the URL, use 'common'. In this case Azure AD will determine the user's tenant and sign-in the user. The token that your application will receive will still be from the user's tenant
  (iss claim).
  2 is more convenient for apps. However #1 has an advantage when the user's Organization has customized their sign-in page with the company logo etc - in the case of #1 the user will directly be taken to the customized and familiar sign-in page.
  I recommend a combination of the two: try determining the user's organization and sending them to the tenant specific SSO endpoint. If you're not able to - send them to the common endpoint.

• Configure security realm for external Access Manager in App server 8.1

  Hi All,
  I would like to protect my j2ee application using access manager running on an external host.
  I would like to configure the security realm in Sun app Server 8.1 for the external Access Manager
  external host & port of AM is:
  http://svrd234d.dnn.com.au:58765
  Please verify if these are the correct settings for the agentRealm configuration on Sun App server 8.1.
  classname="com.sun.amagent.as.realm.AgentRealm"
  property name="jaas-context" value="agentRealm"
  property name="base-dn" value="ou=People,dc=dnn,dc=com,dc=au"
  property name="hostURL " value="http://svrd234d.dnn.com.au:58765"

  Did you download AS8.1 agent under http://www.sun.com/download/products.xml?id=4266924d?
  If you can unjar am_as81_agent_2_1.jar after installing the J2EE agent, you will find AgentRealm.class under com.sun.amagent.as.realm.
  Please also note that page 161 of J2EE agent guide shows how to disable AgentRealm to better fit your agent policy mode. Check it out http://docs-pdf.sun.com/816-6884-10/816-6884-10.pdf
  Jerry

• Exchange 2010 .Disable external access for Autodiscovery and RPC

  Hi Team,
  Once i publish my Owa page in exchange 2010 .Automatically i was able to access.
  https://domainname.com/autodicovery
  https://domainname.com/rpc
  https://domainname.com/owa/oma
  I need to block access from external world to these websites.Pls help

  Hi,
  Before we go further, I'd like to confirm if you want to block external Outlook access. If yes, we can disable Outlook Anywhere since external Outlook access use Outlook Anywhere to connect to server.
  Additionally, there are three methods for external Outlook users to connect to Autodiscover service. If we don't add public A record and SRV record, Autodiscover cannot work.
  And we can separate web sites for internal access and external access and don't add Autodiscover and RPC virtual directories in the external access web site. and here is an article about OWA virtual directory, and you can refer to the article for Autodiscover
  and RPC:
  http://blogs.technet.com/b/messaging_with_communications/archive/2011/05/02/how-to-block-owa-for-external-users.aspx
  Thanks,
  Angela Shi
  TechNet Community Support

• ADFS setup for external access

  Hi all, I would like to setup ADFS for the following scenario below:
  Internal intranet:
  URL: https://intranet.acme.com
  domain: ACME
  ACME domain users: Acme\johndoe
  External Vendor:
  domain: ABC
  ABC domain users: ABC\lucysmith
  Goals: allow external vendor users ABC domain access internal intranet
  https://intranet.acme.com via SharePoint-ADFS
  Questions:
  1. Do I need to setup ADFS on both ACME & ABC domain or just one side? If it is one side, then which one - ACME or ABC?
  2. When I setup SharePoint web application for
  https://intranet.acme.com, will this URL will be served for both internal and external users or do I have to extend it as different URL for external users?
           a. If
  https://intranet.acme.com served for both internal and external vendor users, will internal user get normal NT prompt for authentication or it will redirect to ADFS login page just like external user?
           b. If we need to extend web application for external vendor user, let's say
  https://abcexternal.acme.com, will we only need to config adfs for this extended web application so external vendor user will get adfs redirect login where internal user got NT prompt for authentication?
  Thanks

  Hello
  1) you would  need to setup ADFS on ABC and configure SharePoint to consume their ADFS token
  2) I would recommend enabling a default zone for NTLM and extend that to use for your ADFS users (intranet)
  MCITP-EA | "Never test how deep the water is with both feet"

• Setting up MX Record for External email Access

  To All,
  I'm having trouble getting mail sent from external users to email accounts setup on my internally hosted server.
  I have setup my server in a Standard Configuration using the following format for my FQDN:
  server.mydomain.com (not real name)
  I have checked both Primary Zone and Reverse Zone and both check fine.
  I can send and receive email, while connected within my local domain, between users I have setup on my server using the format:
  [email protected]
  I can send email from inside the network to an outside email account, but cannot receive email from any users outside.
  I have POP, IMAP, and SMTP ports (110, 143, and 25, respectively) all forwarded to my server thru my AEBS.
  Consulting the setup guides, I have found these references to editing the MX record to allow for external email access using the [email protected] format:
  +"If you don’t want to use your server’s fully qualified DNS name for users’ email addresses, the+
  +DNS service must also include an MX record for your server. For example, if your server’s DNS+
  +name is myserver.example.com and you want to have email addresses like [email protected],+
  +the DNS service needs an MX record for your server."+....from the Installation and Setup Worksheet, page 15.
  also
  +"If you want users to be able to send and receive mail over the Internet, make sure DNS+
  +service is set up with the appropriate MX records for Mail service:+
  +A. If you have an ISP that provides DNS service to your network, contact the ISP and+
  +have the ISP set up MX records for you. Your ISP needs to know your mail server’s+
  +DNS name (such as mail.example.com) and your server’s IP address."+...from the Mail Service Admin page 22.
  My question is...how does the MX record need to be set up?
  Like this?
  10 @ mydomain.com
  Thanks for your help,
  Steve

  Camelot,
  Thanks for replying.
  1) What format do you want your users' email address in? (e.g. [email protected], >[email protected], [email protected], etc.)
  I want my users to have a [email protected] email address.
  I set up an A record as you suggested:
  mail.mydomain.com A 1.2.3.4
  My MX record was setup:
  mydomain.com 10 mail.mydomain.com
  However, I am still getting returned email from outside users. They are getting the following error:
  +This is an automatically generated Delivery Status Notification+
  +Delivery to the following recipient failed permanently:+
  [email protected]
  +Technical details of permanent failure:+
  +Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 554 554 5.7.1 <[email protected]>: Relay access denied (state 14).+
  Checking the Server Logs for IMAP I am getting these errors:
  +Jan 21 12:11:34 server imap[44121]: AOD: user opts: get attributes for user: user failed with error: -14479+
  +Jan 21 12:25:18 server imap[44236]: AOD: user opts: get attributes for user: user failed with error: -14479+
  +Jan 21 12:31:46 server imap[44473]: AOD: user opts: get attributes for user: user failed with error: -14479+
  +Jan 21 12:32:49 server imap[44499]: AOD: crypt authentication error: authentication failed for user: username (-14090)+
  +Jan 21 12:37:06 server imap[44598]: AOD: user opts: get attributes for user: user failed with error: -14479+
  +Jan 21 12:49:39 server imap[44520]: AOD: user opts: get attributes for user: user failed with error: -14479+
  +Jan 21 13:01:51 server imap[45049]: AOD: user opts: get attributes for user: user failed with error: -14479+
  +Jan 21 13:11:58 server imap[385]: AOD: user opts: get attributes for user: user failed with error: -14479+
  When I try and use an online MX Record checker to check the MX record, it says the mail.mydomain.com record is invalid.
  It's not until I change my MX record back to:
  +@ 10 mydomain.com+
  will the MX record show valid.
  Network Utility scans show the following with the MX record set to @ 10 mydomain.com:
  ++; <<>> DiG 9.4.2-P2 <<>> mydomain.com mx +multiline +nocomments +nocmd +noquestion +nostats search+
  ++;; global options: printcmd++
  ++wekrugs.com. 3600 IN SOA server.mydomain.com. admin.mydomain.com. (++
  ++ 2009011900 ; serial++
  ++ 86400 ; refresh (1 day)++
  ++ 3600 ; retry (1 hour)++
  ++ 604800 ; expire (1 week)++
  ++ 3600 ; minimum (1 hour)++
  ++ )++
  If I have it set up the way you suggested, the Network Utility and MX Checker reports that the NameServers don't respond to the entered MX record name.
  Thanks again for your help,
  Steve

• SAN certificate for external access for edge server and reverse proxy

  Hello
  I have a question related to the certificate planning for LYNC 2013 EDGE SERVER .
  For external access and mobile user's , Iwant to enable all the feature for external user's .
  im planning to purchase san certificate ,
  my first question do I need only one SAN for both my edge server and the reverse proxy ?
  my second question about the name's that shoud be added to the certificate ?
  sip.mydomain.com
  av.mydomain.com
  webconf.mydomain.com
  what else I should add ? I want to add the names for all feature access.
  Kind Regards
  MK

  Your Front End Pool should only contain front end servers, does it also contain your edge and back end? If so, this is a misconfiguration.
  If you're planning to implement high availability, you'll want a different internal web services FQDN name than your pool name (unless you load balance the entire pool with a hardware load balancer).
  You'll want your external web services FQDN to be different from your pool name if you want to use the mobile client on the internal network.  Once you've come up with a new and otherwise unused FQDN for this purpose, you'll want that as additional
  SAN on your cert.
  Since you're not using this for the internal certificate, you can also pull admin.mydomain.com and LYNC2013-FE.mydomain.com off of the cert as those are needed internally only. 
  Lyncdiscoverinternal you can leave on if you need your internal mobile clients to not throw certificate errors because they don't trust your internal certificate authority, but this name would then need to be pointed to a reverse proxy or something that
  can present the third party certificate.
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications
  This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• Restrict OWA for external access by ADFS 3.0 after business hours

  Hello Everyone all right?
  I'm trying to block access to OWA for external users except for a group of AD users that will be allowed
  I used the article https://technet.microsoft.com/en-us/library/hh526961%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396 in scenario 4, but instead of allowing the User groups it locks and the other groups are allowed.
  I have in hybrid environment office 365 with Exchange 2007 + Exchange 2103 and installed ADFS 3.0 in the organization of my customer.
  Can anyone help?
  Regards,
  Leonardo Fogaça de Almeida

  another part
  I have Office 365 too.
  Regards,
  Leonardo Almeida

• How to use sub folder paths for external table location parameter?

  is it possible to use one Oracle directory and address multiple files under some OS sub-directories beside that Oracle directory? Like;
  host mkdir /tmp/orcl_dir
  host mkdir /tmp/orcl_dir/fold1
  host mkdir /tmp/orcl_dir/fold2
  CREATE DIRECTORY ext_tab_dir AS '/tmp/orcl_dir';
  CREATE TABLE ext_all_source
      ORGANIZATION EXTERNAL (
         TYPE ORACLE_DATAPUMP
         DEFAULT DIRECTORY ext_tab_dir
         LOCATION ( 'fold1/all_source1.dmp', 'fold2/all_source2.dmp' ) ) PARALLEL 4
      AS SELECT * FROM all_source;
  ERROR at line 1:
  ORA-29913: error in executing ODCIEXTTABLEOPEN callout
  ORA-29400: data cartridge error
  KUP-04076: file name cannot contain a path specification: fold1/all_source1.dmp
  ORA-06512: at "SYS.ORACLE_DATAPUMP", line 19Thank you.
  Message was edited by:
  antu

  Justin is there a way you are aware of at operating system level to teach oracle that it has to access for example 16 different piece of files over a meta file. I saw some definition file like this but I am searching if this is the tools own mapping format;
  $ cat ./CON_PUB/main/CON_xfrm_subs_status_reason_act_lk_20080302.dat
  (object mfile_c_type
  (path "file:OBSOLETE")
  (fs "file://amanos/s01/abinitio/data/prod/mfs/mfs_16way")
  (local_paths 16
    "file://amanos/s01/abinitio/data/prod/mfs/parts/mfs_16way_001/mfs_16way/Applications/RDS/CON_PUB/main/CON_xfrm_subs_status_reason_act_lk_20080302.dat"
    "file://amanos/s01/abinitio/data/prod/mfs/parts/mfs_16way_002/mfs_16way/Applications/RDS/CON_PUB/main/CON_xfrm_subs_status_reason_act_lk_20080302.dat"
    "file://amanos/s01/abinitio/data/prod/mfs/parts/mfs_16way_003/mfs_16way/Applications/RDS/CON_PUB/main/CON_xfrm_subs_status_reason_act_lk_20080302.dat"
    "file://amanos/s01/abinitio/data/prod/mfs/parts/mfs_16way_004/mfs_16way/Applications/RDS/CON_PUB/main/CON_xfrm_subs_status_reason_act_lk_20080302.dat"
    "file://amanos/s01/abinitio/data/prod/mfs/parts/mfs_16way_005/mfs_16way/Applications/RDS/CON_PUB/main/CON_xfrm_subs_status_reason_act_lk_20080302.dat"
    "file://amanos/s01/abinitio/data/prod/mfs/parts/mfs_16way_006/mfs_16way/Applications/RDS/CON_PUB/main/CON_xfrm_subs_status_reason_act_lk_20080302.dat"
    "file://amanos/s01/abinitio/data/prod/mfs/parts/mfs_16way_007/mfs_16way/Applications/RDS/CON_PUB/main/CON_xfrm_subs_status_reason_act_lk_20080302.dat"
    "file://amanos/s01/abinitio/data/prod/mfs/parts/mfs_16way_008/mfs_16way/Applications/RDS/CON_PUB/main/CON_xfrm_subs_status_reason_act_lk_20080302.dat"
    "file://amanos/s01/abinitio/data/prod/mfs/parts/mfs_16way_009/mfs_16way/Applications/RDS/CON_PUB/main/CON_xfrm_subs_status_reason_act_lk_20080302.dat"
    "file://amanos/s01/abinitio/data/prod/mfs/parts/mfs_16way_010/mfs_16way/Applications/RDS/CON_PUB/main/CON_xfrm_subs_status_reason_act_lk_20080302.dat"
    "file://amanos/s01/abinitio/data/prod/mfs/parts/mfs_16way_011/mfs_16way/Applications/RDS/CON_PUB/main/CON_xfrm_subs_status_reason_act_lk_20080302.dat"
    "file://amanos/s01/abinitio/data/prod/mfs/parts/mfs_16way_012/mfs_16way/Applications/RDS/CON_PUB/main/CON_xfrm_subs_status_reason_act_lk_20080302.dat"
    "file://amanos/s01/abinitio/data/prod/mfs/parts/mfs_16way_013/mfs_16way/Applications/RDS/CON_PUB/main/CON_xfrm_subs_status_reason_act_lk_20080302.dat"
    "file://amanos/s01/abinitio/data/prod/mfs/parts/mfs_16way_014/mfs_16way/Applications/RDS/CON_PUB/main/CON_xfrm_subs_status_reason_act_lk_20080302.dat"
    "file://amanos/s01/abinitio/data/prod/mfs/parts/mfs_16way_015/mfs_16way/Applications/RDS/CON_PUB/main/CON_xfrm_subs_status_reason_act_lk_20080302.dat"
    "file://amanos/s01/abinitio/data/prod/mfs/parts/mfs_16way_016/mfs_16way/Applications/RDS/CON_PUB/main/CON_xfrm_subs_status_reason_act_lk_20080302.dat"))or at least a symbolic linking strategy may handle this, but I couldn't figure out how and of course this will have its own costs of course to manage.

• SSO for External application not part of the portal framework

  Greetings,
  I am desperate!!!
  I am trying to do the following:
  I have a pl/sql application that presents to the user a set of external applications links.When the user activates a link, I would like to make a call the SSO server so it can do external application login.
  I know I can configure the external applications as described in the SSO admin guide.
  Unfortunately the API to query the SSO server for external application mapping is not public.
  ANY IDEAS ON WHERE I CAN GET THIS INFO??
  Every thing I have read says that external applications can be accessed through Portal. This is not my case. I can use any packages or classes available by the SSO server to portal, but MY APPLICATION IS NOT A PORTAL.

  I have similar kind of requirements for Single sign-on to external web applications.
  But in my applications I have to auto-generate random userid & password for different external web applications.
  These uids & password are exported to external applications, which upon recieving creates user in their applications.
  So, actual user will never have access to these credentials(uid &pwd).
  So, how can I cutomize the Portlets to do the first time SSO when user is created & their credentials to external apps are stored to OID.
  Any idea Barry..
  Bye