Printer shows up for users who shouldn't see it.

Similar Messages

• Steps to deploy Lync for users who own Office 365 E1/E2 licenses, but don't have Office 365 E3, using Office Deployment tool.

  After many hours of debugging with Microsoft support the system to install the Lync Client silently can be done with a SINGLE LINE command.  The steps to take are below. It should be an easy next step to put this as GPO installation since
  it is a simple command.
  Comments appreciated. 
  side question: Why is there no Lync 2013 or Lync Office 365 forum?
  Basic steps to deploy Lync for users who own Office 365 E2 licenses, but don’t have Office 365 E3, using Office Deployment tool.
  This also applies for other Office 365 service types where the full office suite download is not included.  In April 2015 This was impossible to find online and not know by the Lync support team.
  Steps are:
  Download the Office deployment tool from
  http://www.microsoft.com/en-in/download/details.aspx?id=36778 and extract it to a folder. For this
  example we will use the \\server\sharename
  location.
  Extracting it creates a setup.exe file and it show a sample XML file.
  2. Create XML file and give it a name such as LyncEntryRetail.xml
  Note: The key is the productID that has to be the “LyncEntryRetail”. Other product IDs will download a version that needs another office 365 license. The productID “LyncRetail” needs an E3 license of Office 365.
  <Configuration>
    <Add SourcePath="\\server\sharename" OfficeClientEdition="32" >
      <Product ID="LyncEntryRetail">
        <Language ID="en-us" />
      </Product>
    </Add> 
  </Configuration>
  3. From the folder where you extracted the Office deployment tool, run the following command on the command prompt to download the source files and store them on the shared drive:
   (on single line)
  Setup.exe /download LyncEntryRetail.xml  
  (This is the name of the XML file created above)
  One can also run the same on a server share by using UNC path names such as  (on single line)
  \\servername\sharename\Setup.exe /download
  \\servername\sharename\LyncEntryRetail.xml  
  (This is the name of the XML file created above)
  4. Run the following command on the command prompt on a machine where you want to install the software: (on single line)
  \\servername\sharename\Setup.exe /configure
  \\servername\sharename\LyncEntryRetail.xml  
  (This is the name of the XML file created above)
  Once you are comfortable that it all works, you may want to edit the XML file if you want to have silent installation and add the following lines.
    <Display Level="None" AcceptEULA="TRUE" /> 
    <Property Name="AUTOACTIVATE" Value="1" /> 
  Regards
  Bart
  Bart Louwagie

  Hi Chudly，
  For the office365 issue, I also recommend you can post in dedicated forum for more efficient support:
  http://community.office365.com/en-us/f/166.aspx
  If you want to modify the powershell script, please post the current script and the issue, we will notice and continue to follow up.
  If there is anything else regarding this issue, please feel free to post back.
  If you have any feedback on our support, please click here.
  Best Regards,
  Anna Wang
  TechNet Community Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• How to pause while document printing and wait for user actions.

  How to pause while document printing and wait for user actions. (for sample: pressed button). Pause after each printed pages.

  Print page by page after considering the user actions!

• Is Azure File Service available for User who have MSDN subscritpion

  is  Azure File Service available for User who have MSDN subscritpion

  Hi Mohit,
  I responded to your other post as well, please see the approach there:
  https://social.msdn.microsoft.com/Forums/azure/en-US/f789cbeb-b01b-4cf8-ac97-513340ae7a5c/azure-file-services-not-available-in-preview?forum=windowsazuredata
  Thanks,

• Network Drive Mapping for users who have Port 445 (possibly others) Blocked by their ISP to a Server 2008 system

  Nice to see my original posts are still up.  I was hoping that in the ensuing time someone had found a solution.  At least I can now see many other posting the same problems.  :)  Thought I was losing it for a while.
  We have 100% proven that the problem (in our case) is from the ISP blocking port 445 (possibly others but 445 for SURE) with the reasoning that it prevents the spread of some Internet "worms".  It also just happens to prevent people who work
  from home from being able to map to their network drives at work.
  What I was hoping was that eventually someone would comer up with a solution for this short of having to load a server using a different OS from Windows.  The SMB protocol is the one needing port 445 as far as I can tell.  Not all ISP block
  port 445 and the laptops that use those ISP's  have no problem.  Unless they travel.  Then it is "hit or miss" as to whether the ISP for the Hotel they stay at blocks it.
  I have run multiple tests to prove that this was in FACT the problem.  Even the particular ISP in question which is a very large national ISP company freely admits they do this supposedly to prevent the spread of an unnamed Internet Worm.  It also
  happens to prevent Business use of their Internet by Home Subscribers at they cannot map to their Business Servers which also need port 445 to map.
  I have used WebDAV successfully to get around this but at a huge loss of speed and performance.  Cloud services all do essentially the same thing and all have pretty much the same loss of speed.
  If anyone has come across a method of allowing a drive mapping to be rerouted to any other port, that is the only hope I have short of changing to an alternate OS for the Office Server and even then I cant be sure until I try if it would help.  I read
  somewhere about the possibility of routing through a proxy but again, the problem would still be that the requests for mapping are expected on port 445 on the server and they will not get through even to the proxy since the originating ISP is the one blocking
  the port from the User's system. 
  Any help or suggestions would be greatly appreciated  I have posted this question now for several years with no one yet providing a working solution.  Hope burns Eternal though :)

  Yes, OwnCloud is an option as well as many others.  Even self hosted Cloud services such as the WD MyCloud all work.  The problem is speed.  JungleDisk is the best I have found so far.  I am not sure exactly what they use to allow the
  drive mapping but it seems to work faster that anything else I have found.
  VPN's don't work.  At least none of them I have tried.   I can connect a VPN with no problem.  But still cannot map a drive over it.   Actually, there are some issues with the VPN as well but these are just a matter of methodology. 
  Mapping to the FQDN works for some people while others require the public IP.  Some users on some ISP's can map using the FQDN, others have to map to the IP.  That in itself was a bit odd.
  I have tried every trick I could find including adding  the IP and/or FQDN to the Windows Hosts file on the server as well as on the client systems.  This actually did help to get the VPN to connect in some cases.  However, it still would
  not allow me to map a drive letter.
  I can create a Network Place,  This also works.  But it will not allow me to MAP that "network place" to a drive letter.  I have tried multiple utilities that allow mapping of Drive letters to almost anything but they wont work to map to a
  Network Place.
  The software that needs the mapped drive is a SQL database which runs on port 2004.  The program itself has no problems at all connecting to the server to run the database.  Even on systems which cannot map to the needed drive letter for the documents
  referred to in the database.    Users can run it and look up all kinds of material but it it is only a half-solution since the database refers to files stored in a "common-mapped" drive letter.  Which I cannot Map.
  I have tried every possible configuration of the VPN setup I could find, I have even tried a "Test System" with the NIC connected directly to the T1 Modem.  With all firewalls off and no AV software.  Even if that had worked,  there is no
  way I could run like that.  But it didn't.  Same issues.  All this did was put the blame squarely on the User's ISP which was the only reason I did it.  I had to rule out even the slightest chance that it was something in our equipment.
  This was already almost a certain fact since the same user could take their laptop to a WiFi Hotspot at a fast food restaurant and connect as well as map the drive.  As soon as they went back home, no drive.  On the ones I could convince to pay
  the extra charges, if they switched to a business connection from their ISP, No Problems.
  On most MiFi or other Cellular Internet devices, No Problem,  Although that had a habit of changing.  We had a few that worked for a while, then they got a software update for their MiFi which immediately blocked the ability to map.  Others
  it would be that some models of Cellular HotSpot units worked while other would not work even if both came from the same carrier.
  Coincidentally, we had none of these problems before two other events occurred: 
  One was the release of Server 2008 R2, (which was a kid of "surprise" change for all of us used to Server 2008 R1.  Welcomed changes, but not expected with a simple SP release. 
  The other was IPV6 finally became a reality:  June of 2012.
  This left us with much head scratching as to what was the real cause of the problem.  It took months to narrow it down to port blocking by the Outside ISP's with a 100% certainty.  Even tried reloading a system with Server 2008 R1 just to rule
  that out.  As well as disabling IPV6 on every network device.  The problem stayed with the User when Outside and which ISP they were connected to.
  Currently we are using a mix of normal VPNs for those who can run them, and CLOUD access for those who can't.  Even this is problematic since we have to keep both the local copy and the cloud copy in constant sync so that everyone sees the same versions
  of the same files on each one.
  Sorry to make this so long but I wanted to cover everything to show that we tried it all.  The only thing left short of getting the ISP's to remove the port blocks would be to find a way to route the SMB file requests around port 445 in some way. 
  I have been told that this is easy enough if using a file system other than Windows but that is not an option even if true. 
  Thanks for the updates and ideas.  I keep hoping that eventually there will be some secure method for mapping a drive letter that does not depend on having port 445.

• Trying to identify what to change for user who has permissions on a library but gets no search results from the library

  We are running SP 2010 service pack 2.
  Search is working for people in general.
  Yesterday user Y asked me why they (user Y) does not get results when they search for documents in the library. They get results back when searching other libraries.
  The library has a limited number of users who can access.
  The user is explicitly added to the library's permissions with Read permission.
  When I look inside the library at specific documents, the user is listed as having Contribute,Limited Access privs on each document.
  As an admin, I have accessed the site and performed searches and gotten results. Others on the site with various permissions get results back.
  So  it appears that search is working.
  What other things can I check - via powershell perhaps - to help identify and resolve user Y's dilemma?

  What we found is this.
  At the site level, only 4 users have access. At the library level, 3 more users were added directly and given read permission.
  These three users could see the contents of the library, read the documents of the library, but when they attempted to search the library, got "Access Denied".
  I was able to negotiate for a resolution of this problem for us to create a new SharePoint group for the site, give it Read permissions,
  and add that group to the library permissions. I informed the owner that he could check other libraries and lists and remove that group if there were things there that should not be accesible.
  I also warned him that if he were to put something confidential in, say, the announcements section, he would need to remove the group from that list as well if he didn't want the people to see that.
  So, the users now can see the results page, which is returned as a URL immediately under the site.
  There were a couple other work arounds that we could have tried - moving the shared library to its own subsite with different permissions than the parent site, or having the users use the enterprise search and to refine the results down to the specific library.
  Thank you for your question!.

• How to skip approving steps for users who are also approvers?

  We have a business need to be able to skip the approving steps for the users who are also approvers.
  For this following steps were followed :-
  1) Open .task file and go into the Assignment tab. Double click on the performer box within the routing slip, this should open the "Edit Participant Type" editor. Expand the "Advanced" section and place a check next to "specify skip rule", then click the edit icon to the right. Now enter an XPath expression that will test whether the current user is equal to the task creator.
  2) We used - isUserInRole XPath function in the "Identify Service Functions" dropdown - first param to function is the userID, the 2nd is the role name.
  We tried with hardcoded userID as well as by using
  ids:isUserInRole(/task:task/task:systemAttributes/task:updatedBy/task:id,'California')
  where 'California' is the group name (as one of the forum threads told this function works with groups).
  We also tried with swimlane roles(using bpm.getPerformer() function) but it does not work either.
  Please let me know if any one has any solution to this problem.

  session as DirectorySession = DirectorySession.currentEngineSession
  dirHum as Fuego.Fdi.DirHumanParticipant = DirHumanParticipant.fetch(session : session, id : "myUserId")
  result = hasRoleAssigned(dirHum, role : "Approver")Give that a try...
  HTH,
  -Kevin

• CSV file for users who have one-time password email address

  Hi Guys,
  I am trying to extract the list of users who have one-time password email address in FIM or users who have registered with one-time password reset authentication workflow. I need to get their email addresses in CSV file.
  Regards
  Sarwar
  Sarwar

  Take a look at:
  http://social.technet.microsoft.com/wiki/contents/articles/3616.how-to-use-powershell-to-export-all-users-who-have-registered-for-self-service-password-reset-sspr.aspx
  The script queries a WorkFlow called "Password Reset AuthN Workflow" and returns its ObjectID, then uses it to do a new query searching for "Users" with these parameters:
  AuthN WorkFlow Registered = ObjectID of "Password Reset AuthN Workflow"
  The script exports these details to a CSV.
  Also, all OTP email addresses should be stored in the "msidmOneTimePasswordEmailAddress" attribute in the FIM Portal.

• Task appearing for users who are not subordinates

  Hi All,
  I have an issue where user is getting approval messages for employees who are not his subordinates.
  I have checked the org structure, everything appears to be ok.
  Can anyone help.

  Dear Deepali,
  Kindly check the workflow settings for your approval process.
  Good Luck.
  Om.

• Critical: Personal Time Zone not showing up for users

  Hi Experts,
  There's a issue that we are facing regarding time zones for users. Even  after maintaining Personal time zones of users in there SU01, users are not able to see data in the system as per there local time zone. It is still showing in the default time zone. Is there paramter that is to be maintained for putting personal time zone into effect.
  Regards
  Rasheed

  Hi Rasheed,
  Usually when Timezone customizations are performed, the display is only converted on the screen for the end user. The actual data in DB still refers to System time zone... This conversion (Display) is supported for only a few objects like Notifications, confirmations and orders... Usually objects like change documents, logs, archived data and workcenter data does not have this conversion functionality...
  In this case, i dont think we have timestamp in MB51 as its only posting dates that get logged... You can consider posting a query in MM forum to get answers on customizations but from a security standpoint i dont think we have any way to attain this requirement....
  ~Sri

• Ftp 7.5 , hide directories for users who don't have access?

  hi, installed ftp 7.5 and have it working using AD credentials but users who don't have access to directories, see everything.  
  I'd like it so that they only see the directories they can access, like ABE.
  thanks!

  Hi,
  ABE will not work with FTP. I saw discussions on this topic during my search so please see if this could be considered as a workaround:
  http://answers.yahoo.com/question/index?qid=20090108064452AAfZWyO
  Meanwhile please understand that for FTP related questions you could post in IIS forum:
  http://forums.iis.net/
  If you have any feedback on our support, please send to [email protected]

• Creating multiple mailboxes using Powershell for users who already exist in AD

  Hi there,
  Wondering if anyone can help, I am wanting to use Powershell to run a command which references a CSV file to create a mailbox for a user who already exists in AD.
  It needs to reference the username, to ensure the correct user has a mailbox created (as mentioned they exist already in the domain), place them on a specific database (e.g DB1) and assign them an email address as well as possibly an alias email address
  too.
  Can anyone provide me the headings of the CSV file which would be needed as well as the powershell command to run. It would be great too if I could also set the quota sizes for the user at the same time of creating the mailbox, but if not possible or complicated
  I can run a script afterwards to do this. I would only want to warn them when their mailbox is 1.5GB in size and stop them sending when it reaches 2GB. 
  Thanks

  So create a csv file with the following headers and data
  UserID, Alias
  UserID should be the user SamAccountName, and the Alias is the Mailbox Alias that you want to set. Supposing that the csv file is named users.csv and located under C:\ , open the Exchange Management Console and run:
  $users = Import-Csv c:\users.csv
  Foreach ($user in $users) {
  Enable-Mailbox -Identity $user.UserID -alias $user.alias -database 'DB1'
  Set-Mailbox -Identity $user.UserID -IssueWarningQuota 1.5gb -ProhibitSendQuota 2gb 
  Please Mark As Answer if this helps
  ammarhasayen

• Custom Auto Attendant Prompts through TUI not working for users who migrated from 2010 to 2013

  In Exchange 2010, we started using unified messaging and set up Auto Attendants. We setup a admin role/RBAC for people of a security group to be able to update the message on the auto attendants. They have the UMPrompts assigned role. All of this is working
  great in 2010. We have now migrated to 2013, and the users who were migrated from 2010 to 2013 can no longer update the messages through TUI. Newly created 2013 users can and are assigned the EXASCT same permission as the users who have been doing this for
  well over a year on 2010.  When they call the AA and press #,* they are asked to provide their extension, after doing so the system tells them that extension is not correct. and asks for the extension again.  Newly created users with the same permissions
  get prompted for their PIN and can log in and change the message just fine. 
  Confirmed Bug?  anybody else having this issue?
  What would be different for this process between a user who was migrated from a previous version like 2010 compared to a newer user who has only ever existed on 2013?

  What if the migrated 2010 users are in the same DB as the system mailbox? I had a similar issue during a migration; http://www.skypeadmin.com/2014/11/10/known-issue-um-automated-attendant-tui-editing-broken-migration/
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications
  This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• FM for users who have authorization for some transactions.

  Hi there.
  Does anybody know any FM where from a list of transactions the system shows you all the user who have authorization to these transactions?
  I know that there are transactions to obtain this information, but we need a FM.
  Thanks and regards.
  Raúl.

  Hi Mahalakshmi.
  With FM SUSR_USER_DISPLAY_WITH_S_TCODE and GET_AUTH_VALUES you populate users and you get transactions. But we need to populate transactions and to get users.
  Regards.
  Raúl.

• Best practices/tips for users who are connected to A LOT of mailboxes?

  I have a user or two who seem to be connected to _everyone's_ mailbox.  This person is in recruiting, so access to other people's calendars is necessary
  for scheduling.
  Problem is, she faces multiple Outlook slow downs and lock ups on a daily basis.  She recently showed me a problem where calendars that she typically has
  access to now prompt her to "ask them to share their calendar" messages (reboots will fix this problem, for the most part).
  Taken her on and off cached Exchange mode.  We have disabled the "Download shared folders" setting, and that helped some, but issues still persist.
   She is typically the only one with constant problems (her and one other person that is in a similar situation).
  More info: we allow Reviewer permissions for everyone's Calendar for the "Default" entry.  So, she does not have full access to any one's mailbox.
   She's just viewing everyone as a shared calendar.
  Hoping there's someone out there with similar issues that have successfully tackled this problem!
  Running on-prem Exchange 2013 with three member DAG.
  Thanks in advance.

  She can use the scheduling assistant to check availability, there is no need to have other people calendars added. Remove all those calendars, compact the data file, and educate her on how to properly use Outlook. Here's a reference article:
  http://blogs.technet.com/b/ewan/archive/2012/02/10/tip-o-the-week-96-reining-back-outlook-s-file-size.aspx