SMTP for external IMAP users

When I try to send through any e-mail or phone app from outside the network I get an error on the GWIA stating - IP connection refused. I have a generic setup for the GWIA and the port open through the firewall.
What can be missing?

Check your GWIA settings. Are you allowing anonymous connections to port 25? Generally, that is a bad thing, so it probably is not.
Otherwise I would blame the firewall, but if the erro shows on the GWIA, then it is a GWIA issue.
--El
Originally Posted by jtdb2011
When I try to send through any e-mail or phone app from outside the network I get an error on the GWIA stating - IP connection refused. I have a generic setup for the GWIA and the port open through the firewall.
What can be missing?

Similar Messages

  • SMTP for external address

    Hi!
    I'm using was 620 and with transaction SCOT I have setup the node for SMTP. If I try to send a mail for a internal outlook address the system work fine, but if I try to send a mail for an external address (address with external internet provider) the system dosn't work and the error message is:
    "802 = 550 5.7.1 Unable to replay for [email protected]"
    [email protected] is an example.
    How I can send mail with SCOT for external address?
    Thank you very mutch,
    Gianluca

    Hi,
    When you create a node in SCOT, you can choose HTTP or RFC. with HTTP type node, you can only communicate over http (like sending SMS) as the description says there. To use an internet mail functionality, you need to define an RFC type node.
    With RFC type node, you will need to specify a RFC destination in the definition of the node (you can check the definition of some other nodes in SCOT by double-clicking them). This RFC Destination is nothing but a program (or a script) that is triggered from SAP for mail-send. This RFC destination must then have already been created using SM59, and must point to the right mail-send program.
    Essentially, to be able to send emails outside to public email-ids, you need to have some way of connecting to the public mail network. The exe progra (like sendmail.exe) that is configured as an RFC destination enables this on SAP. Once you send a mail from SAP, it is sent to this configured RFC destination, which runs the corresponding OS level exe to connect to the public mail network and send the mail.
    SAP doesn't provide such exe programs so you will need to procure it on your own (as far as I know). Once you have such a program, it should be possible to do the rest of the setup to have an RFC type node.
    cheers,
    Message was edited by: Ajay Das

  • Password aging for externally authenticated user

    Hello All:
    How can we implement the password aging of externally authenticated user.
    Thanks
    San~

    If the user is externally authenticated, then the password expiry should be external. E.g for the unix account.
    "When you choose external authentication for a user, the user account is maintained by Oracle, but password administration and user authentication is performed by an external service. This external service can be the operating system or a network service, such as Oracle Net.
    With external authentication, your database relies on the underlying operating system or network authentication service to restrict access to database accounts. A database password is not used for this type of login. If your operating system or network service permits, you can have it authenticate users. If you do so, set the initialization parameter OS_AUTHENT_PREFIX, and use this prefix in Oracle user names. The OS_AUTHENT_PREFIX parameter defines a prefix that Oracle adds to the beginning of every user's operating system account name. Oracle compares the prefixed user name with the Oracle user names in the database when a user attempts to connect."

  • Exchange Web Services for external O365 users w/UAG

    The client has UAG in use, currently, for OWA and EAS for the on-prem mailboxes.
    We have O365 Federation enabled right now using ADFS with proxies. ADFS is *not* behind the UAG firewall. sss.clientdomain.com resolves directly to the ADFS proxies. We've successfully tested the SSO redirect.
    With UAG in play, how will that affect Exchange Online mailbox users who are trying to get to OWA from their home PC? The UAG proxy is set for pre-auth to the internal AD DS.
    Is this going to be a problem for Exchange Online users using OWA and EAS? If so, how do I get around this? My goal is to make sure UAG is as small of a piece of this puzzle as possible, seeing it is nearing end-of-life.

    Exchange Online OWA users will likely have to authenticate twice here - once to get to the on-prem Exchange server for OWA through UAG, and then again at the ADFS Proxy, after the on-prem redirection. The alternative would be
    to provide Exchange Online users the separate URL, so as to connect directly to Exchange Online, and therefore only getting prompted for authentication once at the ADFS Proxy.
     

  • Lyncdiscover reports HTTP 500 Internal Server Error for external users

    Hello,
    I have a problem providing lyncdiscover information for external Lync users. The same address works internal (prompts for file download) so I believe the problem is UAG/TMG providing the site which is not my cup of tea. I have a working external lyncdiscover
    for other domain in the same Lync + UAG/TMG server environment. I have also checked the public DNS records few times and everything should be fine. Firewall also shouldn't be an issue since it reports the internal server error, right? Any suggestions what
    should I check?

    more information based on Lync Autodiscover Web Service Remote Connectivity Test.
    Testing HTTP authentication methods for URL https://lyncdiscover.domain1.com/Autodiscover/AutodiscoverService.svc/root/user.
    HTTP authentication methods successful.
    Additional Details
    Testing HTTP content for URL https://lyncdiscover.domain1.comi/?sipuri=[email protected] has
    token="User".
    HTTP content isn't verified.
     <label for="testSelectWizard_ctl12_ctl06_ctl00_ctl04_tmmArrow">Tell
    me more about this issue and how to resolve it</label>
    Additional Details
    HTTP 200 status received from server, but no token="User".
    Elapsed Time: 203 ms.
    The same result goes for the other domain that provides the lyncdiscover information correctly for external users. It doesn't seem to solve the root cause but might help to understand
    the problem.

  • Lync Mobile for external users not working

    Hello,
    We have Lync Server Enterprise pool with 2 front end server, 2 edge server & TMG for reverse proxy.
    PC client internally & externally working. Internal mobile users are working. But not working for external mobile users.
    I used 2 tools to check this.
    Web based connectivity analyser, it runs without any error.
    But when I use installed version of lync connectivity analyser its throws error that. Server discovery failed for secured internal channel against
    https://lyncdiscoverinternal.mydomain.com
    Also, I am able to download a .json file when you access
    https://lyncdiscover.mydomain.com

    Hello,
    Sorry for late response. My TMG server was not functioning, now it is working for lync mobile is still having problem. I am pasting the lync analyser full reports:
    Network access: NetworkAccessExternal
    Logging test parameters:
    SIP Uri: [email protected]
    User Name:
    Discovery Type: Automatic Discovery
    Selected client: ApplicationLyncMobile2013
    Starting Lync server autodiscovery
    Please wait; this test may take several minutes to complete...
    Starting automatic discovery for secure (HTTPS) internal channel
    Sending HTTP request to
    https://lyncdiscoverinternal.contoso.com/[email protected]
    Cookie  found in autodiscover response: StatusCode: 403, ReasonPhrase: 'Forbidden ( The server denied the specified Uniform Resource Locator (URL). Contact the server administrator.  )', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
      Connection: close
      Pragma: no-cache
      Cache-Control: no-cache
      Content-Length: 2040
      Content-Type: text/html
    Autodiscover: SendRequest(): the URL
    https://lyncdiscoverinternal.contoso.com/[email protected] couldn't be connected.  Complete HTTP headers:\r\n Connection: close
    Pragma: no-cache
    Cache-Control: no-cache
    Couldn't connect to URL
    https://lyncdiscoverinternal.contoso.com/[email protected] (HTTP status code Forbidden)
    System.Exception: Couldn't connect to URL
    https://lyncdiscoverinternal.contoso.com/[email protected] (HTTP status code Forbidden)
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.TerminateAD(String mesg)
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<SendRequest>d__d.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<StartDiscoveryJourney>d__0.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at LyncConnectivityAnalyzerCore.Utilities.<RetrieveUserLocation>d__3e.MoveNext()
    Server discovery failed for secured internal channel against
    https://lyncdiscoverinternal.contoso.com/
    Starting automatic discovery for unsecure (HTTP) internal channel
    Sending HTTP request to
    http://lyncdiscoverinternal.contoso.com/[email protected]
    Cookie  found in autodiscover response: StatusCode: 403, ReasonPhrase: 'Forbidden ( The server denied the specified Uniform Resource Locator (URL). Contact the server administrator.  )', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
      Connection: close
      Pragma: no-cache
      Cache-Control: no-cache
      Content-Length: 2040
      Content-Type: text/html
    Autodiscover: SendRequest(): the URL
    http://lyncdiscoverinternal.contoso.com/[email protected] couldn't be connected.  Complete HTTP headers:\r\n Connection: close
    Pragma: no-cache
    Cache-Control: no-cache
    Couldn't connect to URL
    http://lyncdiscoverinternal.contoso.com/[email protected] (HTTP status code Forbidden)
    System.Exception: Couldn't connect to URL
    http://lyncdiscoverinternal.contoso.com/[email protected] (HTTP status code Forbidden)
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.TerminateAD(String mesg)
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<SendRequest>d__d.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<StartDiscoveryJourney>d__0.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at LyncConnectivityAnalyzerCore.Utilities.<RetrieveUserLocation>d__3e.MoveNext()
    Server discovery failed for unsecured internal channel against
    http://lyncdiscoverinternal.contoso.com/
    Starting automatic discovery for secure (HTTPS) external channel
    Sending HTTP request to
    https://lyncdiscover.contoso.com/[email protected]
    Cookie  found in autodiscover response: StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
      Connection: Keep-Alive
      Pragma: no-cache
      X-MS-Server-Fqdn: SGRFLYNC1.contoso.com
      X-Content-Type-Options: nosniff
      Cache-Control: no-cache
      Date: Mon, 24 Nov 2014 13:36:49 GMT
      Server: Microsoft-IIS/8.0
      X-AspNet-Version: 4.0.30319
      X-Powered-By: ASP.NET
      Content-Length: 1065
      Content-Type: application/vnd.microsoft.rtc.autodiscover+xml; v=1
      Expires: -1
    Parsing the response for URL
    https://lyncdiscover.contoso.com/[email protected].  Full response: <?xml version="1.0" encoding="utf-8"?><AutodiscoverResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" AccessLocation="External"><Root><Link token="Domain" href="https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/domain?originalDomain=contoso.com"
    /><Link token="User" href="https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=contoso.com"
    /><Link token="Self" href="https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root?originalDomain=contoso.com"
    /><Link token="OAuth" href="https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/oauth/user?originalDomain=contoso.com"
    /><Link token="External/XFrame" href="https://lyncdiscover.contoso.com/Autodiscover/XFrame/XFrame.html" /><Link token="Internal/XFrame"
    href="https://lync.contoso.com/Autodiscover/XFrame/XFrame.html" /><Link token="XFrame" href="https://lyncdiscover.contoso.com/Autodiscover/XFrame/XFrame.html"
    /></Root></AutodiscoverResponse>
    Autodiscover URL
    https://lyncdiscover.contoso.com/[email protected] redirected to
    https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=contoso.com
    Sending HTTP request to
    https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/[email protected]
    Cookie  found in autodiscover response: StatusCode: 403, ReasonPhrase: 'Forbidden ( The server denied the specified Uniform Resource Locator (URL). Contact the server administrator.  )', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
      Connection: close
      Pragma: no-cache
      Cache-Control: no-cache
      Content-Length: 2040
      Content-Type: text/html
    Autodiscover: SendRequest(): the URL
    https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/[email protected] couldn't be connected.  Complete HTTP headers:\r\n Connection: close
    Pragma: no-cache
    Cache-Control: no-cache
    Couldn't connect to URL
    https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/[email protected] (HTTP status code Forbidden)
    System.Exception: Couldn't connect to URL
    https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/[email protected] (HTTP status code Forbidden)
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.TerminateAD(String mesg)
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<SendRequest>d__d.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<ParseResponse>d__16.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<StartDiscoveryJourney>d__0.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at LyncConnectivityAnalyzerCore.Utilities.<RetrieveUserLocation>d__3e.MoveNext()
    Server discovery failed for secured external channel against
    https://lyncdiscover.contoso.com/
    Starting automatic discovery for unsecure (HTTP) external channel
    Sending HTTP request to
    http://lyncdiscover.contoso.com/[email protected]
    Cookie  found in autodiscover response: StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
      Connection: Keep-Alive
      Pragma: no-cache
      X-MS-Server-Fqdn: SGRFLYNC1.contoso.com
      X-Content-Type-Options: nosniff
      Cache-Control: no-cache
      Date: Mon, 24 Nov 2014 13:36:49 GMT
      Server: Microsoft-IIS/8.0
      X-AspNet-Version: 4.0.30319
      X-Powered-By: ASP.NET
      Content-Length: 1065
      Content-Type: application/vnd.microsoft.rtc.autodiscover+xml; v=1
      Expires: -1
    Parsing the response for URL
    http://lyncdiscover.contoso.com/[email protected].  Full response: <?xml version="1.0" encoding="utf-8"?><AutodiscoverResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" AccessLocation="External"><Root><Link token="Domain" href="https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/domain?originalDomain=contoso.com"
    /><Link token="User" href="https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=contoso.com"
    /><Link token="Self" href="https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root?originalDomain=contoso.com"
    /><Link token="OAuth" href="https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/oauth/user?originalDomain=contoso.com"
    /><Link token="External/XFrame" href="https://lyncdiscover.contoso.com/Autodiscover/XFrame/XFrame.html" /><Link token="Internal/XFrame"
    href="https://lync.contoso.com/Autodiscover/XFrame/XFrame.html" /><Link token="XFrame" href="https://lyncdiscover.contoso.com/Autodiscover/XFrame/XFrame.html"
    /></Root></AutodiscoverResponse>
    Autodiscover URL
    http://lyncdiscover.contoso.com/[email protected] redirected to
    https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=contoso.com
    Sending HTTP request to
    https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/[email protected]
    Cookie  found in autodiscover response: StatusCode: 403, ReasonPhrase: 'Forbidden ( The server denied the specified Uniform Resource Locator (URL). Contact the server administrator.  )', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
      Connection: close
      Pragma: no-cache
      Cache-Control: no-cache
      Content-Length: 2040
      Content-Type: text/html
    Autodiscover: SendRequest(): the URL
    https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/[email protected] couldn't be connected.  Complete HTTP headers:\r\n Connection: close
    Pragma: no-cache
    Cache-Control: no-cache
    Couldn't connect to URL
    https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/[email protected] (HTTP status code Forbidden)
    System.Exception: Couldn't connect to URL
    https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/[email protected] (HTTP status code Forbidden)
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.TerminateAD(String mesg)
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<SendRequest>d__d.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<ParseResponse>d__16.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<StartDiscoveryJourney>d__0.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at LyncConnectivityAnalyzerCore.Utilities.<RetrieveUserLocation>d__3e.MoveNext()
    Server discovery failed for unsecured external channel against
    http://lyncdiscover.contoso.com/
    None, AutoInternalSecureD, AutoInternalUnsecureD, AutoExternalSecureD, AutoExternalUnsecureD, ManualDNSFail, ManualSecureD, ManualUnsecureD, AuthBrokerInternalLMXCheckGET, AuthBrokerInternalLMXCheckPOST, AuthBrokerExternalLMXCheckGET, AuthBrokerExternalLMXCheckPOST,
    MobilityMCXInternalLMXCheckGET, MobilityMCXInternalLMXCheckPOST, MobilityMCXExternalLMXCheckGET, MobilityMCXExternalLMXCheckPOST, LMXSIPServerInternalDNS, LMXSIPServerExternalDNS, MobilityUCWAInternalCheckPOST, MobilityUCWAExternalCheckPOST
    Automatic discovery of the Lync server failed. Please verify the server requirements at
    http://go.microsoft.com/fwlink/?LinkId=278998 . Lync mobile apps do not require automatic discovery. You could enter the server FQDN manually and test connectivity again.
    Microsoft Lync Connectivity Analyzer cannot analyze deployment readiness until a discovery test has completed successfully.

  • ADFS setup for external access

    Hi all, I would like to setup ADFS for the following scenario below:
    Internal intranet:
    URL: https://intranet.acme.com
    domain: ACME
    ACME domain users: Acme\johndoe
    External Vendor:
    domain: ABC
    ABC domain users: ABC\lucysmith
    Goals: allow external vendor users ABC domain access internal intranet
    https://intranet.acme.com via SharePoint-ADFS
    Questions:
    1. Do I need to setup ADFS on both ACME & ABC domain or just one side? If it is one side, then which one - ACME or ABC?
    2. When I setup SharePoint web application for
    https://intranet.acme.com, will this URL will be served for both internal and external users or do I have to extend it as different URL for external users?
             a. If
    https://intranet.acme.com served for both internal and external vendor users, will internal user get normal NT prompt for authentication or it will redirect to ADFS login page just like external user?
             b. If we need to extend web application for external vendor user, let's say
    https://abcexternal.acme.com, will we only need to config adfs for this extended web application so external vendor user will get adfs redirect login where internal user got NT prompt for authentication?
    Thanks

    Hello
    1) you would  need to setup ADFS on ABC and configure SharePoint to consume their ADFS token
    2) I would recommend enabling a default zone for NTLM and extend that to use for your ADFS users (intranet)
    MCITP-EA | "Never test how deep the water is with both feet"

  • External email users cannot use IMAPS/SMTPS

    We have an email server running but since Mountain Lion (ML) server we do not have the webmail for external users and they are now forced to use email clients on PCs etc., which would be acceptable, if it worked.
    This has created a weird problem... they cannot read and send email anymore.
    Our server is using SSL and our preferred settings are:
    IMAP
    Port 993
    Authentication: CRAM-MD5
    SMTP
    Port 587
    Authentication: CRAM-MD5
    The mail server is set to use automatic authentification (which I do not like because of the clear text option)
    All this worked honkey-dorey before on Lion Server, but not now on a fresh installation of OS X ML Server. Only when using an iPhone or and iPad (3G mobile/cell connections) or being on our LAN can people read and send mail. We have users externally in Belgium, Denmark, Serbia, Turkey and Spain, and none of these users can now access their email. All the external users no matter if they use MAC/WINDOWS/LINUX clients have the same problems.
    Looking the log at the same time when the users attempt to log in to check email just verify that the server is rejecting their connection in spite of them using correct credentials. The users get messages ranging from incorrect username or password to incorrect password but I can login into their accounts locally or from the LAN.
    Could this problem be related to the usertype Local or Local Network User?
    Any ideas or help is greately appreciated?
    Peter
    (Now, if anyone from Apple should happen to read this then note that it would be greatly appreciated if Apple could mature and stabilize so these severe changes to vital services could be avoided. If you support webmail (good or bad) in one release then continue to do so and if you have an advanced interface to the server functionallity like in Snow Leopard, please let us, the users, be able to keep using those tools rather than using the current 'Nintendo' interface.)

    Hi Peter
    Because this is working internally, it should be easy enough to solve.
    First thing, most likely obvious, you do have port 993 open to your server?
    Second, please post logs. Since we are dealing only with imap, just the imap (mailaccess) log will do.
    Third, webmail functionality can be restored. Roundcube or Squirrelmail can be installed on your ML server. Roundcube takes a number of steps, but has a great/fast interface, its waht 10.7 used. Earlier versions of server used SQuirrelmail.
    If you are under heavy pressure to get this up now and don't want to wait for forum responses, you can find contact info in my profile.
    Jeff

  • Alerts for External Email Server or Exchange Server (SMTP)

    Hi Everybody,
    I have configured alerts for Adapter Engine and able to see messages in Alert Inbox of RWB.
    I need to configure the Alert message to an external Exchange server (SMTP).
    What are the settings which need to be done to achieve this?
    Also Can we link the Alert Inbox to our SAP Inbox?
    Can somebody help me out on this?
    Thanks & Regards,
    Zabiulla

    Hi  Zabiulla
    Follow these steps
    1)Goto t-code SCOT; double-click SMTP and specify the mail-host and mail-port for the respective mail server.
    2)Make the u2018Node in useu2019 check box as checked.
    3)Click on the u2018Internet->Setu2019 button under u2018Supported address typesu2019 to specify the email-address of the recipient.Specify the email-address of the recipient who is going to receive the alert mails.
    (OR) Specify u2018*u2019 in case of multiple email-ids.
    4)Goto Menu->Settings->Default Domain and specify the domain id of the company.
       Save the settings done in SCOT
    .5)Specify the recipientu2019s user-id; for the particular user-id specify the email-address in the Address tab   of t-code SU01.
    Regards
    sabyasachi

  • SMTP Auth For Subset of Users

    I think this is not possible but thought I should ask just in case...
    Any ideas how to configure things to only allow a couple of users to smtp authenticate from WAN side of firewall?
    I'm thinking of a different port number from 25, tied into some sort of lookup table...? (you can probably tell I'm scrabbling about here
    -david

    Thanks Jeff,
    This is purely to get around a lack of secure passwords for LAN users (there are no passwords). At the moment there is no SMTP auth, only relay by LAN IP, and the firewall is closed except for SMTP & VPN. Problem is that the 2 bosses now want to send/receive email from WAN using their fancy mobile phones. However, they are not keen on now introducing secure passwords office wide so I was looking around for other possibilities before informing them that there was really no choice if they wanted to enable SMTP auth and open firewall for pop/imap (due to risk of dictionary hack).
    oh, and yes, it's pop/imap too
    (I have not looked at how these phones work exactly with pop/imap so not sure yet which protocol is preferred).
    The VPN is using the OSX Server and does get used for email from home computer. Actually, I must check to see if the phone thingy can do VPN...
    Appreciate any thoughts. I actually would like to tell them to introduce secure passwords throughout but just wanted to ensure I wasn't giving them wrong info on possible alternatives.
    -david

  • Excel Services Connectivity on Sharepoint 2013 for external user

    Currently , external user is able to refresh the data on sharepoint site through browser. the data connection is pointing the one of the external data source. But how can an external user (Internet user which accessing sharepoint through internet) download
    a copy of excel in sharepoint library and open the excel workbook with data refresh ability at client machine ?
    Do we need client machine to be able to access / ping the external data source? 
    Thanks.

    Thanks for the response.
    They want to perform data analysis and design their own report with own template , for example : to remove subtotal from the powerpivot tables which we cannot change the formatting at the excel services at browser level.
    So if i understand correctly, we need to get the client machine to be able to access to the database server directly to get the access to the cube for data analysis although we had this odc file connection setup, am i right?
    For internal user, network team should open port / access for them to access database server directly.
    For external user, either to open public access to the database server directly or setup a VPN connection for the external user to access the database server in their secure network.
    Let me know if i understand this correctly.
    Thanks.

  • Problem with links for external user

    Hi,
    We´re using SAP NetWeaver Portal 2004s SPS 10 and we have a problem with links within notification-mails:
    The link to the document (e.g. within a subscription mail) consists of "http:///...". Only user using the portal within our network can open this links. All external user can´t open this links. How can I change the URL so that our external user can open the links, too?
    Thanks for help,
    Sven Keller

    We already have another URL for external usage. My problem is how to define that created links to documents and folder are automatically using the external URL.
    If somebody receives an email (e.g. subscription) the URL to the folder is:
    http://<portalserver>:51000/irj/go/km/navigation/documents/Public Documents/Documentation
    But it should be:
    https://<externalportal>/irj/go/km/navigation/documents/Public Documents/Documentation
    Message was edited by:
            Sven Keller

  • Outlook 2013 people pane is not showing any items for internal domain users. External contacts works fine

    I have recently purchase a new PC which has Windows 8.1, and Outlook 2013, connected to an exchange 2010 SP3 RU4 server.
    In the People pane, the for External clients, then this box populates correctly, but for internal domain users, it shows "There are no items to show in this view"
    On my OLD PC using XP, and Outlook 2010, connected to the SAME account, then people pane shows correctly for all users.
    Any help appreciated
    regards
    Chris

    Hi Chris,
    I have checked in my Windows 8 and Outlook 2013 with Exchange 2010 SP3 RU4 environment. There are three folders listed under My Contact in my People pane:
    Contacts: The contacts which we added and saved
    manually before.
    Lync Contacts: The contacts we added in Lync.
    Suggested contacts folder: Automatically
    keeps track of everyone you send a message to, but isn’t in your Outlook contacts. Please note that it is different from Auto-Complete List.
    Therefore, I suppose that the meaning of “but for internal domain users, it shows ‘There are no items to show in this view’ ” is that there is no contacts in the
    Contacts folder. Is it right? If I misunderstand, please point it out. And we need to add and save users manually in this folder.
    Thanks,
    Winnie Liang
    TechNet Community Support

  • Access to my Office 365 third-party app for external user : "a User account is not registered for the account"

    In my third-party web application of Office 365, I want to have access to the contacts, events and emails of all the users from the organizations who installed my app. The thing is I don't want that all these users have to grant me access, I just want one
    admin of the org to grant access for my app and then be able to retrieve the data I need for all the users.
    To test for one organization, I logged in as the admin and proceed to the Oauth2 authentication to retrieve the access token and in the first request (the GET one to retrieve an authorization code) i add the parameter
    prompt=admin_consent.
    With this access token, I can access the data (emails, contact, event) of the admin
    for instance for the contacts
    uri: https://outlook.office365.com/ews/odata/Users(adminemail)/Contacts
    but not the data of the other users of this org with this uri
    uri: https://outlook.office365.com/ews/odata/Users(useremail)/Contacts
    The only thing I can do is retrieve an access token for each user but it supposed that each user has to authorize the access to the app but it's very cumbersome. So, i don't see what enables the parameter prompt=admin_consent and how to use it. Does anybody
    know what it does?
    And my question is: how can I do to access the data of all the users of one organization when the access has been granted by one admin?
    Thank you!

        
    This was answered on StackOverflow by Dushyant Gill.  http://stackoverflow.com/questions/25316175/access-to-my-office-365-third-party-app-for-external-user-a-user-account-is-n/25316678#25316678
    You are sending the OAuth request to a tenant specific endpoint of Azure AD. Note the {key_provided} part of your Url - that part represents the tenantid or a registered domain name of an Azure AD tenant. Azure AD throws this error is the user signing in
    is not a user in that tenant.
    Multi-tenant applications like yours have two options:
    Perform home realm discovery yourself and send the SSO request to the correct tenant-specific endpoint of Azure AD: when a new Azure AD organization signs-up for your application, record its tenant ID, and registered domain names. On your login page, ask
    the user for their email and try to discover what Org they belong to using the suffix the email.
    Use the common endpoint of Azure AD. Instead of the {key_provided} part of the URL, use 'common'. In this case Azure AD will determine the user's tenant and sign-in the user. The token that your application will receive will still be from the user's tenant
    (iss claim).
    2 is more convenient for apps. However #1 has an advantage when the user's Organization has customized their sign-in page with the company logo etc - in the case of #1 the user will directly be taken to the customized and familiar sign-in page.
    I recommend a combination of the two: try determining the user's organization and sending them to the tenant specific SSO endpoint. If you're not able to - send them to the common endpoint.

  • Exchange 2007 - The server don't send dsn message for external users

    Hello,
    Our exchange 2007doesn't send dsn message for external users but for internals it is ok, I check my configuration but all seems to be ok
    Have you any idea please?
    Thx

    Hi,
    To narrow down the cause, let's firstly try to check the following configuration:
    Get-TransportConfig |fl
    Get-RemoteDomain | select identity, NDREnabled
    Get-SystemMessage
    Thanks,
    Angela Shi
    TechNet Community Support

Maybe you are looking for

  • Event handling with TextArea

    hi all, i'm really new to java programming ! so, i will be glad for any help that is given by you. this is the problem: when we add text in to a TextArea, an event should be fired. that means, we should capture the status change of the TextArea. i tr

  • How to enable fastcgi on sun one web server 6.1 SP6

    Hi, all I fail to install fastcgi on sun one web server 6.1 SP6. When i access php page, the following errors are displayed in error log. [18/Oct/2006:14:08:45] failure (21781): for host x.x.x.x trying to GET /chkwww.php, responder-fastcgi reports: F

  • Changing default picture viewer via GPO without changing image type and icon (Windows 7)

    Hello, I am trying to change the default picture viewer for some file extensions (.bmp, .jpeg, .png and .tiff). Actually Windows Photo Viewer is the default viewer and we need to replace it with Microsoft Office Picture Manager. I managed to do that

  • Error in installing theme

    Hi every body when i install a theme such as piZero i receive this error: Expired Certificate. what is problem and how can solve it?

  • My iPad will not discover any blue tooth devices

    My iPad will not discover any blue tooth devices. The Bluetooth is turned on but it will only discover a Blackberry phone and not my other iPad or 5s and 4s or a QED receiver.