SMTP for external IMAP users
When I try to send through any e-mail or phone app from outside the network I get an error on the GWIA stating - IP connection refused. I have a generic setup for the GWIA and the port open through the firewall.
What can be missing?
Check your GWIA settings. Are you allowing anonymous connections to port 25? Generally, that is a bad thing, so it probably is not.
Otherwise I would blame the firewall, but if the erro shows on the GWIA, then it is a GWIA issue.
--El
Originally Posted by jtdb2011
When I try to send through any e-mail or phone app from outside the network I get an error on the GWIA stating - IP connection refused. I have a generic setup for the GWIA and the port open through the firewall.
What can be missing?
Similar Messages
-
Hi!
I'm using was 620 and with transaction SCOT I have setup the node for SMTP. If I try to send a mail for a internal outlook address the system work fine, but if I try to send a mail for an external address (address with external internet provider) the system dosn't work and the error message is:
"802 = 550 5.7.1 Unable to replay for [email protected]"
[email protected] is an example.
How I can send mail with SCOT for external address?
Thank you very mutch,
GianlucaHi,
When you create a node in SCOT, you can choose HTTP or RFC. with HTTP type node, you can only communicate over http (like sending SMS) as the description says there. To use an internet mail functionality, you need to define an RFC type node.
With RFC type node, you will need to specify a RFC destination in the definition of the node (you can check the definition of some other nodes in SCOT by double-clicking them). This RFC Destination is nothing but a program (or a script) that is triggered from SAP for mail-send. This RFC destination must then have already been created using SM59, and must point to the right mail-send program.
Essentially, to be able to send emails outside to public email-ids, you need to have some way of connecting to the public mail network. The exe progra (like sendmail.exe) that is configured as an RFC destination enables this on SAP. Once you send a mail from SAP, it is sent to this configured RFC destination, which runs the corresponding OS level exe to connect to the public mail network and send the mail.
SAP doesn't provide such exe programs so you will need to procure it on your own (as far as I know). Once you have such a program, it should be possible to do the rest of the setup to have an RFC type node.
cheers,
Message was edited by: Ajay Das -
Password aging for externally authenticated user
Hello All:
How can we implement the password aging of externally authenticated user.
Thanks
San~If the user is externally authenticated, then the password expiry should be external. E.g for the unix account.
"When you choose external authentication for a user, the user account is maintained by Oracle, but password administration and user authentication is performed by an external service. This external service can be the operating system or a network service, such as Oracle Net.
With external authentication, your database relies on the underlying operating system or network authentication service to restrict access to database accounts. A database password is not used for this type of login. If your operating system or network service permits, you can have it authenticate users. If you do so, set the initialization parameter OS_AUTHENT_PREFIX, and use this prefix in Oracle user names. The OS_AUTHENT_PREFIX parameter defines a prefix that Oracle adds to the beginning of every user's operating system account name. Oracle compares the prefixed user name with the Oracle user names in the database when a user attempts to connect." -
Exchange Web Services for external O365 users w/UAG
The client has UAG in use, currently, for OWA and EAS for the on-prem mailboxes.
We have O365 Federation enabled right now using ADFS with proxies. ADFS is *not* behind the UAG firewall. sss.clientdomain.com resolves directly to the ADFS proxies. We've successfully tested the SSO redirect.
With UAG in play, how will that affect Exchange Online mailbox users who are trying to get to OWA from their home PC? The UAG proxy is set for pre-auth to the internal AD DS.
Is this going to be a problem for Exchange Online users using OWA and EAS? If so, how do I get around this? My goal is to make sure UAG is as small of a piece of this puzzle as possible, seeing it is nearing end-of-life.Exchange Online OWA users will likely have to authenticate twice here - once to get to the on-prem Exchange server for OWA through UAG, and then again at the ADFS Proxy, after the on-prem redirection. The alternative would be
to provide Exchange Online users the separate URL, so as to connect directly to Exchange Online, and therefore only getting prompted for authentication once at the ADFS Proxy.
-
Lyncdiscover reports HTTP 500 Internal Server Error for external users
Hello,
I have a problem providing lyncdiscover information for external Lync users. The same address works internal (prompts for file download) so I believe the problem is UAG/TMG providing the site which is not my cup of tea. I have a working external lyncdiscover
for other domain in the same Lync + UAG/TMG server environment. I have also checked the public DNS records few times and everything should be fine. Firewall also shouldn't be an issue since it reports the internal server error, right? Any suggestions what
should I check?more information based on Lync Autodiscover Web Service Remote Connectivity Test.
Testing HTTP authentication methods for URL https://lyncdiscover.domain1.com/Autodiscover/AutodiscoverService.svc/root/user.
HTTP authentication methods successful.
Additional Details
Testing HTTP content for URL https://lyncdiscover.domain1.comi/?sipuri=[email protected] has
token="User".
HTTP content isn't verified.
<label for="testSelectWizard_ctl12_ctl06_ctl00_ctl04_tmmArrow">Tell
me more about this issue and how to resolve it</label>
Additional Details
HTTP 200 status received from server, but no token="User".
Elapsed Time: 203 ms.
The same result goes for the other domain that provides the lyncdiscover information correctly for external users. It doesn't seem to solve the root cause but might help to understand
the problem. -
Lync Mobile for external users not working
Hello,
We have Lync Server Enterprise pool with 2 front end server, 2 edge server & TMG for reverse proxy.
PC client internally & externally working. Internal mobile users are working. But not working for external mobile users.
I used 2 tools to check this.
Web based connectivity analyser, it runs without any error.
But when I use installed version of lync connectivity analyser its throws error that. Server discovery failed for secured internal channel against
https://lyncdiscoverinternal.mydomain.com
Also, I am able to download a .json file when you access
https://lyncdiscover.mydomain.comHello,
Sorry for late response. My TMG server was not functioning, now it is working for lync mobile is still having problem. I am pasting the lync analyser full reports:
Network access: NetworkAccessExternal
Logging test parameters:
SIP Uri: [email protected]
User Name:
Discovery Type: Automatic Discovery
Selected client: ApplicationLyncMobile2013
Starting Lync server autodiscovery
Please wait; this test may take several minutes to complete...
Starting automatic discovery for secure (HTTPS) internal channel
Sending HTTP request to
https://lyncdiscoverinternal.contoso.com/[email protected]
Cookie found in autodiscover response: StatusCode: 403, ReasonPhrase: 'Forbidden ( The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. )', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
Connection: close
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 2040
Content-Type: text/html
Autodiscover: SendRequest(): the URL
https://lyncdiscoverinternal.contoso.com/[email protected] couldn't be connected. Complete HTTP headers:\r\n Connection: close
Pragma: no-cache
Cache-Control: no-cache
Couldn't connect to URL
https://lyncdiscoverinternal.contoso.com/[email protected] (HTTP status code Forbidden)
System.Exception: Couldn't connect to URL
https://lyncdiscoverinternal.contoso.com/[email protected] (HTTP status code Forbidden)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.TerminateAD(String mesg)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<SendRequest>d__d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<StartDiscoveryJourney>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at LyncConnectivityAnalyzerCore.Utilities.<RetrieveUserLocation>d__3e.MoveNext()
Server discovery failed for secured internal channel against
https://lyncdiscoverinternal.contoso.com/
Starting automatic discovery for unsecure (HTTP) internal channel
Sending HTTP request to
http://lyncdiscoverinternal.contoso.com/[email protected]
Cookie found in autodiscover response: StatusCode: 403, ReasonPhrase: 'Forbidden ( The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. )', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
Connection: close
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 2040
Content-Type: text/html
Autodiscover: SendRequest(): the URL
http://lyncdiscoverinternal.contoso.com/[email protected] couldn't be connected. Complete HTTP headers:\r\n Connection: close
Pragma: no-cache
Cache-Control: no-cache
Couldn't connect to URL
http://lyncdiscoverinternal.contoso.com/[email protected] (HTTP status code Forbidden)
System.Exception: Couldn't connect to URL
http://lyncdiscoverinternal.contoso.com/[email protected] (HTTP status code Forbidden)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.TerminateAD(String mesg)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<SendRequest>d__d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<StartDiscoveryJourney>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at LyncConnectivityAnalyzerCore.Utilities.<RetrieveUserLocation>d__3e.MoveNext()
Server discovery failed for unsecured internal channel against
http://lyncdiscoverinternal.contoso.com/
Starting automatic discovery for secure (HTTPS) external channel
Sending HTTP request to
https://lyncdiscover.contoso.com/[email protected]
Cookie found in autodiscover response: StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
Connection: Keep-Alive
Pragma: no-cache
X-MS-Server-Fqdn: SGRFLYNC1.contoso.com
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Date: Mon, 24 Nov 2014 13:36:49 GMT
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 1065
Content-Type: application/vnd.microsoft.rtc.autodiscover+xml; v=1
Expires: -1
Parsing the response for URL
https://lyncdiscover.contoso.com/[email protected]. Full response: <?xml version="1.0" encoding="utf-8"?><AutodiscoverResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" AccessLocation="External"><Root><Link token="Domain" href="https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/domain?originalDomain=contoso.com"
/><Link token="User" href="https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=contoso.com"
/><Link token="Self" href="https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root?originalDomain=contoso.com"
/><Link token="OAuth" href="https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/oauth/user?originalDomain=contoso.com"
/><Link token="External/XFrame" href="https://lyncdiscover.contoso.com/Autodiscover/XFrame/XFrame.html" /><Link token="Internal/XFrame"
href="https://lync.contoso.com/Autodiscover/XFrame/XFrame.html" /><Link token="XFrame" href="https://lyncdiscover.contoso.com/Autodiscover/XFrame/XFrame.html"
/></Root></AutodiscoverResponse>
Autodiscover URL
https://lyncdiscover.contoso.com/[email protected] redirected to
https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=contoso.com
Sending HTTP request to
https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/[email protected]
Cookie found in autodiscover response: StatusCode: 403, ReasonPhrase: 'Forbidden ( The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. )', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
Connection: close
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 2040
Content-Type: text/html
Autodiscover: SendRequest(): the URL
https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/[email protected] couldn't be connected. Complete HTTP headers:\r\n Connection: close
Pragma: no-cache
Cache-Control: no-cache
Couldn't connect to URL
https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/[email protected] (HTTP status code Forbidden)
System.Exception: Couldn't connect to URL
https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/[email protected] (HTTP status code Forbidden)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.TerminateAD(String mesg)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<SendRequest>d__d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<ParseResponse>d__16.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<StartDiscoveryJourney>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at LyncConnectivityAnalyzerCore.Utilities.<RetrieveUserLocation>d__3e.MoveNext()
Server discovery failed for secured external channel against
https://lyncdiscover.contoso.com/
Starting automatic discovery for unsecure (HTTP) external channel
Sending HTTP request to
http://lyncdiscover.contoso.com/[email protected]
Cookie found in autodiscover response: StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
Connection: Keep-Alive
Pragma: no-cache
X-MS-Server-Fqdn: SGRFLYNC1.contoso.com
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Date: Mon, 24 Nov 2014 13:36:49 GMT
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 1065
Content-Type: application/vnd.microsoft.rtc.autodiscover+xml; v=1
Expires: -1
Parsing the response for URL
http://lyncdiscover.contoso.com/[email protected]. Full response: <?xml version="1.0" encoding="utf-8"?><AutodiscoverResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" AccessLocation="External"><Root><Link token="Domain" href="https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/domain?originalDomain=contoso.com"
/><Link token="User" href="https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=contoso.com"
/><Link token="Self" href="https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root?originalDomain=contoso.com"
/><Link token="OAuth" href="https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/oauth/user?originalDomain=contoso.com"
/><Link token="External/XFrame" href="https://lyncdiscover.contoso.com/Autodiscover/XFrame/XFrame.html" /><Link token="Internal/XFrame"
href="https://lync.contoso.com/Autodiscover/XFrame/XFrame.html" /><Link token="XFrame" href="https://lyncdiscover.contoso.com/Autodiscover/XFrame/XFrame.html"
/></Root></AutodiscoverResponse>
Autodiscover URL
http://lyncdiscover.contoso.com/[email protected] redirected to
https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=contoso.com
Sending HTTP request to
https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/[email protected]
Cookie found in autodiscover response: StatusCode: 403, ReasonPhrase: 'Forbidden ( The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. )', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
Connection: close
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 2040
Content-Type: text/html
Autodiscover: SendRequest(): the URL
https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/[email protected] couldn't be connected. Complete HTTP headers:\r\n Connection: close
Pragma: no-cache
Cache-Control: no-cache
Couldn't connect to URL
https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/[email protected] (HTTP status code Forbidden)
System.Exception: Couldn't connect to URL
https://lyncdiscover.contoso.com/Autodiscover/AutodiscoverService.svc/root/[email protected] (HTTP status code Forbidden)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.TerminateAD(String mesg)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<SendRequest>d__d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<ParseResponse>d__16.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<StartDiscoveryJourney>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at LyncConnectivityAnalyzerCore.Utilities.<RetrieveUserLocation>d__3e.MoveNext()
Server discovery failed for unsecured external channel against
http://lyncdiscover.contoso.com/
None, AutoInternalSecureD, AutoInternalUnsecureD, AutoExternalSecureD, AutoExternalUnsecureD, ManualDNSFail, ManualSecureD, ManualUnsecureD, AuthBrokerInternalLMXCheckGET, AuthBrokerInternalLMXCheckPOST, AuthBrokerExternalLMXCheckGET, AuthBrokerExternalLMXCheckPOST,
MobilityMCXInternalLMXCheckGET, MobilityMCXInternalLMXCheckPOST, MobilityMCXExternalLMXCheckGET, MobilityMCXExternalLMXCheckPOST, LMXSIPServerInternalDNS, LMXSIPServerExternalDNS, MobilityUCWAInternalCheckPOST, MobilityUCWAExternalCheckPOST
Automatic discovery of the Lync server failed. Please verify the server requirements at
http://go.microsoft.com/fwlink/?LinkId=278998 . Lync mobile apps do not require automatic discovery. You could enter the server FQDN manually and test connectivity again.
Microsoft Lync Connectivity Analyzer cannot analyze deployment readiness until a discovery test has completed successfully. -
ADFS setup for external access
Hi all, I would like to setup ADFS for the following scenario below:
Internal intranet:
URL: https://intranet.acme.com
domain: ACME
ACME domain users: Acme\johndoe
External Vendor:
domain: ABC
ABC domain users: ABC\lucysmith
Goals: allow external vendor users ABC domain access internal intranet
https://intranet.acme.com via SharePoint-ADFS
Questions:
1. Do I need to setup ADFS on both ACME & ABC domain or just one side? If it is one side, then which one - ACME or ABC?
2. When I setup SharePoint web application for
https://intranet.acme.com, will this URL will be served for both internal and external users or do I have to extend it as different URL for external users?
a. If
https://intranet.acme.com served for both internal and external vendor users, will internal user get normal NT prompt for authentication or it will redirect to ADFS login page just like external user?
b. If we need to extend web application for external vendor user, let's say
https://abcexternal.acme.com, will we only need to config adfs for this extended web application so external vendor user will get adfs redirect login where internal user got NT prompt for authentication?
ThanksHello
1) you would need to setup ADFS on ABC and configure SharePoint to consume their ADFS token
2) I would recommend enabling a default zone for NTLM and extend that to use for your ADFS users (intranet)
MCITP-EA | "Never test how deep the water is with both feet" -
External email users cannot use IMAPS/SMTPS
We have an email server running but since Mountain Lion (ML) server we do not have the webmail for external users and they are now forced to use email clients on PCs etc., which would be acceptable, if it worked.
This has created a weird problem... they cannot read and send email anymore.
Our server is using SSL and our preferred settings are:
IMAP
Port 993
Authentication: CRAM-MD5
SMTP
Port 587
Authentication: CRAM-MD5
The mail server is set to use automatic authentification (which I do not like because of the clear text option)
All this worked honkey-dorey before on Lion Server, but not now on a fresh installation of OS X ML Server. Only when using an iPhone or and iPad (3G mobile/cell connections) or being on our LAN can people read and send mail. We have users externally in Belgium, Denmark, Serbia, Turkey and Spain, and none of these users can now access their email. All the external users no matter if they use MAC/WINDOWS/LINUX clients have the same problems.
Looking the log at the same time when the users attempt to log in to check email just verify that the server is rejecting their connection in spite of them using correct credentials. The users get messages ranging from incorrect username or password to incorrect password but I can login into their accounts locally or from the LAN.
Could this problem be related to the usertype Local or Local Network User?
Any ideas or help is greately appreciated?
Peter
(Now, if anyone from Apple should happen to read this then note that it would be greatly appreciated if Apple could mature and stabilize so these severe changes to vital services could be avoided. If you support webmail (good or bad) in one release then continue to do so and if you have an advanced interface to the server functionallity like in Snow Leopard, please let us, the users, be able to keep using those tools rather than using the current 'Nintendo' interface.)Hi Peter
Because this is working internally, it should be easy enough to solve.
First thing, most likely obvious, you do have port 993 open to your server?
Second, please post logs. Since we are dealing only with imap, just the imap (mailaccess) log will do.
Third, webmail functionality can be restored. Roundcube or Squirrelmail can be installed on your ML server. Roundcube takes a number of steps, but has a great/fast interface, its waht 10.7 used. Earlier versions of server used SQuirrelmail.
If you are under heavy pressure to get this up now and don't want to wait for forum responses, you can find contact info in my profile.
Jeff -
Alerts for External Email Server or Exchange Server (SMTP)
Hi Everybody,
I have configured alerts for Adapter Engine and able to see messages in Alert Inbox of RWB.
I need to configure the Alert message to an external Exchange server (SMTP).
What are the settings which need to be done to achieve this?
Also Can we link the Alert Inbox to our SAP Inbox?
Can somebody help me out on this?
Thanks & Regards,
ZabiullaHi Zabiulla
Follow these steps
1)Goto t-code SCOT; double-click SMTP and specify the mail-host and mail-port for the respective mail server.
2)Make the u2018Node in useu2019 check box as checked.
3)Click on the u2018Internet->Setu2019 button under u2018Supported address typesu2019 to specify the email-address of the recipient.Specify the email-address of the recipient who is going to receive the alert mails.
(OR) Specify u2018*u2019 in case of multiple email-ids.
4)Goto Menu->Settings->Default Domain and specify the domain id of the company.
Save the settings done in SCOT
.5)Specify the recipientu2019s user-id; for the particular user-id specify the email-address in the Address tab of t-code SU01.
Regards
sabyasachi -
I think this is not possible but thought I should ask just in case...
Any ideas how to configure things to only allow a couple of users to smtp authenticate from WAN side of firewall?
I'm thinking of a different port number from 25, tied into some sort of lookup table...? (you can probably tell I'm scrabbling about here
-davidThanks Jeff,
This is purely to get around a lack of secure passwords for LAN users (there are no passwords). At the moment there is no SMTP auth, only relay by LAN IP, and the firewall is closed except for SMTP & VPN. Problem is that the 2 bosses now want to send/receive email from WAN using their fancy mobile phones. However, they are not keen on now introducing secure passwords office wide so I was looking around for other possibilities before informing them that there was really no choice if they wanted to enable SMTP auth and open firewall for pop/imap (due to risk of dictionary hack).
oh, and yes, it's pop/imap too
(I have not looked at how these phones work exactly with pop/imap so not sure yet which protocol is preferred).
The VPN is using the OSX Server and does get used for email from home computer. Actually, I must check to see if the phone thingy can do VPN...
Appreciate any thoughts. I actually would like to tell them to introduce secure passwords throughout but just wanted to ensure I wasn't giving them wrong info on possible alternatives.
-david -
Excel Services Connectivity on Sharepoint 2013 for external user
Currently , external user is able to refresh the data on sharepoint site through browser. the data connection is pointing the one of the external data source. But how can an external user (Internet user which accessing sharepoint through internet) download
a copy of excel in sharepoint library and open the excel workbook with data refresh ability at client machine ?
Do we need client machine to be able to access / ping the external data source?
Thanks.Thanks for the response.
They want to perform data analysis and design their own report with own template , for example : to remove subtotal from the powerpivot tables which we cannot change the formatting at the excel services at browser level.
So if i understand correctly, we need to get the client machine to be able to access to the database server directly to get the access to the cube for data analysis although we had this odc file connection setup, am i right?
For internal user, network team should open port / access for them to access database server directly.
For external user, either to open public access to the database server directly or setup a VPN connection for the external user to access the database server in their secure network.
Let me know if i understand this correctly.
Thanks. -
Problem with links for external user
Hi,
We´re using SAP NetWeaver Portal 2004s SPS 10 and we have a problem with links within notification-mails:
The link to the document (e.g. within a subscription mail) consists of "http:///...". Only user using the portal within our network can open this links. All external user can´t open this links. How can I change the URL so that our external user can open the links, too?
Thanks for help,
Sven KellerWe already have another URL for external usage. My problem is how to define that created links to documents and folder are automatically using the external URL.
If somebody receives an email (e.g. subscription) the URL to the folder is:
http://<portalserver>:51000/irj/go/km/navigation/documents/Public Documents/Documentation
But it should be:
https://<externalportal>/irj/go/km/navigation/documents/Public Documents/Documentation
Message was edited by:
Sven Keller -
I have recently purchase a new PC which has Windows 8.1, and Outlook 2013, connected to an exchange 2010 SP3 RU4 server.
In the People pane, the for External clients, then this box populates correctly, but for internal domain users, it shows "There are no items to show in this view"
On my OLD PC using XP, and Outlook 2010, connected to the SAME account, then people pane shows correctly for all users.
Any help appreciated
regards
ChrisHi Chris,
I have checked in my Windows 8 and Outlook 2013 with Exchange 2010 SP3 RU4 environment. There are three folders listed under My Contact in my People pane:
Contacts: The contacts which we added and saved
manually before.
Lync Contacts: The contacts we added in Lync.
Suggested contacts folder: Automatically
keeps track of everyone you send a message to, but isn’t in your Outlook contacts. Please note that it is different from Auto-Complete List.
Therefore, I suppose that the meaning of “but for internal domain users, it shows ‘There are no items to show in this view’ ” is that there is no contacts in the
Contacts folder. Is it right? If I misunderstand, please point it out. And we need to add and save users manually in this folder.
Thanks,
Winnie Liang
TechNet Community Support -
In my third-party web application of Office 365, I want to have access to the contacts, events and emails of all the users from the organizations who installed my app. The thing is I don't want that all these users have to grant me access, I just want one
admin of the org to grant access for my app and then be able to retrieve the data I need for all the users.
To test for one organization, I logged in as the admin and proceed to the Oauth2 authentication to retrieve the access token and in the first request (the GET one to retrieve an authorization code) i add the parameter
prompt=admin_consent.
With this access token, I can access the data (emails, contact, event) of the admin
for instance for the contacts
uri: https://outlook.office365.com/ews/odata/Users(adminemail)/Contacts
but not the data of the other users of this org with this uri
uri: https://outlook.office365.com/ews/odata/Users(useremail)/Contacts
The only thing I can do is retrieve an access token for each user but it supposed that each user has to authorize the access to the app but it's very cumbersome. So, i don't see what enables the parameter prompt=admin_consent and how to use it. Does anybody
know what it does?
And my question is: how can I do to access the data of all the users of one organization when the access has been granted by one admin?
Thank you!
This was answered on StackOverflow by Dushyant Gill. http://stackoverflow.com/questions/25316175/access-to-my-office-365-third-party-app-for-external-user-a-user-account-is-n/25316678#25316678
You are sending the OAuth request to a tenant specific endpoint of Azure AD. Note the {key_provided} part of your Url - that part represents the tenantid or a registered domain name of an Azure AD tenant. Azure AD throws this error is the user signing in
is not a user in that tenant.
Multi-tenant applications like yours have two options:
Perform home realm discovery yourself and send the SSO request to the correct tenant-specific endpoint of Azure AD: when a new Azure AD organization signs-up for your application, record its tenant ID, and registered domain names. On your login page, ask
the user for their email and try to discover what Org they belong to using the suffix the email.
Use the common endpoint of Azure AD. Instead of the {key_provided} part of the URL, use 'common'. In this case Azure AD will determine the user's tenant and sign-in the user. The token that your application will receive will still be from the user's tenant
(iss claim).
2 is more convenient for apps. However #1 has an advantage when the user's Organization has customized their sign-in page with the company logo etc - in the case of #1 the user will directly be taken to the customized and familiar sign-in page.
I recommend a combination of the two: try determining the user's organization and sending them to the tenant specific SSO endpoint. If you're not able to - send them to the common endpoint. -
Exchange 2007 - The server don't send dsn message for external users
Hello,
Our exchange 2007doesn't send dsn message for external users but for internals it is ok, I check my configuration but all seems to be ok
Have you any idea please?
ThxHi,
To narrow down the cause, let's firstly try to check the following configuration:
Get-TransportConfig |fl
Get-RemoteDomain | select identity, NDREnabled
Get-SystemMessage
Thanks,
Angela Shi
TechNet Community Support
Maybe you are looking for
-
hi all, i'm really new to java programming ! so, i will be glad for any help that is given by you. this is the problem: when we add text in to a TextArea, an event should be fired. that means, we should capture the status change of the TextArea. i tr
-
How to enable fastcgi on sun one web server 6.1 SP6
Hi, all I fail to install fastcgi on sun one web server 6.1 SP6. When i access php page, the following errors are displayed in error log. [18/Oct/2006:14:08:45] failure (21781): for host x.x.x.x trying to GET /chkwww.php, responder-fastcgi reports: F
-
Changing default picture viewer via GPO without changing image type and icon (Windows 7)
Hello, I am trying to change the default picture viewer for some file extensions (.bmp, .jpeg, .png and .tiff). Actually Windows Photo Viewer is the default viewer and we need to replace it with Microsoft Office Picture Manager. I managed to do that
-
Hi every body when i install a theme such as piZero i receive this error: Expired Certificate. what is problem and how can solve it?
-
My iPad will not discover any blue tooth devices
My iPad will not discover any blue tooth devices. The Bluetooth is turned on but it will only discover a Blackberry phone and not my other iPad or 5s and 4s or a QED receiver.