I can access my reports through
http://mymachine:808/Reports
or
http://localhost:808/Reports
but not
http://myhost.mydomain.com:808/Reports
even when I have myhost.mydomain.com map to 127.0.0.1 in the host file. It was keep asking user name and password, but the same user name and password works fine in other ways to access.
How to fix this?
Update
It prompts to type in user name and password, but just to pop up again. So there is no way to get into the page with the broken URL.
This is consistent in at least 2 browsers: Firefox 47.0, and Edge 25.10586.0.0
Also, I didn't have Report Manager installed, here is my menu of Reporting services configuration manager:
From the hint in comments the issues is in the Reporting Services.
I was using the default settings, but MSDN said you can have different authentication types. I checked my reportserver.config file and I was using NTLM. Change it to use basic authentication solves the problem.
My guess of the reason, is that the browser will send a "Host" property for every request, and as this is inconsistent with NTLM's "domain", so Reporting Services reject the authentication. However, when switch to basic authentication, it simply pass the credential to Windows, so now it accepts.
References:
Authentication Types in Reporting Services
How to: Configure Basic Authentication in Reporting Services
You could try adding a new URL for Report Manager. To do this
Open Reporting Services Configuration Manager
Select Report Manager URL
Click Advanced
Click Add to add details
Here's a screenshot to help.
Related
I'm working on standing up a Playwright testing framework around our front-end PHP application to prototype automated testing for our team. Our authentication is managed by Azure Active Directory with 2FA as well as Conditional Access for our devices. The problem I'm encountering is the conditional access not liking the pseudo-incognito Chromium browser used by Playwright. Below is the message I get while attempting my login in the Edge InPrivate window (same error message as Chromium):
I've gone through the authentication section on Playwright's documentation as well as searching, but I'm not having any luck with getting past the conditional access issue. The failing TypeScript code I'm currently running is:
import test from "#playwright/test";
const { chromium } = require('playwright');
test('Log into Application', async () => {
const userDataDir = '\UserData';
const context = await chromium.launchPersistentContext(userDataDir, { headless: false });
const page = await context.newPage();
await page.goto('https://MyApplication.com');
await page.pause();
})
Any help would be deeply appreciated.
According to last bulleted point in Grant controls | Microsoft Docs.
Conditional Access cannot consider Microsoft Edge in InPrivate mode as
a compliant device or an approved client app.
In normal chromium browser (not in private mode ) to work,you need to install and run a supported browser, based on your operating system. If you're using Windows 10, the supported browsers include Microsoft Edge, Internet Explorer, and Google Chrome.If you're using a different operating system, you can check the complete list of supported browsers.
(Or)
The error message may be because the Global admin was created an conditional access policy in the Office 365 tenant at your company due to security reason, so only specific device registered in Azure, will be allowed to use for you. So, in that case you should talk with the "IT HelpDesk" department at your company, and you should ask them to configure and allow all browsers there.
An administrator can make use of access controls to either grant or block access to resources : Grant controls
You may need to contact the admin to raise a support ticket from the Office 365 admin center for further investigation
Reference: Troubleshooting compliance error
If you have global admin rights,You can troubleshoot unexpected
sign-in outcomes related to Conditional Access using error messages
and Azure AD sign-ins log.
You can click on more details and see the information.
Sign in to the Azure portal as a global administrator, security administrator, or global reader
Browse toAzure Active Directory > Sign-ins.
Find the event for the sign-in to review. Add or remove filters .
The Conditional Access tab will show the specific policy or policies that resulted in the sign-in interruption.
You can see and check basic info, device details whether registered or not and other policy details that are not compliant .
For complete details of troubleshooting. Please check this Troubleshooting | Microsoft Docs for complete details of troubleshooting.
Reference:
You Can’t Get There From Here – Vince's Server Stuff (vincecarbone.com)
"Issue description copied..."
I'm building a partner connector, which relies on a user name and password to connect to database (very similar to the existing Postgres / MySQL connectors provided by Google). In order to verify the credentials, I also need the database host information to be present in addition to username and password and this is the base of my problem.
The Google build connectors conveniently are allowed to collect user credentials and the database related information at the same time. Unfortunately, that doesn't seem to be the case for partner connectors as stated in the requirements
Point 5 "Use appropriate authentication method in getAuthType(). Do not request credentials via getConfig()."
The authentication itself happens before any other configuration details are known (there is just a dialog for username and password) and there doesn't seem to be a way to request additional information on the authentication screen itself. Once the credentials have been entered, the verification also happens immediately, before the configuration is being shown in the next step.
Once credentials are validated successfully, Datastudio then assumes the schema and data can be requested.This excludes the option of a dummy confirmation, because there doesn't seem to be a way to tell credentials are invalid and need to be changed after checking the other configuration details on the next screen.
That makes me unsure, how to determine valid credentials in my use case as I need to know the variable endpoint to authenticate against. I definitely want to avoid storing any user credentials myself in an external database, because this opens up another can of worms.
Has anyone successfully solved a similar issue before and can provide guidance here?
This is a known limitation of the authentication methods for Community Connectors.
A workaround would be to use authtype NONE and then request the credentials and database information in the config. This is, however, not a recommended approach.
While trying to use the query editor in developer console.
"SELECT ID FROM ACCOUNT"
It throws an erorr saying "This session is not valid for use with the REST API".
Any idea what excatly tthe issue here. Earlier it workerd fine.
The same problem when i click on "Open" dialog of developer console and select objects.
"CANNOT LOAD OBjects.This session is not valid for use with the REST API"
I ran into this same issue, where I could open Visualforce pages, Apex, etc but it would give me the error "This session is not valid for use with the REST API" any time I tried to use the Query Editor or create a new Trigger (which needs the object list) via the Developer Console. I tried every browser, flushing cookies, logging in as other users, etc with the same results.
I found that our org has API white listing enabled (https://help.salesforce.com/HTViewHelpDoc?id=security_control_client_access.htm&language=en_US) which blocks the API calls access unless explicitly granted.
From the Salesforce Documentation
"Contact Salesforce to enable API Client Whitelisting. After it’s enabled, all client access is restricted until explicitly allowed by the administrator. This restriction might block access to applications that your users are already using. Before you enable this feature, you should configure and approve connected apps for any client applications you want users to continue using, or give the users a profile or permission set with “Use Any API Client” enabled."
So adding the "Use Any API Client" permission set to your user profile should fix the issue.
To do this via a Permission Set, you can go to Setup > Users > Permission Sets and create a new one. Add a System Permission of 'Use Any API Client'.
There may be a way to enable API access for the Developer Console via whitelisting or the app settings but I was not able to easily find a way. You would definitely want to test whatever functionality you are creating with a user that does not have that permission enabled.
This is happening because of connected app is not configured correctly.
On 'API (Enable OAuth Settings)' panel, move 'Access and manage your data (api)' option from left to right of Selected OAuth Scopes field and then save the setting.
Wait for few minute and then try. It should work.
Looks like just the session is expired. Did you try to close developer console, relogin to your SF sandbox and open developer console again?
Create a Permission Set, and add a System Permission of 'Use Any API Client'.
And associate this permission set to users. It will solve the problem.
I am checking SonarQube 5.4 and the latest LDAP plugin 1.5.1. There are however a couple of issues.
First. My AD account is majcicam. If I log in with it, it is correctly shown in the users list. However if I login with MajcicaM (note capital letters) another additional user is added to the list:
As you can see from the attached image. For every login that I do make, seems it is treated as case sensitive and thinks of it as a different user.
Second thing. Once I assign a group to my user, on the next login those settings are gone. Seems that they are not persisted.
Am I doing something wrong? Is this a bug? Are my settings messed up?
Thanks
Mario
No bugs here, just some subtleties about LDAP Plugin configuration and behaviour. :)
Case-insensitive login
Set sonar.authenticator.downcase to true when delegating authentication to an LDAP/AD server which is case-insensitive.
Group mapping behaviour
When group mapping is configured (i.e. you manually configured ldap.group.* or you use the windows authentication mode with lightweight AD config), membership in LDAP/AD will override any membership locally configured in SonarQube. LDAP/AD becomes the one and only place to manage group membership (and the info is fetched each time the user logs in).
How to setup Bugzilla without SMTP server (no need to use e-mails) ?
I installed Bugzilla from the windows-installer. We just use it locally and don't need emails, nor we have any SMTP server.
This link says that I don't have to have SMTP, but I don't know how to get to the "Administrator page"
You need to set the 'mail_delivery_method' parameter to None to disable sending email. Login as a Bugzilla administrator to get to the Administration page, then select Parameters then Email.
One needs to set the 'mail_delivery_method' parameter to 'Test'. Check for the new account creation mails in C:\bugzilla\data folder mailer.testfile file and you will get the token link there to actually create the new user. This way you can really bypass setting up a SMTP server totally but to use Bugzilla within a group of ppl. Very useful for small group developments and bug tracking.