How do I get the list of users who have not logged into a customer portal site at all?
The User object has a field called LastLoginDate, you could report on this for users where IsPortalEnabled is true which indicates that they are a customer portal user if you're doing the reporting through code.
Of course, Salesforce's reporting engine can also be used to generate a report, you'll want something similar to this:
Unless you need the list in code for some reason (for instance, for integration with another system) then you should use the reporting engine and then you can schedule it for email delivery etc.
Related
I have setup a site but when i am opening this site i am getting this
type error, Authorization Required
You must first log in or register before accessing this page. If you
have forgotten your password, click Forgot Password to reset it.
click and check image
You need to make sure that the visualforce page which you created has access to Guest user profile. To navigate to Guest user, do as below:
Go to Setup -> Develop -> Sites -> Click Site name -> Public Access Settings
The sites under Digital Experiences / All sites are called Experience Cloud sites.
The sites under Sites and Domains > Sites are called Salesforce sites.
These are different categories of sites and they come with different behaviors.
Based on the screenshot you shared with me, (the url has force.com included), it looks like your site is in the second category, please be aware of that:
Users from the Salesforce sites can only see their own data. If your program is trying to access data recreated by other, you will get the Authorization Required error.
As a way to test this, try to comment out the SOQL statements, the error message may go away.
also check out the following link:
https://help.salesforce.com/s/articleView?id=release-notes.rn_networks_guest_user.htm&type=5&release=228
The Secure guest user record access setting was enabled in Summer ’20, but could still be disabled during that release. To safeguard your Salesforce org’s data, in Winter ’21, this setting is enabled in all orgs with communities or sites and can't be disabled. The Secure guest user record access setting enforces private org-wide defaults for guest users and requires that you use guest user sharing rules to open up record access. You also can't add guest users to groups or queues or grant guest users record access through manual sharing or Apex managed sharing.
I created a report in DataStudio and embedded it on my website. I activated the option "anyone with the link can view" so this report will be visible to my website users.
But I need to show my website users different data depending on their user ids and more important I don't want users would be able to see other users' data so if I used URL filtering users would be able to breach and search another user id to see his data.
Does anyone have a solution for this scenario?
In Google documentation I saw an option to limit the report to users in my domain, I assume this will solve this issue, but I don't find how to restrict other domains.
Users are logged onto Google
If users of your website are already logged onto Google, use the Filter by email address guide from Data Studio help center. This requires you to setup FILTER BY EMAIL and then have a field in your data can be directly used as an email filter.
Users are not logged on to Google
If you want a solution where the users don't have to be logged onto Google, you will need to:
Create a Community Connector to pass the filtered data to your users. The connector should accept a short lived token as part of the config.
Create a dashboard with your connector and pass unique short-lived tokens for each user.
You should have an endpoint that returns the current user's data based on the token provided. Alternatively, the endpoint can return only the user's identify and you can query a secondary data source with a service account filtering for the user's identity.
Your connector should call your endpoint to fetch data only for the user/for the user's identity.
This official guide demonstrates how to implement this in more details.
Disclaimer: I work in the Data Studio team and wrote the above guide.
First option is to add extra 2 fields to your data source.
User_ID
Password
For example:
Data, User_ID, Password
$10,Daniel,123
$20,Alex,456
In your dashboard, you need to create two parameters:
User_ID_Parameter
Password_Parameter
Both parameters can set the default value to null, and accepts any values.
Then create a new calculated field:
CASE
WHEN REGEXP_MATCH(User_ID,USER_ID_Parameter) AND REGEXP_MATCH(Password,Password_Parameter) THEN 1
ELSE 0
END
Then create a new filter to the chart that you want to hide:
To include the above calculated field Equal to 1
Second option is to use the Data Studio default Row Level Security
The only caveat is the users need to sign in before they can view the report.
Is there a way to get value of "objectIdentifier" claim for Microsoft account?
Case: I have an app with one form field, email (need's to be Microsoft account). When this email is entered, server (back end) need's to find out value of object identifier (user ID) in common tenant for all Microsoft accounts (section "tid").
Normally, if this was normal tenant in Azure Active Directory I would create Azure AD app and generated client secret for accessing Graph API, directory endpoint. Unfortunately, this is "special" tenant and I don't know is there any API I can call (as application) to get id of user (best option would be GetUserIdByEmail(email)).
I understand this is weird case but life is hard :)
Asking user to login and then retrieving value from token is not an option!
There is no API that I'm aware of where you could query for MS personal accounts' info without logging a user in.
If you think about it, it would be quite an easy source of building a user list for attacks :)
You will need to log them in to get their id, I don't think you can know it in advance.
I have a custom attribute EmployeeNumber in AD, while creating CRM users when I write UserName for e.g Imran.Ahmed it automatically fetches some information from AD and fills form with that information ie first name, last name and phone number etc. Now I have added one more field in CRM to store Employee number in CRM. But CRM is not fetching it from AD.
How can I get information of custom attribute EmployeeNumber from AD to CRM form? I have been searching on internet and found some links that are saying that we have to write a plugin or call Javascript from CRM form but is there any way through which I can automatically get information from AD?
I am not aware of any AD side configurations to sync extra columns into CRM system user record. Or how to add more data to pull in the platform service when you tab out the username. Am sure you are not gonna get that information/control over that integration from Product team.
You can try this codeplex solution by reverse engineering/extending it to achieve the requirement. Or some Graph API calls to achieve it in some timely jobs.
We have our internal HR system to read/sync such data using SSIS + Kingswaysoft connector into CRM.
I have a SaaS system using Azure AD and multitenant access. This records the issuer, in the format https://sts.windows.net/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/ and an objectidentifier ID.
The portal I'm using insists on seamless trials, so for trial users I can't show a box to collect emails etc. When people later sign up this is collected.
In the initial version I screwed up and didn't collect user names/emails addresses, so I can't warn such users their trials are terminating. I've now fixed this and record the Principal.Identity.Name, which contains an email, every initial sign on.
This leaves me with a bunch of people I have no emails for.
Using what I've got, and maybe powershell or the Graph API, how do I get the names/emails?