We are using Google Workspace Enterprise Standard plan for our company emails. Recently we found out that in some of our groups the "conversation history" setting was set to "on" and the "who can view conversations" setting was set to "entire organization" which caused all the conversations to be archived in the group and non-members of the group (but members of the organization) to be able to view these conversations.
Google creates group pages in the form of https://groups.google.com/a/**companydomain.com**/g/**groupname** So if any member of the organization visits this page (intentionally or accidentally) he/she can view all the conversations.
Having noticed that, we turned off the necessary access settings but we want to audit who accessed these conversations during a certain period.
We tried "investigation tool" under "security center" with using "groups enterprise log events" and "groups log events" as data sources but had no success. These data sources only provide "group creations" and "member additions to/removals from groups".
Any idea how to view the access logs for the https://groups.google.com/a/companydomain.com/g/groupname page and the conversations in it? Or is it even possible?
Thanks in advance.
Related
My SharePoint Environment is SharePoint 2019 On Premise
Is it possible to show alert message on the page or popup window, when user SHARE the document on the Document Library.
When we Share the document, whether or not we could modify the mail alert template/ Content.
Thanks
By 'share', I assume you mean you want to show a message anytime someone edits the permissions of a document. (Since technically, I could 'share' a document by emailing someone the link to it.)
To my knowledge, the only way to achieve this would be to build a custom-code (SPFx) solution which uses API's to interact with the document's permissions granted via app-only access. And block users' ability to access those documents in the traditional way through SharePoint. This would give you full control over the UI, and prevent users from granting access (sharing) elsewhere.
Another option you might investigate is Azure Rights Management. Sensitivity labels applied to documents/libraries can be configured to automatically display headers, footers, watermarks, and even encryption when they are accessed. Exchange can also be configured to display a 'tip', when it detects users are trying to email a sensitive document. Full disclosure: I have only worked with these features in SharePoint online and I'm not certain of their capability in an on-premise environment.
I am getting a problem in implementing Field Level Security in CRM 2011. I am very new to this technology hence not able to resolve this problem.
This is the steps i have done -
1.Created an Entity names Inquiry.
2.On Form Under Entity created a field named 'Password' with EnableSecurity set to 'true'.
3.Then Moved to Administration -> Field Security Profiles -> Created a Profile named 'Inquiry'. Under Users Tab selected a User(Mike) and kept the Field Permissions as it is i.e 'No'.
4.Now on Login for User(Mike) the 'Password' should be seen encrypted. but it does not display as encrypted.
Steps used to Create User -
1.Under Users & groups created new user and assigned 'Service administrator'.
Please tell me if i missed out sum step or if i have done something wrong.
I think user Mike has System Administrator security role.
This security gives always full access to all secured fields, you can find more information here:
How Field Security Can Be Used to Control Access to Field Values in Microsoft Dynamics CRM
section Which Security Roles Allow You to See Secured Fields?
Hey i got the solution to my question.Posting it so that it may help the beginners like me.
All i did was -
Steps used to Create User -
1.Under Users & groups created new user and did not give the user administrator permissions.
2.Then Under Settings->Administration-> Users -> Selected the user and opened the Form.
3.Then choose Manage Roles from Ribbon menus and selected 'System Customizer' as the Security Role.
Rest process same for applying field security.
5.In the end logged in as a System Customizer and was able to see the changes.
Thank you #Guido Preito for the help.
I have a WSS 3.0 site with FBA and a custom user management web part. To track user email address, I have been using the Email property of the MembershipUser object. I just realized today that if you go into People and Groups and look at the email address for a user, the email address is blank, and can be edited there independent of the MembershipUser value. It seems that the alerts system uses the email address that is stored in People and Groups.
I have not gotten into recoding yet because I want to make sure I'm not missing anything first. I assume I could switch from MembershipUser.Email and story my information in SPUser.Email instead. But I seem to remember that on a different project I used MembershipUser.Email with no problems and the alerts went out fine (although that was MOSS).
So I guess I have two questions:
Is there a way to tell People and Groups or the Alerts system to use MembershipUser.Email?
Is it best practice to use SPUser.Email for email storage, rather than MembershipUser.Email?
This post goes in-depth in getting SharePoint to sync the user profiles in your FBA store by naming all properties sharepoint should know about in the web.config and create those properties in your ProfileProvider. Not sure if it is what you are looking for exactly though. FBA user profile mapping does not work as clean as AD user profile mapping does out of the box.
Also, check out the User Profile Import Tool on CodePlex. It's for MOSS but might provide some pointers.
One of our managers is encountering an issue with Sharepoint Workflows.
His team has a standard AD user account setup with an email inbox that they all have access to via Outlooks "Open these additional Mailboxes" option.
The Sharepoint workflow is setup to send approvals to this general-use user account.
The problem is, when they receive the emails, it states "You do not have the required permissions to view this task", even though each one of them as well as the general user account has access to the task list in Sharepoint.
Could the fact that Sharepoint is sending approvals to this general email account be causing the issue? If so, how can this be rectified? If not, what could be causing this issue?
Thanks all
Ok I found out the 'general' user account had approve permissions on the List itself, but Limited Access on the Site. I changed Site permissions for this account to "Approver" and all was well. Not sure why the Site needed approver status when the List had it specifically, but I guess that's Sharepoint for ya.
Are your "Read Access" and/or "Edit Access" "Item-level Permissions" set to "Only their own" on the list? (List->Settings->Advanced Settings). If so, I'd bet that's the culprit.
We're using Forms Authentication in SharePoint. When the account is created, the administrator can add some information, like name and address. But the required fields are username and email address.
When a user goes to their profile page, all the fields are blank and they are unable to edit them. I have read a number of articles discussing how to import profiles from another data store, or to sync profiles. This doesn't work for us, because we don't have another data store where these profiles are stored.
Will I just have to recreate the edit profile page and build a custom profile editor? Is this information exposed via SharePoint API? I don't think directly editing the database is a good solution.
If you log in to the "Shared Services administration" through the "Central Admin Tool" there is an option "Profile services policies". You can define in here what fields are user-overridable.