i am trying to force the installation of a local extension trough registry, once i configure the registry files chrome show me the Words [BLOCKED] (see screenshot).
i made a Reg file to configure this and in some computers is working well but other ones are blocking it.
i have changed some Ids and hide some information for sercurity.
i have configured this three policies to install it:
ExtensionInstallForcelist - "ikgllpfbenaieoppkxxxhokonmnnhjcl;file:///C:/CRX/updates.xml"
ExtensionInstallSources - "file///C:/CRX/*"
ExtensionInstallWhitelist - "ikgllpfbenaieoppkxxxhokonmnnhjcl"
i have tried the next but it still not working:
- i have validated the Id's in all the policies a lot of times and are equal, and remember that it is working on some computers but others not.
BlockExternalExtensions - Disabled
EnableOnlineRevocationChecks - Disabled
ExtensionAllowedTypes - all types allowed
ExtensionInstallBlacklist - "*" (to only allow the whitelisted extensions).
Even modify manually those through the Gpedit.msc
this is the screenshot of the error:
enter image description here
this is the updates.xml
<?xml version='1.0' encoding='UTF-8'?>
<gupdate xmlns='http://www.google.com/update2/response' protocol='2.0'>
<app appid='ikgllpfbenaieoppkxxxhokonmnnhjcl'>
<updatecheck codebase='file:///C:/CRX/XXXXXXX.crx' version='11.0' />
</app>
</gupdate>
Your computer must join domain or managed by mdm in order to make the policy work.
You can add some fake registry to make win10 think your computer is managed by mdm.
Fake mdm guide: https://hitco.at/blog/apply-edge-policies-for-non-domain-joined-devices/
Only the first script (MDM-FakeEnrollment-Win10.reg) is needed to make the policy work.
Related
We are in the midst of troubleshooting intermittent 403 errors in our application. One of the issues that came up was that we are loading resources on our login page. The resources intermittently produce 401 errors in our Integration environment. None of these are needed until after the user has logged into the application.
All of these resources are stored in the NSF, none use a CDN. These resources are loaded via a Theme on every page.
Naturally, I thought the solution was to disable the theme of the login XPage. I went about setting disableTheme="true" on the <xp:view> tag. For some reason this did not work and the resources are still loaded on the page.
Can anyone suggest how to make sure the resources are NOT loaded on this particular page?
It seems that resources contained within the WebContent/ path of an NSF are still protected and require login when that NSF's ACL is set to no access for Anonymous. A couple of ways to get around this are:
host the resource files from the server's /domino/... path (html, js, lib, icons)
load those resources from a CDN
use an alternate theme (mixed results, see the comment thread on the OP's question)
computing the individual resource's (or resources) tag to render for all but a login page
As Per Henrik Lausten answered on another post, the implementation with the solution #4 would effectively be:
<resource rendered="#{javascript:view.getPageName() != '/login.xsp'}">
<content-type>application/x-javascript</content-type>
<href>js/jquery-1.11.1.min.css</href>
</resource>
For reference: there's a 5th method that involves setting $PublicAccess to "1" on the resources in the WebContent folder to mark them as publicly available.
John Dalsgaard has a blog post about it with example code.
This question covers adding XPages css resources via a theme which references a resource nsf database by adding /.ibmxpsres/domino to the path eg.
<resource>
<content-type>text/css</content-type>
<href>/.ibmxspres/domino/CommonElements.nsf/styles.css</href>
</resource>
This works fine in a browser the mark up generated being..
...href="/CommonElements.nsf/styles.css"
However in a Notes Client this results in ..
... href="/xsp/.ibmxspres/domino/xsp/CommonElements.nsf/styles.css
Which does not seem correct, I think I may need it to generate the following mark up in XPiNC.
href="/xsp/"servername"!!CommonElements.nsf/xsp/styles.css"
I have restarted Notes, used Ctrl Shift Del to try to remove any Notes cache, but I cannot get the style sheet to work.
I have resorted to using the full domain of the server http://mydomain/CommonElements.nsf/styles.css but I wish it to be server independent and allow the use of local copies when off line.
Any help would be appreciated.
Thanks
The client URL is correct. It says: load from the same server as the XPage. On the Notes client that is local host unless you specified that the page should be loaded from the server.
You have 3 options:
as you did: specify the server
set the property to load the XPage on the server
use a policy to push down your resource database to the clients
Note: when an XPage run locally on a client, the application scope is not shared with other clients. That only happens in server mode.
I'm tyring to run the ExternalHit Sample that comes with the Command Line Tools installer. For the .question file I have the following ...
<?xml version="1.0"?>
<ExternalQuestionxmlns="http://mechanicalturk.amazonaws.com/AWSMechanicalTurkDataSchemas/2006-07-14/ExternalQuestion.xsd">
<ExternalURL>https://s3.amazonaws.com/MTurk_test/externalpage.htm?url=${helper.urlencode($urls)}</ExternalURL>
<FrameHeight>450</FrameHeight>
We kept the input file the same as in the sample. When we loadhits in either the sandbox or the standard mechanical turk interface the input variable (i.e. the web page) does not display in the frame. Additionally, you can select a radio button but you cannot submit your answer.
You're running into two problems here:
Due to same origin policy, the <iframe> in the resulting page is not going to display an arbitrary URL.
Even if it could display an arbitrary URL, that URL would have to be configured for SSL.
So, you'll be able to load this (another amazon URL using SSL):
https://s3.amazonaws.com/MTurk_test/externalpage.htm?url=https%3A%2F%2Fwww.mturk.com
But not this (amazon URL w/o SSL):
https://s3.amazonaws.com/MTurk_test/externalpage.htm?url=http%3A%2F%2Fwww.mturk.com
And not an arbitrary URL (even with SSL):
https://s3.amazonaws.com/MTurk_test/externalpage.htm?url=https%3A%2F%2Fwww.google.com
So, my guess is that this template is horribly outdated and used to work at some point in the past but is not compliant with modern web browser technology.
Best solution is just to provide a link for the worker to click to visit the URL.
I have a ASP.NET MVC web application project that I want to deploy to my IIS webserver. The site tree is set up thusly:
SERVERNAME(myDomain\Username)
Application Pools
Sites
Default Web Site
MyProjectSite
bin
Content
...
Views
I am trying to deploy to the MyProject site. See below settings that I am using versus the errors I am returning. I am apparently not specifying my site path correctly, but for the life of me, I can't figure out what it should be.
The following settings stay the same between iterations:
/p:DeployOnBuild=True /p:DeployTarget=MsDeployPublish /p:CreatePackageOnPublish=False /p:MSDeployPublishMethod=WMSvc /p:AuthType=Basic /p:Username="myUserName" /p:Password="MyPassword" /p:AllowUntrustedCertificate=True
Specify SiteName/ as IISAppPath:
Parameters:
/p:MsDeployServiceUrl="https://serverName:8172/MsDeploy.axd?Site=MyProjectSite" /p:DeployIisAppPath="MyProjectSite/"
Error:
Could not complete an operation with the specified provider ("createApp") when connecting using the Web Management Service - I don't want to create a new site. I want to sync the content that is already there.
Specify IISAppPath as Root (supposing that the sitename in the URL is used)
Parameters:
/p:MsDeployServiceUrl="https://serverName:8172/MsDeploy.axd?Site=MyProjectSite" /p:DeployIisAppPath="/"
Error:
Could not complete an operation with the specified provider ("iisApp") when connecting using the Web Management Service - Looks like it is trying to access the Default WebSite or something (to which I have purposefully NOT given myself rights).
Specify IISAppPath as empty string(supposing that the sitename in the URL is used)
Parameters:
/p:MsDeployServiceUrl="https://serverName:8172/MsDeploy.axd?Site=MyProjectSite" /p:DeployIisAppPath=""
Error:
The "ConcatFullServiceUrlWithSiteName" task was not given a value for the required parameter "SiteAppName" - So it interprets "" as actually a null value thus breaking an attempt to concatenate it.
Specify no site attribute in the URL but SiteName/ as IISAppPath
Parameters:
/p:MsDeployServiceUrl="https://serverName:8172/MsDeploy.axd" /p:DeployIisAppPath="MyProjectSite/"
Error:
Could not complete an operation with the specified provider ("createApp") when connecting using the Web Management Service
Specify no site attribute in URL but SiteName as IISAppPath
Parameters:
/p:MsDeployServiceUrl="https://serverName:8172/MsDeploy.axd" /p:DeployIisAppPath="MyProjectSite"
Error:
Could not complete an operation with the specified provider ("createApp") when connecting using the Web Management Service
Now given that it is running a concatenate on the SiteAppName, it must be combining it with the Site name, yes? What are you supposed to put there to get the site to sync to the root of a site?
Update
In an attempt to figure out the proper path scheme, I have tried to publish using the Visual Studio 2012 Publish dialog. In this case, I am returned an error saying that The request timed out (testing the connection works almost instantly and previewing the changes works but takes a few seconds). I checked the event log, and the tracelog for wmsvc to no avail. Even with trace set to verbose, nothing shows up in the tracelog. I have tried disabling the firewalls on both computers, and nothing seems to work on that front either.
Figured this one out.
The problem stemmed from two settings in the Web Deploy page of the project properties. I had previously set this project up (in the Debug configuration) to copy only the files necessary to run the application, and NOT build a zip package. I neglected however to do anything to those settings for the release configuration.
The reason (confidence level 75%) it was trying to use createApp was because it was deploying from the Zip package it had created. So my IISAppPath settings in those cases were fine, I was just deploying the wrong thing.
I set the Create deployment package as a zip file setting to false, and the Items to deploy dropdown to Only files needed to run this application and everything went off without a hitch.
Incidentally I found out (as referred above) that you can use the Publish Profiles outputted by the Web Publish dialog in Visual Studio (2012 only unfortunately; 2010 you have to do some massaging that I am unsure of). I named mine with no spaces, and supplied the password as an argument as well as the Untrusted Certificate setting. Now MSBuild Arguments in the build definition for TFS look like this:
/p:DeployOnBuild=True;PublishProfile=NameOfPublishProfile /p:AllowUntrustedCertificate=True /p:Password=PleaseVerifyMe
I am working on an integration with IBM Connections 4.0 and would like to inject a component into the business card popout that you get when hovering over contact in the Connections interface:
The component can be as simple as a link but an iWidget or OpenSocial Gadget would be great as well. Are there any integration points for the business card?
I have done some some initial research but have not turned up much outside of integrating the business card into an external app.
Extending the business card is explained here
http://infolib.lotus.com/resources/connections/4.0/doc/en_us/ic4_p4.html#c_admin_profiles_customize_biz_card_links
For posterity, am appending the steps I took to achieve this based on the answer from muenzpraeger to follow the steps at IBM Connections 4 Part 4: Customizing, Security, Performance, and Integration. Note that your paths may be different and you will need to get the correct user and password to access the wsadmin console.
$ mkdir -p /tmp/business-card-add-link
$ cd /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/bin
$ ./wsadmin.sh -user USER -password PASSWORD -lang jython
wsadmin> execfile("connectionsConfig.py")
wsadmin> print AdminControl.getCell()
connectionswwCell01
wsadmin> LCConfigService.checkOutConfig("/tmp/business-card-add-link","connectionswwCell01")
Added the following to LotusConnections-config.xml that was in /tmp/business-card-add-link
<sloc:serviceReference serviceName="googleMeService"
href="http://www.google.com" enabled="true"
ssl_href="http://www.google.com" ssl_enabled="false"
person_card_service_url_pattern="/search?hl=en&q=email:{email}:userid:{userid}:uid:{uid}:displayName:{displayName}:phone:{workPhoneNumber}&btnG=Google+Search"
person_card_service_name_js_eval="'Google Me'"/>
and save the file. Back in the console:
wsadmin> LCConfigService.updateConfig("versionStamp","")
wsadmin> LCConfigService.checkInConfig()
wsadmin> synchAllNodes()
Restart Connections
The instructions from the link say to make changes to the service-location.xsd file as well but these changes were not persisting after checkin and restart. This results in an error that prevents Connections server from properly running. Looking at the log files it was complaining that the service googleMeService referenced in LotusConnections-config.xml was not in the list of services in service-location.xsd.
To get around this I just changed the service-location.xsd file in place. I found two occurences of the file using the find command:
find . | grep LotusConnections-config/service-location.xsd
I added <xsd:enumeration value="googleMeService" /> to the <xsd:simpleType name="serviceNames"> section as indicated by the linked documentation and restarted the Connections server.