gitlab crowd exist user ; can't find menu Under “Connected Accounts” - gitlab

I trey gitlab-ee-11.8 ; gitlab-ce-11.8
new user can login and create account from crowd to gitlab ;
but exist user can't.
Sign-in failed because Email has already been taken
https://docs.gitlab.com/ee/integration/omniauth.html#enable-omniauth-for-an-existing-user
Enable OmniAuth for an Existing User
Existing users can enable OmniAuth for specific providers after the account is created. For example, if the user originally signed in with LDAP, an OmniAuth provider such as Twitter can be enabled. Follow the steps below to enable an OmniAuth provider for an existing user.
Sign in normally - whether standard sign in, LDAP, or another OmniAuth provider.
Go to profile settings (the silhouette icon in the top right corner).
Select the “Account” tab.
***Under “Connected Accounts” select the desired OmniAuth provider, such as Twitter.** where ? I can't find!!!*
The user will be redirected to the provider. Once the user authorized GitLab they will be redirected back to GitLab.

follow code
button_based_providers
crowd is form_based_providers
so only twitter will have "Connected Accounts" menu
crowd not support it !

Related

Azure DevOps sign-in failing with AADSTS900144, and dev.azure.com Sign In routs to Azure Portal

First issue, signing in to dev.azure.com no longer works like it used to? In the past, there was a link to sign in to Azure DevOps. This link is no longer on the page, and when using the Sign In option in the upper right corner, I'm routed to the Azure portal, not ADO. What is the correct landing page for ADO login?
Second issue, if I do get to the login page (e.g., either by entering the org directly in the url like dev.azure.com/MyTestOrg or by clicking a link in an ADO alert email), I will often get this error: AADSTS900144: The request body must contain the following parameter: 'code'
1.For logging to Azure DevOps issue, it is suggested you can first clear the cache, then try this link:My Information first by following the step select your affected tenant -> select the affected organization, then login your organization.
2.For logging to Azure Portal, try this link: Home - Microsoft Azure with the affected user account.
3.For the issue situation above, check whether your user account is also a Github user, if so, it is suggested that you should first unlink your GitHub account from the affected user.
You can follow the steps below to unlink your GitHub account from the affected user.
Step 1: Please help unlink your GitHub account from your MSA:
·
Navigate to https://account.microsoft.com/security
Select the Advanced Security Options tile and then look for the
"Ways to prove who you are" section
This will list all the authentication options for your MSA
From this list, find and expand the Sign in with GitHub option,
select Remove, and then confirm
You may be prompted to create a new password
Step 2: After the operation1 above completed, then let the PCA or Org owner try deleting the affected user from the organization, and then try adding it to the org again, after successfully adding it, then check in the Email box firstly to see whether received an invitation email of Azure DevOps as below with your affected user account.
Then copy the inviting link and open it in InPrivate mode with Edge or Chrome browser with affected user account to login the org to see whether if it works.

Method to "Intervene" after a login, to force user to update contact info

Every 3 months, we have a requirement to force a user to an app to update their contact info (this is an in-house app, and we also will have situation that is an app to update emergency alert phone and email addresses) before they can access any other apps on the onelogin dashboard. Once a user has updated their info, then they can access the onelogin dashboard as usual. Do you have any examples or provide any ideas of how this could be done?
An account administrator can log into their companies onelogin portal.
In the upper right hand corner there is link Administration click it.
In the administration panel hover over the Security tab and select Policies when it appears.
Start a new policy. On the left side there is a tab Password. This allows you to enforce the password age policy.
Once the policy has been configured, it just needs to be applied to the users.

Customize Reset password screen

I have a application registerd in Azure AD B2C, When new user logs in for the very first time he is redirected to the attached screen for updating the password. The issue here is that the user does not know what combination of password he needs to input untill and unless a specific combination works.
I need to customize this screen to display user friendly lable telling the user what combination of password he/she needs to enter on this screen.
enter image description here
With AAD B2C you can customize the user interface, which including the sign-up/sign-in, profile editing and password resetting experiences. This documentation outlines how to do the UX customization, test out the templates in the portal and has a few tutorials on setting it up.
Here are the specifics on password rule enforcement.

company branding doesn't work for password page in Azure Portal

I've created company branding from the Azure portal for my application.
This is working as expected for the first page i.e, the username page. When I click on next for the password page, the custom branding disappears and default Microsoft background appears.
I want the branding to be continued for the password page also so that there would be consistency.
You probably try to sign in with a Microsoft Account instead of your Azure Active Directory account. If you sign in with a "native" Azure Active Directory account you will continue see your company branded page.
You can customize your Azure AD sign-in pages, which appear when users sign in to your organization's tenant-specific apps, such as https://outlook.com/contoso.com, or when passing a domain variable, such as https://passwordreset.microsoftonline.com/?whr=contoso.com.
Your custom branding won't immediately appear when your users go to sites such as, www.office.com. Instead, the user has to sign-in before your customized branding appears.
Visit this link for more information
https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/customize-branding

How can we customize the local account sign-in page as part of an "edit profile" policy in Azure AD B2C?

The "edit profile" policy has 3 possible page customizations exposed through the Azure portal:
When invoking this policy, the first page displayed to the user is the IdP selection page. If, on this page, the user chooses the "local account" identity provider, the next page shown is a local account sign-in page.
This sign-in page has the default Microsoft branding, and since it's not listed in the customization blade, I don't know how to customize it:
How can we customize the UI of this local account sign-in page when it's shown as part of the "edit profile" policy?
A new user journey SignInV2 is in private preview. This will be fully customizable signin user journey. The user journey can be tried from https://aka.ms/b2cnewportal
For local account opt-in to signinv2, please mail to aadb2cpreview#microsoft.com
EDIT
A ProfileEdit V2 user journey will also be rolled out soon. That would be fully customizable.
In the B2C tenant, you cannot change the Microsoft branding in the "edit profile" policy.
From the shown picture, in the Page UI customization, you can only change the custom page URI, there is no option to change the company branding.
If you want to change the company branding, you can make it in Company Branding.

Resources