Should RP realm be "URN" or "urn - sharepoint

When configuring realm in ADFS, should it be "Urn" or "urn". I know the format is urn:anything:anything. I'm more concerned about the urn.
Will it work if it starts with uppercase and not lowercase?
Does it matter as long as the same thing is configured on both SharePoint and ADFS?

No - I normally use lower case but should work as long as both match.

Related

correct REST API for autosuggest on google?

I feel silly asking this.. but its doing my head..
if I use 'https://maps.googleapis.com/maps/api/place/autocomplete/json' and set the input parameter to say - 'Palazzo Cast' I will get about 5 suggestions - none of which will be the one I'm looking for. if I set input to 'Palazzo Castellania' I will get zero results - even though there is a place called this (see below). I've set the region parameter to 'mt'...
If I use 'https://maps.googleapis.com/maps/api/place/findplacefromtext' and set the input parameter to 'Palazzo Castellania' - I will get 'the Ministry of Health' - which is correct - however, if I put a partial string in I'll get only a single candidate which will be something different - there doesn't seem to be a way to get multiple place candidates?
I'm guessing from an API side - I have to do a multi-step process - but it would be good to get some input.
My thoughts:
I start with 'https://maps.googleapis.com/maps/api/place/autocomplete/json' - if I get an empty result, I try 'https://maps.googleapis.com/maps/api/place/findplacefromtext'
if I get a single result from either then I can pass the placeID to the places API to get more detailed data.
Make sense? It feels argly..
Edit
So watching how https://www.google.com.mt/ does it... while typing it uses suggest (and never gives the right answer, just like the API) and then when I hit enter it uses search and gives the correct answer... leading me to the conclusion that there is actually two databases happening!
Basically "its by design".. there is no fix as of Feb 2023.. My thoughts are to cache results and do a first search against that otherwise I'll probably use bing or here

What is the correct method to determine if a system user exists locally on windows?

I am working on an authentication system for a local server jupyterhub that relies on OAuth protocol. Additionally, it creates a local system user on windows, in case it does not exist.
What is the correct way to check whether a user exists on windows platforms using python?
This would include cases in which the system uses LDAP authentication and the user logged in the machine at least once.
I am looking for the correct windows alternative to the unix-like:
import pwd
try:
pwd.getpwnam(user.name)
except Exception as e:
print(repr(e))
My current solution is to check for the existence of the f"os.environ["SystemDrive"]\Users\{username}" folder. Side question, is there any drawback with the current method?
Here's a solution to checking if a local Windows user exists using python:
import subprocess
def local_user_exists_windows(username):
r = subprocess.run("net user",stdout=subprocess.PIPE)
#look for username in the output. Return carriage followed by line break followed by name, then space
return f"\\r\\n{username.lower()} " in str(r.stdout).lower()
Alternative is to use a regular expression to find username match (^ is regex for beginning of line if used in conjunction with multiline, \b for word boundary):
import re
re.findall(rf"^{username}\b", out,flags=re.MULTILINE | re.IGNORECASE)
Note that the \b could be replaced with \s+ meaning a space character one or more times and yield similar results. The function above will return True if given user name is an exact match with local username on Windows.
Again, my reason for this solution is there might be drawback to checking whether the path f"os.environ["SystemDrive"]\Users\{username}" exists. For example, I have a case where a Local User (e.g,local_username) exists via the net user command or via looking at "Local Users and Groups" control panel, but there is no C:\Users\local_user_name folder. One reason for this I can think of off the top of my head is perhaps the user switched from logging in as a Local User to using a Domain Account, and their User folder was deleted to save space, so the User exists, but the folder does not, etc.)
The call to net user gets local users - and the output looks something like this:
User accounts for \\SOME-WINDOWS-COMPUTER
-------------------------------------------------------------------------------
SomeUser Administrator DefaultAccount
Guest local_admin WDAGUtilityAccount
Notice how the SomeUser in this example is preceded by a \r\n followed by multiple spaces, hence looking for a username string inside this string could yield a false positive if the string you are searching is contained inside another string.
The solution above works for me, but has been tested all of ten minutes, and there might be some other simpler or more pythonic way of doing this.

Installation block a determined username

once again I appeal to your help. More to the experts in the Inno Setup code.
I've tried several ways. But without success.
I need to block the installation of my application to users (entering in session of the operating system) with the username: EX?????
Ie. if the username is:
Ennnnnn -> OK
EXnnnnn -> No permission
(n is a number)
Can you help me. Thank you.
I've tried several ways. But without success.
Show us some code. What have you tried so far? Anyway..
How to block installation, in case a certain username is used?
In order to get the username:
The manual lists the available constants http://www.jrsoftware.org/ishelp/index.php?topic=consts You will find {username} there, which is the name of the user who is running Setup or the Uninstall program.
You can also return the username by using the GetUserNameString() function.
It returns the name of the user currently logged onto the system.
http://www.jrsoftware.org/ishelp/topic_isxfunc_getusernamestring.htm
For the comparison:
You might work with the string functions to make sure, that a username does not start with "EX".
The function Pos() might help you http://www.jrsoftware.org/ishelp/topic_isxfunc_pos.htm .
And you could also use Copy(), to copy the first two chars and compare them
Prefix := Copy(GetUserNameString(), 0, 2);

Two values for same field with Jinja2 in Ansible

I'm trying to set up a template in ansible, for our tomcat servers, but we have two tomcat instances on each host, each of which needs a different value for certain variables, for instance:
Tomcat_1 needs a port set to 8105
Tomcat_2 needs a port set to 8205
Easy enough to do if it's only one value per node needed, but I'm having some trouble finding how to do this when you need multiple values per host in either the Ansible or jinja2 docs. Can anyone offer some assistance, or point me to an example?
What I'm thinking is something along the lines of if this filepath then this value, but I'm not sure how to make that happen with jinja2.
I would either use two roles or use the role syntax that allows you to pass in values...
- { role: tomecat, some_parameter: 3 }

Apache userdir + suEXEC + fcgid doesn't recognise dot separated useraccounts

I've setup Apache with suEXEC, fcgid and userdir to enhance overall website security.
Everything works expect for useraccounts with a "." between their accountnames. Before using suEXEC and fcgid, this used to work although that practice has been discouraged many years ago.
For example: mydomain.com/~mytest/ works
mydomain.com/~my.test/ doesn't work
The error message that I get is "Bad Request Your browser sent a request that this server could not understand."
Is there a quick workaround to this or I'm I doomed at recreating all the accounts without any accountname separation?
Historically usernames were up to 8 characters long, started with a letter, and contained only lower case letters, underscore, and numbers. Some systems still make this assumption, and that is probably what is catching you out here.

Resources