After authenticating the user in a captive portal, what should I return to the user so that the OS that launched the captive portal knows that the user can navigate now?
Redirect the user to any page and the OS will verify if it can already navigate. If it can, it will drop the captive portal page on Android and iOS and display a close button on Mac OS X.
Related
Every 3 months, we have a requirement to force a user to an app to update their contact info (this is an in-house app, and we also will have situation that is an app to update emergency alert phone and email addresses) before they can access any other apps on the onelogin dashboard. Once a user has updated their info, then they can access the onelogin dashboard as usual. Do you have any examples or provide any ideas of how this could be done?
An account administrator can log into their companies onelogin portal.
In the upper right hand corner there is link Administration click it.
In the administration panel hover over the Security tab and select Policies when it appears.
Start a new policy. On the left side there is a tab Password. This allows you to enforce the password age policy.
Once the policy has been configured, it just needs to be applied to the users.
I've created company branding from the Azure portal for my application.
This is working as expected for the first page i.e, the username page. When I click on next for the password page, the custom branding disappears and default Microsoft background appears.
I want the branding to be continued for the password page also so that there would be consistency.
You probably try to sign in with a Microsoft Account instead of your Azure Active Directory account. If you sign in with a "native" Azure Active Directory account you will continue see your company branded page.
You can customize your Azure AD sign-in pages, which appear when users sign in to your organization's tenant-specific apps, such as https://outlook.com/contoso.com, or when passing a domain variable, such as https://passwordreset.microsoftonline.com/?whr=contoso.com.
Your custom branding won't immediately appear when your users go to sites such as, www.office.com. Instead, the user has to sign-in before your customized branding appears.
Visit this link for more information
https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/customize-branding
From the documentation, where exactly is the settings for these 2 in the admin site?
Users who want to authenticate on behalf of other account users must have the following settings enabled to use SOBO:
apiAccountWideAccess
allowSendOnBehalfOf
If you are setting user permissions through the DocuSign web console these correspond to the Account-Wide Rights and Send On Behalf Of Rights (API) settings.
I had to switch to "Classic" version of Admin to find it. Hit the dropdown under your picture and choose Preferences. From there, it is under the permissions tab.
So our issue is with the MOBILE login form in SharePoint 2010. We have FBA implemented and it works great for non-mobile users. It is a custom login that lets users switch between AD or FBA. But the issue arises with Mobiles (iPhone, Blackberry, Win Mobile, Android) when they hit the site.
How can I customize the mobile login screen for a sharepoint 2010 site? Has anyone done this?
Edit 1:
The default behavior of the mobile login screen is oddly only allowing the FBA users to login and not the A/D users.
Edit 2:
I know that my iPad works fine in Sharepoint 2010 using my A/D account on a custom login form. The problem arises when I go to the iPhone. So what you are saying is that the mobile login screen only supports FBA for a reason, A/D accounts won't work?
Edit 3:
We tested on windows phone 7 and it does support the standard login and does not automatically redirect to the mobile page. So Win Phone 7 is a non-issue. The main issue is iPhone and Android since they goes to the mobile login which is currently only supporting FBA users. Our custom non-mobile login form we created automatically handles A/D login based on custom code we wrote. Ideally we'd like to have mobile point to the custom login page we built. But we can't find how this is set.
For the benefits of others facing similar problem, here is our alternative.
In SharePoint 2013 Application Management, highlight your Web Application and select Authentication Providers. Select FBA and in the Custom Sign In Page and append "?mobile=0" to your FBA URL like this:
You don't have to create custom login screen.
Follow the steps below to open your web app. on Mobiles (iPhone, Blackberry, Win Mobile, Android)
Navigate to Inetpub (in default drive (generally c))
Navigate further to wwwroot\ws\virtualdirectories
Navigate to your application folder (port number specific)
Navigate to App_Browsers folder
Open compact.browser in notepad
Find "Iphone" or any other device for which you want your app. As result you will get to XML tag for iphone safari browser, see the sample below :
set the value false in following element :
likewise there is XML browser tag for each mobile device (android, BlackBerry, etc), just change the value of isMobileDevice to false
hope it helps
-- Sumit (courtesy Ishaan )
Every morning when i fire up my VM and IE (in my host OS) and go to my SP site it always logs me on automatically as DOMAIN\george which is a user I created for testing permissions.
So every morning after that I click "sign in as a different user" to sign in as my sys admin user instead and most days that is the only user I use. Any idea why george's credentials are being cached?
Part of "firing up my VM" is running a script that starts IIS as well as some services. I'm not entirely sure SharePoint is responsible for this, could very well be ASP.Net.
EDIT: I've already tried clearing my cookies.
Had a very similar problem! To solve it, go to 'User Accounts' under the Windows Control panel.
Navigate to 'Manage your network passwords'. Select the domain you wish to clear and select 'Remove'.
You should now have a clean login dialogue box and when you check the 'remember me' box, this will be stored as the login default for that domain.
I was able to remove the test login credentials using the User Account control panel applet in Windows 7
Open the Manage Credentials link.
Find the Sharepoint Login in the Windows Vault.
Expand the address for the site
Remove the test login for this site.
After doing this I am no longer prompted for the login and login as different user prompt.
Have you checked that there are no logins and passwords being stored by the browser? Assuming you are using IE, see this article on how to clear them.
If DOMAIN\george is same user ID you are logging in to the VM ? If that is the case try changing the Setting in IE that dictates what user name is send to the Server. Just go to Tools - > Settings - > Security and Click on Custom Level, scroll down to bottom and you will find User Authentication option Select the Prompt for User name and Password.
It could also be that you are using IE8, that caches my credentials as well it seems.
IE8 stores credentials for favourites it seems, don't ask me why. What you should do is log in as the needed user, then save a new favourite (or add it to the favourites bar by dragging it). Then use that link to go to your site.