Is it possible to provision an account on entitlement request or OIM expects an account to already exist before the entitlement request?
I already have an application instance, it has 2-3 entitlements
when an OIM user requests an entitlement to a specific application instance, I assume this OIM user must already have an account in the application instance
I believe version 11.1.2.2 and later will automatically include an account with the request if its not provisioned to the user when they request the entitlement connected to it.
Otherwise, in previous versions the account needed to be provisioned first before entitlements could be requested for users.
In the R2 version of OIM, once you add an entitlement from the Catalog it automatically adds the corresponding App Instance.
In case your application has an approval required the entitlement will not be provisioned and will be "In Progress" state. Once the request is approved, it will be provisioned.
In OIM11g R2PS2 and PS3 ,while requesting for entitlement,if account is not already provisioned,than request for account will be added i.e account will be first provisioned and than entitlement will be granted.
In 11gR2PS2 and PS3(Before that it wasn't) its possible to raise request for entitlements even if dependent account did not provisioned. If tried to raise request for entitlement, dependent account would automatically added into the Cart.
If there is approval workflow for both entitlement as well as account and request of entitlement get approved first before of dependent account, entitlement remained In Progress. Once request for account approved & completed entitlements automatically moved to Provisioned from In Progress
Till OIM 11GR2PS1 you need to request the account separately but starting PS2 Account gets provisioned automatically.
Related
I have applied the integrated key as a live key in the sandbox environment of docusign, and the status is: review passed,
However, I used the domain name of the official environment to obtain the authorization code. When logging into the official account, I received the following error: The client id provided is not registered with DocuSign
Does anyone know what I am missing?
enter image description here
Congrats on passing the review for the DocuSign eSignature API Go-Live process.
However, you still need to take one more step after that. Which is, you need to go to your developer sandbox (demo) env Admin, find your integration key and click "Review Status" where you see it passed, and then click "next" to log into the production (what you called "official" env to get that key activated in there. You would need to have a production account to proceed.
Important: You need administrator privileges to the production account to promote a key into it. If you do not have any valid account memberships, an error will be returned. Also note that certain account types, such as 30-day Free Trials and Freemium accounts, are not eligible for key promotion.
I have purchased an SSL cert for my site and the cert has three steps you need to do in order to have it fully configured. The first step is "Key Vault Status" which I then click on and it shows the following error:
You do not have permission to get the service prinicipal information needed to assign a Key Vault to your certificate. Please login with an account which is either the owner of the subscription or an admin of the Active Directory to configure Key Vault settings.
This is very confusing because I am the owner of this subscription and I also went and created a new Key Vault just in case it was due to not having one created in the first place. In addition I checked the Access Control for this cert and I am also listed as Owner.
Any help is appreciated.
Ok, so I finally got to the bottom of it - I'll outline the story here as this was the solution but may not work for everyone.
When I first created my Azure account I did so under email address 1
A few years later I had migrated most of my email to email address 2. To get status updates and other things I transferred the subscription to email address 2.
Every other service has worked fine accept for this SSL issue as well as not being able to buy a support plan (it popped open an email app to send to email address 1)
In speaking with the AzureSupport twitter account they agreed that it was strange and arranged for a one time ticket for support.
The support agent asked me to check my Access Policies for the Key Vault I had created. This showed that email 1 is indeed a user in the Azure Active Direction and they mentioned that I'd need to have the admin add it. Since I had noticed the irregularities with email address 1 showing up in the URL and in the email for adding support I logged into Azure using email address 1 and went to Azure Active Directory->Users under that account.
I then selected the guest account, selected Directory Role, and added a new role of Application Administrator. Now all of it is working as expected!
My subscription was attached to employer Active Directory and I can't change my role in it.
I solve this problem by creating my own Active Directory and by moving subscription to this AD.
I initially created a trial account. Discovered that was incorrect then created a developer account. Everything seemed good until I timed out and tried signing back in. The new password used to create the developer account was no longer valid. DocuSign had reverted my account login back to the original trial account. This has happened every time I created a Developer account. I am currently up to my 12th dev account creation. Verifying every time. At least all the fields are prepopulated so I don't have to type everything.
How do I prevent DocuSign account management from reverting my Developer account back to a Trial account? I contacted their support directly but they didn't know and suggested I ask here.
Make sure that you are logging on to demo.docusign.net and that you are going to the following page to set up your dev account. Create Dev Account
When you first login to your account make sure the url is demo.docusign.net. Demo accounts are on a completely separate server system than the production system.
Support should also be able to look up your account information by e-mail to see where your accounts are located and what the status of them are. If you have an enterprise account, I would make sure to have your enterprise account number when you call in. This will put you with the enterprise support group, which typically handles these issues more frequently.
I have two businesses and each has an Azure subscription. I'm an admin for each using my same MS email account.
Bill is only involved in one of the subscriptions, but when I log into my subscription "Local Happenings" (to which Bill should have no access) I still see his email address in the URL.
This picture shows it better:
https://db.tt/kvuccFOO
I'm wondering why this is, and if it could potentially be a problem.
My fear is that if he decides to cancel his business's account, then he will cancel mine or something.
I tried again to create a new subscription to verify I wasn't already logged into his subscription (I used a different browser), but it still shows his email address in the URL.
Anyone have any ideas?
UPDATE 1:
https://db.tt/QHJrfIno
I see that my subscription is under his "default directory". I never selected this when creating my subscription. How do I change this, and is it the culprit?
What shows under the "Active Directory" tab in the management portal for each Subscription? When you say "MS email account" is that an old hotmail-type account or one registered via Office 365 or Azure?
The fact that the account showing in the URL has #XXX.onmicrosoft.com address suggests there is a link back to an Azure Active Directory (AAD) instance. If this is shared between the subscriptions (potentially as a login from it was used to create on of the subscriptions) then this would be the cause.
You need to make sure a non-AAD account is an admin on the subscription so that removal of an associated Azure AD instance will not orphan the subscription.
Have a read of the AAD documentation here for more information: http://msdn.microsoft.com/library/azure/dn629581.aspx
This is Windows Azure Resource Provider SDK. I've tried to read about concepts and can't definitely understand whether it allows me to do what I want.
I have a web service that is hosted in Windows Azure. Users get a userid-password pair, pay for the service via PayPal and then they can make web requests to a designated URL providing their userid-password pairs and the service will deduct funds based on number of their requests. When they pay via PayPal they buy "right to make N requests" - their balance inside the service is increased by the "number of requests" they paid for. So it's a pay-per-usage-volume service.
Now I want to expose my service to the Azure Store using the Resource Provider SDK charging people for the number of requests they make to my service.
The concepts document says
The user then creates a Subscription. A Subscription is a named entity e.g. 3-month Free Trial or MyApp Production. You can view your own Subscriptions on the Account Portal.
Next, the user creates one or more Resources such as a Website or Virtual Machine. Website and Virtual Machine are two different ResourceTypes. Each Resource is deployed under exactly one Subscription.
The subscription part is more or less clear. What about Resource objects? I mean the description continues "such as a Web Site or Virtual Machine" but what I want to offer is not a site and not a VM, it's a right to queue a certain number of requests to my service URL.
Either I don't get something simple or the Azure Resource Provider SDK is just not what I can use.
How do I expose my pay-per-usage-volume service to Azure Store using Azure Resource Provider SDK?
All the confusion is because how the documentation is worded. It says
The user then creates a Subscription. A Subscription is a named entity e.g. 3-month Free Trial or MyApp Production.
This is partially true. The user indeed creates a subscription but that typically happens long before he makes his first purchase from Azure Store. Subscriptions are Azure thing, they are not specific to Azure Store. What the RP sees is the subscription id (currently in form of GUID string representation) and by the subscription id the RP can distinguish between purchases made by different users.
Then goes this
Next, the user creates one or more Resources such as a Website or Virtual Machine. Website and Virtual Machine are two different ResourceTypes. Each Resource is deployed under exactly one Subscription.
This is just very far from true.
The user chooses an "offering" from Azure Store showcase (basically a list of available services), then he selects a "plan" (which is a "you pay X money and get Y of the service" type of offer, X is zero for free plans) and he chooses a "resource name". The "resource name" is up to the user - he chooses it.
The "resource type" is a unique symbolic identifier for the "offering" which must be unique across the entire Azure Store and is chosen by the RP designer. So examples like "Websites" or "Virtual machines" are both very bad and useless - in fact you'll want to have a "resource type" like CompanyXMalingService so that when someone else wants to offer a "mailing service" he could offer CompanyYMailingService and when you yourself want to offer a "telephony service" you can use CompanyXTelephonyService and not collide with others.
Now if you offer something with "N requests per period" billing model you only can have "one month" as a period, so it can only be "N requests per month", nothing else. Suppose your offering "resource type" is CompanyXCoolRequests.
The model is then as follows: user clicks on your offering, selects a plan (for example, 1000 requests per month) and clicks through until he is billed. Meanwhile the store will send a request to your RP saying that there was a purchase for subscription with a certain id of resource of type CompanyXCoolRequests and with some resource name, the plan identifier will be inside the request. Your RP creates an account inside your service and debits the number of requests there, it has to provide the user id and password (or whatever stuff is needed to use your service) - either as "output items" which are displayed when the user clicks "Connection info" button or via the service page where the user is redirected when he clicks the "Manage" button.
Now there're the following options. Either just nothing happens for years and then it means the user purchase is active and he is billed every month, the month starts att he date he made a purchase and lasts till the same date of the next month. You have to provide him with 1000 requests every month. You have to decide what to do with the leftover balance (like the month is ending and he only used 800 requests) and what to do when he uses everything up before the new month starts. The user can also "delete" your offering from his subscription - he will no longer be billed ad the store will send a request to your RP and you have to delete or block the account you created earlier in you service. Also it's possible that there's a subscription-level event like suspension of the subscription - then you have to temporarily block all the resources of that subscription and be able to restore them all one the subscription is "resumed. And finally the user can "upgrade" his purchase by switching to a more expensive plan - you'll have to debit extra units to his "account" inside your service.
The Subscription can be thought of an identifier for the Users commerce relation ship [think an identifier for which Credit Card to charge]
The Resource or The addon on the other had is what identifies the instance of the service that the user is buying.
In your case lets call your Service "SharpToothService" and the user can go to the service and buy the ability to send "n SharpTooths/month" for 9.99.
Sharp tooth would be the resource.
& The user name and password would be the Output Items [Result of Provisioning and Purchasing the resource]
[As you get along you might have question on plans]-
Plan is what identifies the sold packagae for eg. You might have Silver plan for "100 Sharptooths for 9.99/month: a gold one for "500 SHarptooths for 19.99/month" etc