One of our managers is encountering an issue with Sharepoint Workflows.
His team has a standard AD user account setup with an email inbox that they all have access to via Outlooks "Open these additional Mailboxes" option.
The Sharepoint workflow is setup to send approvals to this general-use user account.
The problem is, when they receive the emails, it states "You do not have the required permissions to view this task", even though each one of them as well as the general user account has access to the task list in Sharepoint.
Could the fact that Sharepoint is sending approvals to this general email account be causing the issue? If so, how can this be rectified? If not, what could be causing this issue?
Thanks all
Ok I found out the 'general' user account had approve permissions on the List itself, but Limited Access on the Site. I changed Site permissions for this account to "Approver" and all was well. Not sure why the Site needed approver status when the List had it specifically, but I guess that's Sharepoint for ya.
Are your "Read Access" and/or "Edit Access" "Item-level Permissions" set to "Only their own" on the list? (List->Settings->Advanced Settings). If so, I'd bet that's the culprit.
Related
My SharePoint Environment is SharePoint 2019 On Premise
Is it possible to show alert message on the page or popup window, when user SHARE the document on the Document Library.
When we Share the document, whether or not we could modify the mail alert template/ Content.
Thanks
By 'share', I assume you mean you want to show a message anytime someone edits the permissions of a document. (Since technically, I could 'share' a document by emailing someone the link to it.)
To my knowledge, the only way to achieve this would be to build a custom-code (SPFx) solution which uses API's to interact with the document's permissions granted via app-only access. And block users' ability to access those documents in the traditional way through SharePoint. This would give you full control over the UI, and prevent users from granting access (sharing) elsewhere.
Another option you might investigate is Azure Rights Management. Sensitivity labels applied to documents/libraries can be configured to automatically display headers, footers, watermarks, and even encryption when they are accessed. Exchange can also be configured to display a 'tip', when it detects users are trying to email a sensitive document. Full disclosure: I have only worked with these features in SharePoint online and I'm not certain of their capability in an on-premise environment.
We are using DocuSign REST API (DocuSign C# Client) to create a DocuSign account for our clients. An account is created successfully, but when the user login that account on DocuSign Web (New UI) then they do not get "Go to Admin" menu in admin preferences. Is there any settings that we need to apply while creating DocuSign account. We are using DocuSign C# Client to create an account and applying only email and user name.
Also, we want to update some DocuSign account settings using REST API. But some parameters are not getting updated. When I checked the API log and found that parameter which we want to modify its read only. Below what i found from API log.
"allowEnvelopeCorrect":"false","allowEnvelopeCorrectMetadata":{"rights":"read_only","uiHint":"available"}
See my answer below on another thread, I would try to explicitly call canManageAccount and see if the permission gets set. It may still need to be done in SOAP.
Fail to update user's "Manage Account" permission through "Modify User Account Settings" API
Are you creating new accounts through the API or just adding new users to an account?
There's actually a bug in the platform currently that will be fixed soon - the bug is that for single user accounts the Go To Admin link in the menu drop menu is not available. I believe this might be causing your issue. Starting tomorrow you should be able to access the Admin menu directly through - admin.docusign.com/auth - and I think next week the actual menu item should be enabled and bug fixed.
-- By Ergin
It has been fixed Now.. Thanks.
I have made a SharePoint 2013 workflow for a list in which users have read permission only. I want to give the user rights to kick off the workflow through the Custom List Action. But i get this error everytime:
"Unfortunately, this site has not been shared with you."
How can i solve this? I have already created the workflow using the following msdn article(creating a workflow with elevated permissions): https://msdn.microsoft.com/en-us/library/jj822159.aspx.
But this does not seem to help in my case.
Had to Update-Wrong Links
If the user only has read permissions, they will be unable to add items to the list. You weren't very clear on how this workflow kicks off or what it does but my guess would be to provide either a custom permission which allows a user to add items but not edit/delete. See here for instructions on how to do this.
or
You could enable anonymous users on the list and allow anonymous users to add items. See here for instructions on how to do this.
Your security concerns are going to determine your approach but for what I have read I think either would suffice.
**** You must have Admin rights to perform this ****
In SharePoint Workflow 2013, you can use the APP step that will allow the workflow to be authorized with its identity as a Full Control and ignore the current user permissions.
This is will ensure that the workflow will be executed successfully in case the current user has no permissions.
Note: The APP Step will be disabled if you didn't elevate the workflow permission.
For more details check Workflow was Suspended with Unauthorized HTTP / Elevate Workflow permissions in SharePoint 2013
I created a list and setup alerts that send to several individuals when a new item is added to the list. However, I have one additional requirement to have an alert email sent to a Public Folder in Exchange.
The folder is setup with an email address, VSrequest#domain.com, but when I try to add that address into the "Send Alerts To" field (when creating a new alert), SharePoint returns an error: "No Exact match was found."
I thought about setting up the alert in a custom workflow through SharePoint designer, but is there a way to easily reuse the existing Alert Email as a template for the body of the custom alert?
Any other ideas or pointers would be greatly appreciated!
You can't send an alert to a regular email address (or mailbox) because it isn't associated with a user/group. If it isn't associated with a user/group then it can't have permissions to any list or list items in SharePoint. Finally, if it doesn't have permissions then it can't receive an alert (or that would be a pretty big security hole).
Probably the easiest method is what you mention: using a custom SharePoint designer workflow. It isn't going to be 100% the same but you can just copy the HTML from a previous alert and then try to fill in the data as much as you can in the workflow. (see here for an article describing almost exactly what you want).
As you've seen you can't setup an alert against a random email address - it has to be against a user (who has an email address).
So one option would be to create a domain user for VSrequest#domain.com - ensure they are in SharePoints user list (Site Settings > Users and Groups > All Users) then you will be able to setup the alert for that user which will go to that email address.
Other options include workflow as Kit mentions, Event Receivers or 3rd party software.
I have a WSS 3.0 site with FBA and a custom user management web part. To track user email address, I have been using the Email property of the MembershipUser object. I just realized today that if you go into People and Groups and look at the email address for a user, the email address is blank, and can be edited there independent of the MembershipUser value. It seems that the alerts system uses the email address that is stored in People and Groups.
I have not gotten into recoding yet because I want to make sure I'm not missing anything first. I assume I could switch from MembershipUser.Email and story my information in SPUser.Email instead. But I seem to remember that on a different project I used MembershipUser.Email with no problems and the alerts went out fine (although that was MOSS).
So I guess I have two questions:
Is there a way to tell People and Groups or the Alerts system to use MembershipUser.Email?
Is it best practice to use SPUser.Email for email storage, rather than MembershipUser.Email?
This post goes in-depth in getting SharePoint to sync the user profiles in your FBA store by naming all properties sharepoint should know about in the web.config and create those properties in your ProfileProvider. Not sure if it is what you are looking for exactly though. FBA user profile mapping does not work as clean as AD user profile mapping does out of the box.
Also, check out the User Profile Import Tool on CodePlex. It's for MOSS but might provide some pointers.