We need to change the default domain name #abc.onmicrosoft.com on MS Bookings mailboxes with our custom domain name before creating the Bookings calendar. I am referring to this doc for more details, see section Changing your default domain when setting up Bookings mailbox, where it advises to change the default domain name for obvious reasons but does not mention any steps how to do that. Appreciate any help with actual steps on how to do change the domain prior to creating the Bookings calendar
Related
client has 2 different domains (due to acquisition) in one M365 tenant and wants to make sure they don't see each other in contacts using Address Book Policies. I have been able to do my best to separate them by using Company field however I am stuck with how to handle their Mail-Enabled Security Groups.
I made an address list called "Client1AddressList" and set the -IncludedRecipients to "MailGroups" which is great and brings every group in, however it doesn't care about the domain whether it is allstaff#client1.com or allstaff#client2.com.
I thought maybe adding on a -RecipientFilter to the end of the Set-AddressList would help, but I cant figure out what that filter would look like to tell it to only add groups that have an email of *#client1.com
Thank you any geniuses out there that can lend a hand!
Our UPN and primary SMTP are different and since the parent company controls that aspect of the environment I cannot change that.
UPN: name#parentcorp.com
Email: name#childcorp.com
I have an on-prem ADFS 4.0 server which we have complete control over and so far we have about 12 website/apps setup which all work fine.
In every instance so far the website has a field for "email" and a separate field I can use for "federation ID" which I populate w/ the UPN.
Then I setup my claims to accept the UPN as NameID and everything is normal.
Now I have to setup two new sites which don't give me that option however I have to put in the Primary SMTP into the email field and that is the only field I can pass to my claim.
I'm wondering if it's possible for our users to still sign in using name#parentcorp.com even though the email is name#childcorp.com.
Normally I would think this would be possible but I read an MS article about configuring an alternate logon ID and thought that might be possible. Or using the Transform Incoming Claim option under the Claim Policy section.
Both are possible but they are different use cases. One is authentication; one is claims.
You can use any AD field for AlternateID.
And yes, you can use a Transform claim.
Need more detail as the exact requirement.
I am writing a custom Fiori to access sales data from an SAP ERP backend system using a Gateway.
The use case is "customer logs in launchpad, opens Fiori app and sees all his/hers sales items based on the customer id". The customer id is stored in kna1-kunnr and has to be included in a select on the vbak table in SAP. Nothing fancy.
Now I ask myself: how do I get the customer id / kunnr? What do I get at all from the currently logged in user? When debugging my Gateway project code, is it actually the name stored in sy-uname or can I get something better?
How should I continue to get the customer id / kunnr? Are there some function modules like GET_CUSTOMER_ID_OF_USER to call in the SAP ERP?
Or are the actually other / better ways to get the sales documets for one user?
Update
Thank you for your answers so far. I am going to check the default Fiori implementations to get some inside. But, since we are already here, I want to specify my question a little bit more:
Giving I create an OData model in my Component.js like that:
var oModel = new sap.ui.model.odata.ODataModel("[...]/sap/opu/odata/sap/Z_MYODATA_SRV/",
false, "user", "password" );
user and password are supposed to be the ones currently entered as user credentials in the Fiori Launchpad. How can I access those? Are there some SAPUI5 api like getCurrentUser or getCurrentSession ? Do I actually have to do this user check?
You are correct that to identify all of the sales orders for a customer you need to read them from VBAK (or use BAPI_SALESORDER_GETLIST, etc).
The relationship between logged in user and customer is not something that's the same in every SAP ECC system. You may find that the logged in user is the same as the customer number, but with a prefix - for example, logged in user C12345678 for customer 0012345678. Or there may be some other type of relationship that's store in a custom field on the customer master itself. The best option is to check with the person responsible for the configuration in Sales and Distribution. Only then can you know how to determine the customer for a logged in customer user.
Answering your question
Now I ask myself: how do I get the customer id / kunnr? What do I get at all from the currently logged in user?
It is done on backend with standard customizing, not via OData methods like you intend to do it.
Mikael gave you the rough idea, but didn't finished it so I will give a more comprehensive answer.
We need to differentiate between front-end and back-end authorizations, for Fiori app functioning you need to types of roles/authorizations:
The SAP Fiori roles that define which Fiori apps are displayed to the user
Launchpad authorizations
General OData authorizations
Trusted RFC back-end connectivity authorizations
Back-end authorizations and roles which contain authorizations to display the related business data
This concept is depicted on this figure:
The assignment of the front-end is described here and is out of scope now. Now we are focusing on bullet 2.
Every Fiori app has its role model and one should follow the implementation given in app description. Let's consider how it is done based on Sales Order creation app (F0018) sample:
OData service that returns business-data is SRA017_SALESORDER_CREATE_SRV, so to run it one needs frontend role SAP_SD_BCR_FIELDSALESREP_X1 and backend role SAP_SD_SO_CRE_APP
Also app description give us the following prerequisits:
Before implementing the Create Sales Order app, you must ensure the following:
That an employee master record is created with the following attributes:
If you have implemented SAP ERP HCM and maintained employees in the HCM personnel records, ensure that the employee personnel record has the infotype Communication, with a subtype of System User Name (SY-UNAME) (Infotype 0105, Subtype 0001).
If you have not implemented SAP ERP HCM, implement the Sales and Distribution configuration around Use Sales Employees with HR (Tcode: PULT). This IMG setting copies the appropriate HCM tables from the 000 Client and allows the setup of the employee record with the Infotype Communication and a Subtype of System User Name (SY-UNAME) (Infotype 0105, Subtype 0001).
It associates the USERID of the employee with the personnel number assigned as a partner function sales employee in the customer master.
After implementing the above customer SAP user id will be bound to his employee ID (PERNR), and his employee ID consequently will be bound to partner function in XD02.
And that's not all, what comes next?
THe following order parameters should be maintained in in SIMGH tcode in order customer to see his orders and can create the new ones.
Call transaction SIMGH to open the Create Sales Orders node and configure user information in Customizing activity Define Configuration Parameters using the parameters listed below. For more information, see the documentation available for the Customizing activity.
Document Type (DOCTYPE)
By default, the app uses the standard order document type (technical key TA resp. OR). Changing this to something other than a sales order may significantly impact the functionality of the application.
Order Period (ORDPERIOD)
This defines how many days into the past sales orders are retrieved. The suggested value is 30 days.
Search Period (SEAPERIOD)
This defines how many days into the past a search must look for sales orders that match the search criteria. The suggested value is 90 days.
Ship To Party (SHIP_TO/PARTNER_ROLE)
This defines which partner role in the customer master is used for the ship-to party. The suggested value is WE.
Forwarding Agent (FORWARDING_AGENT/PARTNER_ROLE)
This defines which partner role in the customer master is used for the forwarding agent. The suggested value is SP.
and even that's not all
App description gives the following BADIs to implement in order to enable such linking
Implement the following BAdIs:
Customer Association to Employee
You can use this BAdI to associate employees with specific customers.
Only after all the above steps the customer will be able to order and/or view his sales items.
The moral: always check the app description thoroughly because the role model varies per-app.
Have a look at the standard Fiori applications. For example, in Create Sales Order, there is a BADI provided to implement the relation you are looking for (but for an employee to a customer). In the standard setup, the partner functions of the customer master is used to map what customers are visible to an employee.
Most likely, you have a similar setup already in place if your customers actually have user accounts in your system. If could be as a parameter of the user or as a (custom?) partner role.
http://help.sap.com/saphelp_fiorierpx1_100/helpdata/en/6d/135652f9c21457e10000000a445394/content.htm
I installed openfire on CentOs and it uses external database for authentification and user list.
I managed groups based on a user table and a friend listing so that each user is also a group that is is an administrator and populated with users that are (friends).
External users and authentication works fine.
The issue is that the buddy list is only populated when is check "enable contact list group sharing openfire" on group administration.
I want to make this option always enabled so that user can see each other in their buddy list.
this is an existing issue openfire issue
Are there any possible solutions or alternatives.
Edit:
In other words, I want to avoid adding the following three lines to the ofGroupProp table:
name sharedRoster.displayName groupname
name sharedRoster.groupList
name sharedRoster.showInRoster onlyGroup
I want to add Email Addresses to Google Groups programmatically. While there are methods of doing so, none seem to allow the addition of the Display Names, Nicknames or just the First and Last names.
For example, the code (from Add members to google groups programatically):
GroupsManager.getGroup(group).addMember(emailAddress);
works beautifully if the emailAddress is something like fred#example.com, however if I try to add the DisplayName, it doesn't. I have tried:
"Fred Surname" <fred#example.com>
and
Fred Surname
however, I just receive an unspecified error.
Any help would be greatly appreciated - in any language, as long as there is an example!
Many thanks,
Clem Clarke
It can't be done unless the person is defined as a Google User in the Domain. See this discussion: https://productforums.google.com/forum/#!topic/apps/6Z8OpwGk7UM; specifically, the post by marcus24 on 10/10/09. It still works the same way today.
It only works if you add a user with a Google account (includes other Gsuite enabled organisations and Gmail addresses too). It does not works for users with other accounts (e.g Hotmail, iCloud, Yahoo etc).
Hopefully Google will enable GSuite admins to include the person's name with their email address for third party accounts soon.
This format for adding Display names does not work in the New Google Groups. No matter what format I enter, it puts the email name in the Display Name Field instead of the name that I use to maintain the group, i.e. First Name Last Name. Since some emails are not remotely associated with a person's name, this is very difficult to manage. The special input formula works fine in Classic Google Groups but not in the New Google Groups.
I'm admin for a Google for Nonprofits workspace. When adding members to a google group (in the form "First Last <emailaddress.domain>"), the Display Name "takes" only for those users who have accounts in our organizational domain. For the others, the email address is just repeated where I wish the Display Name would appear.
It can totally be done, I just did it and have done it before. When adding a new member to the group type the name as you want it displayed then the address in the <>'s. Ex. John Doe <email address>
Hope that helps.