I've linked MySQL to Heroku and am now trying to add user accounts through MYSQL Workbench. I'm using this and this as guides, but I don't see anything new after clicking Users and Privileges -> Add Account. After pressing on the 'Add Account' button on the Users and Privileges page, three buttons (add account, delete, and refresh) gray out and two buttons (revert and apply) become active, but nothing else changes on my screen. For reference, this is what I see after pressing Add Account:
If I then press on Apply, I get a 'Save Account Changes' notification that tells me "It is a security hazard to create an account with no password. Please confirm creation of newuser'#'%' with no password."
Am I missing something? How do I get to the page where I can set the user account details?
Related
By default, our users does not have email. But we want to allow users to set / update their emails from account management console.
We have noticed the following issue. When the user does not have an email already set, the email field is not visible from "Personal Info" tab of account management console.
However if we set an email from admin console -> realm -> users, the email field is visible and editable for the user from account management console.
before setting an email for the user (email is null)
after setting an email for the user (without changing any other settings)
Does this mean that users cannot set an email if their email is not already set?
Is there any way we can allow users to set an email themselves?
Note that we don't want to force a user to set their email. It is optional.
If we assign "Update Profile" as a Required user action for user, they are shown our custom theme profile update UI. currently we are manually assigning "Update Profile" Required user action upon request from the user which is not ideal.
We also haven't modified the account management console theme.
Keycloak version: 20.0.1
We have tried switching different options from "Realm Settings" -> "Login" tab. doesn't work
Expecting users to be able to set an email from account management console even when they don't already have an email set
There is a request we have received from HR department which is:
There is a member of group :X#companyname.com who added to a group: Groupname#company.com without an approval.
The HR would like to know who added that member and when?
I don't know if there is a command line using PowerShell to get the information we are looking for or I should first enable some event ID in AD or exchange server to be able see that.
Thank you.
Step 1: “User Account Management” Audit Policy
Perform the following steps to enable “User Account Management” audit policy:
Go to “Administrative Tools” and open “Group Policy Management” console on the primary “Domain Controller”.
In “Group Policy Management”, create a new GPO or edit an existing GPO. It is recommended to create a new GPO, link it to the domain and edit.
To create a new GPO, right-click the domain name in the left panel, and click “Create a GPO in this domain, and Link it here”. It shows the “New GPO” window on the screen. Provide a name (User Account Management in our case) and click “OK”.
The new GPO appears in the left pane. Right-click it and click “Edit” in the context menu. “Group Policy Management Editor” appears on the screen.
In this window, you have to set “Audit User Account Management” policy. To do that, navigate to “Computer Configuration” ➔ “Windows Settings” ➔ “Security Settings” ➔ “Advanced Audit Policy Configuration” ➔ “Audit Policies”.
Select “Account Management” policy to list all of its sub-policies. Double-click “Audit User Account Management”’ policy to open its “Properties” window
Note: Instead of configuring “Local Policy, it is recommended to configure above policy in “Advanced Audit Policy Configuration”. This is because you have to enable all account management policies in “Local Policy” that will generate huge amount of event logs. To minimize the noise, “Advanced Audit Policy Configuration” should be preferred.
Figure 1: The “Audit User Account Management” policy
In policy properties, click to select “Define these policy settings” checkbox. Then, select the “Success” and the “Failure” attempts check boxes. You can choose any one or both the options as per your need. In our case, we have selected both of the options as we want to audit both the successful and the failed attempts.
Figure 2: Properties of “Audit User Account Management” policy
Click “Apply”, and “OK” to close the properties window.
It is recommended to update the Group Policy instantly so that new changes can be applied on the entire domain. Run the following command in the “Command Prompt”:
Gpupdate /force
In the following image, you can see the “Gpupdate” command run.
Figure 3: Updating the Group Policy
Step 2: Track user account changes through Event Viewer
To track user account changes in Active Directory, open “Windows Event Viewer”, and go to “Windows Logs” ➔ “Security”. Use the “Filter Current Log” option in the right pane to find the relevant events.
The following are some of the events related to user account management:
Event ID 4720 shows a user account was created.
Event ID 4722 shows a user account was enabled.
Event ID 4740 shows a user account was locked out.
Event ID 4725 shows a user account was disabled.
Event ID 4726 shows a user account was deleted.
Event ID 4738 shows a user account was changed.
Event ID 4781 shows the name of an account was changed.
In our lab environment, we have enabled a disabled user account. The following image shows the event’s properties window’s screenshot (event Id 4722). The user’s name who enabled the account is shown under “Subject ➔ Account Name” field, and the account-enable time is displayed under “Logged” field.
Figure 4: A user account was enabled
To see the user’s name whose account was enabled, you will have to scroll down the event’s property window’s side bar. In the following image, you can see the user’s name under “Target Account ➔ Account Name” field.
Figure 5: The user’s name whose account was enabled
I created a new Github user and then I tried to convert that user into an organization but I get "No owners or emails were submitted." error. In the Choose an Organization owner textbox, I entered my another Github account username. I followed Github help https://help.github.com/articles/converting-a-user-into-an-organization but I am unable to convert a user to an organization. Any help?
Once you have entered the account name of the new owner, you then need to press the 'choose' button in order to actually select the new owner.
Pressing 'create organization' should then work.
I've signed in to the developer website but when I go to the apps page to create my app I see the following error message:
Problem creating sandbox facilitator account [Error code: 2001]
When I look on the sandbox accounts page I see there is a facilitator account there (xxx-facilitator#xxxx.xxx)
When I click the "create app" button the "sandbox developer account" dropdown is empty and when I try to create an app I get the following error message:
We’re sorry, but something went wrong while creating the application. Please try again.
So far I've:
created new sandbox users
submitted a query to paypal's tech support (no response)
left it a day and tried again
logged in, logged out...
I had the same problem. The "Sandbox developer account" dropdown box had no entries although I had set up accounts before - so I couldn't create an app.
After some trial and error hacking I finally found a way to inject a valid option in the html select and successfully created the app in the end.
Here's how:
Log in to your developer.paypal.com profile and go to Sandbox - Accounts.
Just use Firebug in Firefox or Developer Tools in Chrome to examine the source: Check the source of your BUSINESS account and you will find a code line like this:
<a class="profile" target="/developer/accounts/detail/2297102045097598612">Profile</a>
Note the id (e.g. 2297102045097598612), the country code (e.g. US) and the email address.
Now go to Dashboard - My Apps & Credentials and press "Create app"
Open Firebug/Dev. Tools and examine the "Sandbox developer account" dropdown box. Right-Click the empty select in the dom and choose "Edit as HTML". Enter an option tag with your formerly noted values, just like this:
<option value="2297102045097598612,email#domain.com">email#domain.com (US)</option>
Check that the option now appears in the dropdown box.
Enter a name in the "App name" field and press "Create app".
That's it. Hope I could help.
I got the 'Problem creating sandbox facilitator account' error as well but it was with a different error code of 'TAGETLIST404-20141017053750'. Obviously the suffix is just a timestamp.
The problem seemed to have been caused by the Oauth login popup that initially returned a timeouted session error but appeared to have still logged in anyway as it showed my name in the topright corner. But trying to create new apps returned the sandbox facilitator error.
Clearing cookies and logging in again, not getting the timeout error seemed to fix it and I could create accounts. I know this isn't a great answer but it's something to try.
I waited two days, and the error messages regarding the facilitator account went away. I was then able to make a new business account. This then allowed me to create a REST app without error.
I had the same problem and fixed it by just editing the source a bit.
Right click on the dropdown for your account if it's empty and click on Inspect element in your browser.
Inside the tags for the dropdown, add your email in tags. The email should be of a valid sandbox account that you had created.
For example, if you'd like to add a sandbox account with the email business#example.com,
add business#example.com within the select tags.
Seems like it's something easily fixable from Paypal's side but they haven't bothered fixing it yet.
for PayFlow API - allow up to 3 hours for the change to go into effect.after 3 hours it saved data while clicking.
In my case my primary email account was not confirm. after confirm it allow me
Today, I've just encoutered the same error with you. The problem is how Paypal raise the error, which made us very confuse. The error they should raise is: " You have not created any developer account yet, create an account and try again".
And here is how I fix it:
Go to: https://developer.paypal.com/developer/accounts
Create a BUSINESS sandbox account.
Go back and try create app again to see if it work.
I'm not really familiar with Powershell and I'm trying to use it to automate some manual work. I was able to get 'rename computer' and 'addComputerTotheDomain' scripts working but got stuck in this part below.I did a lot of research but I could't understand a lot the scripts that people post (like the meaning of acronyms [ADSI] OU...and so on) Here are the steps:
Login with the administrator account that you joined the domain with
Go to Control Panel --> User Accounts Click "Manage User Accounts"
Click "Add" User name: myUserName Domain: MYDOMAIN
Select "Administrator" for level of access
After clicking "Finish" click on the Advanced tab of the User Accounts window
Uncheck "Require users to press Ctrl+alt+Delete" check box
Click the "Advanced" button under "Advanced user management"
Click into the Users section under "Local Users and Groups"
Right click the Administrator account and click "Set Password", set as myPassword
Double click the Administrator account
"Password never expires" should be the only box checked in
the list on the General tab. "Account is disabled" is frequently
checked, uncheck it.
Click OK, close all windows, and log off. You can now login as mydomain.com\myUserName with myPassword as the password.
any help would be appreciated to get the first step started (add user name).
thanks a lot
Check out this blog, it should help you out http://blogs.technet.com/b/benp/archive/2007/03/05/benp-s-basic-guide-to-managing-active-directory-objects-with-powershell.aspx