I want to block users from accessing sugarcrm from their home. They can only access it from our office's computer. How to do this ? I am using sugarondemand as host.
if you are using SugarOnDemand then just put in a case and ask support to help you with this. There is really nothing you can do from the outside on this, it has to be done on their servers.
May be you can try this module on your staging instance : http://www.sugarforge.org/projects/irm/ or asking to the support if they can validate this module for your instance
Related
Hi i'm currently running a program on localhost:8000 and using Cloudflare tunnel turn make it into a public url.
The problem is the domain apex for example website.com has sensitive information and I
don't want anyone to be able to access it.
However I want website.com/123 or website.com/1234 and so on to be accessible.
I tried using cloudflare zero trust to do this but it seems impossible to only authenticate the domain apex. So I believe I have to make changes to the source code.
How would I go about this?
Thank you in advance. This is my first question on here.
I really wish I can get to the point where I can fix these things myself.
Maybe an easy question for someone who knows Powershell and O365 well. Is there a way to configure it so when a command is run for example to pull all access to a shared mailbox, that either a service account is permissioned each time to pull that information or the user who is running the script? I looked at connecting an SA to the script but it would have too much access to 0365 to give it the specific permissions. So the account is not permissioned for the access by default but every time the script/command is ran its permissioned for that inquiry which it shows then it won't have access until the next time its called.
Looking to add this type of function to a script which we only want the helpdesk people to see the information when they run the script and the specific command in the script.
Hopefully explained clear enough :)
Thanks all.
I don't think there is a way to do that natively. You could fiddle something with Azure PIM but that's more for one-off operations than minute action that are done often.
You could however circumvent that by making some sort of web interface that triggers commands on another server using a privileged SA and returns the output through the web interface. You can just make it so that the interface can only request one specific command to be run, and the only thing you have to worry about is sanitizing your parameters well to avoid unwanted injection.
Alternatively, what are you trying to protect against by restricting access so much ? Isn't it something that could be done more easily using a read-only account and some clearly defined policy ? If your helpdesk people overstep their allowed scope, that's a management/HR problem as much as a technical one.
I'm creating a iOS app that requires the user to log in at startup, and then uses those credentials to query 4-5 different services on a server over the course of the session.
The server (xyz) it self doesn't accept the credentials, but if the services that it provides are queried then they get accepted. For example https://xyz/service1 works, https://xyz doesn't.
Now what I'm wondering about is if there is anything that stands in the way of creating 4-5 NSURLProtectionSpace's at log in, one for each service on the server, and then use the corresponding protection space when use each service?
Or is there a better way of implementing something that could work in this situation?
All help would be appreciated.
Turns out that there is nothing that stands in the way of creating multiple NSURLProtectionSpace's since each is created for a separate url.
I want to use bugzilla as issue tracking support tool. Users should communicate only using E-Mail, while developers work with bugzilla.
So the first step is creating new bugs for mails, but that fails with the following error:
There is no user named 'test#test.com'. Either you mis-typed the name or that user has not yet registered for a Bugzilla account.
Is it possible to work around that?
One approach would be to change the "from" email in the message to some common account that you set up to specifically handle bugs submitted via email.
You would need to do this before you called email_in.pl http://www.bugzilla.org/docs/4.2/en/html/api/email_in.html
If you happen to be using LDAP authentication and your directory contains all of your intended users, you could use the syncLDAP.pl script in bugzilla/contrib to create bugzilla users for everyone in the directory.
There are a few gotchas I'll mention in case it helps anyone else..
You'll need to install the Net::LDAP perl module. I used cpan.
Be sure your BZ_ROOT_DIR is set properly in /contrib/Buzgilla.pm
If you have multiple LDAP servers configured in parameters, the script will choke. I temporarily removed all but one of the servers.
I found that entries with no mail attribute defined also caused the script to choke, so I made the following change:
my #login_name = #{ $value->{Bugzilla->params->{"LDAPmailattribute"}} };
to
my #login_name = #{ $value->{Bugzilla->params->{"LDAPmailattribute"}} } if defined $value->{Bugzilla->params->{"LDAPmailattribute"}};
Run the script with no arguments to see the various usages (eg. readonly, to test without committing changes). Also, as this is a one time sync, you'd need to set up a scheduled task to run it on a suitable interval.
I apologize that this doesn't entirely remove the requirement for user accounts, but at the very least it's a viable solution for anyone that needs LDAP/AD users to be able to email bugzilla to create tickets without manually creating bugzilla accounts.
I'm working on installing vPopMail on CentOS for use with a Qmail / Courier-IMAP mail-server setup. So far, everything is working out well enough. Mail sent to any virtual user I have setup under any virtual domain (assuming MX records are pointed correctly in the domain DNS) I add to vPopMail is routed correctly to the vPopMail ./Maildir/ and is viewable in /home/vpopmail/domains/domain-example.com/user.name/Maildir/new.
The problem I'm having now is telling the pop service to authenticate using vPopMail instead of the ~default~ Qmail / Courier-IMAP authentication method(s).
"You also need to modify your pop server startup line to use the vchkpw program for authentication." (found at http://www.inter7.com/vpopmail/vpopmail.html) is all I can find in any documentation to even give me the clue that that needs to be done.
So, the question:
How do I tell my pop server to authenticate with vPopMail?
Thanks so much in advance! :)
(Feel free to let me know what (if) more info is needed to answer my question..)
Id go ahead and check this out
http://www.inter7.com/vpopmail/install.txt
namely item 12
then go ahead and add those lines to your rc.local file or rc.sysinit
good luck