My attempts to send messages are being blocked by geo-permissions, with error 21408.
I can access the geo-permissions panel, but I am not able to make any changes. By default, there are no countries selected, not even the US, where the purchased phone number is from. Options to add countries to the geo-permissions section are greyed out.
Is this due to permissions restrictions on my account? I am operating under a developer sub-account of my client. The console offers no hint of why I am not able to make these changes.
I believe your issue is that you indeed are a developer and not an admin on that sub account. If this is work for a client I would ask that the admin change any geo-permissions for you.
Related
I would like to share my experience while setting up the mail.imap command in G1ANT studio.
For everyone stuck at the invalid credentials error--
Open your gmail account (the one you ware using in your code)
Go to the settings tab to the top right corner and then click on See all Settings.
In the All settings option click on Forwarding and POP/IMAP
Enable IMAP
Now head over to you homepage and click on manage accounts tab for your email account.
In the manage account section click on Security
Scroll down and turn on access to LESS SECURE APPS
Let the site update and go back (Do not close the tab directly)
This procedure should fix the invalid credentials error. However, even after doing all this the LIST variable (where the email data is stored) has no value allocated in it.
If anyone can find a solution to this problem, your help would be hugely appreciated.
I think your messages are already seen, so you can unread them and then try again and also see that you have got some messages that are from the current day.
Thank You for your solution for Invalid Credentials.
Some users in our client's Azure DevOps Server (on-prem) instance are unable to see the Request, Response and Event tabs when they view the history for webhooks. Other users can see the tabs.
The issue is as follows...
Under Project Settings --> Service Hooks, my client has a number of service hooks/webhooks defined.
When clicking the ellipse menu next to a Service Hook and selecting "History" it opens a modal window showing previous "runs" of the service hook in question.
On the right hand side of the modal window there are several tabs. Summary, Request, Response and Event (Screenshot attached)
Some users are unable to see the "Response", "Request" and "Event" tabs.
Some more background... The users in question cannot be placed in the "Project Collection Administrators" group due to company policy. They have been given "EditSubscription" permissions using tfssecurity.exe command line but it's still not working. I was hoping there might be a way to give them the required access using the REST API but it seems like the Azure DevOps CLI does not work with Azure DevOps Server 2019?
If anyone else has any advice I'd appreciate the help.
Thanks in advance.
Devon.
You should be able to grant a regular project user the ability to view and manage service hook subscriptions for a project.
tfssecurity /a+ /collection: https://dev.azure.com/fabrikam-fiber-inc/DefaultCollection ServiceHooks PublisherSecurity/abcdef00-abcd-0000-0000-abcdef000000 EditSubscriptions n:fabrikamfiber4#hotmail.com ALLOW
Make sure you used the command with same format and the users also have View subscriptions permission.
Take a look at What permissions do I need to set up a subscription?
Q: What are the security implications of granting Edit subscriptions
and View subscriptions permissions?
A: The user with these permissions can see all subscriptions created
in the project and the notification history for those subscriptions.
That user can then create any type of service hook subscription in
that project. If the user sets up a subscription for a resource that
they don't otherwise have permission to access, the subscription won't
get triggered.
For example: if I don't have access to work items in area path XYZ,
and I set up a subscription to the work item update events, I won't
get notifications for updates to work items in area path XYZ. However,
if another user who does have access to the work items in area path
XYZ is receiving those "work item update" events, then I could see the
notification history of that other user's events, which includes work
item data that I don't otherwise have access to.
If users are still not able to view those tabs with granting both Edit subscriptions and View subscriptions. Suggest they completely sign out the browser and clear cache. Then login in TFS web portal again. Which may do the trick.
I have registered my application here.
I have given all permissions to my App in that panel as well.
I specifically need Groups.ReadWrite.All which requires an admin ? requirement I am not sure what this even means.
https://apps.dev.microsoft.com/#/application/
Okay App is registered and redirect url has been copied.
Now I take that redirect url copy it and paste it into the admin panel for apps. At this link at App Registrations
https://portal.azure.com/
I am not sure why I have to register in two different panels, one which gives me a redirect url for my native app and the other that leaves it blank.
Great So then I setup my iOS app to make a graph request. This scope
https://graph.microsoft.com/Calendars.ReadWrite
I need to readwrite groups so I add this permission
https://graph.microsoft.com/Group.ReadWrite.All
It fails to authenticate.
I have checked that I have added the permissions to my app, and I have at this app registration panel https://apps.dev.microsoft.com/#/application/
Then I try to add the same permissions in the
https://portal.azure.com/
it gives me
Unable to Complete Request Validation Error, then doesn't do anything.
I tried to add a non admin permission same error.
So what is going on here ... ?
So even though they told me use the Graph API from now on moving forward in the docs I tried to go back to their office 365 SDK for iOS, it also has problems as I cannot get the pods to work as per instructions.
I am 100% sure after this issue is resolved I will need permissions
Note: I work at as a consultant for a bank so if someone can tell me what the azure administrator at the bank has to do to get my permissions escalated to admin status that would be great....
Thanks
Those are 2 different registrations,
Per this documentation (https://graph.microsoft.io/en-us/docs/authorization/auth_overview), for personal accounts like live.com or outlook.com, use the Azure AD v2.0, and for the enterprise, use the Azure AD.
So, for your case, I believe you need the latter, the azure AD.
For this to happen, as you said, go https://portal.azure.com/ and add the app registration.
In order to do so, you would need to
select "Azure Active Directory" and go "App registrations".
Once you create an app, you would need to select "native" for the iOS, and then under app access, under "required permissions" add "Microsoft Graph" followed by selected permissions you would like.
To answer the note, you would need permissions to create an app at the portal, otherwise, you would need to ask for that permission or have the admin create an app for you.
Some samples are available at https://github.com/microsoftgraph/ios-objectivec-connect-sample and https://github.com/microsoftgraph/ios-swift-connect-sample for iOS samples.
Hope this helps!
I am planning to release my app for appstore submission . The app is dependent on a webportal to create user accounts and reset the user credentials. However the webportal is not finalized yet , therefore we can't expose it to the public. Is there anyway, we can find out the IP ranges used by the reviewers to give access to them to our webportal ?
So our external links will work properly.
Thank You !
The reviewers usually use 17.x.x.x addresses. Apple owns that full /8 block. See here: http://en.wikipedia.org/wiki/List_of_assigned_/8_IPv4_address_blocks.
I've also watched my own server logs during review and can verify that in every case I've looked, they have hit my servers from one of those addresses.
I occasionally receive emails from Google (accounts-noreply#google.com), similar to the following:
Subject: Suspicious sign in prevented
Someone recently tried to use an application to sign in to your Google
Account, ________#gmail.com. We prevented the sign-in attempt in case
this was a hijacker trying to access your account. Please review the
details of the sign-in attempt:
Monday, November 19, 2012 8:40:55 PM GMT
IP Address: 184.72.161.49 (amazonaws.com)
Location: Dixmoor, IL, USA
If you do not recognize this sign-in attempt, someone else might be trying
to access your account. You should sign in to your account and reset your
password immediately. Find out how at
http://support.google.com/accounts?p=reset_pw
If this was you, and you want to give this application access to your
account, complete the troubleshooting steps listed at
http://support.google.com/mail?p=client_login
Sincerely,
The Google Accounts Team
© 2012 Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043
You have received this mandatory email service announcement to update you
about important changes to your Google product or account.
Indeed, this was me, as I have an app running on Heroku (hence why the IP address is from amazonaws.com), and I send email directly from my app via Gmail SMTP (I don't think it should matter, but specifically, I'm using the gmail_smtp plugin which I updated for Rails 3.2).
Is there a way to avoid this warning, or a way to whitelist known IPs?
Short Answer
In a web browser (perhaps Chrome/Incognito), log into your Gmail account (the one via which you're trying to send email from your app).
In another browser tab, open https://accounts.google.com/DisplayUnlockCaptcha -- and follow the steps.
Long Answer
I ended up logging into my Gmail account (mentioned as ________#gmail.com in the Stackoverflow question above) and saw the following warning:
[Note: I'm piecing this Answer together after the fact.] Clicking the link Was it you?, I'm pretty sure I was taken to a page that contained the following, though below it there was a message and button about adding another application to the list:
[Again, I'm pretty sure...] Clicking the button on that page brought me to https://accounts.google.com/DisplayUnlockCaptcha -- which looks like this:
Clicking Continue brought me to another page:
At that point I just went to my app, and made it send an email.
Note: for general live-testing of email in my app, I have a view at triggers#index with two buttons that send PUT requests to these actions: triggers#send_email and triggers#raise_exception. This enables an admin to go to /triggers and send an email or raise an exception to test if the production system is working correctly as far as being able to send email is concerned. Raising an exception in any of my apps emails details to me via exception_notification.
I had the same problem when I tried sending emails through Gmail SMTP using PHP. You shoud complete the troubleshooting steps provided at the end of the email.
On your Gmail mail box look at the bottom right corner and you can see a Details button. Click on it and then on the pop up window change the suspicious warning settings.
To get this working in dev with Rails 4 i had to enable access for less secure apps.
Visit https://www.google.com/settings/security/lesssecureapps while signed on to your gmail account and click 'turn on'. Note, this enables access for less secure apps which could come with unintended consequences.
Some apps and devices use less secure sign-in technology, which makes
your account more vulnerable. You can turn off access for these apps,
which we recommend, or turn on access if you want to use them despite
the risks.
To get this working in Rails 4, in addition to enabling access for less secure apps, as described already (Visit https://www.google.com/settings/security/lesssecureapps while signed on to your gmail account and click 'turn on'. Note, this enables access for less secure apps which could come with unintended consequences.),
one more step may be required in some cases, if account access is still blocked.
If this is the case, also visit https://accounts.google.com/DisplayUnlockCaptcha and click continue, to enable account access to send via gmail SMTP.
Credit to Steve Polito