I installed the ThingsBoard on window machine and when I log with admin account, I can't see the dashboard or customer like the demo.
So why can't I see the two options even that I'm using the admin account?
All dashboards and customers in Thingsboard are tied to a Tenant. Thingsboard support multiple Tenants. When you are logged in as system administrator, Thingsboard can't know which of the tenants to show, so no dashboards or customers are shown.
The system administrator account is for system administration tasks, not for dashboard or customer tasks. If you want to manage dashboards or customers, login as the Tenant or Customer you want to manage.
Related
We have created a Microsoft Teams tab app with bot integration that we want to distribute to various organizations either manually or via an App Store. In summary,
We created Tabs App with Microsoft Bot using node.js botbuilder package.
We provided zip archive to another organization (another tenant Id).
Organization uploaded our app using Microsoft Teams Admin panel and approved permission in Permission tabs.
Question is how can we receive the tenant id from the organization we are deploying to without asking their admins to go to Azure Active Directory and look it up. Once provided, the graph api and the multi tenant bot does work fine. We are trying to avoid asking their admin to provide us the tenant id and want to retrieve it automatically upon the app being uploaded or on startup.
Thank you.
The best place to get the tenant id is from the access token you are provided by logging in to your app. Look for the 'tid' value.
I'm assuming you are talking about stream lining the company wide admin consent for your application.
What you can do is have a web site that a customer's admin can log into (using standard Microsoft OAuth interactive flow). You can then pull the Tenant ID from the access token and then run through the Microsoft consent process. Once consent process redirected back to your web site, you can do your own customer onboarding if required.
I am building a custom app for MS Teams that sends Proactive chat messages to the users of each of the teams. When I give the app to the teams admin, they will publish the app, but I am not sure how the admin will install for their users, so that I receive conversation_id of all the users in their teams after it has been installed.
I am aware that it is possible through Graph API and is looking to eliminate the app installation through Graph Api.
It's possible for an admin to do this using the Teams Admin section in the Microsoft 365 Tenant Admin screens. Specifically, you're wanting to set up something called "App Setup Policies". See here for more: https://learn.microsoft.com/en-us/microsoftteams/teams-app-setup-policies#create-a-custom-app-setup-policy
Using these policies, admins can pre-install the app, and can even pin it on the left menu. They can also choose to do this for all users, or just a specified group.
To be clear though, this will install the app to the users in a -personal- context - it will NOT install the app to any -actual- Teams / Channels or Group Chats - you'd need to use Graph for that, and even then it will only be able to install to -existing- Channels or Chats and won't automatically cover new ones added after that, if that's what you were trying to achieve.
Is there anywhere an OAuth/oidc identity provider (cloud or on-premises) that supports sth. like company groups? I want to group the users in company groups. Every company group should have an company administrator user. The company administrator user should only see the users of his company.
Yes, I've tried miniOrange (Cloud/On-Premise based) who support this Super admin feature and it has worked very well for me. there may be some other Identity Providers in the market like OneLogin, KeyCloak etc. who support this usecase.
In this use case, designating administrators can help you manage your Company Groups and only certain types of administrators can add / remove other admins, post updates, and edit your Company Groups.
I am working on managing user access to workspaces via the API. [Cleaning inactive users], and am running into issues where I can authenticate the user, but don't have a way to check if the user is a workspace admin.
This becomes an issue because I am authenticating the user, and then managing users in a later step. I would like to show an error when the user authenticates if they are able to manage users on the chosen workspace.
Any ideas?
There currently is not an endpoint to determine if a user is an admin. I do think this would be helpful, and I will surface it with our API team.
There are endpoints that can only be accessed by admins, such as user management. Unfortunately, I don't think this solves your requirements.
We have recently installed TFS 2010. Our Active Directory users (i.e. my company's staff) can access it just fine.
However, we also have contractors working in the office who do not have an AD account. I am having difficulty trying to get the non-AD users to connect to TFS through Visual Studio. The contractors are on the same LAN but have no AD account, which we do to restrict access to other resources on the network.
I created local Windows user accounts on the server for the contractors. With the local account they can access the TFS web front end but still cannot connect through Visual Studio.
Is there any way to do this? Do the contractors need to have Remote Desktop access to the server itself?
You should definitely give your contractors AD accounts. If you want to restrict access to internal resources, you can use Organisational Units in AD, like
MyCompany
Employees
Contractors
And set access restrictions to your resources according to groups linked to the OUs.
Giving remote access to the server will just create another set of issues.
When you install a non Express version of TFS, you need an AD for authentication, you can't use properly the TFS server from a non AD account.
From this point you have two solutions:
Create AD account for contractors (one per company or one per user, your call).
Create a domain Trust between your domain and the contractor's one. See this documentation for more info.
I don't understand clearly the Remote Desktop part, explain please.