We have a Sharepoint 2007 server with list that we enter information to through an Access Interface.
For awhile all of our users have been using Access 2010 with no problem. However, a couple of our users have Access 2013 and are unable to use it to push information to Sharepoint.
I have narrowed it down to the password information not being passed to Sharepoint to let us send the data.
Our Access 2010 users have to enter their password each time they use it.
Our Access 2013 users are not prompted for a password and freeze up when they try to view a list connected to the Sharepoint server.
The only way Access 2013 does not freeze is if the user goes to External Data and use imports and links to the sharepoint site. When they do this, they are asked for a username and password.
After they do this, they can click any of the list and use them as normal. However, as soon as Access is closed the same issues occurs.
Is there a way to turn on password prompts for Access 2013?
I've looked at ways to retain that information, finding this useful site https://accessexperts.com/blog/2012/01/18/how-to-save-your-sharepoint-password-in-windows/. However,none of our users have access to add a site to their trusted list and our IT department would sadly take weeks to do this.
Related
I have an external program that I have scheduled to run once a day (i.e. no user interaction). This program should upload a file to a SharePoint Online site, using Microsoft Graph API. I'm able to enable this in Azure Active Directory by registering an app, and giving this app the application permission File.ReadWrite.All, then sending a PUT request to
https://graph.microsoft.com/v1.0/drives/{drive-id}/items/{parent-id}:/{filename}:/content
However, by granting File.ReadWrite.All, the program will have access to all files in all site collections for my organization. I want to limit access to a specific site, or perhaps just a specific folder within that site. How can this be achieved? (without the need for a user to interactively sign in when the program is run)
Edit (2021-03-04): This is possible now: https://developer.microsoft.com/office/blogs/controlling-app-access-on-specific-sharepoint-site-collections/
It is not currently possible to restrict app-only access to a specific SharePoint site, through Microsoft Graph.
Recently I am working with MS Graph with Office 365 to create some application. I am using https://login.microsoftonline.com/common/v2.0 as authentication point. Until few days back it was worked fine as when I run the application it is asking for authentication when I provide the user name password details then it is going to my website. I don't know what happened, from last one week it is keep on asking password for multiple time. When I click on back button then it is going back to my site with authenticated screen.
I have registered my app in https://apps.dev.microsoft.com already with proper permissions.
Currently using the Provisioning API that is being depreciated April 20.
This is the current flow:
user (University Alumni) gets to our site http://alumni.columbia.edu/email
they click on Create My Account
they authenticate through our university WIND system using what we call their UNI
they land on a page mentioning that an email account UNI#caa.columbia.edu is ready to be created. They can pick an alias to UNI. They also need to enter a password to use the Chat and POP-mail features of Gmail.
they confirm the creation of the account. At this point the API is being called using https://www.google.com/a/feeds/, some data (email address, name, id) being saved in our database.
To log in, they come through our site, click on the login button, this will use the SSO and they get logged in.
Based on the flow above, do I need to use OAuth2.0?
Yes, you will need to authenticate with OAuth using the Installed Applications approach to do this. Instead of step 5 the way you currently have it, you'll need to call the API from a process on your server with an account that has (limited) admin credentials that can create the account with the Directory API. To do this, you'll need to persist the OAuth token information that the account will use to connect, and handle the code to refresh the token when it has expired.
The first time you run your code you'll need to manually authenticate that account to get your application the appropriate permissions so that they can be stored.
If you're hoping to not go too crazy with handling the authentication side of things and you're using .Net, I'd recommend checking out my project gShell that acts as a wrapper for the authentication and handles the token storing and refreshing for you. It's still a young project but it should fit your needs. Alternately, feel free to browse the code for an example on what to do.
If you plan on using Python, check out Google Apps Manager by jay0lee which is also a wonderful resource.
I have Quickbooks Pro 2013 with the Web Connector installed.
I have created a sync application, granted permissions and everything, and I get the Web connector to exchange data between the company file (QB PRO 2013) and a web service successfully.
This happens only while QB PRO 2013 is OPEN. It doesn't require a logged in user, just keeping the application open is good enough for the Web Connector to connect to the company file and exchange data.
The thing is when I close the application the Web Connector starts complaining with a QBWC1013 error, saying:
Could not start QuickBooks. - second row in this link: http://www.zoho.com/crm/help/quickbooks/troubleshooting.html#sthash.hk3Dc8dl.dpuf
I'm used to QB POS, where I don't need the company open. Is this behavior different on non POS products ? Do I need to keep QB open all the time ? The path to the company file is OK as well as the syncing logic, we are able to connect, authenticate, exchange data both ways smoothly but only while QB is open (being logged in is not necessary, just keeping the app open).
It is like the Web Connector needs a running instance of QuickBooks to authenticate, because when it does so, QuickBooks flickers like if someone were logging in and then logging out.
The Web Connector application has been granted full access and Admin login to the company file.
Any thoughts :)
First, know that the very first time you connect things you have to make sure QuickBooks is open. If you haven't had QuickBooks open at all yet, make sure it's open the very first time to get things connected.
After that, QuickBooks does not have to be open, provided you have configured things correctly.
To answer your questions:
Is this behavior different on non POS products ?
Yes. Slightly.
Do I need to keep QB open all the time ?
No.
The path to the company file is OK as well as the syncing logic, we are able to connect, authenticate, exchange data both ways smoothly but only while QB is open (being logged in is not necessary, just keeping the app open).
Hit F2 in QuickBooks, and make sure that the path that's shown in the dialog window that pops up is EXACTLY the path that your web service is returning to the Web Connector. It must be EXACTLY the same.
If you're still having trouble, double-check that the app is allowed to connect in the QuickBooks settings, and that a valid user is chosen in the settings, restart the computer, and try again.
If you're still having trouble, post your Web Connector logs (in VERBOSE mode: QuickBooks Web Connector - how to set VERBOSE mode) so that we can help you troubleshoot.
Previously, my installed application (desktop application) is using gdata-java-client with ClientLogin mechanism, for user to access Google service.
In order to provide seamless experience, the desktop application will store users previous entered username and password in encryption format. Whenever they wish to access Google service, the desktop application will automatically help users to fill in username + password information. (Even after application restarting) Users just need to single button click to access Google service.
The login code is as follow : http://jstock.hg.sourceforge.net/hgweb/jstock/jstock/file/808b03e824bf/src/org/yccheok/jstock/gui/Utils.java#l1520
I plan to migrate code to google-api-java-client, and use OAuth 2.0. Since my desktop application has no control over users entered username and password, users will be prompted with the following Windows every time they wish to use Google service.
The user flow doesn't seem seamless any-more, as users need to deal with the browser window, every-time after application restarting. Is there any way for my desktop application, to remember their login information, so that they need not to respond to browser window every-time the application restarting?
Great question. Yes, we are working on this right now. The feature request is here, and the changeset under review is here. Our plan is to make it be available in the next version 1.11.0-beta some time in July. For now, feel free to patch in FileCredentialStore from the changeset into your application and try it out. More documentation about the OAuth 2.0 support in the Java client library can be found here (which will be updated for 1.11.0-beta with information about FileCredentialStore).
Take a look at https://developers.google.com/accounts/docs/OAuth2InstalledApp. This a general guide for your type of application - installed on client machine.
The tell you These applications, in general, cannot keep secrets. But if you already store users' credentials - will it really change something for you?