Where is the difference between
Set-DistributionGroup testgroup -Alias testgroupalias
and
Set-DistributionGroup testgroup -EmailAddresses #{Add="testdistributionlistalias#domain.de"}
Why documenation saying only 1 alias is possible?
It is because alias in the Microsoft Exchange context is different than generically saying email alias.
From the MSDN Document on Active Directory fields, you can see that aliases are stored in the MailNickname field of AD user objects and mail enabled groups and act as an alternate way for you to reference a user or group.
These are however different than what is set via the -EmailAddresses parameter. These are full internet email addresses i.e. the-address#example.com and will work properly for both users in the Exchange environment as well as people in other companies/organization.
You can only 1 alias but you can assign many alternative email addresses.
Related
I have a record set TXT in Route 53, cause I need create a TXT record verification for Google Search, can I delete this? Is this also for some verification purpose? Should it be there forever?
As stated in Create DNS records at any DNS hosting provider for Office 365:
NOTE: This record is used only to verify that you own your domain; it doesn't affect anything else. You can delete it later, if you like.
It refers to MS=msxxxxxx record, so you can delete it safely.
When it comes to SPF, I'd not touch it as it's responsible for specifying who's allowed to send email from your domain. If you delete it you basically don't specify the list of allowed servers which is really not recommended.
However, the information under the text box says that you can enter multiple values on separate lines so you can just add another line for Google verification.
Our Web Application has a login screen: User can login with their Windows Accounts (the admin can use local accounts).
The Web Application uses the UserPrincipal in .NET-Framework to match the login name and password. The entered login will be split by the '\' into Domain part and SamAccountName part. E.g.:
Calamitas\Simon
But for local accounts in Windows it is possible to use the computer name instead the domain name:
ComputerName\LocalUser
And instead for the computer name it is possible to use a dot:
.\LocalUser
Where can I get a list of all these login patterns?
If you are calling FindByIdentity then the formats supported are listed in the IdentityType enum. This seems to be a subset of the types GetUserNameEx can return.
You have most of the important patterns covered already except for name#example.com, name#domain and example.com/name? It might also accept just a name but that lookup is going to be slow in a large domain forest.
There are also distinguished names (CN=Jeff Smith,OU=Sales,DC=Fabrikam,DC=COM) but they are hard to parse/validate.
Users are probably not going to use a GUID or a SID to log in.
If you are trying to validate form input then I would suggest allowing ?*\?* and ?*#?* (DOS syntax). Add S-?-?* to support SIDs.
On my parse based application, each user will have a list of notes that are private to him by default.
The user will be able to invite other users (identified by their email address) to view the notes.
I want to use ACL for that, but was wondering what should I do if the invited user is not registered yet as a Parse user on invitation. In that case, the notes creator user cannot add him to the note's ACL since there is no ParseUser object yet.
What is the best solution for this type of invitation?
Can I use ACL for this or do I have to manage the access myself?
If you're familiar with Parse technology called Cloud Code then you should check this https://gist.github.com/mikevansnell/5140654
This code creates future user from the email passed to the function and asign it with some random password. And then an invitation email is send to the passed email with all the info, including password. And when the invited user goes to the app just fill the logi
These are two options I can think of.
1) Use ACL
Modify the note's ACL so that it has read access by the users invited that are already registered. Any users that are not registered, get a new row containing the email and note id in a separate table called NewUserAccess. Whenever a user is created, query NewUserAccess for rows with the registering email. Update those notes with the newly created user's objectId.
2) Manage Access Yourself
The second option is just creating a table called UserAccess. With this, when you invite a user you create a row with their email and the note they have access to. This would cause problems if the user changed emails which would require additional work.
If you want to use ACL in order to control user access to classes, objects
just create a new _Role='registered_user' in the parse built in class "role" .
and when user xyz registers, add them to role 'registered_user'
in the ACL of the classes where you want to restrict READ to the role, use the following:
"ACL":{"registered_user":{"read":true}}
Explicitly setting READ permissions in ACL instead of just wildcarding it using "*" will lock down the access to members of "registered_user" Role.
Its just like groups in the file system.
Is it possible to manage multiple calendars from a single program? The task is to add events for different users in a domain, but do it from single program without knowing all users domain passwords. What type of authentication should be used to connect EWS? Is there any admin account exists? How to specify which calendar to update on each operation?
sure is this possible. You will have to create an ExchangeService-instance for each user and set the ImpersonatedUserId property to the mailbox of the user you want to the appointment or whatever you want to add.
have a look at http://msdn.microsoft.com/en-us/library/exchange/dd633680(v=exchg.80).aspx there you can find how to work with impersonation and also have a look at http://msdn.microsoft.com/en-us/library/bb204095.aspx where you can see how to set the rights your user needs to impersonate.
hope that answers your questions...
Using the google document API, I am creating a document and added access rules. In my system I only have one email address of this particular user. Let's say it's johndoe#company.com. Using that email address I add an access rule to my google doc. Within google John Doe has two email addresses: a primary (johndoe#gmail.com) and a secondary (johndoe#company.com). Google seems to be smart enough to make the association and when I look at the sharing for that document it shows John's primary email address (johndoe#gmail.com).
The problem is now I need to find that access rule and delete it, so I do a find (using the document API) to find the access rule by email address and since I only have the one email address (johndoe#company.com) google returns nothing.
Hopefully I'm missing a simple solution here such as:
Can I request the access rule from google using the email address I
have and using some undocumented feature have google look up the
record via primary or secondary email address?
Obtain the primary email address on access rule creation? (doesn't
appear to be returned).
Thanks in advance!
According to the API, you just need to issue a DELETE request for the give acl. See "Removing sharing permissions". So, it should resolve the primary/secondary emails for you just like add.
https://developers.google.com/google-apps/documents-list/