I would like to set up teams for our user teams in Office365. The users are synchronized to the Azure Active Directory via AD Connect.
With 2 users I could not set up teams, because "Interpreted User Type" is set to "HybridOnpremSfbUser". The other users are "DirsyncSfBUser" and so it works. I guess because these 2 users were once used to test a SfB on premises server. But this server does not exist anymore. Therefore Move-CSUser is not possible.
I have already removed the attributes that refer to the SfB server from the AD user object and synchronized them again, but without changing them.
Does anyone have a solution or an idea?
VG Marius
Removing the Ad attributes and run adsync is the solution.
If it is not working. Please fallow below steps.
Delete the skype attributes for both AD accounts.
wait for the AD Replication.
check again AD accounts after replication. whether it is showing old attributes or new attributes. now do the adsync.
Please check both users should have valid teams license. Now check users are showing in teams console.
Related
My user tries to access Microsoft Power Automate (Flow) approvals via email notifications that the Flow sends to them. When clicking on the approval, they get an error "Something went wrong. The requested approval is not accessible to the caller." When directly accessing their approvals at us.flow.microsoft.com > Action items > Approvals, they only see approvals up to January. The same approvals are working for other users. How do I fix approval access?
I tried having the user login via an incognito tab. I also checked whether the user still has MS PA licenses assigned to them, and they seem to be correct (the user has MS 365 E1, MS 365 Business Premium, and MS Power Automate Free).
Figured out the what was causing the issue for our user. The user had a duplicate enterprise microsoft account, so both were being sent the email notification about the approvals, but only the duplicate account was being given access to them. Removing the duplicate account fixed the issue.
If we had had two users with the same name & neither can be deleted, another solution would've been to change how the approvals are routed (ie. by email instead of name.)
I'm new to slack and have the following question. I was initially invited for a team. I set up an account. Now I was invited to join another team. As far as I understood slack is based on teams. That means I can share the same mail address across teams. But if I want to join the second team I can't use the same username. It says I can't pick that username and should try another one. Do I need to choose a different username for every team?
Slack accounts are scoped on a team (tenant) basis, so you can use the same username and email address in different teams - or different ones - all that matters is that the username and email address aren't already in use.
In your case, it sounds like someone else has already nabbed the username you want, so you'll have to choose a new one, or contact an administrator to remove or rename the other user if they're inactive.
As I understand, we can access records created by Portal users and their respective Entity Permissions apply for them. However, I wanted those users to be able to even access records which were created by CRM users within Dynamics 365 (and not records created from Portal by a Portal user which is assigned to System)
Is this possible? If yes, how can I achieve that?
Thanks in advance!
It does not matter who created the record, what matters is if that user has access to it. It would not make much sense to show only records that were created by the portal users - how would you then handle something like Customer Service (on one end users use portal, but on the other they are using CRM, bot are creating records).
So basically I'm not sure how aware are you of the configuration of permissions, but let's say that you configured that a Contact (which is a portal user) has access to all records "Cases" that are referencing this contact (this is simply configuration in Entity Permission record). If yes then contact will see records created by him and all other cases that are referencing him as a contact, so if you as a CRM user will create a Case for a Contact, this Contact will see the case.
I've looked all over the admin console, but can't find where to add other users so that they can edit our listing. Can you please provide a URL/link to where I should navigate?
You may want to check this support page. You can:
assign pre-built roles for performing common business tasks
assign custom roles you create for your organization
assign more than one role to a user to grant all privileges in those roles
Be noted that you must be signed in as a super administrator for this task.
The user typically gets their new privileges within a few minutes. However, it can take up to 24 hours. When they sign in to their account, they arrive at the Admin console dashboard. Here they see the controls allowed by their privileges.
Hope this helps!
I think you want to navigate to this URL while logged in as the app project owner:
https://console.cloud.google.com/iam-admin/iam/project?project=(add your project ID)
And assign roles to different users or groups.
you can use group publishing on the gsuite marketplace:
Set up Group Publishing
You can share ownership of your items in Google Chrome Web Store with other developers by setting up group publishing. With group publishing, you can add developers to a Google Group, who can then act on your behalf. They'll have access to all the items you own and can make any changes to them that you can make.
https://developer.chrome.com/webstore/publish#set-up-group-publishing
(each member of the group should pay the 5$ developer fee though.)
You can configure the group from your webstore dashboard.
https://chrome.google.com/webstore/developer/dashboard
I am making a very simple marketplace app using the new SDK (Oauth 2.0). One of the steps would be to automatically invite team members for a closed group so I would need access to team members (users in same domain) from the user that is starting the process going through the default "navigator icon in google navigation menu".
This is working fine, however it is only working for administrators (tried with both Directory API and Profiles data API).Is there a way to simply "read" the email from users without needing to have administrator rights? It seems quite an overkill to ask a user to be administrator just for the purpose of being able to invite his team members.
These email addresses are in the user contact list for example, when writing an email they are automatically there so it shoulnt be much of permission problem I guess. can anyone help a bit on how I can accomplish this? Maybe a different API that I have not found?
Very much appreciated,
Best regards,
Joao Garin
You can use "Service Accounts" to access the Directory API on behalf of the Administrator when any user accesses the App.
The Drive API has a really good set of samples here - https://developers.google.com/drive/delegation
This same technique will work with Admin SDK. The end result is the auth is not made on behalf of the user at the keyboard but as an authorized Service Account. This Service Account is authorized by the admin at the time of install.