I am trying to configure phabricator's admin account which appears when entering to it's home page on the first time.
According to here I can use phabricator/ $ ./bin/accountadmin, but it's not setting admin's password - unless I recover the account, get an (partially) arbitrary link and set everything inside manually.
but - I want to fully configure it without UI, but with phabricator's CLI/linux commands.
How can I do that? thanks.
Phabricator can not be fully installed with the help of cli, The problem is the Authentication method that should be set for the application is not configurable with cli at the moment. Take look at this issue for more information.
Related
I am running my own Identity Provider with ADFS, and do not want the Active Directory integration with it. When a user logs into the page, I don't want the user to see the "sign in with one of these accounts" page, and instead would like it to just default to the other provider. I noticed I cannot disable the Active Directory provider in the trusted providers page.
Some of the resources I have found, talk about adjusting the actual login page js, or code file to get it to trick the page into selecting the one I want to default. I REALLY do not want to do this, and it seems like this should be a simple option somewhere.
The only way to do this is via customising the onload.js.
The whole point of ADFS is to add a federation capability to AD. That's why you cannot easily remove it.
So I did eventually figure this out. The proper way to remove Active Directory from the choice list does NOT involve adjusting js files. Going into the system and running:
Set-ADFSProperty -EnableLocalAuthenticationTypes $false
This then used the only other identity provider automatically.
I needed to put both of these
Set-AdfsProperties -IntranetUseLocalClaimsProvider $false
Set-AdfsProperties -EnableLocalAuthenticationTypes $false
I am trying to find the answer of something stupid, but I can't. Does anybody know how to remove the "w_member_social" permission from linkedin App (if there is a way to do something like that)? I need this because the client does not want to see the message "- Post, comment and like posts on your behalf" when authorizing linkedin accounts on our application.
Any other suggestion on how to solve that is welcome.
Thanks in advance!
Quick Fix:
Search for w_member_social string in your backend code if you find it in the configurations just remove it.
Explanation:
You can't remove w_member_social permission directly from the LinkedIn app, but it can be modified by making changes in the backend code of your application.
You need to follow certain general steps irrespective of the backend you are using:
Find out the library you are using for social authentication/OAuth2 service
Check library documentation for Application scopes W.R.T LinkedIn
go to backend configurations/settings file remove the option w_member_social from your configuration.
My Case:
My application backend was created using the Django framework and for social authentication, we were using python-social-auth library. I just navigated to my setting file and commented out w_member_social scope/permission.
SOCIAL_AUTH_LINKEDIN_OAUTH2_SCOPE = [
"r_basicprofile",
"r_emailaddress",
# "w_member_social",
]
I am using WSO2IS 5.3.0 version.
I updated all the configs but mistakenly i gave wrong password reset url in [IS_HOME]/repository/conf/email/email-admin-config.xml file. I started my server with RDBMS as datasource. Everything worked well.
Then I noticed my password reset url is wrong. Again I went to [IS_HOME]/repository/conf/email/email-admin-config.xml file and updated the url and restarted WSO2. But it is not working for all the users. Some users still getting old template with wrong url. I restarted my WSO2 multiple times and updated the xml file but no luck. I even tried to change the template through carbon admin UI but still it is sending wrong template.
The weird thing is it is sending right one immediately after i restart WSO2 but after sometimes it start using old template. How can I solve this issue without reconfigure everything from beginning?
Let's me explain how the email-admin-config.xml works. This file works as the bootstrap data required to populate email templates in WSO2 Identity Server. So whenever you create a tenant initial data related to email templates will be read from here.
So we basically read the file during the first startup (ie. creation of carbon.super tenant) and any new tenant creation of the server and write the content to the database. Thereafter any change you want to do needs to be done with the UI provided in the Managment Console.
Restarting the server won't make the changes apply to existing tenants that were created before changes were made to email-admin-config.xml. But if you create a new tenant the updated content will be read from the email-admin-config.xml.
Hope this clarifies your concerns.
Adding to #farasath's answer. You can also use a SOAP service to change the template programmatically. For that, you can use AccountCredentialMgtConfigService. The service contract can be accessed from.
https://<host>:<port>/services/AccountCredentialMgtConfigService?wsdl
However to access the WSDL, you have to set HideAdminServices property to false first at <IS_HOME>/repository/conf/carbon.xml and restart the server.
Also, in the management console, the email template management UI can be found under Manage section on the left side panel.
Want to make alfresco site read only in alfresco community 5.0 so that no one can make any changes or edit that during migration.
I already tried changing the user/group permissions but that method doesn't work properly. Is there any other way to make the sites read only?
You need to make all sites in read only mode and so entire Repository should be in read-only mode for migration!
Try this property in your alfresco-global.prop file
server.allowWrite=false
Please check this for reference
The best way to make a site read only would probably be to modify all members of that site to have the consumer role (this would prevent them for creating new content or editing any existing content).
Unfortunately there is no bulk capability built into the UI to do this, however it should be a relatively straightforward exercise to create an admin only custom WebScript to achieve this. It would necessary for the Admin to become the site manager of each site before attempting to change the role of each site member, but there is an API for doing this.
Alternatively (if you have only a few sites) then you could do this manually through the UI using the Site Management Admin Console page. Again, the Admin would need to become the Site Manager for each Site and then visit the site and change the role of every member.
As suggested by #DaveDraper in a former answer, you could setup site memberships to the consumer role. However, this won't take into account any special permission given on a particular node (folder/document) in that site either with or without inheritance of permission.
So, if you intend to block any writes on the entire alfresco repo/site you could simply setup an extra security interceptor on your NodeService to block any write access using the NodeService.
PS : You could get some inspiration from the "NodeService_security" bean and implementation !
I can think of a turn-around or two, but those would be really sloppy so I won't be including them in this response
I have one portal with 3 modules inside it, now my requirement is i would like to create
new portal for every client registered in my DNN site.
So, i have one interface for registration, so as soon as client registers entirely new parent portal should be created with all the modules.
How can i achieve this functionality ???
I would suggest digging into the admin files that come as part of the default DNN installation and look for the code that creates a new portal from there. It will ultimately be calling a stored procedure to create the necessary data in the SQL tables. You might get away with just calling the stored procs but the admin code probably calls several different ones to setup the default security settings.
Curiously what alias will each of these portals use? It's not clear why you need a complete portal for each user. The DNN segmentation already allows you to show different content based on role membership. Why the need for a whole portal per user?
Use the site wizard to create template of the current portal and during client registration programmatically execute the template. You may also want to automate the site setup in IIS.
Well, You can easily do it! Login to host and go to portals. Click on create new protal.
See which control is responsible for creating new portal. you can simaply get it by using firebug and look into client id of link or text box.
Once you do that, you will find the code you can use.
tell me if you need more help with it, I'm good with what you want to do!