I have data stored in SharePoint List, and using frontend as access to filling the data and generate reports.
Users need to sign-in into access run-time to be able to connect to the SharePoint.
After signing in, How do they sign-out?
IF sign-out is not available, is there any registry value that cab be deleted, which will delete the sign-in.
Related
I have a data studio report that will show different data based on different users. I developed appscript and expose it as Community Connector so that I can control type of data to return back to data studio.
In my appscript, I'm using Session.getActiveUser() to track the current user. When I tried to open up the data studio report link using different gmail account, my appscript log shows that Session.getActiveUser() always returns the same email.
I even deployed the appscript as
Web APP > execute as user accessing the app
Add On
Library
How can appscript Session.getActiveUser() can return detect the current user who is access the data studio report link? Or is it the right way to do it?
According to the documentation, you'll need to use Session.getEffectiveUser to determine the user's identity.
https://developers.google.com/datastudio/solution/blocks/user-identity
This answer also describes what to expect depending of if the data source is set to 'Owner's credentials' or 'Viewer's credentials'
I am creating a data driven subscription and that requires you to stored credentials. However, they want want a link to the report embedded in the email. If the user clicks the link then stored credentials will be what is authenticated and not the actual user.
They would like the user to be prompted for authentication when they manually execute the report. Here are a couple of things I was considering:
I think I can accomplish this by creating a copy of the report that uses a different data source configured to prompt the user for credentials and use the URL to this report to include in the data driven subscription.
I don't think I can do this, in sql update the Credential Retrieval to go from Using the Following Credentials to Prompt the User for Credentials. However, if you switch it back to use the setting Using the Following Credentials, then I will need to reapply the username and password. Not quite for sure how to do that programmatically.
Does anybody else have an idea on how to handle this?
First, I'm not a MS Access developer. However I've got a new job and have to do some MS Access development. I'll be working with another developer who has experience at this; at least more than I have.
One thing he showed me is that users will get into this MS Access application, which goes into the forms, do whatever it is they do there and then bang out of the forms application to get direct access to the tables of the database. (The Access application is a front end to a SQL Server 2005 database.) Since the end users have direct access to the SQL tables, well you can just imagine what sort of mischief they can get into. (The Access application was written by a contractor who left with the application unfinished.)
So my question is this: how can we prevent end users from getting out of the Access application to directly interact with the SQL tables? I would think this is possible, but like I said I'm not an Office developer so I've no idea how it would be done, nor even what sort of things I'd look for.
The Access application is written in MS Access 2007.
#rod
Generally the level of security MS Access is providing is not very impressive. But it gives you some sort of security preventing novice users accessing unwanted information.
look for:
Compiling the database to ACCDE, MDE
provide custom ribbon with your own buttons
Disable the "Navigation" pane : http://www.access-programmers.co.uk/forums/showthread.php?t=187697
Disable the settings via right click.
Use AutoExe function to check if NavigationPAne is deactivated, and reboot database if necessary
Disable the "bypass startup option" key: http://www.access-programmers.co.uk/forums/showthread.php?t=91984
prevent database to load if the DB is not in .accde or .mde format. Again this is within the AutoEXE function to check.
Some useful research/investment would be.
Custom ribbon creator for MS access which will help you to provide your own buttons/ribbons (I used ribboncreator)
Providing membership/user account. since you already have dedicated SQL server you can save user credentials in the back-end tables hiding from front-end. Check user has access by writing stored procedures/functions.
Write function to gather errors, activities and uploads to a LOG table and monitor activities. use web-services + MSXML2.XMLHTTP + async for this task.}
Create a UI for the users to navigate your application. The most basic thing is just a form that has buttons to open all other forms the users need to access in your application.
Then use the ribbon to navigate to "File" -> "Options" -> "Current Database".
Select the form from the step above as "Display form" for the application and then uncheck all the following options "Use Access Special Keys", "Display Navigation Pane", "Allow Full Menus", "Allow Default Shortcut Menus".
This will start you Access application and show the selected form without any of the standard UI for working with tables or the design of other objects in your application.
But please be aware that this is just protection against normal users making accidental mistakes by changing stuff they are not supposed to change. This will not deter a malicious and knowledgeable attacker.
If you want open your application for development, hold down the SHIFT-Key while opening the file.
Another option outside of Access is to deny an AD group with read/write access to your SQL tables the DELETE permission. I was able to do this successfully using Access 2013 and Microsoft SQL Server Management Studio 2012. This post discusses the command.
DENY DELETE ON tablename to [DOMAIN\groupname];
Users in the AD group are able to modify and delete data through the UI we have created, but unable to open the table, select a line, and hit the delete key. They receive the following error: "ODBC--delete on a linked table 'tablename' failed....The DELETE permission was denied on the object ...."
I'm able to create a user specifically for integrations and enter the corresponding credentials when configuring my WSS send port. This works fine, however, as expected, when I view the document in SharePoint, the "Modified By" user on the document is the integration user.
Is there a way that I can set the modified by field in SharePoint dynamically? That is, the user that actually initiates the integration? (I have the user's information available when the adapter sends the document to SharePoint, I'm just unsure of how to tell SharePoint to impersonate the integration as a specific user).
We have several Collections in our TFS 2010 server.
This server hosts all of our TFS related services.
I'd like to allow a specific programmer to create Team Projects within his dedicated collection.
He belongs to the collection's TFS administrators group.
When he tries to create a new Team Project, it fails with a Reporting permissions error.
I understand that he also needs Reporting services permissions to create the relevant Reporting objects for the new Team Project, but I don't want him to be a full admin for the whole server's Reporting Services.
Is there a way to allow him the full ability to create new Team Projects without making a full Reporting Services admin?
source:http://www.microsoft.com/download/en/details.aspx?id=8175
To grant administrative permissions for a team project collection in Reporting Services
Start Internet Explorer.
In the Address bar, type the following URL, where ReportServer is the name of the server that is running Reporting Services: http://ReportServer/Reports/Pages/Folder.aspx
Click the Properties tab, and then click New Role Assignment.
In Group or User Name, type the name of the account for the user or group to whom you want grant administrative permissions.
In Role, click Team Foundation Content Manager, and then click OK.
The one thing missing in the manual, is that you need to do this for /TfsReports/[collectionname] while setting stop security inheratence.