We're opening an US office shortly and i've added the new domain (domainus.com) to our exchange 2007 environment as an "accepted domain" and added some addresses as SMTP addresses to a few members who can receive properly - yey :).
We want to send from these addresses too but I can't figure out how to make this work, I get the error:
"You are not allowed to send this message because you are trying to send on behalf of another sender without permission to do so. Please verify that you are sending on behalf of the correct sender, or ask your system administrator to help you get the required permission. "
I'm not well versed in exchange so i'm not sure what to search for to try and figure it out. I've tried:
Adding themselves to send to "Delivery options > send on behalf" and I edited the default email address policy for the organisation (which wasn't being applied before.... so I don't think it would make any difference).
Any suggestions welcomed.
Thanks in advance.
I know it isn't much help, but I was having the same issue, and getting the same error. I ran across this page that lists 4 ways to do it. None of them are what you would expect, except for the application that you have to purchase.
I do think if you have a gmail account that you could send as the alternate email address, and all replies etc would come back to the exchange account.
On the user account, in Active Directory, under Security, under the SELF account, select the Manage Send As Permission option.
Related
When I try to create a login to https://jackhenry.dev/portal/ with my work email I get a 401 from https://jackhenry.dev/portal/oauth2callback/?state=%....
One of my recent x-request-ids is 6a17801cc34176c4c680910d1a8bfe3d. Is there something my organization has to enable with the google account to get this to work?
It appears that my personal email would allow me to generate an account. Thus I think it may be something that my organization may have set.
For years, I've been using the email addresses MyEmail#mydomain.com and myemail#mydomain.com as if they are identical. And most of the time this is true. However now the OAuth verification process for the project seems to be failing because Google treats these as two separate identities.
The GCP project owner is MyEmail#mydomain.com. In the OAuth consent screen, I've set mydomain.com as the sole authorized domain for my app. And I use myemail#mydomain.com as my identity in Google Search Console when verifying that I am the owner of mydomain.com.
I got an email from the "The Google Cloud Trust & Safety Team", saying that the owner of the GCP project and the identity of the owner of the authorized domain do not match! The only reason for this seems to be the case of the email names, because everything else appears set up properly.
MY QUESTION: How can I change the GCP project owner from MyEmail#mydomain.com to myemail#mydomain.com?
It seems that I need to change one or the other. I would rather change the GCP owner to myemail#mydomain.com. But I can not get that to happen. I followed the instructions in Grant or Revoke Role.
I go to IAM -> Permissions - Add. I enter the email without the caps & ignore their suggestion to use the one with caps. But in the "Select a role" dropdown, it shows "Owner" as a role "Currently used". I select it anyway and click Save. But IAM -> Permissions never get changed.
I've thought of changing the owner first to someone completely different and then to the lower case email. But that might involve billing emails changing, etc.
EDIT - As a result of trying to add myemail#mydomain.com to the project, I received an email at that address from GCP, asking me to join the project. I accepted the request, but IAM is still only showing MyEmail#mydomain.com as being on the project.
Is this really the case that myemail#mydomain.com and MyEmail#mydomain.com are separate GCP identities? Might there be a different reason for Trust & Safety to think they're not the same?
If I respond to the T&S email, describing my issue, will a real person actually read it, or will the same automated test be run again to check the issue?
Resolution: I responded to the T&S email, explaining what was going on with the upper/lower case letters in my email address.
Today I got a reply: "Request Granted. Your project is now verified for ....". That's great! But I wonder if I will forever be first rejected for the same reason on all new projects that I create. It appears that the final solution is likely finding a way to change my logon email on GCP to one without capital letters.
Since you mention that you are never asked to select a different profile when logging into your account, then it should be the exact same account using the actual same GAIA ID as mentioned by DazWilkin, so there should be no difference within the GCP console between MyEmail#mydomain.com and myemail#mydomain.com.
Google usually recognizes an email address in both forms as the same account, although there are some exceptions across their products (I have had a similar experience with email addresses from Google Groups). I think this is one of those particular exceptions.
I would strongly recommend transferring the project ownership to a totally different account within your domain, then waiting a couple of hours due to Google's "propagation time" across services, and transferring the ownership back to the account using the format myemail#mydomain.com.
Now answering to:
If I respond to the T&S email, describing my issue, will a real person actually read it, or will the same automated test be run again to check the issue?
They are actually a team of people, but they tend to use a lot of canned responses, so I would definitively recommend being very specific with your choice of words when responding to their emails otherwise, you may not get a relevant response. You may also try to explain this to them via email to see if there is an actual problem with the email address or if it is just them or the system being extremely picky when checking the email address.
I think you basically have it covered. But it is important that on new Owner's account, you will need to go to "Billing" in the "hamburger" menu and either link the project to an existing billing account or set up a new Billing account to link the project.
You may also need to delete the old project owner to avoid confusion.
I‘d like to send a verification email for new account. Everything works fine on my local environment. But if I try to do it on the remote server, I got a problem. Inside the email there is the verification link for the user. Instantly, when the email is sent, this link is processed. That means, the verification has been done without clicking the link.
My search through the Internet was not successful. Is there anyone who can help me by solving my problem?
Best regards
Joachim Schmaeck
I'm using Azure API Management and I have a user who tried to sign up but never got the "validation" email. Let's just assume the email is not recoverable. Unfortunately, I have no way to reset that user's email address. The API Management framework knows that the email already exists but I have no visibility to that user's profile until they validate the account. At that point I can manage their account but, until then, they are in-limbo.
If the user tries to re-sign up or even if I send an invite, we get an error that says. "Email already exist"
Any pointers?
The confirmation request will expire in 2 days, so if the user tries again after 2 days, the "email already exist" error should go away.
Meanwhile, we are currently working on a feature to allow Admins to delete unconfirmed users from the Management Console.
In addition to allowing admins to remove unconfirmed users we added the ability for users to re-send confirmation email.
I'm busy to enable login stuff via facebook oauth on my website, but the only thing I want to get is the email of the user.
I saw in dev docs the 'scope=email' but, it seem's mandatory for the user to allow access to anything about him.
is there's a way to ask him to grant access only on his email ?
No. The bare minimum that your app will request from the user is his Basic Information, followed by your extended permissions (in your case, his email address).
nope. email is a so called extended permission. so you have to get the basic set of data of the user. (like: name, fbid, gender, locale).