IBM MobileFirst™ Platform Foundation maintains a database table of device IDs, among other device-related metadata, to enable this feature. In addition to the device ID column in the database, a status column is also kept. The possible status values are:
active
lost
stolen
expired
disabled
After I enable the device management, I able to set the status to the respective device. If the device is marked as lost or stolen, can the device able to get the flag send from server and do some processing such as destroy JSON store when the device is online and the app is open? The server will return 404 or forbidden access, but the local JSONStore still consist of data. So we have to wipe off the local data too.
Thank You.
You should take a look at integrating with MaaS360. Specifically te Remote access control and wiping data section (link below). MaaS360 offers a simple integration for your IT admins to destroy all app data when a device is stolen or lost.
https://developer.ibm.com/mobilefirstplatform/documentation/integration-7-0/mobilefirst-protect/
Related
So I have an Azure Database and want to test extended events with the database.
I was able to set up my Blob Storage container and was able to get Extended Events via Azure Database to work as long as the Blob Storage network setting Public network access is set to Enabled from all networks. If I set Enabled from selected virtual networks and IP addresses and have Microsoft network routing checked as well as Resource type set with Microsoft.Sql/servers and its value as All In current subscription, it still doesn't work.
I'm not exactly sure what I'm doing wrong and I'm not able to find any documentation on how to make it work without opening up to all networks.
The error I'm getting is:
The target, "5B2DA06D-898A-43C8-9309-39BBBE93EBBD.package0.event_file", encountered a configuration error during initialization. Object cannot be added to the event session. (null) (Microsoft SQL Server, Error: 25602)
Edit - Steps to fix the issue
#Imran: Your answer led me to get everything working. The information you gave and the link provided was enough for me to figure it out.
However, for anyone in the future I want to give better instructions.
The first step I had to do was:
All I had to do was run Set-AzSqlServer -ResourceGroupName [ResourcegroupName] b -ServerName [AzureSQLServerName] -AssignIdentity.
This assigns the SQL Server an Azure Active Directory Identity. After running the above command, you can see your new identity in Azure Active Directory under Enterprise applicationsand then where you see theApplication type == Enterprise Applicationsheader, click the headerApplication type == Enterprise Applicationsand change it toManaged Identities`and click apply. You should see your new identity.
The next step is to give your new identity the role of Storage Blob Data Contributor to your container in Blob Storage. You will need to go to your new container and click Access Control (IAM) => Role assignments => click Add => Add Role assignment => Storage Blob Data Contributor => Managed identity => Select member => click your new identity and click select and then Review + assign
The last step is to get SQL Server to use an identity when connecting to `Blob Storage.
You do that by running the command below on your Azure SQL Server database.
CREATE DATABASE SCOPED CREDENTIAL [https://<mystorageaccountname>.blob.core.windows.net/<mystorageaccountcontainername>]
WITH IDENTITY = 'Managed Identity';
GO
You can see your new credentials when running
SELECT * FROM sys.database_scoped_credentials
The last thing I want to mention is when creating Extended Events with
an Azure SQL Server using SSMS, it gives you this link. This only works if you want your Blob Storage wide open. I think this is a disservice and wish they would have instructions when you want your Blob Storage not wide open by using RBAC instead of SAS.
I tried to reproduce the same in my environment I got the result successfully like below:
To resolve this issue, check whether your account type should be
StorageV2(general purpose v2). If you have a general-purpose v1 or blob storage account, try to upgrade like below.
In storage account -> under setting, configuration -> upgrade
Check whether you have choose Allow trusted Microsoft services to access this storage account under exception and I added firewall client Ip address range and vnet like below.
Make sure Microsoft.Authorization/roleAssignments/write permission in your storage account
After enabling firewall, we lose write access to the storage account and audit logs try to Resave the audit settings from the portal is required in order for auditing to function like below.
Note: Auditing to storage behind firewalls using user managed identity authentication type is not presently supported.
When I try to connect, I got result successfully like below:
Reference:
Configure extended events in SQL Azure to the blob storage with Private Endpoint - Microsoft Community Hub by Sakshi Gupta
I'm working on an app in my company office environment. My server environment is such that I have two servers, Server A consist of all the data, and Server B consist of only the API parameters.
When calling from external environment, I will type something like "http://115.36.45.8:Portno/api/Data/GetData" to enter Server B on Google Chrome, so as retrieve the information i want. Whenever I test from external environment, I uses my own mobile data instead of the office internal data network.
When I type my internal Ip address to test, the API seems working okay. I type something like this
http://192.168.52.2:Portno/api/Data/GetData. The information that I would like to retrieve was beautifully presented to me in the Chrome.
However, when I type the external address,"http://115.36.45.8:Portno/api/Data/GetData", this doesn't happen. No data. Chrome reflects, Error diconnect.
I did the following troubleshooting:
a) I asked my vendor to check the port whether it is open. Vendor telnet and it sure was working. In fact if it doesn't work, I probably won't get any data retrieve from internet address (http://192.168.52.2:Portno/api/Data/GetData).
b) I use my mobile phone my laptop using external data, I asked different vendor to try access, all couldn't enter from external environment.
c) My infra team, also checked that there is no firewall or Antivirus that may have blocked the path since telnet works.
Anyone can advise what can I do to find out why external environment cannot access my api? Appreciate it.
we have an existing production environment MFP7.1. We have decided to use authentication and session independence.
Now the problem is a handful of devices are now getting “Access Denied” I understand this is because the server does not recognize the device, but the server has not changed, what other instance would cause this problem.
These are people that already have the app deployed on their phones..
FWLSE0376E: JWS signed ClientId signature does not match the client ID [project sonepar] Seems to be the error on server.
The immediate resolution from a user perspective is to delete the app and reinstall it.
#tik27 You mention you "update the server with Session Independence and added adapter authentication code.", and this is enough to (in the lack of better terms) trigger an invalidation of the authentication session token between the server and the application.
Specifically, it also happened to a project I worked on when I went from unprotected adapters to protected ones, and the only solution I found was to reinstall the app.
I'm new to openfire. I have a chat application running nodejs. I have a separate Chat server with openfire installed.
I wanted to know how chat history for a chat group is handled?
How to progressively load chat history in the client from openfire server? Should I write a custom routine for the same ? Does Monitoring plugin provide any for the same
What is format is which chats are archived ? Is there a way to retrieve them in any given format ?
Are there any APIs that can be used to access the database ?(I doubt it tho)
I have installed Monitoring Plugin for the same. However I'm not able to find any documentation for openfire or monitoring plugin regarding chat history.
Any help would be much appreciated.
If you have installed the monitoring plugin, you can read in its readme file under the configuration paragraph the following content:
Chat archiving is enabled by default. However, only information about who is communicating and at what time is stored unless chat transcript archiving is enabled. To enable chat transcript archiving or group chat archiving, you will need to log into the admin console and go to:
Server --> Archiving --> Archiving Settings
To enable group chat archiving, you will need to log into the admin console
and go to: Server --> Archiving --> Archiving Settings and 'Message
Archiving' is enabled for either 'Archive one-to-one chats' and/or
'Archive group chats'.
Then the messages get stored in the external database table 'ofMessageArchive'.
The history can be further loaded from the database.
This might help you!
Please login to your server
Go to Plugins, find plugin "Monitoring Service" install/enable it if you have not enabled
Now go to the "Server" menu, go to "Archiving" then "Archiving Settings"
Check "Archive one-to-one chats"
Check "Archive group chats"
Now click on "Update Setting"
And then after most important is you need to click on "Rebuild Index" (last button in this setting screen).
Then send a messsage from your app, and check your database table "ofMessageArchive"
You will have magic :)
It's working for me, let's see it is working for you or not!
Answering to #3:
Chats are archived in following format in ofmessage archive table:
conversationID | fromJID | fromJIDResource | toJID | toJIDResource | sentDate | body |
I have a simple VB.net console application that displays the current user, waits for key input, and then exits. It uses the following call to display the information:
System.Security.Principal.WindowsIdentity.GetCurrent.Name.ToString()
If I create a remote app hosting this application, and create an azure user that has rights to run the remote app such as;
thisisa#test.onmicrosoft.com
When this user connects to the remote app the output of the line of code above would look something like;
YLSDAAYU0007\thisisa_000
Is there anyway of reading the user running the remoteapp at the time? in this case, I am looking to obtain thisisa#test.onmicrosoft.com ?
Catalin from the RemoteApp team here. You have stumbled across one of our implementation details here :)
Windows does not allow automatic login with Azure Active Directory (AAD) users: they only allow users that have Microsoft Accounts or domain accounts in case the collection is domain joined. We are working around this limitation by creating a local user on the VM and logging in with that user instead of the AAD user.
If you have any more questions about this, feel free to contact me: catalda @ microsoft com