w3hello.com logo
Home PHP C# C++ Android Java Javascript Python IOS SQL HTML videos Categories
Docusign API - "This Account lacks sufficient permissions"
how long ago did you create your DocuSign demo account? If it was created before April 2013 then this error might be due to the Embedding functionality you've mentioned and we would have to enable this option for you from DocuSign's side. If you've created this account April or later then that option should be turned on your account, and you might be having an issue with your authentication. Are you using the SOAP api or the REST api? They have different authentication methods between the two. Also, please post your API account ID so we can check your account settings. Feel free to email me if you don't want to share (ergin.dervisoglu@docusign) One last thing... please start using DocuSignAPI tag when you post here. The DocuSign tag should be used for non-technical DocuSign quest

Categories : Api

WCF service Process.Start under network service account impersonating as a different user
I had to add a reference to AsproLock.dll and associated code in order to permit the user account to have access to the running resource. //The following security adjustments are necessary to give the new //process sufficient permission to run in the service's window station //and desktop. This uses classes from the AsproLock library also from //Asprosys. IntPtr hWinSta = NativeMethods.GetProcessWindowStation(); WindowStationSecurity ws = new WindowStationSecurity(hWinSta, System.Security.AccessControl.AccessControlSections.Access); ws.AddAccessRule(new WindowStationAccessRule(userPassDto.Usuario, WindowStationRights.AllAccess, System.Security.AccessControl.AccessControlType

Categories : C#

WCF service login and operation permissions
There are many possibilities how you could achieve this. You could use sessions and authenticate in the first call by passing username and password to the server. http://www.codeproject.com/Articles/188749/WCF-Sessions-Brief-Introduction Or you could (as you do in the example code) use the existing features and create a custom Username and Password validator on the server. This example is quite nice: http://msdn.microsoft.com/en-us/library/aa702565.aspx You can then check the role in the actual implementation.

Categories : C#

Do I have to create an Account, Merchant Account, or just a customer to Credit a Balanced Bank Account?
Your workflow is correct. The Customer resource abstracts away from you the pain the Account resource had when dealing with underwriting a merchant. Underwriting is required as part of the KYC (Know Your Customer) operation requirements Balanced needs to follow. Each Customer has an attribute named is_identity_verified where you can know if the Customer's identity was verified. Ideally you want to make sure the identity is verified for each Customer to which you will be crediting. While you can still perform credits (I believe up to a certain limit) to Customers whose identity is not verified, you run the risk of increased fraud and there may eventually be consequences to your marketplace. Also, feel free to stop by #balanced on IRC. You'll probably get much faster answers to your questi

Categories : Misc

How do you set read/write permissions in a VS2010 windows service installer?
Permissions for services is determined by the account that is set to run the service. For this issue, the account was set to LOCAL SERVICE. By changing to LOCAL SYSTEM, the issue was resolved. This can be accomplished by looking at this article and scrolling down to To create the installers for your service The LocalService account acts as a non-privileged user on the local computer, and presents anonymous credentials to any remote server. Use the other accounts with caution, as they run with higher privileges and increase your risk of attacks from malicious code.

Categories : Visual Studio 2010

How to control database permissions for website running under NETWORK SERVICE?
NT AUTHORITYNETWORK SERVICE is not mapped in Sql Server. You have to do it by yourself. Network Service impersonates the computer account when trying to connect to an off-box resource. Granting permissions to DOMAINServername$ does generally work. Once the Sql Server mapping is created, you control permissions as for every others accounts. It's pretty the same. Personnaly, I think it's not a good practice to mix integrated security & network service because it's a built-in account. It's probably ok for a lot of environments but you don't have a high degree of security. For example, if many web sites accessing the db are deployed in a Web Farm, you will completely loose control of permissions. It's also painfull to manage. You have two options to avoid this : Use a sql authenticati

Categories : Asp Net

Add excel macro from service account
psubsee2003, thx for the reaction... In the end I solved the problem like this: The excel file: I created an excel file that has no data in it and one macro The macro runs only when there is data in the sheet (if cell x = empty then exit sub) The macro sets print ranges correct The service: Service opens the excel file Adds the data Service saves a copy of the original file (meaning the original file stays untouched)

Categories : C#

EWS Search Calendar with Service Account
I had to give the service a value for ImpersonatedUserId: // Connect to Exchange Web Services service = new ExchangeService(ExchangeVersion.Exchange2010_SP1); service.Credentials = new WebCredentials("svc_user", "svc_password", "domain"); service.AutodiscoverUrl("user@domain"); service.ImpersonatedUserId = new ImpersonatedUserID(ConnectingIdType.SmtpAddres, "user@domain"); //Return count ItemView view = new ItemView(10); view.PropertySet = new PropertySet(BasePropertySet.IdOnly); FindItemsResults<Item> findResults = service.FindItems(WellKnownFolderName.Calendar, view); MessageBox.Show(findResults.Count().ToString()); My assumption was that by running Autodiscover on the user's store, the impersonati

Categories : C#

Getting 401 uploading file into a table with a service account
You are most likely sending duplicate content-type headers to the Google API. I don't have the capability to effortlessly make a request to Google BigQuery to test, but I'd start with removing the headers property of your options object to request(). Remove this: headers: { 'Content-Type': 'multipart/related' }, The Node.js request module automatically detects that you have passed in a multipart array, and it adds the appropriate content-type header. If you provide your own content-type header, you most likely end up with a "duplicate" one, which does not contain the multipart boundary. If you modify your code slightly to print out the actual headers sent: var req = request({...}, function(..) {...}); console.log(req.headers); You should see something like this for your origin

Categories : Node Js

Google Coordinate OAuth2 with Service Account
Service accounts cannot be used with the Coordinate API. [this is because the Coordinate API requires authenticated API users to have a Coordinate license, but it is not possible to attach a Coordinate license to a service account] You can use the web server flow instead, please find the sample below. Make sure to update the code below, where there are comments containing "TO UPDATE". using System; using System.Diagnostics; using System.Collections.Generic; using DotNetOpenAuth.OAuth2; using Google.Apis.Authentication.OAuth2; using Google.Apis.Authentication.OAuth2.DotNetOpenAuth; using Google.Apis.Coordinate.v1; using Google.Apis.Coordinate.v1.Data; namespace Google.Apis.Samples.CoordinateOAuth2 { /// <summary> /// This sample demonstrates the simplest use case

Categories : C#

Scribe support for google service account
http://beansgocrazy.blogspot.hk/2012/08/google-oauth-2-with-scribe-on-android.html This is what you are looking for, because I was stuck in their old OAuth 1.0 example.

Categories : Misc

Using a Service Account, getAccessToken() is returning null
For some reason, this seemed to work: require_once 'google-api-php-client/src/Google_Client.php'; const CLIENT_ID = 'blahblahblah'; const SERVICE_ACCOUNT_NAME = 'blahblahblah@developer.gserviceaccount.com'; const KEY_FILE = 'path/to/privatekey.p12'; const CALENDAR_SCOPE = "https://www.googleapis.com/auth/calendar"; $key = file_get_contents(KEY_FILE); $auth = new Google_AssertionCredentials( SERVICE_ACCOUNT_NAME, array(CALENDAR_SCOPE), $key ); $client = new Google_Client(); $client->setScopes(array(CALENDAR_SCOPE)); $client->setAssertionCredentials($auth); $client->getAuth()->refreshTokenWithAssertion(); $accessToken = $client->getAccessToken(); $client->setClientId(CLIENT_ID); If someone can explain why this worked, please edit this answer or comment!

Categories : PHP

Google's Service Account OAuth2 in C#.NET for URL Shortener API
In my opinion you should read proper Google page. Some part of it: Every request your application sends to the Google URL Shortener API needs to identify your application to Google. There are two ways to identify your application: using an OAuth 2.0 token (which also authorizes the request) and/or using the application's API key. Acquiring and using an API key Requests to the Google URL Shortener API for public data must be accompanied by an identifier, which can be an API key or an auth token. To acquire an API key, visit the APIs Console. In the Services pane, activate the Google URL Shortener API; if the Terms of Service appear, read and accept them. Next, go to the API Access pane. The API key is near the bottom of that pane, in the section titled

Categories : C#

Getting AccessTokenRefreshError: invalid_grant in Google API fro service account
I'm interface Google Drive but found the same error. In Issue 160 there is a report of setting the appropriate time on your local computer. Ever since I upgraded to Mac Mavericks I found that the I need to keep updating my system time. I was getting your reported error, set my system time back to current and I eliminated the error.

Categories : Misc

How do I access a Google Spreadsheet from App Engine using a Service Account?
I use the builtin Service Account of the App Engine application rather than creating my own; this way the private key is save (not stored locally, only on app engine). For Drive: protected Drive createDriveService() throws BookingSheetException { HttpTransport httpTransport = new NetHttpTransport(); JsonFactory jsonFactory = new JacksonFactory(); GoogleClientRequestInitializer keyInitializer = new CommonGoogleClientRequestInitializer(API_KEY); AppIdentityCredential credential = new AppIdentityCredential.Builder(Arrays.asList(DriveScopes.DRIVE)).build(); Drive service = new Drive.Builder(httpTransport, jsonFactory, null) .setHttpRequestInitializer(credential) .setGoogleClientRequestInitializer(keyInitialize

Categories : Java

SQL Job reverts run as identity to SQL Server Agent Service Account
Is proxy you were using to run SSIS packages is set to default? You can default the proxy to run SSIS package while defining job steps using @proxy_name like - EXEC msdb.dbo.sp_add_jobstep @job_id=@jobId, @step_name=N'SSISPackageCall', @step_id=1, @cmdexec_success_code=0, @on_success_action=1, @on_success_step_id=0, @on_fail_action=2, @on_fail_step_id=0, @retry_attempts=0, @retry_interval=0, @os_run_priority=0, @subsystem=N'SSIS', @command=N'/FILE "C:Package.dtsx" /CHECKPOINTING OFF /REPORTING E', @database_name=N'master', @flags=0, @proxy_name = N'SSISProxyDemo';

Categories : Sql Server

How to access an Android Emulated device (AVD) from service account for CI?
AVD is searching for the devices under its ANDROID_SDK_HOME by default, which points to %HOME%. You can probably make jenkins find your existing devices configurations by creating a ANDROID_SDK_HOME jenkins environment variable pointing to your C:UsersmyUserAccount. However I find this a bit brittle and I would probably have made both your user and jenkins use a third party location (e.g. D:JenkinsDataAVD) to store those files.

Categories : Android

Authenticating a Google Drive service account owned by a Django app?
Here's sample app of integrating Django with OAuth2. You especially want to take a look at this file where it saves user credential using Storage class. There is also a documentation with better explanation about how OAuth flow with Storage works in Django. To answer your question, you would want to define credential at Django user profile in order to save it easily associated with users. Also, your OAuth flow (creating auth url and authenticating) works at view.

Categories : Django

invalid_grant error with Google Cloud Storage and Service Account
This error was due to an incorrect Service Account ID. I was using the Client ID (ending in .apps.googleusercontent.com) instead of the email address (ending in @developer.gserviceaccount.com). There is no problem with the email address.

Categories : Java

Powershell Service Account Password Change Logon Failure
I suspect that your password probably has at least one character that has special meaning in an interpolated string. Try single-quoting: $password='password' In general, it's a better habit to use single quotes by default, and only use double quotes when you specifically want to interpolate something. BTW, also verify that you're using the correct service name. You need to use the Name property not the DisplayName. Try gwmi win32_service -filter "name='MyService'" at the prompt and make sure that doesn't return an error. It's probably the single vs. double quoting issue, though.

Categories : Powershell

Google Admin API using Oauth2 for a Service Account (Education Edition) - 403 Error
This should be of help: https://developers.google.com/drive/delegation When asserting the credentials you need to connect it to the user that is going to be changed. From the link above, note this section: credentials = SignedJwtAssertionCredentials(SERVICE_ACCOUNT_EMAIL, key, scope='https://www.googleapis.com/auth/drive', sub=user_email)

Categories : Python

Google app engine service account to start Cloud Compute instances
You can certainly do this. Here is a Python demo: https://github.com/GoogleCloudPlatform/compute-appengine-demo-suite-python/blob/master/demo-suite/demos/fractal/main.py

Categories : Google App Engine

Unable to register SPN in windows 2008R2 to create SPN for SQL Server 2012 service account
Since the service runs as network service, I believe the account name will need to be the machine name. Tristan shows something similar in his blog at http://blogs.technet.com/b/tristank/archive/2006/05/08/spns-r-fn.aspx. His example is for HTTP but you should be able to change it to MSSQLSvc: For an App Pool running as NetworkService on the default port: SETSPN -A HTTP/intranetweb syd-inet-web01 (that last part's the machine name)

Categories : Sql Server

Invalid Response Error when Retrieving Google Analytics Data with a Service Account in C# .NET
Try following one using System.Security.Cryptography.X509Certificates; using DotNetOpenAuth.OAuth2; using Google.Apis.Analytics.v3; using Google.Apis.Analytics.v3.Data; using Google.Apis.Authentication.OAuth2; using Google.Apis.Authentication.OAuth2.DotNetOpenAuth; using Google.Apis.Services; private void TestMethod() { try { string scope_url = "https://www.googleapis.com/auth/analytics.readonly"; //client_id: This is the "Email Address" one, not the "Client ID" one... oddly... string client_id = "************-***********************@developer.gserviceaccount.com"; //key_file: This is the physical path to the key file you downloaded when you created your Service Account

Categories : C#

C# Privilege issues creating folders from Windows service running as Local System account.
You can use the logic that I found in this example public class Permissions { public void addPermissions(string dirName, string username) { changePermissions(dirName, username, AccessControlType.Allow); } public void revokePermissions(string dirName, string username) { changePermissions(dirName, username, AccessControlType.Deny); } private void changePermissions(string dirName, string username, AccessControlType newPermission) { DirectoryInfo myDirectoryInfo = new DirectoryInfo(dirName); DirectorySecurity myDirectorySecurity = myDirectoryInfo.GetAccessControl(); string user = System.Environment.UserDomainName + "\" + username; myDirectorySecurity.AddAccessRule(new FileSystemAccessRule( user,

Categories : C#

Received error "Not Authorized to access this resource/api" when trying to use Google Directory API and Service Account Authentication
Even though you're using a Service Account you still need to act on behalf of a Google Apps user in the instance that has the proper admin permissions. Try doing: credentials = SignedJwtAssertionCredentials( '<KEY>@developer.gserviceaccount.com', '<KEY DATA>', scope='https://www.googleapis.com/auth/apps.groups.settings https://www.googleapis.com/auth/admin.directory.group https://www.googleapis.com/auth/admin.directory.group.member', sub='super-admin@yourdomain.com' ) where super-admin@yourdomain.com is a super administrator in your Google Apps account.

Categories : Python

Why doesn't validating my SMTP server domain name and port work when running as a service under the local system account?
Have you tried running it from a console app vs. service at the same time? Also, could you test both approaches by making a series of requests to gather some statistics? The point is that it could help isolate the issue from different factors other than different OS users like various network issues etc. Feel free to give new details after doing that, if you'll be able to find out something new or intresting.

Categories : C#

FBSession.activeSession.permissions does not appear to accurately depict the valid granted permissions
If you were using iOS SDK 3.0, then this was due to a bug in the SDK. See the bug report for more details. Symptom summary: After authorizing user with openActiveSessionWithPermissions method, the sessions variable in callback method contains extended permissions that were not allowed by a user.

Categories : IOS

Be aware that the Local Service account is not supported for the SQL Server or SQL Server Agent services
That generally means (used to work for MSFT many moons ago) that any problem or issue that you may call Microsoft about when the service runs under the Local Service account will not be answered or handled by their support staff. Long story short, you're on your own when it comes to errors or other challenges. You're best off running the services under a domain account.

Categories : SQL

Google Drive Service Account Access on Google App Engine to Impersonate Users
I do not understand the user part of your code, bacause you use a Google App Engine project user account. See this doc on how to use and find this account. You can also fnd this account using : from google.appengine.api import app_identity logging.info('service account : ' + app_identity.get_service_account_name()) Make sure you have given this project user account access to your drive file or folder! My code looks like this : def createDriveService(): SCOPE = 'https://www.googleapis.com/auth/drive' API_KEY = 'AIzaSyB9UkK4OH5Z_E4v3Qp6bay6QEgGpzou3bc' # GAE credentials = AppAssertionCredentials(scope=SCOPE) logging.info('using service account : ' + app_identity.get_service_account_name()) http = credentials.authorize(httplib2.Http()) return build('drive',

Categories : Python

Trying to do a simple google drive API test using google's dot net library and service account
As it is a service account I don't believe it has its own 'Google Drive', service accounts exist to act on behalf of a user. To 'impersonate' the user whose files you wish to list, you need to pass a prn parameter when you generate the access token; Details can be found here if you scroll down to 'Additional Claims'; https://developers.google.com/accounts/docs/OAuth2ServiceAccount#formingclaimset It appears as though you can set the user via this; var _client = new AssertionFlowClient(GoogleAuthenticationServer.Description, certificate) { ServiceAccountId = SERVICE_ACCOUNT_EMAIL, Scope = DriveService.Scopes.Drive.GetStringValue(), ServiceAccountUser = "Name@Company.com" }; If you wish to log the HTTP interactions, I have f

Categories : Misc

Using Google Drive API with service account in Google Apps Engine python project with local debugging
Yes - you can use SignedJwtAssertionCredentials to connect to Google Services. I wrote code which do that at one time and it work great. Using that class is one problem. On GAE is provided PyCrypto library like you wrote but on local you must install it manually. GAE have his own changed version of this library so they didn't provide her source code. Second problem with that library is that she is compiled for specified machine which will use her. If you look in source code of that class you will see that she needs some dependencies to work. If they didn't meet the requirements of that class she will be not accessible from outside code. About problems with import in old and new dev_server i can't write anything because i don't know anything about that.

Categories : Google App Engine

Disable silent access to account in account manager from 3rd party apps
Ok so the answer is rather simple..The certificate matter! If those apps are signed with different certificates, the screen appears.

Categories : Android

How to set world permissions to be the same as group permissions?
From the chmod(1) man page (relevant parts extracted): -R Change the modes of the file hierarchies rooted in the files instead of just the files themselves. And: The symbolic mode is described by the following grammar: who ::= a | u | g | o op ::= + | - | = perm ::= r | s | t | w | x | X | u | g | o The who symbols "u", "g", and "o" specify the user, group, and other parts of the mode bits, respectively. The who symbol a is equivalent to ugo. The perm symbols represent the portions of the mode bits as follows: g The group permission bits in the original mode of the file. So for you: chmod -R o=g * Example: $ ls -l total 0 drwxr-x--- 2 carl staff 68 Jun 28 10:25 example.d -rw-r----- 1 carl staff 0 Jun 28 10

Categories : Bash

Do we have to have a real bank account for paypal developer's account?
1) Not a whole lot. In most cases people use Personal accounts in the sandbox as payer accounts, and use business accounts for seller accounts. You need a business account setup for things like Payment Pro, Payments Advanced, etc. 2) No, when you create your developer sandbox accounts they will get setup with a fake bank account and credit card number. 3) No, any transactions made in the sandbox are completely fake, but it does allow you to complete transactions all the way through so you can see the entire flow, and then also see what it looks like in each user's PayPal account. 4) Answered in #3. 5) Not exactly sure what you're asking here. Just login to http://developer.paypal.com and go into the Documentation section. Everything you need is in there.

Categories : Paypal

Account Activity and Account Usage access not working
I've been having the same problem, at it seems that IAM users are not allowed to see the account activity even if they have the permissions set. Found a mention of this problem on the amazon forum, see https://forums.aws.amazon.com/thread.jspa?threadID=86391 Update: I've since found that it can be done. As well as setting the required permissions to the user in IAM, you also need to enable that option within the main AWS account. Login using the main AWS credentials, and go to 'Manage your account'. On that page there is a section to do with enabling access to the account activity, make sure that both boxes are ticked and click the button to enable/activate these permissions. Once that has been done, IAM users will then be able to see the account activity.

Categories : Amazon

How do I change my Sandbox account into a live account?
Currently you are having PayPalMode,PayPalApiUsername,PayPalApiPassword,and PayPalApiSignature for test or sandbox mode. But to run on LIVE mode you need to again grab all the above mentioned details from the Real LIVE PayPal account. Do let us know the Payment method you are using ! I am assuming for DoDirect Payment Method. Just set PayPalMode = 'live';

Categories : Api

Remove my app from android account manager "add account"
As far as I understand, you do not want users to have multiple accounts of your service in a device. I see two options here: Manage if user has already added an account. When user navigates to Settings > Accounts > Add account and choose your service, you will check if there is any registered account on the device. If there is, reject the new authentication. Disable "myPackage.authenticator.AuthenticationService" right after user adds her first account (may not be safe), so that system (Settings app) will not be able to locate your service when it is parsing for authentication providers.

Categories : Android

AdMob account migration and AdSense account
As I understand, if you have failed to use AdSense on your account, you cannot use that e-mail address as your new Admob account. I faced the same issue and the following scenario succeeded: Create a new gmail account. Create a new admob account using that e-mail address. Link your new admob and legacy admob. (This is described on the new admob and google support pages) Import your data on legacy admob to the new admob. To be honest, I am reluctant to perform that last step because of the new policies of new admob: Payment methods are changed: As I understand, paypal is no longer a valid payment method. EFT and western union checks are valid forms of payment. To select the payment method, one has to reach $10 balance. More information may be required to select the payment meth

Categories : Android

How can I use one Windows account for ASP.Net impersonation, and a different windows account for a Sql Server trusted connection in the same app?
Ultimately I wanted to be sure that the same rules apply now, that Identity Impersonation on a web app will pass user credentials to a sql database using Windows AD authentication. Based on the comments above, that seems to be the case. Thanks everyone for their time, should any future readers see this Q&A and say "Eric's wrong and he's an idiot!", please feel free to correct me accordingly

Categories : Asp Net



© Copyright 2017 w3hello.com Publishing Limited. All rights reserved.