From douglagm at gmail.com Tue Feb 2 09:55:21 2021 From: douglagm at gmail.com (Gregg Douglas) Date: Tue, 2 Feb 2021 11:55:21 +0200 Subject: [ZendTo] Drop-off Subject Line References: Message-ID: Hi, When a person that is external to the organization wants to Drop-off a file, I see the Subject cannot be edited. I noticed in the Change Log for Version 6.04-1 Beta Subject in new drop-off form can now only be edited if you are logged in. Is there a reason for this? Can this not be changed so that it is configurable in the config file? Regards Gregg -------------- next part -------------- An HTML attachment was scrubbed... URL: From douglagm at gmail.com Tue Feb 2 10:06:04 2021 From: douglagm at gmail.com (Gregg Douglas) Date: Tue, 2 Feb 2021 12:06:04 +0200 Subject: [ZendTo] autorequest API assistance References: Message-ID: Hi, With external users unable to edit the Subject line when doing a Drop-off, I thought of using the "autorequest" script as it has the option to add a Subject. However, I keep on getting an error: {"status":"error","error":"request error: The end time you set has already passed. Use the Back button in your browser to go back and fix this error before trying again."} I get the error even if I exclude the "expirydatetime" as in the documentation example. Here is the command I am running with the "expirydatetime" option: ./autorequest --username 'apiuser' --password 'apipsw' --sendername 'test' --senderemail 'xxx' --senderorg 'Test Org' --subject 'Test Subject' --recipientname 'Gregg' --recipientemail 'xxxx' --expirydatetime '2021-02-03 00:00:00' --note 'This is a note' https://xxxxxx/ Here is the command I am running without the "expirydatetime" option: ./autorequest --username 'apiuser' --password 'apipsw' --sendername 'test' --senderemail 'xxx' --senderorg 'Test Org' --subject 'Test Subject' --recipientname 'Gregg' --recipientemail 'xxxx' --note 'This is a note' https://xxxxxx/ I am note sure what I am doing wrong here? Regards Gregg -------------- next part -------------- An HTML attachment was scrubbed... URL: From Jules at Zend.To Tue Feb 2 10:46:22 2021 From: Jules at Zend.To (Jules) Date: Tue, 2 Feb 2021 10:46:22 +0000 Subject: [ZendTo] Drop-off Subject Line In-Reply-To: References: Message-ID: Gregg, Allowing outsiders to edit the Subject line is risky. Did you know that you can (or certainly could in the past, I've done it myself) actually embed an entire attachment in the Subject line of an email? The most famous email app that would decode these successfully was Outlook Express, but I wouldn't guarantee there aren't others out there that can still do it. So allowing anyone in the world to edit the subject line would be allowing a route in for viruses that hardly any virus scanners will ever detect. I never found one that could spot it, except for my own MailScanner (which I spent 12 years writing and supporting). Cheers, Jules. On Tue 02/02/21 09:55, Gregg Douglas via ZendTo wrote: > Hi, > > When a person that is external to the organization wants to Drop-off a > file, I see the Subject cannot be edited. > > I noticed in the Change Log for Version 6.04-1 Beta > > Subject in new drop-off form can now only be edited if you are > logged in. > > > Is there a reason for this? Can this not be changed so that it is > configurable in the config file? > > Regards > Gregg > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'The past is supposed to be a place of reference, not a place of residence! There is a reason why your car has a big windshield and a small rearview mirror. You are supposed to keep your eyes on where you are going, and just occasionally check out where you have been.' - Willie Jolley www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: From Jules at Zend.To Tue Feb 2 10:55:11 2021 From: Jules at Zend.To (Jules) Date: Tue, 2 Feb 2021 10:55:11 +0000 Subject: [ZendTo] autorequest API assistance In-Reply-To: References: Message-ID: <29234614-87cb-1d18-d486-3593394eabf9@Zend.To> Gregg, You will probably need to specify the expirydatetime. The docs are a bit out of date, sorry! What happens if you provide the string '0' as the parameter for --expirydatetime? That error should only happen if PHP's strtotime() function cannot parse the time and date you entered. Which is puzzling as that format should be fine, and works for me. Can you double-check you've got the timezone set in your php.ini file? (search your php.ini files for "timezone" and you'll find it. If none of that helps, let me know and I'll go on a deeper hunt for you. Cheers, Jules. On Tue 02/02/21 10:06, Gregg Douglas via ZendTo wrote: > Hi, > > With external users unable to edit the Subject line when doing a > Drop-off, I thought of using the "autorequest" script as it has the > option to add a Subject. > > However, I keep on getting an error: > > {"status":"error","error":"request error: The end time you set has > already passed. Use the Back button in your browser to go back and > fix this error before trying again."} > > > I get the error even if I exclude the "expirydatetime" as in the > documentation example. > > Here is the command I am running with the "expirydatetime" option: > > ./autorequest --username 'apiuser' --password 'apipsw' > --sendername 'test' --senderemail 'xxx' --senderorg 'Test Org' > --subject 'Test Subject' --recipientname 'Gregg' --recipientemail > 'xxxx' --expirydatetime '2021-02-03 00:00:00' --note 'This is a > note' https://xxxxxx/ > > > ? Here is the command I am running without the "expirydatetime" option: > > ? ./autorequest --username 'apiuser' --password 'apipsw' > --sendername 'test' --senderemail 'xxx' --senderorg 'Test Org' > --subject 'Test Subject' --recipientname 'Gregg' --recipientemail > 'xxxx' --note 'This is a note' https://xxxxxx/ > > > I am note sure what I am doing wrong here? > > Regards > Gregg > > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'A butterfly that that lives forever, is not really a butterfly at all.' - Starfleet Commander Data www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: From Jules at Zend.To Wed Feb 17 12:27:19 2021 From: Jules at Zend.To (Jules) Date: Wed, 17 Feb 2021 12:27:19 +0000 Subject: [ZendTo] Single-use download links Message-ID: <483a7b56-49d7-5a68-2da6-b638baf66336@Zend.To> Folks, One site has asked me to add functionality to allow them to create drop-offs in which each file can only be downloaded once. Effectively "one-shot" download links. Once used, they would not be able to download the drop-off again. Unless the sender actively reset the "has it been used" status to give them another chance without involving lots of IT support people. Is this likely to be of use to anyone else out there? If so, what is your use case? Thanks! Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'Now I am become Death, the destroyer of worlds.' - J. Robert Oppenheimer www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: From MooreM10 at cardiff.ac.uk Wed Feb 17 17:35:58 2021 From: MooreM10 at cardiff.ac.uk (Matthew Moore) Date: Wed, 17 Feb 2021 17:35:58 +0000 Subject: [ZendTo] Single-use download links In-Reply-To: References: <483a7b56-49d7-5a68-2da6-b638baf66336@Zend.To>, Message-ID: Hi, I can imagine that some of our more security minded users who occasionally use ZendTo to send sensitive data would like to guarantee that it can only be seen once. So while I wouldn't say it's urgent, it would be nice and I can see people liking it. Thanks, Matthew Moore Please note I work 1200-1800 during Covid19. Senior Server Engineer and Team Leader University IT Service Cardiff University 42 Park Place Cardiff CF10 3BB Tel: +44 (0)29 2087 0867 Email: moorem10 at cardiff.ac.uk Matthew Moore Uwch Beiriannydd Gweinyddion ac Arweinydd T?m Gwasanaeth TG y Brifysgol Prifysgol Caerdydd 42 Plas y Parc Caerdydd CF10 3BB Ff?n : +44 (0)29 2087 0867 E-bost: moorem10 at cardiff.ac.uk ________________________________________ From: ZendTo on behalf of Jules via ZendTo Sent: 17 February 2021 12:27 To: ZendTo Users Cc: Jules Subject: [ZendTo] Single-use download links External email to Cardiff University - Take care when replying/opening attachments or links. Nid ebost mewnol o Brifysgol Caerdydd yw hwn - Cymerwch ofal wrth ateb/agor atodiadau neu ddolenni. Folks, One site has asked me to add functionality to allow them to create drop-offs in which each file can only be downloaded once. Effectively "one-shot" download links. Once used, they would not be able to download the drop-off again. Unless the sender actively reset the "has it been used" status to give them another chance without involving lots of IT support people. Is this likely to be of use to anyone else out there? If so, what is your use case? Thanks! Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'Now I am become Death, the destroyer of worlds.' - J. Robert Oppenheimer www.Zend.To Twitter: @JulesFM From john.thurston at alaska.gov Wed Feb 17 19:37:56 2021 From: john.thurston at alaska.gov (John Thurston) Date: Wed, 17 Feb 2021 10:37:56 -0900 Subject: [ZendTo] Single-use download links In-Reply-To: References: <483a7b56-49d7-5a68-2da6-b638baf66336@Zend.To> Message-ID: On 2/17/2021 3:27 AM, Jules via ZendTo wrote: > > > *CAUTION:* This email originated from outside the State of Alaska mail > system. Do not click links or open attachments unless you recognize the > sender and know the content is safe. > > Folks, > > One site has asked me to add functionality to allow them to create > drop-offs in which each file can only be downloaded once. > > Effectively "one-shot" download links. Meh. I can't see the use, but I can see it generating support calls. If you add it, *please* make the feature invisible unless explicitly enabled at the application-layer. re: value A 'download' count has to be incremented when the download process starts. The application-layer doesn't really know if the download succeeded. So a one-shot token will be burned, even if the payload wasn't delivered. Once a customer has a payload, it can be shared with anyone the recipient cares to. What's the point of limiting the number of times it can be pulled from the server? If the uploader wants to limit the number of downloads, the "file has been downloaded" mail message can be used to prompt manual deletion. re: support Every failed download of a one-shot is gonna tirgger a complaint when the URL doesn't work on the retry. Before someone recommends this feature, they should study their Apache log and see how often a single person restarts each download. I've looked in mine, and I won't be enabling this feature. -- Do things because you should, not just because you can. John Thurston 907-465-8591 John.Thurston at alaska.gov Department of Administration State of Alaska From mike at bluechime.com Wed Feb 17 20:12:11 2021 From: mike at bluechime.com (Mike Carroll) Date: Wed, 17 Feb 2021 20:12:11 +0000 (UTC) Subject: [ZendTo] Version 6.07-1 Request Pickup Date Incorrect In-Reply-To: <346192206.184.1613567069876.JavaMail.zimbra@bluechime.com> References: <346192206.184.1613567069876.JavaMail.zimbra@bluechime.com> <633035851.230.1613592729988.JavaMail.zimbra@bluechime.com> Message-ID: As a follow up on this. I have fixed the issue by deleting *.file.request.tpl.php in the /var/zendto/templates_c directory. It was recreated dynamically on the next requested dropoff and is now working correctly. Thanks, Mike From: "Mike Carroll" To: "zendto" Sent: Wednesday, February 17, 2021 8:04:29 AM Subject: Version 6.07-1 Request Pickup Date Incorrect Running version 6.07-1 and the pickup date on the request email is incorrect. When generating the request the default date has the correct start and end date/time. The recipient gets the following; This is a request from xxxxxxxxxxxxxxxxxxxxxxxxxxxx. * Please click on the link below and drop off the file or files I have requested. * The link is only valid from 5665-02-17 16 :13:56 to 5665-02-24 16 :13:56. * After that time it will automatically expire. When they try to pickup it up from the link they get; Your Request Code cannot be used yet. Please wait for 1330944 days and 8 hours, until 5665-02-17 16:13:56. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Jules at Zend.To Thu Feb 18 09:14:20 2021 From: Jules at Zend.To (Jules) Date: Thu, 18 Feb 2021 09:14:20 +0000 Subject: [ZendTo] Single-use download links In-Reply-To: References: <483a7b56-49d7-5a68-2da6-b638baf66336@Zend.To> Message-ID: John, Thanks for that, it is very helpful. See below for comments in-line... On Wed 17/02/21 19:37, John Thurston via ZendTo wrote: > On 2/17/2021 3:27 AM, Jules via ZendTo wrote: >> ??????? >> >> *CAUTION:* This email originated from outside the State of Alaska >> mail system. Do not click links or open attachments unless you >> recognize the sender and know the content is safe. >> >> Folks, >> >> One site has asked me to add functionality to allow them to create >> drop-offs in which each file can only be downloaded once. >> >> Effectively "one-shot" download links. > > Meh. I can't see the use, but I can see it generating support calls. > If you add it, *please* make the feature invisible unless explicitly > enabled at the application-layer. There will be a show.... preferences.php setting to enable and disable it. > > re: value > A 'download' count has to be incremented when the download process > starts. The application-layer doesn't really know if the download > succeeded. So a one-shot token will be burned, even if the payload > wasn't delivered. I was going to set the "it's been downloaded" flag when ZendTo thinks the download process is complete. So if the user's download fails to start or break part-way through, that doesn't count as being downloaded. I'm literally going to put the "set the flag" code immediately before ZendTo logs that the file has been downloaded. > > Once a customer has a payload, it can be shared with anyone the > recipient cares to. What's the point of limiting the number of times > it can be pulled from the server? Agreed, but it stops any 3rd party who manages to get hold of the ClaimID and Passcode from easily getting their own copy. Yes, the recipient can choose to share it. But if a "bad actor" gains access, finding a copy will be a whole lot harder for them. > > If the uploader wants to limit the number of downloads, the "file has > been downloaded" mail message can be used to prompt manual deletion. Indeed it can. > > re: support > Every failed download of a one-shot is gonna tirgger a complaint when > the URL doesn't work on the retry. The sender can use the "Resend Drop-off" button via their ZendTo Outbox to reset the "has it been downloaded" flags. That's communicated to the sender when they create the drop-off. > Before someone recommends this feature, they should study their Apache > log and see how often a single person restarts each download. I've > looked in mine, and I won't be enabling this feature. I entirely agree here. I'm hoping that not setting the "it's been downloaded" flag until ZendTo is as confident as it can be that the download has completed, will reduce the failure count. But you are spot-on that any site using this feature needs to accept that there is going to be a certain support cost that goes along with it. I'm trying my very best to minimise that support cost, but there is no way to reduce it to 0. The site that initially requested this were fully accepting of this cost. Cheers, Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'A committee is a group of the unwilling, chosen from the unfit, to do the unnecessary.' - Anon www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: From Jules at Zend.To Thu Feb 18 09:16:40 2021 From: Jules at Zend.To (Jules) Date: Thu, 18 Feb 2021 09:16:40 +0000 Subject: [ZendTo] Version 6.07-1 Request Pickup Date Incorrect In-Reply-To: References: <346192206.184.1613567069876.JavaMail.zimbra@bluechime.com> <633035851.230.1613592729988.JavaMail.zimbra@bluechime.com> Message-ID: 1.3 million days is probably a bit too long to wait. :-) At any time, without stopping or restarting anything, you can safely ?????? sudo rm -f /var/zendto/templates_c/*.php to flush that cache. It will automatically rebuild itself without the users noticing. Cheers, Jules. On Wed 17/02/21 20:12, Mike Carroll via ZendTo wrote: > As a follow up on this. I have fixed the issue by deleting > *.file.request.tpl.php in the /var/zendto/templates_c directory. It > was recreated dynamically on the next requested dropoff and is now > working correctly.? > > Thanks, > Mike > > > ------------------------------------------------------------------------ > *From: *"Mike Carroll" > *To: *"zendto" > *Sent: *Wednesday, February 17, 2021 8:04:29 AM > *Subject: *Version 6.07-1 Request Pickup Date Incorrect > > Running version 6.07-1 and the pickup date on the request email is > incorrect. When generating the request the default date has the > correct start and end date/time.? The recipient gets the following; > > This is a request from xxxxxxxxxxxxxxxxxxxxxxxxxxxx. > > * Please click on the link below and drop off the file or files I > have requested. > * The link is only valid from? 5665-02-17 16:13:56 to? 5665-02-24 > 16:13:56. > * After that time it will automatically expire. > > > When they try to pickup it up from the link they get; > > Your Request Code cannot be used yet. > Please wait for 1330944 days and 8 hours, until 5665-02-17 16:13:56. > > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'We have an asset out of containment.' - Jurassic World www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: From nresults at comcast.net Thu Feb 18 18:44:06 2021 From: nresults at comcast.net (Jose M. Sanchez) Date: Thu, 18 Feb 2021 13:44:06 -0500 Subject: [ZendTo] Update SSL CA certificates In-Reply-To: References: <346192206.184.1613567069876.JavaMail.zimbra@bluechime.com> <633035851.230.1613592729988.JavaMail.zimbra@bluechime.com> Message-ID: Hi I am running Zendto 5.19.1 on a public facing Debian server. I need to update or replace the CA issued wildcard certificate for my server. I would like to keep all of the customizations I currently have so I?m wary about running the installer again. Is there a published procedure for upgrading or replacing the certificates? Thank you! -JMS Sent from Mail for Windows 10 -------------- next part -------------- An HTML attachment was scrubbed... URL: From Massimo.Forni at turboden.it Thu Feb 18 19:38:38 2021 From: Massimo.Forni at turboden.it (Massimo Forni) Date: Thu, 18 Feb 2021 19:38:38 +0000 Subject: [ZendTo] Update SSL CA certificates In-Reply-To: References: <346192206.184.1613567069876.JavaMail.zimbra@bluechime.com> <633035851.230.1613592729988.JavaMail.zimbra@bluechime.com> , Message-ID: Hi, I think you need to ask that to your system administrator or any company that supports you, the CA and all other SSL related inquiry do not depends on Send to but on the web server (usually apache or nginx) Nevertheless changing the SSL certificate or it's CA does not impact on any Send to customization, configuration nor content (keeping in mind that with an invalid SSL certs you won't be able to access ZendTo) Regards Get Outlook for Android ________________________________ From: ZendTo on behalf of Jose M. Sanchez via ZendTo Sent: Thursday, February 18, 2021 7:44:06 PM To: ZendTo Users Cc: Jose M. Sanchez Subject: [ZendTo] Update SSL CA certificates Hi I am running Zendto 5.19.1 on a public facing Debian server. I need to update or replace the CA issued wildcard certificate for my server. I would like to keep all of the customizations I currently have so I?m wary about running the installer again. Is there a published procedure for upgrading or replacing the certificates? Thank you! -JMS Sent from Mail for Windows 10 -- Massimo Forni ICT Infrastructure Manager Mobile: +393474110278 ________________________________ Turboden S.p.A. I via Cernaia 10 I 25124 Brescia I Italy t. +39 030 3552001 I f. +39 030 3552011 www.turboden.com Confidentiality notice: this message, together with its attachments, may contain strictly confidential and/or legally privileged information and it is destined solely to the intended addressee(s), who only may use it under his/their responsibility. Opinions, conclusions and other information contained in this message, that do not relate to the official business of this firm, shall be considered as not given or endorsed by it. If you have received this communication in error, please notify us immediately by responding to this email and then delete it from your system. Any use, disclosure, copying or distribution of the contents of this communication by a not-intended recipient or in violation of the purposes of this communication is strictly prohibited and may be unlawful. -------------- next part -------------- An HTML attachment was scrubbed... URL: From nresults at comcast.net Thu Feb 18 20:01:32 2021 From: nresults at comcast.net (Net Results) Date: Thu, 18 Feb 2021 15:01:32 -0500 Subject: [ZendTo] Update SSL CA certificates In-Reply-To: References: Message-ID: Hah... I am the admin. I need to install the updated certificates. The last time I did this was three years ago and don?t remember how. What is the web server for zendto? Apache? The zendto web site says to use the installer which apparently does effect customizations according to the documentation. Sent from my portable device. > On Feb 18, 2021, at 2:43 PM, Massimo Forni wrote: > > ? > Hi, I think you need to ask that to your system administrator or any company that supports you, the CA and all other SSL related inquiry do not depends on Send to but on the web server (usually apache or nginx) > Nevertheless changing the SSL certificate or it's CA does not impact on any Send to customization, configuration nor content (keeping in mind that with an invalid SSL certs you won't be able to access ZendTo) > > Regards > > Get Outlook for Android > > From: ZendTo on behalf of Jose M. Sanchez via ZendTo > Sent: Thursday, February 18, 2021 7:44:06 PM > To: ZendTo Users > Cc: Jose M. Sanchez > Subject: [ZendTo] Update SSL CA certificates > > Hi > > I am running Zendto 5.19.1 on a public facing Debian server. > > I need to update or replace the CA issued wildcard certificate for my server. > > I would like to keep all of the customizations I currently have so I?m wary about running the installer again. > > Is there a published procedure for upgrading or replacing the certificates? > > Thank you! > > -JMS > > Sent from Mail for Windows 10 > > -- > > Massimo Forni > ICT Infrastructure Manager > > Mobile: +393474110278 > > Turboden S.p.A. I via Cernaia 10 I 25124 Brescia I Italy > t. +39 030 3552001 I f. +39 030 3552011 > www.turboden.com > > > Confidentiality notice: this message, together with its attachments, may contain strictly confidential and/or legally privileged information and it is destined solely to the intended addressee(s), who only may use it under his/their responsibility. Opinions, conclusions and other information contained in this message, that do not relate to the official business of this firm, shall be considered as not given or endorsed by it. If you have received this communication in error, please notify us immediately by responding to this email and then delete it from your system. Any use, disclosure, copying or distribution of the contents of this communication by a not-intended recipient or in violation of the purposes of this communication is strictly prohibited and may be unlawful. -------------- next part -------------- An HTML attachment was scrubbed... URL: From zend.to at neilzone.co.uk Thu Feb 18 20:28:53 2021 From: zend.to at neilzone.co.uk (zend.to at neilzone.co.uk) Date: Thu, 18 Feb 2021 20:28:53 +0000 Subject: [ZendTo] Update SSL CA certificates In-Reply-To: References: Message-ID: > On 18 Feb 2021, at 20:01, Net Results via ZendTo wrote: > > What is the web server for zendto? Apache? > Yes. Do you plan on using Lets Encrypt, or something else? If it?s just installing a purchased certificate, I?d have thought it?s a case of copying it to where you want it, then checking the reference in your apache config file (potentially /etc/apache2/sites-avaiable/001-zendto-ssl.conf ). You?ll probably need to reload, perhaps even restart, apache2. Best wishes Neil __________ -------------- next part -------------- An HTML attachment was scrubbed... URL: From nresults at comcast.net Thu Feb 18 20:47:46 2021 From: nresults at comcast.net (Net Results) Date: Thu, 18 Feb 2021 15:47:46 -0500 Subject: [ZendTo] Update SSL CA certificates In-Reply-To: References: <2EF7570F-ACAC-4939-8F61-C131BF177384@comcast.net> Message-ID: Great thanks! You pointed me in the right direction. That is what I needed. Thanks again! Sent from my portable device. > On Feb 18, 2021, at 3:29 PM, zend.to at neilzone.co.uk wrote: > > ? > >> On 18 Feb 2021, at 20:01, Net Results via ZendTo wrote: >> >> What is the web server for zendto? Apache? >> > Yes. > > Do you plan on using Lets Encrypt, or something else? > > If it?s just installing a purchased certificate, I?d have thought it?s a case of copying it to where you want it, then checking the reference in your apache config file (potentially /etc/apache2/sites-avaiable/001-zendto-ssl.conf ). > > You?ll probably need to reload, perhaps even restart, apache2. > > Best wishes > > > Neil > > __________ > -------------- next part -------------- An HTML attachment was scrubbed... URL: From d.metral at bmi-system.com Tue Feb 23 15:06:42 2021 From: d.metral at bmi-system.com (Didier METRAL) Date: Tue, 23 Feb 2021 16:06:42 +0100 Subject: [ZendTo] SAML displayName attribute and Google References: Message-ID: Hello, We just installed ZendTo in my company but we're facing a "problem" : We can't set displayName We are using Google for SAML authentification and Google can send user first name and last name but not in one attribute. The only attributes we can set in SamlAttributesMap are mail, uid displayName and Organization. Is there a way to use First Name and Last Name to generate displayName ? Regards, *Didier METRAL* -------------- next part -------------- An HTML attachment was scrubbed... URL: From MDeerr at hshlawyers.com Tue Feb 23 17:28:13 2021 From: MDeerr at hshlawyers.com (Marlon Deerr) Date: Tue, 23 Feb 2021 17:28:13 +0000 Subject: [ZendTo] Formatting of System Logs page is off References: <9c166abe57cd4cb6afda37b77b4a0b86@HSH-MAIL.HSH.local> Message-ID: Hello, I am logged into my ZendTo setup as an administrator. When I click on the (red) "System Log", button to view logs, I am able to see the logs but the formatting of that page is off. It's almost as if there are no carriage returns at the end of lines and it just runs on to the far right. I have to scroll over to see everything. Is there no way to keep the formatting within the visible browser windows, or better yet, between the white background area on that page? Thanks, Marlon -------------- next part -------------- An HTML attachment was scrubbed... URL: From Jules at Zend.To Wed Feb 24 09:47:44 2021 From: Jules at Zend.To (Jules) Date: Wed, 24 Feb 2021 09:47:44 +0000 Subject: [ZendTo] Formatting of System Logs page is off In-Reply-To: References: <9c166abe57cd4cb6afda37b77b4a0b86@HSH-MAIL.HSH.local> Message-ID: Marlon, I did it this way on purpose. It is far easier and faster to read logs when the date and time (and other details like that) are the only thing at the left-hand side. One of the first things I do in a Terminal window when searching logs by eye is to make the window wide enough to minimise line-wrapping, as that really slows me down. The "System Log" page is definitely designed for "function" and not for "form". You can scroll horizontally with your mouse in most OS-es by holding down the Shift key while scrolling the mouse wheel. To make horizontal scrolling even easier and quicker, get a mouse with a horizontal scroll control. I use the Logitech MX Master series, but I'm sure there are others around that are much cheaper. If your logs are of any size, the "System Log" view from within ZendTo will be too restrictive anyway as it only shows 1000 lines. At which point you want to read the original log file anyway, which is stored at ?????? /var/log/zendto/zendto.log at which point you can use whatever tools you like to view and search it. Cheers, Jules. P.S. In a former life, I was an email Postmaster. Mail logs tend to run to multiple millions of lines per day. So when searching a vague time period for something when you're not sure exactly what you're looking for, you learn ways of scanning logs by eye *very* quickly. Log lines word-wrapping in a window is a sure way to slow yourself down. On Tue 23/02/21 17:28, Marlon Deerr via ZendTo wrote: > > Hello, > > ? > > I am logged into my ZendTo setup as an administrator. When I click on > the (red) ???System Log???, button to view logs, I am able to see the > logs but the formatting of that page is off.?? It???s almost as if > there are no carriage returns at the end of lines and it just runs on > to the far right. I have to scroll over to see everything.? > > ? > > Is there no way to keep the formatting within the visible browser > windows, or better yet, between the white background area on that page? > > ? > > Thanks, > > Marlon > > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'If you think it's expensive to hire a professional, Wait until you hire an amateur' - Red Adair www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: From Jules at Zend.To Wed Feb 24 10:03:37 2021 From: Jules at Zend.To (Jules) Date: Wed, 24 Feb 2021 10:03:37 +0000 Subject: [ZendTo] SAML displayName attribute and Google In-Reply-To: References: Message-ID: <1bb9b691-8c50-2f30-f788-fe29e29dc5f9@Zend.To> Hi Didier, Please can you send me exactly what your preferences.php setting for 'samlAttributesMap' looks like at the moment? I don't know what the Google attributes map would look like, so would like to see the syntax to ensure that whatever solution I end up with does actually work with Google! And what are the "right-hand-side" values in that map that would give you the first name and last name? I'm thinking of a syntax where you could put something like 'displayName' => 'http://schemas.microsoft.com/identity/claims/forename + http://schemas.microsoft.com/identity/claims/familyname', in the map. Then my code would concatenate the 2 with a single space in between. Would that work as a solution? Cheers, Jules. On Tue 23/02/21 15:06, Didier METRAL via ZendTo wrote: > Hello, > > We just installed ZendTo in my company but we're facing a "problem" : > We can't set displayName > We are using Google for SAML authentification and Google can send user > first name and last name but not in one attribute. > The only attributes we can set in SamlAttributesMap are mail, uid > displayName and Organization. > Is there a way to use First Name and Last Name to generate displayName ? > > Regards, > > *Didier METRAL* > > > _______________________________________________ > ZendTo mailing list > ZendTo at zend.to > http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'Always do sober what you said you'd do drunk. That will teach you to keep your mouth shut.' - Ernest Hemingway www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: From d.metral at bmi-system.com Wed Feb 24 11:19:37 2021 From: d.metral at bmi-system.com (Didier METRAL) Date: Wed, 24 Feb 2021 12:19:37 +0100 Subject: [ZendTo] SAML displayName attribute and Google In-Reply-To: References: <1bb9b691-8c50-2f30-f788-fe29e29dc5f9@Zend.To> Message-ID: Hi, In Google we must set attribute mapping so we can send the good name for attribute. Here is the mapping we set in Google : [image: image.png] Here is the extract of the preferences.php file : 'samlAttributesMap' => array( 'mail' => 'mail', 'uid' => 'uid', 'displayName' => 'fname', 'organization' => 'My company'), If we could use a syntaxe like " 'fname + lname'" it should be OK (must have a space between fname and lname ;) ) Regards, -- Didier M?tral Le mer. 24 f?vr. 2021 ? 11:03, Jules a ?crit : > Hi Didier, > > Please can you send me exactly what your preferences.php setting for > 'samlAttributesMap' looks like at the moment? > I don't know what the Google attributes map would look like, so would like > to see the syntax to ensure that whatever solution I end up with does > actually work with Google! > > And what are the "right-hand-side" values in that map that would give you > the first name and last name? > > I'm thinking of a syntax where you could put something like > 'displayName' => 'http://schemas.microsoft.com/identity/claims/forename + > http://schemas.microsoft.com/identity/claims/familyname', > in the map. Then my code would concatenate the 2 with a single space in > between. > > Would that work as a solution? > > Cheers, > Jules. > > On Tue 23/02/21 15:06, Didier METRAL via ZendTo wrote: > > Hello, > > We just installed ZendTo in my company but we're facing a "problem" : We > can't set displayName > We are using Google for SAML authentification and Google can send user > first name and last name but not in one attribute. > The only attributes we can set in SamlAttributesMap are mail, uid > displayName and Organization. > Is there a way to use First Name and Last Name to generate displayName ? > > Regards, > > *Didier METRAL* > > _______________________________________________ > ZendTo mailing listZendTo at zend.tohttp://jul.es/mailman/listinfo/zendto > > > Jules > > -- > Julian Field MEng CEng CITP MBCS MIEEE MACM > > 'Always do sober what you said you'd do drunk. That will teach you > to keep your mouth shut.' - Ernest Hemingway > www.Zend.To > Twitter: @JulesFM > > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image.png Type: image/png Size: 36568 bytes Desc: not available URL: From Jules at Zend.To Wed Feb 24 12:19:11 2021 From: Jules at Zend.To (Jules) Date: Wed, 24 Feb 2021 12:19:11 +0000 Subject: [ZendTo] SAML displayName attribute and Google In-Reply-To: References: <1bb9b691-8c50-2f30-f788-fe29e29dc5f9@Zend.To> Message-ID: <4e9fee16-a7f4-a553-2bab-384227480d2b@Zend.To> Didier, I've made the syntax a little bit more clever, in that the spaces either side of the "+" are optional, it will just ignore any whitespace either side of any "+". And just like with the normal attribute values any text that isn't a valid attribute name will just be inserted as is (like 'My company' is in your example. So theoretically you could have ????? 'displayName' => 'fname + lname + (user)', And it would show displayName to be 'Didier Metral (user)'. Why you might want to do that, not a clue. And you probably don't want to. But you can... :) I've just tested it, and my code appears to work nicely. This will be in the next beta release for you. So then you'll be able to use ?? 'samlAttributesMap' => array( ?????? 'mail' => 'mail', ?????? 'uid' => 'uid', *?????? 'displayName' => 'fname+lname',* ?????? 'organization' => 'My company'), and it should work how you expect. Cheers, Jules. On Wed 24/02/21 11:19, Didier METRAL wrote: > Hi, > > In Google we must set attribute mapping so we can send the good name > for attribute. > Here is the mapping we set in Google : > image.png > > Here is the extract of the? preferences.php????file : > ?? 'samlAttributesMap' => array( > ?? ?? 'mail' => 'mail', > ?? ?? 'uid' => 'uid', > ?? ?? 'displayName' => 'fname', > ?? ?? 'organization' => 'My company'), > > If we could use a syntaxe like " 'fname + lname'" it should be OK > (must have a space between fname and lname ;) )? > > Regards, > -- > Didier M??tral > > > Le??mer. 24 f??vr. 2021 ????11:03, Jules > a ??crit??: > > Hi Didier, > > Please can you send me exactly what your preferences.php setting > for 'samlAttributesMap' looks like at the moment? > I don't know what the Google attributes map would look like, so > would like to see the syntax to ensure that whatever solution I > end up with does actually work with Google! > > And what are the "right-hand-side" values in that map that would > give you the first name and last name? > > I'm thinking of a syntax where you could put something like > 'displayName' => > 'http://schemas.microsoft.com/identity/claims/forename > + > http://schemas.microsoft.com/identity/claims/familyname > ', > in the map. Then my code would concatenate the 2 with a single > space in between. > > Would that work as a solution? > > Cheers, > Jules. > > On Tue 23/02/21 15:06, Didier METRAL via ZendTo wrote: >> Hello, >> >> We just installed ZendTo in my company but we're facing a >> "problem" : We can't set displayName >> We are using Google for SAML authentification and Google can send >> user first name and last name but not in one attribute. >> The only attributes we can set in SamlAttributesMap are mail, uid >> displayName and Organization. >> Is there a way to use First Name and Last Name to generate >> displayName ? >> >> Regards, >> >> *Didier METRAL* >> >> >> _______________________________________________ >> ZendTo mailing list >> ZendTo at zend.to >> http://jul.es/mailman/listinfo/zendto > > Jules > > -- > Julian Field MEng CEng CITP MBCS MIEEE MACM > > 'Always do sober what you said you'd do drunk. That will teach you > to keep your mouth shut.' - Ernest Hemingway > > www.Zend.To > Twitter: @JulesFM > Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'Is the Holocaust an aberration, or a reflection of who we really are?' - Holocaust Museum, Berlin www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image.png Type: image/png Size: 36568 bytes Desc: not available URL: From MDeerr at hshlawyers.com Wed Feb 24 13:52:28 2021 From: MDeerr at hshlawyers.com (Marlon Deerr) Date: Wed, 24 Feb 2021 13:52:28 +0000 Subject: [ZendTo] Formatting of System Logs page is off In-Reply-To: References: <9c166abe57cd4cb6afda37b77b4a0b86@HSH-MAIL.HSH.local> <2285b0bb62b24df6a0eb9622ae55c898@HSH-MAIL.HSH.local> Message-ID: Thanks Jules. You make perfect sense and your suggestion to use the Shift+ mouse scroll wheel actually addresses my concern. So much easier than having to manually drag the scroll bar across. I?ll use your suggested method moving forward. Thanks, Marlon From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Jules via ZendTo Sent: Wednesday, February 24, 2021 4:48 AM To: Marlon Deerr via ZendTo Cc: Jules Subject: Re: [ZendTo] Formatting of System Logs page is off Marlon, I did it this way on purpose. It is far easier and faster to read logs when the date and time (and other details like that) are the only thing at the left-hand side. One of the first things I do in a Terminal window when searching logs by eye is to make the window wide enough to minimise line-wrapping, as that really slows me down. The "System Log" page is definitely designed for "function" and not for "form". You can scroll horizontally with your mouse in most OS-es by holding down the Shift key while scrolling the mouse wheel. To make horizontal scrolling even easier and quicker, get a mouse with a horizontal scroll control. I use the Logitech MX Master series, but I'm sure there are others around that are much cheaper. If your logs are of any size, the "System Log" view from within ZendTo will be too restrictive anyway as it only shows 1000 lines. At which point you want to read the original log file anyway, which is stored at /var/log/zendto/zendto.log at which point you can use whatever tools you like to view and search it. Cheers, Jules. P.S. In a former life, I was an email Postmaster. Mail logs tend to run to multiple millions of lines per day. So when searching a vague time period for something when you're not sure exactly what you're looking for, you learn ways of scanning logs by eye *very* quickly. Log lines word-wrapping in a window is a sure way to slow yourself down. On Tue 23/02/21 17:28, Marlon Deerr via ZendTo wrote: Hello, I am logged into my ZendTo setup as an administrator. When I click on the (red) ?System Log?, button to view logs, I am able to see the logs but the formatting of that page is off. It?s almost as if there are no carriage returns at the end of lines and it just runs on to the far right. I have to scroll over to see everything. Is there no way to keep the formatting within the visible browser windows, or better yet, between the white background area on that page? Thanks, Marlon _______________________________________________ ZendTo mailing list ZendTo at zend.to http://jul.es/mailman/listinfo/zendto Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'If you think it's expensive to hire a professional, Wait until you hire an amateur' - Red Adair www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: From d.metral at bmi-system.com Wed Feb 24 14:29:19 2021 From: d.metral at bmi-system.com (Didier METRAL) Date: Wed, 24 Feb 2021 15:29:19 +0100 Subject: [ZendTo] SAML displayName attribute and Google In-Reply-To: References: <1bb9b691-8c50-2f30-f788-fe29e29dc5f9@Zend.To> <4e9fee16-a7f4-a553-2bab-384227480d2b@Zend.To> Message-ID: Thanks a lot. I'll wait for the next beta ;) Didier M?tral Le mer. 24 f?vr. 2021 ? 13:19, Jules a ?crit : > Didier, > > I've made the syntax a little bit more clever, in that the spaces either > side of the "+" are optional, it will just ignore any whitespace either > side of any "+". And just like with the normal attribute values any text > that isn't a valid attribute name will just be inserted as is (like 'My > company' is in your example. > > So theoretically you could have > 'displayName' => 'fname + lname + (user)', > And it would show displayName to be 'Didier Metral (user)'. > Why you might want to do that, not a clue. And you probably don't want to. > But you can... :) > > I've just tested it, and my code appears to work nicely. > This will be in the next beta release for you. > > So then you'll be able to use > 'samlAttributesMap' => array( > 'mail' => 'mail', > 'uid' => 'uid', > * 'displayName' => 'fname+lname',* > 'organization' => 'My company'), > and it should work how you expect. > > Cheers, > Jules. > > On Wed 24/02/21 11:19, Didier METRAL wrote: > > Hi, > > In Google we must set attribute mapping so we can send the good name for > attribute. > Here is the mapping we set in Google : > [image: image.png] > > Here is the extract of the preferences.php file : > 'samlAttributesMap' => array( > 'mail' => 'mail', > 'uid' => 'uid', > 'displayName' => 'fname', > 'organization' => 'My company'), > > If we could use a syntaxe like " 'fname + lname'" it should be OK (must > have a space between fname and lname ;) ) > > Regards, > -- > Didier M?tral > > > Le mer. 24 f?vr. 2021 ? 11:03, Jules a ?crit : > >> Hi Didier, >> >> Please can you send me exactly what your preferences.php setting for >> 'samlAttributesMap' looks like at the moment? >> I don't know what the Google attributes map would look like, so would >> like to see the syntax to ensure that whatever solution I end up with does >> actually work with Google! >> >> And what are the "right-hand-side" values in that map that would give you >> the first name and last name? >> >> I'm thinking of a syntax where you could put something like >> 'displayName' => 'http://schemas.microsoft.com/identity/claims/forename >> + http://schemas.microsoft.com/identity/claims/familyname', >> in the map. Then my code would concatenate the 2 with a single space in >> between. >> >> Would that work as a solution? >> >> Cheers, >> Jules. >> >> On Tue 23/02/21 15:06, Didier METRAL via ZendTo wrote: >> >> Hello, >> >> We just installed ZendTo in my company but we're facing a "problem" : We >> can't set displayName >> We are using Google for SAML authentification and Google can send user >> first name and last name but not in one attribute. >> The only attributes we can set in SamlAttributesMap are mail, uid >> displayName and Organization. >> Is there a way to use First Name and Last Name to generate displayName ? >> >> Regards, >> >> *Didier METRAL* >> >> _______________________________________________ >> ZendTo mailing listZendTo at zend.tohttp://jul.es/mailman/listinfo/zendto >> >> >> Jules >> >> -- >> Julian Field MEng CEng CITP MBCS MIEEE MACM >> >> 'Always do sober what you said you'd do drunk. That will teach you >> to keep your mouth shut.' - Ernest Hemingway >> www.Zend.To >> Twitter: @JulesFM >> >> > Jules > > -- > Julian Field MEng CEng CITP MBCS MIEEE MACM > > 'Is the Holocaust an aberration, or a reflection of who we really are?' > - Holocaust Museum, Berlin > www.Zend.To > Twitter: @JulesFM > > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image.png Type: image/png Size: 36568 bytes Desc: not available URL: From Jules at Zend.To Thu Feb 25 12:20:38 2021 From: Jules at Zend.To (Jules) Date: Thu, 25 Feb 2021 12:20:38 +0000 Subject: [ZendTo] SAML displayName attribute and Google In-Reply-To: References: <1bb9b691-8c50-2f30-f788-fe29e29dc5f9@Zend.To> <4e9fee16-a7f4-a553-2bab-384227480d2b@Zend.To> Message-ID: <7dc6aaa5-dca7-7239-2e89-809ec81ec236@Zend.To> Didier, I have just published a new beta, 6.08-6, which should include the feature you need. Cheers, Jules. On Wed 24/02/21 14:29, Didier METRAL wrote: > Thanks a lot. > I'll wait for the next beta ;) > > Didier M??tral > > > Le??mer. 24 f??vr. 2021 ????13:19, Jules > a ??crit??: > > Didier, > > I've made the syntax a little bit more clever, in that the spaces > either side of the "+" are optional, it will just ignore any > whitespace either side of any "+". And just like with the normal > attribute values any text that isn't a valid attribute name will > just be inserted as is (like 'My company' is in your example. > > So theoretically you could have > ????? 'displayName' => 'fname + lname + (user)', > And it would show displayName to be 'Didier Metral (user)'. > Why you might want to do that, not a clue. And you probably don't > want to. But you can... :) > > I've just tested it, and my code appears to work nicely. > This will be in the next beta release for you. > > So then you'll be able to use > ?? 'samlAttributesMap' => array( > ?????? 'mail' => 'mail', > ?????? 'uid' => 'uid', > *?????? 'displayName' => 'fname+lname',* > ?????? 'organization' => 'My company'), > and it should work how you expect. > > Cheers, > Jules. > > On Wed 24/02/21 11:19, Didier METRAL wrote: >> Hi, >> >> In Google we must set attribute mapping so we can send the good >> name for attribute. >> Here is the mapping we set in Google : >> image.png >> >> Here is the extract of the?? preferences.php????file : >> ?? 'samlAttributesMap' => array( >> ?? ?? 'mail' => 'mail', >> ?? ?? 'uid' => 'uid', >> ?? ?? 'displayName' => 'fname', >> ?? ?? 'organization' => 'My company'), >> >> If we could use a syntaxe like " 'fname + lname'" it should be OK >> (must have a space between fname and lname ;) )? >> >> Regards, >> -- >> Didier M??tral >> >> >> Le??mer. 24 f??vr. 2021 ????11:03, Jules > > a ??crit??: >> >> Hi Didier, >> >> Please can you send me exactly what your preferences.php >> setting for 'samlAttributesMap' looks like at the moment? >> I don't know what the Google attributes map would look like, >> so would like to see the syntax to ensure that whatever >> solution I end up with does actually work with Google! >> >> And what are the "right-hand-side" values in that map that >> would give you the first name and last name? >> >> I'm thinking of a syntax where you could put something like >> 'displayName' => >> 'http://schemas.microsoft.com/identity/claims/forename >> + >> http://schemas.microsoft.com/identity/claims/familyname >> ', >> in the map. Then my code would concatenate the 2 with a >> single space in between. >> >> Would that work as a solution? >> >> Cheers, >> Jules. >> >> On Tue 23/02/21 15:06, Didier METRAL via ZendTo wrote: >>> Hello, >>> >>> We just installed ZendTo in my company but we're facing a >>> "problem" : We can't set displayName >>> We are using Google for SAML authentification and Google can >>> send user first name and last name but not in one attribute. >>> The only attributes we can set in SamlAttributesMap are >>> mail, uid displayName and Organization. >>> Is there a way to use First Name and Last Name to generate >>> displayName ? >>> >>> Regards, >>> >>> *Didier METRAL* >>> >>> >>> _______________________________________________ >>> ZendTo mailing list >>> ZendTo at zend.to >>> http://jul.es/mailman/listinfo/zendto >> >> Jules >> >> -- >> Julian Field MEng CEng CITP MBCS MIEEE MACM >> >> 'Always do sober what you said you'd do drunk. That will teach you >> to keep your mouth shut.' - Ernest Hemingway >> >> www.Zend.To >> Twitter: @JulesFM >> > > Jules > > -- > Julian Field MEng CEng CITP MBCS MIEEE MACM > > 'Is the Holocaust an aberration, or a reflection of who we really are?' > - Holocaust Museum, Berlin > > www.Zend.To > Twitter: @JulesFM > Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'There have been nearly 3000 Gods so far but only yours actually exists. The others are silly made up nonsense. But not yours. Yours is real.' - Anon www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image.png Type: image/png Size: 36568 bytes Desc: not available URL: From Jules at Zend.To Thu Feb 25 15:22:20 2021 From: Jules at Zend.To (Jules) Date: Thu, 25 Feb 2021 15:22:20 +0000 Subject: [ZendTo] SAML displayName attribute and Google In-Reply-To: References: <1bb9b691-8c50-2f30-f788-fe29e29dc5f9@Zend.To> <4e9fee16-a7f4-a553-2bab-384227480d2b@Zend.To> Message-ID: <6b0d3ae0-fe52-0eb1-0555-0dba098db962@Zend.To> Didier, After a few mistakes in 6.08-6, I've just released 6.08-7 which looks a lot nicer. Cheers, Jules. On Wed 24/02/21 14:29, Didier METRAL wrote: > Thanks a lot. > I'll wait for the next beta ;) > > Didier M??tral > > > Le??mer. 24 f??vr. 2021 ????13:19, Jules > a ??crit??: > > Didier, > > I've made the syntax a little bit more clever, in that the spaces > either side of the "+" are optional, it will just ignore any > whitespace either side of any "+". And just like with the normal > attribute values any text that isn't a valid attribute name will > just be inserted as is (like 'My company' is in your example. > > So theoretically you could have > ????? 'displayName' => 'fname + lname + (user)', > And it would show displayName to be 'Didier Metral (user)'. > Why you might want to do that, not a clue. And you probably don't > want to. But you can... :) > > I've just tested it, and my code appears to work nicely. > This will be in the next beta release for you. > > So then you'll be able to use > ?? 'samlAttributesMap' => array( > ?????? 'mail' => 'mail', > ?????? 'uid' => 'uid', > *?????? 'displayName' => 'fname+lname',* > ?????? 'organization' => 'My company'), > and it should work how you expect. > > Cheers, > Jules. > > On Wed 24/02/21 11:19, Didier METRAL wrote: >> Hi, >> >> In Google we must set attribute mapping so we can send the good >> name for attribute. >> Here is the mapping we set in Google : >> image.png >> >> Here is the extract of the?? preferences.php????file : >> ?? 'samlAttributesMap' => array( >> ?? ?? 'mail' => 'mail', >> ?? ?? 'uid' => 'uid', >> ?? ?? 'displayName' => 'fname', >> ?? ?? 'organization' => 'My company'), >> >> If we could use a syntaxe like " 'fname + lname'" it should be OK >> (must have a space between fname and lname ;) )? >> >> Regards, >> -- >> Didier M??tral >> >> >> Le??mer. 24 f??vr. 2021 ????11:03, Jules > > a ??crit??: >> >> Hi Didier, >> >> Please can you send me exactly what your preferences.php >> setting for 'samlAttributesMap' looks like at the moment? >> I don't know what the Google attributes map would look like, >> so would like to see the syntax to ensure that whatever >> solution I end up with does actually work with Google! >> >> And what are the "right-hand-side" values in that map that >> would give you the first name and last name? >> >> I'm thinking of a syntax where you could put something like >> 'displayName' => >> 'http://schemas.microsoft.com/identity/claims/forename >> + >> http://schemas.microsoft.com/identity/claims/familyname >> ', >> in the map. Then my code would concatenate the 2 with a >> single space in between. >> >> Would that work as a solution? >> >> Cheers, >> Jules. >> >> On Tue 23/02/21 15:06, Didier METRAL via ZendTo wrote: >>> Hello, >>> >>> We just installed ZendTo in my company but we're facing a >>> "problem" : We can't set displayName >>> We are using Google for SAML authentification and Google can >>> send user first name and last name but not in one attribute. >>> The only attributes we can set in SamlAttributesMap are >>> mail, uid displayName and Organization. >>> Is there a way to use First Name and Last Name to generate >>> displayName ? >>> >>> Regards, >>> >>> *Didier METRAL* >>> >>> >>> _______________________________________________ >>> ZendTo mailing list >>> ZendTo at zend.to >>> http://jul.es/mailman/listinfo/zendto >> >> Jules >> >> -- >> Julian Field MEng CEng CITP MBCS MIEEE MACM >> >> 'Always do sober what you said you'd do drunk. That will teach you >> to keep your mouth shut.' - Ernest Hemingway >> >> www.Zend.To >> Twitter: @JulesFM >> > > Jules > > -- > Julian Field MEng CEng CITP MBCS MIEEE MACM > > 'Is the Holocaust an aberration, or a reflection of who we really are?' > - Holocaust Museum, Berlin > > www.Zend.To > Twitter: @JulesFM > Jules -- Julian Field MEng CEng CITP MBCS MIEEE MACM 'Teach a man to reason, and he will think for a lifetime.' - Phil Plait www.Zend.To Twitter: @JulesFM -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image.png Type: image/png Size: 36568 bytes Desc: not available URL: From d.metral at bmi-system.com Thu Feb 25 16:24:27 2021 From: d.metral at bmi-system.com (Didier METRAL) Date: Thu, 25 Feb 2021 17:24:27 +0100 Subject: [ZendTo] SAML displayName attribute and Google In-Reply-To: References: <1bb9b691-8c50-2f30-f788-fe29e29dc5f9@Zend.To> <4e9fee16-a7f4-a553-2bab-384227480d2b@Zend.To> <6b0d3ae0-fe52-0eb1-0555-0dba098db962@Zend.To> Message-ID: Thanks, I just installed the last beta and it's working working as expected. Didier M?tral Le jeu. 25 f?vr. 2021 ? 16:22, Jules a ?crit : > Didier, > > After a few mistakes in 6.08-6, I've just released 6.08-7 which looks a > lot nicer. > > Cheers, > Jules. > > On Wed 24/02/21 14:29, Didier METRAL wrote: > > Thanks a lot. > I'll wait for the next beta ;) > > Didier M?tral > > > Le mer. 24 f?vr. 2021 ? 13:19, Jules a ?crit : > >> Didier, >> >> I've made the syntax a little bit more clever, in that the spaces either >> side of the "+" are optional, it will just ignore any whitespace either >> side of any "+". And just like with the normal attribute values any text >> that isn't a valid attribute name will just be inserted as is (like 'My >> company' is in your example. >> >> So theoretically you could have >> 'displayName' => 'fname + lname + (user)', >> And it would show displayName to be 'Didier Metral (user)'. >> Why you might want to do that, not a clue. And you probably don't want >> to. But you can... :) >> >> I've just tested it, and my code appears to work nicely. >> This will be in the next beta release for you. >> >> So then you'll be able to use >> 'samlAttributesMap' => array( >> 'mail' => 'mail', >> 'uid' => 'uid', >> * 'displayName' => 'fname+lname',* >> 'organization' => 'My company'), >> and it should work how you expect. >> >> Cheers, >> Jules. >> >> On Wed 24/02/21 11:19, Didier METRAL wrote: >> >> Hi, >> >> In Google we must set attribute mapping so we can send the good name for >> attribute. >> Here is the mapping we set in Google : >> [image: image.png] >> >> Here is the extract of the preferences.php file : >> 'samlAttributesMap' => array( >> 'mail' => 'mail', >> 'uid' => 'uid', >> 'displayName' => 'fname', >> 'organization' => 'My company'), >> >> If we could use a syntaxe like " 'fname + lname'" it should be OK (must >> have a space between fname and lname ;) ) >> >> Regards, >> -- >> Didier M?tral >> >> >> Le mer. 24 f?vr. 2021 ? 11:03, Jules a ?crit : >> >>> Hi Didier, >>> >>> Please can you send me exactly what your preferences.php setting for >>> 'samlAttributesMap' looks like at the moment? >>> I don't know what the Google attributes map would look like, so would >>> like to see the syntax to ensure that whatever solution I end up with does >>> actually work with Google! >>> >>> And what are the "right-hand-side" values in that map that would give >>> you the first name and last name? >>> >>> I'm thinking of a syntax where you could put something like >>> 'displayName' => 'http://schemas.microsoft.com/identity/claims/forename >>> + http://schemas.microsoft.com/identity/claims/familyname', >>> in the map. Then my code would concatenate the 2 with a single space in >>> between. >>> >>> Would that work as a solution? >>> >>> Cheers, >>> Jules. >>> >>> On Tue 23/02/21 15:06, Didier METRAL via ZendTo wrote: >>> >>> Hello, >>> >>> We just installed ZendTo in my company but we're facing a "problem" : We >>> can't set displayName >>> We are using Google for SAML authentification and Google can send user >>> first name and last name but not in one attribute. >>> The only attributes we can set in SamlAttributesMap are mail, uid >>> displayName and Organization. >>> Is there a way to use First Name and Last Name to generate displayName ? >>> >>> Regards, >>> >>> *Didier METRAL* >>> >>> _______________________________________________ >>> ZendTo mailing listZendTo at zend.tohttp://jul.es/mailman/listinfo/zendto >>> >>> >>> Jules >>> >>> -- >>> Julian Field MEng CEng CITP MBCS MIEEE MACM >>> >>> 'Always do sober what you said you'd do drunk. That will teach you >>> to keep your mouth shut.' - Ernest Hemingway >>> www.Zend.To >>> Twitter: @JulesFM >>> >>> >> Jules >> >> -- >> Julian Field MEng CEng CITP MBCS MIEEE MACM >> >> 'Is the Holocaust an aberration, or a reflection of who we really are?' >> - Holocaust Museum, Berlin >> www.Zend.To >> Twitter: @JulesFM >> >> > Jules > > -- > Julian Field MEng CEng CITP MBCS MIEEE MACM > > 'Teach a man to reason, and he will think for a lifetime.' - Phil Plait > www.Zend.To > Twitter: @JulesFM > > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image.png Type: image/png Size: 36568 bytes Desc: not available URL: From ccaylor at ci.moscow.id.us Thu Feb 25 18:30:00 2021 From: ccaylor at ci.moscow.id.us (Chris Caylor) Date: Thu, 25 Feb 2021 18:30:00 +0000 Subject: [ZendTo] Linux newbie here - unable to send email to external email addresses. References: <10c9a100f3b94ad3b8a431858bb22349@ci.moscow.id.us> Message-ID: Hello all! New linux guy here and Zend.To is my second linux project to get going here at the city. I set up Zabbix monitoring a couple months ago and have those emails going out to our external email addresses so I know I'm doing some things right. And Zend.To I have internal emails going to internal users when I set it up to send with no authentication, and I have of course tried the exact same port, encryption TLS, and exchange account and password, and every other combo. I'm trying to work through the PHPmailer troubleshooting, but honestly a lot of it is over my head... Here is the error I get when SMTPdebug is active. 2021-02-24 23:59:28 SERVER -> CLIENT: 220 mailserver.my.domain Microsoft ESMTP MAIL Service ready at Wed, 24 Feb 2021 15:59:28 -0800 2021-02-24 23:59:28 CLIENT -> SERVER: EHLO zendtoserver.my.domain 2021-02-24 23:59:28 SERVER -> CLIENT: 250-mailserver.my.domain Hello [10.1.10.70]250-SIZE250-PIPELINING250-DSN250-ENHANCEDSTATUSCODES250-STARTTLS250-X-ANONYMOUSTLS250-AUTH NTLM250-X-EXPS GSSAPI NTLM250-8BITMIME250-BINARYMIME250-CHUNKING250-XEXCH50250-XRDST250 XSHADOWREQUEST 2021-02-24 23:59:28 CLIENT -> SERVER: STARTTLS 2021-02-24 23:59:28 SERVER -> CLIENT: 220 2.0.0 SMTP server ready SMTP Error: Could not connect to SMTP host. 2021-02-24 23:59:28 CLIENT -> SERVER: QUIT 2021-02-24 23:59:28 SERVER -> CLIENT: 2021-02-24 23:59:28 SMTP ERROR: QUIT command failed: SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting Thanks for your time! Chris -------------- next part -------------- An HTML attachment was scrubbed... URL: