I am using the Microsoft Graph API to collect basic information about a user's meetings and emails. Now, I also want to know how many phone calls (and chats) a user has in Skype for Business and how long the phone calls are.
I realized that Outlook creates a folder 'Conversation History' where these are logged. Unfortunately, not all call entries contain the call duration. I didn't find out when it is there and when not. Does someone know why this is?
And is there a way to get Skype for Business call durations?
(I think using the Lync-API (UCMA) might be a bit of an overkill)
I would like this as well. I have added it to the suggestions page for Office 365. https://office365.uservoice.com/forums/273494-outlook-and-calendar/suggestions/13733040-call-duration-for-outgoing-calls-in-conversation-h
The best way is to use the Call detail recording (CDR) database (when enabled). You can find the CDR Scheme here.
Related
I have few questions concerning PayPal and Classic API. I have spent the last few days reading and experimenting with 1. Single PayPal Payment using variables and HTML post form. 2. Idem but for recurring/subscription payments. Even though I almost succeed to do most of what I want to accomplish, I still have few questions and grey zone I'd like to debunk.
Here it is:
Is it possible to use classic API, HTML form, PayPal variables and post a request to PayPal/Sandbox AND ONLY use credit card information, without having to log in PayPal or have a PayPal account? I never succeed and PayPal always block after you hit the PAY button, returning security codes error message or wrong card/account number etc.
If yes, how and where can I find a real code sample or demo for HTML/MVC-C#?
After a make a payment, I receive an invalid response which nothing happens, then, I receive a second IPN response and this one is verified etc. DO I really need to reply to PayPal/Sandbox to tell them everything is OK? If yes, is there info somewhere or code sample/demo I can see? MY point here is because i receive MANY hits on my IPN and I want to make sure I get the right response, make sure i don't DOUBLE subscribe etc..
Is there A GOOD MVC or C# IPN code sample somewhere? One I could read and analyse/take to handle most possible scenarios/errors/response code and what to do with them? not to copy and paste but something reliable I could adapt to my code.
I have succeeded to get a response to my IPN with a PayPal account only and I had to somehow hack security protocol using this instruction --> ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;//SecurityProtocolType.Tls1.2; and I also had to use ngrok to provide a 'valid' return URL. My question here is, Do I Need to remove that instruction when I go PROD?
Thank you so much in advance,
Mart.
Yes, but this is one of the reasons the question got voted down. You need to sign up for Payments Pro to do credit cards (or you could also use the REST API) and then you would use those specific APIs to process credit cards. The thing is, depending on what version of Pro you end up with or if you decide to go with REST, the APIs are different, so it's hard for anybody to tell you what to use at this point.
Yes, you need to POST back to PayPal to verify that the data actually came from them. This way you can trash any data where wannabe hackers are posting garbage to your IPN listener or anything else like that going on.
As long as your IPN script completes with a successful 200 response back from your server then PayPal will only send a single IPN. If you're getting multiples you must have a failure going on, in which case you'll need to troubleshoot that accordingly.
Yes, PayPal provides lots of sample code. This is another reason your question may have been voted down. It seems you have not taken the time to look into this stuff yourself. Go to http://developer.paypal.com and upon reviewing the APIs you'll find they provide SDKs for different languages. Each of those comes with samples, and their GitHub repos also include samples.
With a quick Google search you'll find loads of tutorials and samples as well, of course.
Within the developer site you'll also find the Integration Wizard, which will let you choose C#, choose the payment integration you want, and it will build it all for you so you can see how it works.
Then, when working on those samples or trying actual code, if you have specific problems / questions, you'd come here and post that specific issue with a code sample that you've tried. Then people here will be happy to help.
TLS 1.2 is a standard requirement for pretty much all web services now because of security vulnerabilities in SSLv3. If you have "hack" anything (outside of configuration files, maybe) then you're probably doing something unnecessary. All it would require is to ensure the software stack on your server not only supports TLS 1.2 HTTP requests, but also uses it by default.
Thank you for looking into this! My boss asked me about the following: We are in a library and we have online access to journals. When someone requests access to a journal, we log them on. If this has to be done for a whole class of students, it takes quite some time.
Let's assume we have a Csharp application. The application is in the C:/Program Files/ folder together with some kind of configuration file that contains the credentials and URLs and so forth. Since the files are in the C:/Program Files/ directory, a regular user will not have access to copy/manipulate any of the files. Using the CSharp SecureString class, the credentials would be safe. However, as soon as the application opens the browser and uses HttpWebRequest to send a POST request to log us in, the data would not be safe anymore.
Is this correct? A regular user can start an executable and could gain access to the POST data in the browser or can maybe impersonate the browser to get the POST request data.
If this is the case, I have two questions. The second one may be a question about opinions but the first one shouldn't be.
Is there any way to do what my boss wants me to do safely without ever giving anyone access to the credentials?
Is this a bad idea and should not be done at all?
I am also happy about "You should not do this, because..." answers, because this would also solve the problem for me if I can convince her of this.
Thank you!
Edit:
Sorry for the lack of information: Different accounts are used. Most of the time, it would be the student's own domain account. We also have a generic domain account we sometimes use in the library for classes to have the computers already logged in when the class arrives to speed things up. So this is a well known account. Of course entering the credentials in front of the patron as we do now is in no shape, way or form secure either.
It is a provably unsolvable problem. Since the user's machine, in your setup, needs to know the sensitive information, there is no way for you to prevent that machine's user from also knowing that sensitive information. The only way to prevent the user from accessing it is to ensure that the sensitive data is never on the client's machine.
Pretty much any "good" solution is going to require some sort of cooperation with the site in question, which you presumably won't have. Good solutions would involve having a server only you control (with the "real" credentials) log in, and then provide some sort of temporary token or session ID to the user to use for a period of time, and that would expire after a short while.
Another option is to never have the user directly access the site, but rather always access a server you control which will redirect all traffic (that you consider valid) over to the other system. While this is an option that would be possible without any cooperation from the 3rd party, it likely wouldn't be terribly trivial to implement.
First of all, I know the title sounds strange, but it is a valid and qualified requirement we have from one of our customers. What we hope to do is to show them just the record name and location (read only) of all records that were not displayed in their search results due to no access.
public class VisualWebPart1 : Microsoft.Office.Server.Search.WebControls.CoreResultsWebPart
{
protected override void ConfigureDataSourceProperties()
{
base.ConfigureDataSourceProperties();
CoreResultsDatasource ds = DataSource as CoreResultsDatasource;
if (ds.UserCredentials.ContainsKey(ds.Location))
ds.UserCredentials.Remove(ds.Location);
ds.UserCredentials.Add(ds.Location, new NetworkCredential("user", "password", "domain"));
}
}
Now, the first way we wanted to do this was by calling the FAST search web service directly using the search API. However, we wanted this to work seamlessly with the existing fast search centre, i.e. they can still use the existing search box, advanced search, etc. As we understand it, the API may not integrate well with URL based search queries unless we convert the query to FQL. We would rather not go down this path if there is an alternative such as the below;
We had an idea to extend the CoreResultsWebPart component to simply elevate the users privilages to an admin account temporarily while the search is executed. After decompiling and looking at the code for CoreResultsWebPart, I thought this would be super easy with the following code;
However, we were mistaken, this doesn't work at all. It's strange as looking through the code for CoreResultsWebPart, I don't see any other access control mechanism, what I mean is, I don't see anywhere where the user credentials are being handled except here in the data source (UserCredentials.) I'm sure the CoreResultsWebpart must be making a direct call to the web service but I have no idea where else the credentials are passed.
Any help would be greatly appreciated before we start looking at simply creating a custom web part. Even if it's to tell me we're on the wrong path!
Thanks!
Adrian
IF your RunWithElevatedPrivileges isn't passing the user token for the System Account you might want to attempt a WindowsIdentity impersonation similar to the link, you would have to have a fixed user/password for the searches but this is usually what you have to fallback to when talking about code impersonation.
I want to use PhoneCallTask for using some services from my cellular provider in other words I want to be able to dial #1234* within code
if this isn't available yet is there anyway to do that by any other way
I need it urgently
This is deliberately not available as part of the security considerations and principles designed into the phone.
If it were possible to get the response to such commands then it would be possible to get someones phone/cell and IMEI numbers without their knowledge or permission. With these you coudl do some very nefarious things.
If you really need this urgently then you're stuck. In future I'd recommend finding out what is possible with a platform before you starting building an application.
As you haven't included any code I'm going to assume that you've not tried anything yet.
So this code may help
PhoneCallTask phoneCallTask = new PhoneCallTask();
phoneCallTask.PhoneNumber = "#1234";
phoneCallTask.DisplayName = "Service Number";
phoneCallTask.Show();
I've not been able to try this to see if it works with that input, so it may be an issue with the "PhoneNumber" field if that does not work
EDIT:
Don't forget to add
using Microsoft.Phone.Tasks;
As far as I'm aware these are operations that are stored on the SIM card and have nothing to do with the layer of Windows Phone you have access to. In other words, the ISO standard (im guessing) for cellular interconnected devices will require a device to handle certain requests (such as typing *#06# to display the devices IMEI number). Thus it is likely that you will not be able to interact with these calls. You won't be able to make the phone think your App is making a request it knows can only come from the SIM card due to the way the OS sandboxes various services.
the company I work for want to use a "hosted payment form" to charge our customers. A question came up on how we can populate the "payment form" automatically with information from one of our other system. We have no control over the hosed payment form, and we have to use IE. Is this possible at all? And if so, how can this be done?
If something is unclear, please let me know...
Assuming that you are essentially embedding the contents of a remote form in a frame/iframe, the you should be able to use some javascript to set values for the fields - field.value = "xxxx".
That solution of course depends on the form remaining the same - any changes to the remote form will require you to update your script.
If you are "handing off" to a remote site (redirect) that post's back to your site when payment is complete, then unless the remote site offers an API / a way of passing request parameters through, then you are going to be out of luck,
Unless your payment gateway allows you to pass through data in a set API (which lots do!), you'd need to take control (and responsibility) for your payment form.
I say responsibility because you would have to prove to your merchant account provider that everything is secure. This will probably incur some security testing fees too.
So check with your merchant gateway first. Lots of systems have the means to accept data from your site and their tech support will be able to give you a straight answer immediately. Otherwise you'd have to switch it over so you process all the data yourself which, just for making things easier, isn't worth it IMO.