Re: Updating tickets via email engine w/o clear text password
Geoff, he have not seen you in a while... What I did was a little sneeky, but it works.. Create an account that only hase access to the form it is submitting too. ensure that it can submit.. after the account is made-- let say it is toast --- and the password is burnt put burnt into the userform save it.. go to the database get the Encrypted hash and put that in the email as the password. or you could use the ar.conf to do the same thing.. Seems to work for me.. On 11/7/07, Geoffrey Endresen [EMAIL PROTECTED] wrote: Sorry, I just haven't spent enough time with this one. I'm trying to send an email to the AR System server to update a ticket. Sure, I can just create a filter on the AR System Email Message form that pushes the data to another form, but I assume that breaks licensing. What am I missing? People cannot really be sending emails to the AR System Server with clear text password? -- -Geoff Endresen Amazon.com ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are -- Patrick Zandi ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are
Re: Updating tickets via email engine w/o clear text password
While that could work, it doesn't seem to be very more secure, as I can still capture the hashed password and use that to login or send email requests. In the past one could login with the hashed password from the usertool, I'm not sure if that still works...lets hope not :) Hugo On Nov 8, 2007 5:26 PM, patrick zandi [EMAIL PROTECTED] wrote: ** Geoff, he have not seen you in a while... What I did was a little sneeky, but it works.. Create an account that only hase access to the form it is submitting too. ensure that it can submit.. after the account is made-- let say it is toast --- and the password is burnt put burnt into the userform save it.. go to the database get the Encrypted hash and put that in the email as the password. or you could use the ar.conf to do the same thing.. Seems to work for me.. On 11/7/07, Geoffrey Endresen [EMAIL PROTECTED] wrote: Sorry, I just haven't spent enough time with this one. I'm trying to send an email to the AR System server to update a ticket. Sure, I can just create a filter on the AR System Email Message form that pushes the data to another form, but I assume that breaks licensing. What am I missing? People cannot really be sending emails to the AR System Server with clear text password? -- -Geoff Endresen Amazon.com ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are -- Patrick Zandi __20060125___This posting was submitted with HTML in it___ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are
Re: Updating tickets via email engine w/o clear text password
roger =8^ o On 11/8/07, Jarl Grøneng [EMAIL PROTECTED] wrote: Pat, He has been busy drinking beer with me in Vancouver :-) -- Jarl On Nov 8, 2007 5:26 PM, patrick zandi [EMAIL PROTECTED] wrote: ** Geoff, he have not seen you in a while... What I did was a little sneeky, but it works.. Create an account that only hase access to the form it is submitting too. ensure that it can submit.. after the account is made-- let say it is toast --- and the password is burnt put burnt into the userform save it.. go to the database get the Encrypted hash and put that in the email as the password. or you could use the ar.conf to do the same thing.. Seems to work for me.. On 11/7/07, Geoffrey Endresen [EMAIL PROTECTED] wrote: Sorry, I just haven't spent enough time with this one. I'm trying to send an email to the AR System server to update a ticket. Sure, I can just create a filter on the AR System Email Message form that pushes the data to another form, but I assume that breaks licensing. What am I missing? People cannot really be sending emails to the AR System Server with clear text password? -- -Geoff Endresen Amazon.com ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are -- Patrick Zandi __20060125___This posting was submitted with HTML in it___ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are -- Patrick Zandi ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are
Re: Updating tickets via email engine w/o clear text password
Pat, He has been busy drinking beer with me in Vancouver :-) -- Jarl On Nov 8, 2007 5:26 PM, patrick zandi [EMAIL PROTECTED] wrote: ** Geoff, he have not seen you in a while... What I did was a little sneeky, but it works.. Create an account that only hase access to the form it is submitting too. ensure that it can submit.. after the account is made-- let say it is toast --- and the password is burnt put burnt into the userform save it.. go to the database get the Encrypted hash and put that in the email as the password. or you could use the ar.conf to do the same thing.. Seems to work for me.. On 11/7/07, Geoffrey Endresen [EMAIL PROTECTED] wrote: Sorry, I just haven't spent enough time with this one. I'm trying to send an email to the AR System server to update a ticket. Sure, I can just create a filter on the AR System Email Message form that pushes the data to another form, but I assume that breaks licensing. What am I missing? People cannot really be sending emails to the AR System Server with clear text password? -- -Geoff Endresen Amazon.com ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are -- Patrick Zandi __20060125___This posting was submitted with HTML in it___ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are
Re: Updating tickets via email engine w/o clear text password
I suppose the official answer is in the manual, Chapter 3 Page 57 - Configuring incoming mailbox security. On 11/8/07, Hugo Visser [EMAIL PROTECTED] wrote: While that could work, it doesn't seem to be very more secure, as I can still capture the hashed password and use that to login or send email requests. In the past one could login with the hashed password from the usertool, I'm not sure if that still works...lets hope not :) Hugo On Nov 8, 2007 5:26 PM, patrick zandi [EMAIL PROTECTED] wrote: ** Geoff, he have not seen you in a while... What I did was a little sneeky, but it works.. Create an account that only hase access to the form it is submitting too. ensure that it can submit.. after the account is made-- let say it is toast --- and the password is burnt put burnt into the userform save it.. go to the database get the Encrypted hash and put that in the email as the password. or you could use the ar.conf to do the same thing.. Seems to work for me.. On 11/7/07, Geoffrey Endresen [EMAIL PROTECTED] wrote: Sorry, I just haven't spent enough time with this one. I'm trying to send an email to the AR System server to update a ticket. Sure, I can just create a filter on the AR System Email Message form that pushes the data to another form, but I assume that breaks licensing. What am I missing? People cannot really be sending emails to the AR System Server with clear text password? -- -Geoff Endresen Amazon.com ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are -- Patrick Zandi __20060125___This posting was submitted with HTML in it___ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are -- Patrick Zandi ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are
Re: Updating tickets via email engine w/o clear text password
I tougth the offical answer was: As designed -- Jarl On Nov 8, 2007 7:42 PM, patrick zandi [EMAIL PROTECTED] wrote: ** I suppose the official answer is in the manual, Chapter 3 Page 57 - Configuring incoming mailbox security. On 11/8/07, Hugo Visser [EMAIL PROTECTED] wrote: While that could work, it doesn't seem to be very more secure, as I can still capture the hashed password and use that to login or send email requests. In the past one could login with the hashed password from the usertool, I'm not sure if that still works...lets hope not :) Hugo On Nov 8, 2007 5:26 PM, patrick zandi [EMAIL PROTECTED] wrote: ** Geoff, he have not seen you in a while... What I did was a little sneeky, but it works.. Create an account that only hase access to the form it is submitting too. ensure that it can submit.. after the account is made-- let say it is toast --- and the password is burnt put burnt into the userform save it.. go to the database get the Encrypted hash and put that in the email as the password. or you could use the ar.conf to do the same thing.. Seems to work for me.. On 11/7/07, Geoffrey Endresen [EMAIL PROTECTED] wrote: Sorry, I just haven't spent enough time with this one. I'm trying to send an email to the AR System server to update a ticket. Sure, I can just create a filter on the AR System Email Message form that pushes the data to another form, but I assume that breaks licensing. What am I missing? People cannot really be sending emails to the AR System Server with clear text password? -- -Geoff Endresen Amazon.com ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are -- Patrick Zandi __20060125___This posting was submitted with HTML in it___ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are -- Patrick Zandi __20060125___This posting was submitted with HTML in it___ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are
Re: Updating tickets via email engine w/o clear text password
Jarl, Strangely, I remember drinking with some Norwegian. Was that you Jarl ?!? -Geoff 8-)) On Nov 8, 2007 9:47 AM, Jarl Grøneng [EMAIL PROTECTED] wrote: Pat, He has been busy drinking beer with me in Vancouver :-) -- Jarl -- -Geoff Endresen Amazon.com ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are
Re: Updating tickets via email engine w/o clear text password
We have a filter that monitors the mail messages form and we look for the incident number in the subject. Then we create a worknote in the request, which pushes it to the incident. Then we send an update to the assignee that we received an update. At the end we send an email, to the sender that the incident was updated. howard On Nov 8, 2007 2:37 PM, Jarl Grøneng [EMAIL PROTECTED] wrote: I tougth the offical answer was: As designed -- Jarl On Nov 8, 2007 7:42 PM, patrick zandi [EMAIL PROTECTED] wrote: ** I suppose the official answer is in the manual, Chapter 3 Page 57 - Configuring incoming mailbox security. On 11/8/07, Hugo Visser [EMAIL PROTECTED] wrote: While that could work, it doesn't seem to be very more secure, as I can still capture the hashed password and use that to login or send email requests. In the past one could login with the hashed password from the usertool, I'm not sure if that still works...lets hope not :) Hugo On Nov 8, 2007 5:26 PM, patrick zandi [EMAIL PROTECTED] wrote: ** Geoff, he have not seen you in a while... What I did was a little sneeky, but it works.. Create an account that only hase access to the form it is submitting too. ensure that it can submit.. after the account is made-- let say it is toast --- and the password is burnt put burnt into the userform save it.. go to the database get the Encrypted hash and put that in the email as the password. or you could use the ar.conf to do the same thing.. Seems to work for me.. On 11/7/07, Geoffrey Endresen [EMAIL PROTECTED] wrote: Sorry, I just haven't spent enough time with this one. I'm trying to send an email to the AR System server to update a ticket. Sure, I can just create a filter on the AR System Email Message form that pushes the data to another form, but I assume that breaks licensing. What am I missing? People cannot really be sending emails to the AR System Server with clear text password? -- -Geoff Endresen Amazon.com ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are -- Patrick Zandi __20060125___This posting was submitted with HTML in it___ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are -- Patrick Zandi __20060125___This posting was submitted with HTML in it___ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are -- Howard Richter ITIL Foundation Certified Red Hat Certified Technician CompTIA Linux+ Certified [EMAIL PROTECTED] Resume = http://hotjobs.yahoo.com/resumes/hrichter_1/resumeofhoward ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are
Re: Updating tickets via email engine w/o clear text password
Howard, Thanks. But, I had no problem building the filter and pushing to the ticket. The Last-Modified user is Remedy Application Service in a diary field. -Geoff On Nov 8, 2007 12:06 PM, Howard Richter [EMAIL PROTECTED] wrote: We have a filter that monitors the mail messages form and we look for the incident number in the subject. Then we create a worknote in the request, which pushes it to the incident. Then we send an update to the assignee that we received an update. At the end we send an email, to the sender that the incident was updated. howard On Nov 8, 2007 2:37 PM, Jarl Grøneng [EMAIL PROTECTED] wrote: I tougth the offical answer was: As designed -- Jarl On Nov 8, 2007 7:42 PM, patrick zandi [EMAIL PROTECTED] wrote: ** I suppose the official answer is in the manual, Chapter 3 Page 57 - Configuring incoming mailbox security. On 11/8/07, Hugo Visser [EMAIL PROTECTED] wrote: While that could work, it doesn't seem to be very more secure, as I can still capture the hashed password and use that to login or send email requests. In the past one could login with the hashed password from the usertool, I'm not sure if that still works...lets hope not :) Hugo On Nov 8, 2007 5:26 PM, patrick zandi [EMAIL PROTECTED] wrote: ** Geoff, he have not seen you in a while... What I did was a little sneeky, but it works.. Create an account that only hase access to the form it is submitting too. ensure that it can submit.. after the account is made-- let say it is toast --- and the password is burnt put burnt into the userform save it.. go to the database get the Encrypted hash and put that in the email as the password. or you could use the ar.conf to do the same thing.. Seems to work for me.. On 11/7/07, Geoffrey Endresen [EMAIL PROTECTED] wrote: Sorry, I just haven't spent enough time with this one. I'm trying to send an email to the AR System server to update a ticket. Sure, I can just create a filter on the AR System Email Message form that pushes the data to another form, but I assume that breaks licensing. What am I missing? People cannot really be sending emails to the AR System Server with clear text password? -- -Geoff Endresen Amazon.com ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are -- Patrick Zandi __20060125___This posting was submitted with HTML in it___ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are -- Patrick Zandi __20060125___This posting was submitted with HTML in it___ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are -- Howard Richter ITIL Foundation Certified Red Hat Certified Technician CompTIA Linux+ Certified [EMAIL PROTECTED] Resume = http://hotjobs.yahoo.com/resumes/hrichter_1/resumeofhoward ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are -- -Geoff Endresen Amazon.com ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are
Re: Updating tickets via email engine w/o clear text password
Zandi, Are you talking about these settings? I have these settings: - Use Security Key: No - Use Suppied User Informaiton: Yes - Use email from address: Yes I guess my problem is that I didn't use the crazy format of Modify Emails with embedded field ids. I simply wanted to update the ticket with whatever correspondence was returned. On Nov 8, 2007 10:42 AM, patrick zandi [EMAIL PROTECTED] wrote: ** I suppose the official answer is in the manual, Chapter 3 Page 57 - Configuring incoming mailbox security. -- -Geoff Endresen Amazon.com ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: Where the Answers Are