Recently, a rash of users have received this error when trying to view more than the first page of a PDF in our corporate Gmail:
This problem started to appear toward the end of July 2019, and by mid-August it was company-wide. This timeline corresponds with the release of Chrome v76. Chome v76 introduces a change to Cross-Origin Requests, and while this change introduced some trouble for a number of Chrome Extensions, it can also negatively impact corporate G Suite environments who utilize certain restrictions in the Google Admin Console.
How to Fix this Error
First, verify that this is, indeed, the problem.
Open an email in Gmail with a multi-page PDF attachment, but do not click the attachment yet
Press CTRL+Shift+I to open the Developer console, and click to the Network tab
Click the PDF attachment and look at the results in the Network tab
One of the Red items that appear on the list should contain:
Access to XMLHttpRequest at 'https://drive.google.com/viewerng/upload?ds=docstring' from origin 'https://mail.google.com/ has been blocked by CORS policy: Request header field x-googapps-allowed-domains is not allowed by Access-Control-Allow-Headers in preflight response.
If you see the above, then this solution will work for you. To explain, settings exist in the G Suite Admin Console which can restrict the ability of a Chrome user, with Sync turned on, from logging into secondary accounts outside of an allowed set of domains. The requests to the Google Drive PDF viewer from Gmail come across as generic and not specific to your domain, and thus Chrome refuses to render the document. To solve the problem, this restriction in the Admin Console will need to be disabled by an administrator in your G Suite organization.
You know the new version of a package is a buggy mess and you don’t want to update, or you manually install an rpm that exists in the repos but you really want to keep the version you installed. There’s an easy way to do that!
Edit (as root) /etc/dnf/dnf.conf and add this line:
exclude = packagename1
exclude = packagename2
Save it. The next time DNF updates, your package won’t be updated! This will work with any distribution that uses DNF (Mageia, future versions of CentOS).
When recently updating my Debian 9 Stretch’s boot image, it produced the following warning:
W: Possible missing firmware /lib/firmware/tigon/tg3_tso5.bin for module tg3
W: Possible missing firmware /lib/firmware/tigon/tg3_tso.bin for module tg3
W: Possible missing firmware /lib/firmware/tigon/tg3.bin for module tg3
That doesn’t look good! Without this module, I suspect my network card will not work after reboot. What’s needed is the package firmware-linux-nonfree but it’s not available in the standard Debian free repos – you need the nonfree repo.
Edit your /etc/apt/sources.list and add the following:
deb http://ftp.de.debian.org/debian stretch main non-free
You can install firmware-linux-nonfree with apt-get, which will allow your adapter requiring the tg3 module to continue working.
If you’re a sysadmin trying install a root certificate to devices for the purpose for SSL inspection, and you’re not wanting to leverage Group Policy for a widescale rollout just yet, here’s how you can script it to import silently via command line using your preferred administration tool:
certutil -enterprise -f -v -AddStore filename.crt
Replace filename.crt with the name or path to your certificate. No reboot should be required.
If you’re a Windows sysadmin in an environment with locked down user rights, and you want to perform an administrative action without needing to log out a current user, you can find yourself in a tight spot. Luckily, if you Shift-RightClick Command Prompt, click Run As another user, and login as your admin user, you can launch administrative tools all without needing to log out.
One such tool is the User Profiles window under Advanced system settings. To launch it from Command Prompt, type: