Knowledgebase

Featured article

(Article Updated - August 2024) Overview A blocklist is a database of IP addresses or domains that have been associated with the sending of unsolicited commercial email or spam. Internet Service Providers (ISPs) and business email networks use information from blocklists to filter out unwanted email. As a result there can be a drop to inbox delivery rates if the IPs or domains involved with sending email are listed on a blocklist. Marketo’s Email Delivery and Compliance team monitors blocklist activity on our IPs and domains daily. When an impactful listing occurs, we reach out to the blocklist, attempt to identify the sender that triggered it, and work with the blocklist organization to get the listing resolved. There are thousands of blocklists, most will not have a significant impact on your delivery rates. Below, we have compiled a list of the blocklists that commonly appear across our sender ecosystem. Each blocklist has been grouped into a top tier (Tier I) by most impactful, to the bottom least impactful tier (Tier III). These may have little to no impact across our sender network. Tier I Blocklist Spamhaus (SBL) Impact: Spamhaus is the only blocklist that we categorize as a Tier I for a reason: it has by far the greatest impact on delivery. It is the most well-respected and widely used blocklist in the world. A listing at Spamhaus will have a negative effect on your ability to deliver emails to your customer’s inbox and can cause bounce rates of over 50%. Evidence suggests that most of the top North American ISPs use Spamhaus to inform blocking decisions. How it works: Unlike many blocklists, Spamhaus lists senders manually. This means they are proactively watching sender activity, collecting data, and base listings on a number of variables. Most commonly senders are listed for mailing to spam trap addresses that Spamhaus owns. Sometimes Spamhaus will list senders based on recipient feedback as well. Next Steps: Please note that every Spamhaus email can be quite different depending on the information provided and the nature of the listing . Because Spamhaus has multiple types of listings, the remediation steps are based on which type of blocklisting has occurred. We have listed the most common types to affect Marketo customers, from most to least impactful. Impact can range from a full block of top severity, to a partial block that is less severe (CSS Data, DBL). If remediation isn’t performed and the problem not addressed, these listings can increase in severity and turn into a full blocklisting. Spamhaus Blocklistings Types SBL (full blocklisting) Considered the most impactful. Remediation steps: Our team monitors closely for Spamhaus listings. Once alerted to the listing, we send an email notifying the customer, and reach out to the Spamhaus contact to start the remediation process. Only a Marketo delivery team member should be in direct correspondence with the Spamhaus contact, to speak on behalf of the customer, and to relay their questions and instructions, ensuring quick resolution and reduced impact. Senders that trigger this listing on a shared IP range will be moved to a more isolated, penalty range (IPB), so as not to impact the other shared senders. Those affected on a Dedicated IP, only impact their own sending and will not be moved. However, depending on the severity of the issue, our team may need to revoke a customer’s ability to send any emails until full resolution. The listing will last until Spamhaus is satisfied that the offending sender has taken the appropriate steps to mitigate the problem. SBL CSS Customers are alerted of the listing with an email containing all the information needed to immediately begin the remediation process. This is part of an automated trigger listing, that allows for a customer to delist directly on the Spamhaus website, after they’ve completed remediation. Remediation steps: Customers will go to the Spamhaus IP lookup website, at https://check.spamhaus.org, where they can check on the status of their IP and continue to monitor it in real time, until it is no longer listed there. Follow the remediation and delisting instructions provided, and check for specific details in the blocklist notification email. DBL (Domain blocklisting) Customers will receive an email notification alerting of the company domain being listed. The email will contain specific information to help narrow down and identify which email source likely triggered it within Marketo. It’s important to note that any email sent from outside of Marketo, that contained the company domain, is suspect. This means, if the sender uses multiple IPs and/multiple email platforms, then any of those could be the source. Remediation steps: Follow the detailed instructions in the email, which will also provide a link to the Spamhaus Domain reputation checker webpage, to check the real time listing status of the affected domain. Once the email source is identified and cause addressed, this customer will follow the online instructions to request to be delisted. Tier II Blocklist SpamCop Impact: SpamCop is not used by any of the major North American ISPs to inform blocking decisions, but it makes it to the Tier II list because it can have a significant impact on B2B email campaigns. SpamCop is considered a Tier I one blocklist for B2B marketers but a Tier II for B2C marketers. SpamCop is a dynamic IP blocklist, that can affect a single IP or a subset of IPs Typically, the block will automatically lift within one business day, but can take longer for relisted IPs. To have triggered a SpamCop listing likely means the sender has a list management problem that should be addressed. How it works: SpamCop lists IPs for one of two reasons: Either the email hit SpamCop spam trap addresses OR A SpamCop user has reported the email unwanted. Most of SpamCop’s spam traps are previously valid addresses that have not been active for 12 months or longer. Remediation steps: If you are seeing a significant number of bouncing emails caused by a SpamCop blocked IP but aren’t sure if your email activity triggered the listing, first identify whether you are sending on a shared sender network or not. If sending from a shared IP range when this occurs, you or any other customer sending from the same network may have contributed to the IP block. This IP block will automatically get dropped within a business day. For those on a Dedicated IP that trigger a listing, refer to the above remediation steps and resources, to address the list management issue. Tier III Blocklist (Low/ No impact ) These are considered the lowest tier and therefore cause the least impact across the Marketo sender ecosystem. Some of these blocklists were more impactful at one time, while others are only impactful based on the sender region (Manitu). Others still can suddenly flare up (Lashback). There are also many blocklists that are ignored (0spam), and are not taken seriously because they do not provide any means to delist once on the list (NoSolicitado) or that they charge money to have the listing removed ( UCEPROTECT ). The pay-to-delist model is not well respected in the email industry. When using blocklist tool checkers, such as MXToolBox, many blocklists will appear, but very few are relevant. Here is our selection of Blocklists you may come across that are least impactful: Project Honey Pot SpamAssassin URIBL/SURBL DrMX PSBL 0spam HostKarma Ascams ZapBL Barracuda Trendmicro Inc. Cloudmark Proofpoint Invaluement ISP Blocklists Some ISPs use internal blocklists to make blocking decisions. Examples include AOL, Yahoo, Gmail, Outlook and Hotmail. If your IP is being blocked by one of these networks, and those networks have a large presence in your lists, a block of this kind could have a noticeable negative impact on delivery. Marketo monitors for significant ISP blocks. Those experiencing deliverability issues with emails not making it to the Inbox and bulking in the spam folder may benefit from additional services with our Email Delivery Consultants. Remediation Steps: Email Delivery Compliance Team works to resolve any ISP blocks. ISP blocks are are usually resolved or lifted within less than 24 hours of a delisting request. Customers experiencing significant blocks for Microsoft domains (outlook.com, live.com, microsoft.com), can submit a request to the delivery team to seek mitigation on their behalf. Additional Resources: Blocklist Deep Dive Abuse Report Deep Dive What is a spamtrap, or spam trap, and why does it matter? Blocklist remediation Blocklist resolution flowchart Successful lead reconfirmation What is a blocklist?

It's easy to add multiple images and files all at once. 1. Go to the Design Studio area. 2. Under New click Upload Image or File. 3. Select the folder where you want to store the images or files, then click Browse. The maximum size per file is 50MB 4. To add multiple images and files, browse to the correct folder on your computer, hold down Ctrl/Cmd and click on each file you want to add, and click Open 5. Expand the File Details to verify you selected the correct images, then click Upload. To remove any queued files before upload, click the x next to the file name. Marketo will scan all files before uploading; infected files will be skipped. 6. When the upload completes, click FINISH. 7. Your images are now available to use in campaign emails and landing pages. Good job; you've advanced to image guru! What's Next: Organize Images and Files Using Folders

Issue You would like to have a list of leads who will get blocked from receiving emails when you send email via campaign or program due to Communication Limits. Your Communication Limit setup can be found in the Admin Panel and looks something like this. This is a article attached image Solution You can create a Smart List with the below setup and this list will show you the list of the people who will hit communication limit when you try to send an email. This is a article attached image To learn more about Communication Limits and how they work, you can review this article.

Issue You have integrated Marketo and Facebook Lead Ads in Marketo Admin > Launchpoint, and your test form-fills are not appearing in the Marketo Lead Database. Solution Occasionally the integration between Marketo and Facebook needs to be re-authorized. This is one of the primary troubleshooting steps we start with in these situations. The instructions for re-authorizing are as follows: Navigate to Marketo Admin > Launchpoint, and take note of the Facebook User that is used in the Lanchpoint integration, Log into the Facebook Business Account, and navigate to the settings where the Admins are added/removed Remove the User, and save changes Re-add the User back to the Business Account as an Admin, save changes Navigate back to Marketo Admin > Launchpoint, and edit the Facebook Lead Ads integration, Proceed with 'Next' to view the Facebook Account, and click 'Re-Authorize' The final step after this would be to attempt another form-fill on a Facebook form to see if the activities are appearing in Marketo.

FAQs included in this article: Does RTP comply with EU privacy laws? Does the RTP tag call Wistia or YouTube? Does the reverse IP lookup process return an email address for anonymous visitors? How is data managed in terms of encryption access? How long is a visit session Is it possible to host the RTP javascript on my company's server? Is it possible to use the RTP tag on secured pages (https)? Can RTP campaigns be blocked by Ad blockers? Is traffic from known bot user-agent strings removed from the dataset? Can jQuery Be Disabled from the RTP Tag? What are the differences between the RTP tag versions? What data is stored in the trvw.uid cookie? What specific data are gathered through the reverse IP lookup process? RTP Tag - Best Practices TRW and MSG calls are not showing up in the console. Is it possible to blacklist companies in RTP? Does RTP comply with EU privacy laws? RTP complies with Marketo’s legal policies that can be reviewed here: https://www.marketo.com/company/legal/. This will be updated appropriately by our Legal department based on any upcoming laws. Does the RTP tag call Wistia or YouTube? RTP only loads the Wistia or YouTube API when the RTP script discovers a Wistia or YouTube video embedded on the page. How does RTP collect data on visitors? Please see RTP - How does RTP collect data on visitors. Does the reverse IP lookup process return an email address for anonymous visitors? No, a reverse IP lookup cannot return an email address. How does the RTP javascript work? Please see: RTP - How does the RTP javascript work. How is data managed in terms of encryption access? RTP functions on secure websites (https). RTP conforms to all of the security and data encryption standards of Marketo. The only data RTP pulls from a visitor’s input is an email address, which it passes securely over SSL to RTP’s Leads table. If the page is using an unsecured form submit (non-SSL) RTP will not use SSL either, since the email address is already being passed without encryption. The RTP cookie is not encrypted, as it uses a GUID (Globally Unique Identifier) for RTP use only. RTP validates that the cookie has been created and sent properly, and blocks any illegal values. The system tracks and engages via a REST/JavaScript that runs on the browser. The tracking calls are via http or https, depending on the browser authentication. The back office is via https and requires authentication and role association. The data-center is managed by Marketo’s operations and its security team. How are JavaScript cross-site scripting attacks mitigated by RTP? We mitigate cross-site scripting attacks by employing user input filters on the server side. Based on the application logic and data location they either: Block the entire request which contains potentially malicious user input. Filter out potentially malicious input. Encode entire user input to ensure XSS attempt will not be successful. How long is a visit session We define a session as 30 minutes from the visitor's last click. Is it possible to host the RTP javascript on my company's server? We do not recommend hosting the JavaScript on another server for performance reasons. It is possible, but it is not recommended. Unlike Munchkin script, the RTP tag must have a very short loading time. If not the user experience might be affected and campaigns may have some latency. This is also the reason why we recommend inserting the tag higher in the code, right after the <head> tag. Is it possible to use the RTP tag on secured pages (https)? Yes. The RTP tag supports both http:// and https:// pages. Can RTP campaigns be blocked by Ad blockers? Please see:RTP - Can RTP campaigns be blocked by Ad or Javascript blockers? Is traffic from known bot user-agent strings removed from the dataset? Yes. We cover between 80-90% of known-bot user-agents and continually update the blacklist. Can jQuery Be Disabled from the RTP Tag? The RTP tag uses jQuery to assure that some functionalities will work properly on any page. However, if the jQuery causes issues with other parts of your website, we can configure the tag to disable it altogether. This can be done by the Marketo Support team because this advanced configuration is not accessible directly to customers. What are the differences between the RTP tag versions? Please see RTP - What are the differences between the RTP tag versions. What data is stored in the trvw.uid cookie? The trvw.uid cookie contains a VisitorID which is a GUID (Global Unique Identifier) only used by RTP to identify the web visitor for returning visits and historical behavior. What is the RTP limitation of the number of daily visitors with Munchkin2? RTP is not related to Munchkin. The move to Munchkin2 has no affect on the functionality of RTP. What specific data are gathered through the reverse IP lookup process? From the visitor’s visit on site in the session, we see information such as IP, page URL, search term and referral sites. From the IP address, we use Reverse IP lookup to match the organization name. From the Organization name, we match it with RTP’s propiertary firmographic data including: Organization name Industry Organization Group (Enterprise, SMB’s, etc.) Organization Location: Region Country State City Zip Code RTP Tag - Best Practices Install the RTP tag on ALL web assets. Including all domains, subdomains, landing pages, blogs etc. even if you do not intend to display campaigns on those assets. The reason for this is that we want to capture the entire customer journey. RTP tag is not sending clicks from IP URLs This is expected behavior. The RTP JavaScript does not send clicks from IP URLs, i.e: http://63.251.134.57/ TRW and MSG calls are not showing up in the console. The tag is turned off. You can check this setting in Account Settings. Is it possible to blacklist companies in RTP? You can remove companies from appearing in your RTP reports, and from seeing campaigns - this is done through a support ticket request. Send them the company names or IP addresses you want to block from RTP campaigns and appearing the RTP reports.

Issue: You would like have leads rate content (for example) and need the buttons to display horizontally. Please ensure that you have access to an experienced Web developer. Marketo Technical Support is not set up to assist with troubleshooting code. Solution: The buttons are laid out in a table format so adjusting margins and padding doesn't seem to do the trick, use CSS instead. Add the following to a custom HTML block: <style> tr {float:left;} </style> Disclaimer: This solution does not work for IE7 as it does not support the Float property correctly, this solution was tested in FF 5 and IE8/9 . If your curious on browser usage check here.

Issue What is the difference between mktNoTrack and mktNoTok? Solution Adding the mktNoTrack class to an email link tells Marketo not to add a tracking link to the URL. Without the tracking link, the recipient is not redirected through the tracking server before going to the target URL. Use this when you specifically don't want to track Clicked Link in Email events in the Marketo database. Adding the mktNoTok class to an email link tells Marketo not to add the _mkt_tok parameter to the target link. Used when the target link does not behave properly, for example, a mailto: link that should not have extraneous URL info or a static file that won't download when there are query parameters. The click activity will still be tracked, but the associated lead info will not be carried onto the page for use in functions such as form prefill.

Issue Description You are utilizing Forms on Marketo Landing Pages, and want to run reporting on these forms. Issue Resolution Currently the only asset reporting Marketo has is Email, and a little bit of Landing Page reporting. We would not have this ability to report on Forms. One option would be to use Web Page reporting - this reported information would be limited to Marketo Pages with numbers of records who filled out the form, listed under "conversions." You could then create a Smart List to identify leads who have filled out these forms. Is this article helpful ? YesNo

Issue Users for your Marketo instance are unable to log into the instance. Solution Check your landing page URLs and email links. If these are also unavailable, your Marketo instance may have been shut off. Marketo Support can confirm whether your instance has been deactivated, but are not able to reactivate it. In this situation, please contact your Marketo Account Representative to discuss the status of the instance and regaining access.

Issue You are using a formula/look-up/reference field in Salesforce, the field is synced to Marketo, but you are not seeing updates sync from Salesforce to Marketo. Solution When a SFDC formula/look-up/reference field is updated, the SysModStamp does not update. The SysModStamp is how the sync knows which record (Marketo vs SFDC) is more up to date. You can think of the formula/look-up/reference field like a window to a different value. If the value inside the window changes, that does not queue the record up to be synced. But if the record is queued up to be synced due to another update made to the record, like changing first name, then the current value inside the window will sync down to Marketo. To avoid this delay in updating, you may wish to replace the formula or lookup field with a string field that has the appropriate value written to it by a workflow. Updates to SFDC string fields will always update the SysModStamp and queue the sync to Marketo.

The Marketo users at your organization have created several special campaigns for your leads and contacts. Typical examples include sending someone a whitepaper about a new product or mailing a series of nurturing emails for people not ready for sales. To add a lead or contact to one of these campaigns, go to that person's detail page and find the Actions menu in the Marketo Sales Insight section. Pick Add to Marketo Campaign and click Go: You can also select leads in your list and search views if you've added the Add to Marketo Campaign button to those views. You can add 200 leads at once this way: After picking the leads, you'll see a list of potential campaigns; below the selected campaign is a brief description provided by your marketing team. Pick the campaign for this person in the Campaign Name pulldown, then click Finish: Related Article: Quick Start: Marketo Sales Insight for Salesforce Is this article helpful ? YesNo

Issue Your IT department wants to know why they need to create separate subdomains for Marketo email tracking links and Marketo landing pages, and cannot simply use the web domain you already have. Solution Each web domain can only point to one resource. Your company's web domain (www.example.com) points to the server or web hosting service that handles your company's web page. It cannot also point to Marketo's email link tracking server or Marketo's landing page web server. Additionally, since the link tracking server is separate from the landing page server, you need two different CNAME sub-domains, one for the email links (email.example.com) and one for your landing pages (lp.example.com).

Some fields in Marketo are read-only. It is not editable by completing forms. Change Data Value flow steps, on the lead detail page, or list imports. Here is a list of many of those fields: SFDC lead fields Lead Owner First Name Lead Owner Last Name Lead Owner Email Address Lead Owner Phone Number Lead Owner Job Title SFDC Campaigns SFDC Type SFDC Opportunity fields Number of Opportunities Total Opportunity Amount Total Opportunity Expected Revenue Other built-in and custom opportunity fields SFDC Account fields SFDC Accounts are not editable from Marketo Marketo lead management system fields Anonymous IP Black Listed Cause Created Date Deleted In Sales Do Not Call Cause Email Suspended Email Suspended At Email Suspended Cause Full Name Inferred City Inferred Company Inferred Country Inferred Metropolitan Area Inferred Phone Area Code Inferred Postal Code Inferred State Region Is Anonymous Lead Partition Revenue Cycle Model Lead Revenue Stage Marketing Suspended Cause Original Referrer Original Search Engine Original Search Phrase Original Source Info Original Source Type Parent Company Name Registration Source Info Registration Source Type Unsubscribed Cause Updated Sales Insight system fields Last Interesting Moment Date Last Interesting Moment Desc Last Interesting Moment Source Last Interesting Moment Type Priority Relative Score Relative Urgency Urgency Salesforce custom objects SFDC custom objects are all read only

Issue When data is synced to Marketo from lookup fields in Dynamics, the unique record GUID is put in the Marketo field rather than the name of the referenced record. Solution In Dynamics, the data stored in lookup fields is actually the unique ID of the referenced record. Since the record that is being referenced is also in Dynamics, the UI is able to display the name of the record rather than its unique ID. However, when the data for those fields is pushed to Marketo, it is still the unique IDs that are synced over, so you will see the long string of letters and numbers in the associated Marketo fields, and not the name of the records. A workaround for this behavior is to: Create custom fields in your CRM for each of the lookup fields that you intend to sync. Create a workflow in Dynamics that populates those fields with the name of the referenced record, and stores it as a string of text. When those fields custom fields are synced to Marketo, the data will be displayed as the text that you want instead of the unique IDs. Who This Solution Applies To Customers integrated with MS Dynamics

Included in this article Overview How to identify potential issues How to identify your MSI version Where to get the newest version of MSI How to know it worked after upgrading Where to go for more information Marketo Resources Salesforce Resources Is this article helpful ? YesNo Overview Salesforce has recently introduced Shield Platform Encryption which encrypts a set of standard fields across various page layouts. Some customers with Marketo Sales Insight (MSI) installed have been experiencing issues when enabling this encryption. The Marketo development team has upgraded the MSI package and launched a redesigned version (version 1.4359.2) that is fully compatible with Salesforce’s Shield Platform Encryption. How to identify potential issues When trying to enable Shield Platform Encryption with an older version of MSI, Salesforce will send you a failure notification email. The notification email will read: “Encryption enablement has failed for the following fields: Account.Account Name: Apex Class: BestBetsViewEditRecreate_Controller, line 1234, column 38: encrypted field 'Name' cannot be filtered in a query call Apex Class: BestBetsViewEdit_Controller, line 1234, column 38: encrypted field 'Name' cannot be filtered in a query call Apex Class: MarketoAnalyzerController, line 8, column 21: encrypted field 'name' cannot be filtered in a query call See this page for information about why enablement can fail: https://help.salesforce.com/HTViewHelpDoc?id=security_pe_validation_errors.htm&language=en_US Thank You, Salesforce Developers developer.salesforce.com” If you receive this email, you’ll need to upgrade to the newest version of MSI. How to identify your MSI version The newest version of MSI that is Shield Platform Encryption compatible is Version 1.4359.2. If you currently have an older MSI version installed and enable the Shield Platform encryption, you will be affected by this change and need to upgrade to the newest version of MSI. To check what version of MSI you’re currently using, navigate to Admin > Sales Insight, then look for the Version info in the Status box in the middle of the page. Where to get the newest version of MSI The newest version of MSI is available now on the Salesforce AppExchange and you can find it right here: Marketo Sales Insight - Prioritize sales leads and close deals faster - Marketo - AppExchange How to know it worked after upgrading Once you’ve upgraded your MSI package, you’ll be all set! However, there’s an easy way to verify and be sure that it’s working properly with the new Shield Platform Encryption. After upgrading MSI, when enabling the encryption you will receive another notification email from Salesforce, but this one is your confirmation email that it was successful. This success confirmation email will read: “Encryption has been enabled for the following fields: Account: Account Name Contact: Name Thank You, Salesforce Developers developer.salesforce.com” Where to go for more information If you have any trouble with this along the way, here are some resources for you to get help. Marketo Resources Newest MSI AppExchange Package: Marketo Sales Insight - Prioritize sales leads and close deals faster - Marketo - AppExchange Upgrading MSI for Salesforce1: Upgrade Marketo Sales Insight for Salesforce1 - Marketo Docs - Product Docs If you have any trouble with your MSI package, please feel free to reach out to Marketo Support by any of the methods listed here: Contact Marketo Support Salesforce Resources Salesforce has information available online to help you with their Shield Platform Encryption. Salesforce Shield Platform Encryption demo: Demo: App Cloud - Salesforce.com Salesforce Shield Platform Encryption Implementation Guide: https://resources.docs.salesforce.com/202/latest/en-us/sfdc/pdf Salesforce Shield Platform Encryption Setup Guide: Set Up and Manage Shield Platform Encryption Unit | Salesforce

Say you have a landing page with a form. You can dynamically change the form's follow up page based on values in the form by following these instructions. Note: Please ensure that you have access to an experienced JavaScript developer. Marketo Technical Support is not set up to assist with troubleshooting JavaScript. On a Marketo landing page, the follow up page is stored in two form fields -- returnURL and retURL. You can change them with jQuery by adding a custom HTML block in to your landing page: <script src="/js/public/jquery-latest.min.js" type="text/javascript"></script> <script type="text/javascript"> // set no conflict mode for jquery var $jQ = jQuery.noConflict(); $jQ(document).ready(function(){ // set the new follow up page $jQ("input[name='returnURL']").attr('value','http://www.yourcompany.com'); $jQ("input[name='retURL']").attr('value','http://www.yourcompany.com'); }); </script> To change this based on a value submitted in a form, you need to find the id of the field to read from. You can find that ID by previewing the web page, viewing the source code for the page, then finding the label for the form field in the HTML. In this example, it's TimeToPurchase: <label>Time To Purchase:</label><span class='mktInput'><input class='mktFormText mktFormString' name="TimeToPurchase" id="TimeToPurchase" type='text' value="" maxlength='255' tabIndex='1' /> Next, use a jQuery hook to change returnURL and retURL when the form is submitted. We'll also use jQuery to read the form field values. Drag in a Custom HTML block onto your page, then paste in the following Javascript. You must change the following for it to work correctly: TimeToPurchase: to the ID of the field you're reading from (leave in the #) URL: all the URL assignments to the locations where you want the user to go If you need to check for additional values, add extra "case...break;" statements to the switch. <script type="text/javascript" src="/js/public/jquery-latest.min.js"></script> <script type="text/javascript" language="Javascript"> var $jQ = jQuery.noConflict(); function changeFollowupURL(){ // first, set the default follow up page var URL = 'http://www.company.com/defaultPage.html'; // override the default based on form values // Replace this with your own rules for setting the new URL switch ($jQ("#TimeToPurchase").attr("value")) { case "6 months": URL = 'http://www.company.com/Page1.html'; break; case "1 year": URL = 'http://www.company.com/Page2.html'; break; } // set the new follow up page $jQ("input[name='returnURL']").attr('value',URL); $jQ("input[name='retURL']").attr('value',URL); return true; } // catch when a form is submitted, change the followup URL function formSubmit(elt) { changeFollowupURL(); return Mkto.formSubmit(elt); } </script> The Javascript needed to read the value from the form field may be different depending on the type of the input (text box, select box, check box, etc.). See the jQuery selectors documentation for other methods of getting those values, and Setting or Getting a Form Field Value via Javascript on a Landing Page for more on how to get the IDs of the fields.

Issue Description You are having issues with Single Sign On and Support requests for you to provide the SAML Response. How can you find this information? Issue Resolution There are multiple ways to capture a SAML Response, but the easiest one is by using SAML Tracer (https://addons.mozilla.org/en-US/firefox/addon/saml-tracer/), a Firefox plug-in or other similar plug-ins or add-ons for Chrome such as SAML Chrome Panel (https://chrome.google.com/webstore/detail/saml-chrome-panel/paijfdbeoenhembfhkhllainmocckace?hl=en) which adds a SAML tab to the built in Developer Tools. As with any third party integration, make sure you're comfortable with permissions they request and you fully trust them before you proceed. Many teams also use networking tools like Fiddler - these should also work just fine. Once you or the user having the log-in issues have one of these tools installed, you'll need to attempt to login via SSO on the appropriate browser and the plug-in/add-on will capture the SAML response. The result should look similar to XML with many references to saml in the tags. Who This Solution Applies To Users implementing single sign-on (SSO) for their instance Is this article helpful ? YesNo

Issue You receive a notification that the Marketo/SFDC sync has failed due to " Invalid username, password, security token; or user locked out." On the Salesforce side, you see the error "Salesforce setCredential failed with code: {LOGIN_DURING_RESTRICTED_DOMAIN} and message: {cannot log in from current domain}" Solution Take the following steps to troubleshoot this issue: Confirm that the username and password are correct by using them to log into Salesforce. Check to make sure the Marketo IPs are on the Salesforce general whitelist. Check the Marketo sync user's profile in Salesforce and make sure the "Login IPs" include the IPs for your Marketo instance. The complete list of IP ranges is: 199.15.212.0/23 199.15.214.0/23 192.28.144.0/23 192.28.146.0/23 192.28.148.0/23 192.28.150.0/23 192.28.152.0/21 192.28.160.0/19 185.28.196.0/22 103.237.104.0/23 103.237.106.0/23 Who This Solution Applies To Customers integrated with Salesforce using IP restrictions

Issue You need a working certificate to put in the Single Sign-On section of Admin to get your SSO working. Solution Pull the information contained in the tags: <ds:X509Certificate> . Copy and paste the text into a plain text file (Not a Word doc) then give it an extension of .cer or .cert. You should then see it displayed in file explorer with a certificate icon rather than a txt icon. When you double click to open the certificate, you should see a window open with three tabs (General, Details, and Certification Path). Click the details tab and choose "Copy to File...". Walk through the guided steps choosing "Base-64 Encoded" when given the option and give the file any name you want. The certificate generated from this process can be uploaded into the Marketo admin section for SSO.

Issue You receive a notification that the Salesforce sync failed with the error "SalesForce Sync Error: UNABLE_TO_LOCK_ROW" Solution This indicates that something else in Salesforce was writing to the record at the moment the Marketo Salesforce sync tried to make the update. Since only one "user" at a time can update a record, Marketo was unable to do so, and the sync failed. Marketo will retry an operation a few times if this keeps being received but will fail and move on if it happens too many times. If these have recently become common, you might want to look into any new API integrations to SFDC that you've deployed or any new AppExchange packages with your SFDC Admin to see if you might be able to tune it to avoid this collision. Who This Solution Applies To Customers integrated with Salesforce.

Knowledgebase

Maintaining a Directory of Leads Bouncing Emails

Top Blocklists - What You Need to Know

Add Images and Files to Marketo

Identify Leads That Have Reached Their Communication Limit

How to Re-Authorize Facebook Lead Ads

Web Personalization (RTP) - RTP Tag, API, and JavaScript FAQs

Make Radio buttons horizontal in a form

The Difference Between mktNoTrack and mktNoTok

Form Reporting

Unable to Access Marketo Instance

Formula/Look-Up/Reference SFDC Field Not Updating in Marketo

Adding people to Marketo Campaigns from Salesforce

Why CNAMEs for Email and Landing Pages Must Be Different

Read-only fields in Marketo

MS Dynamics Lookup Fields Display Unique IDs in Marketo

Newest MSI Version is Compatible With Salesforce Shield Platform Encryption

Change a Form's Follow Up Page Dynamically

Capturing the SAML Assertion/Response for troubleshooting issues with Single Sign On (SSO)

SFDC Sync Error - Salesforce setCredential failed with code: {LOGIN_DURING_RESTRICTED_DOMAIN}

Making a Usable SSO Certificate from a SAML Response or XML Metadata

SalesForce Sync Error: UNABLE_TO_LOCK_ROW

Adding a Marketo Form to an Email