You are viewing limited content. For full access, please sign in.

Question

Question

How to add windows user to laserfiche avante using sdk script in workflow?

Workflow SDK
Updated February 20, 2017
asked on June 23, 2016 Show version history

I am trying to add a windows account in the laserfiche avante  by using c# and after it assign as a read only users to let this user use weblink

            TrusteeInfo TI = new TrusteeInfo();
            TI.LfdsName = "myDomName\\rperrault";
            TI.Session = RASession;
            TI.Save();

but got some error message.

 

how can I add windows account to laserfiche avante by using workflow.

I will also need to add it to a laserfiche group create using this code (working code)

 Object myField = lfDoc.GetFieldValue("Agent Code");

            try
            {
                GroupInfo GI = new GroupInfo();
                GI.Name = myField.ToString();
                GI.Session = RASession;
                GI.FeatureRights = FeatureRights.Scan | FeatureRights.Search | FeatureRights.Print | FeatureRights.Export;
                GI.Save();
            }
             catch (Exception ex)
                {
            MsgBox("error in creation group, group already exist" + ex);
            }

 

0 0

Answer

SELECTED ANSWER
replied on June 30, 2016

got it work

 

// create the windows account
            string acctName = "mydomain\\username";
            TrusteeInfo trustee = new TrusteeInfo();
            
        // set the feature rights and set it to read only    
            trustee.FeatureRights = FeatureRights.Scan | FeatureRights.Search | FeatureRights.Print | FeatureRights.Export;
            trustee.ReadOnlyAccess = true;
            Trustee.SetInfo(acctName, trustee, RASession);
           
        // grant logon access to the windows account (Trust)    
            AccountReference ar = new AccountReference(acctName,RASession);
            Repository.GrantLogOnAccess(ar, RASession);

 

0 0
replied on February 17, 2017

This will only allow the user log in in to the repository right? have you managed to add the user to the Linsence Manager?

0 0
replied on February 20, 2017

yes it is just to add Windows user in the repository.

I have not need in that case to add user in the licence manager or LF directory server.

My case was to add user as read only to let these user use weblink.

 

I have not figure out how to add Windows users in the directory server yet, have not get any Customer or case required it so far.

 

sorry.

0 0
replied on February 20, 2017

Thanks, No problem

0 0

Replies

replied on June 23, 2016 Show version history

here is some sample code to set the feature rights on the windows account and grant it named user license status:

 

using Laserfiche.RepositoryAccess.Admin;

...

string acctName = "myDomName\\rperrault";
TrusteeInfo trustee = new TrusteeInfo();
trustee.FeatureRights = FeatureRights.Scan | FeatureRights.Search | FeatureRights.Print | FeatureRights.Export;

// Set the feature rights for the account
Trustee.SetInfo(acctName, trustee, session);

// Set the named user license status for the account
AccountReference acctRef = new AccountReference(acctName, session);

NamedUserDatabase nudb = NamedUserDatabase.GetFromServerManagement(new ServerManagement(new Server(server)));
TrusteeInfo userInfo = Trustee.GetInfo(acctRef, session);
if (nudb.GetNamedUser(acctRef.ToSecurityIdentifier()) == null)
{
    NamedUserStatus newStatus = NamedUserStatus.ReadOnly;
    if (userInfo.NamedUserStatus == NamedUserStatus.None)
        nudb.RegisterNamedUser(acctRef.AccountName, acctRef.ToSecurityIdentifier(), newStatus);
    else if (userInfo.NamedUserStatus != newStatus)
        nudb.UpdateNamedUser(acctRef.ToSecurityIdentifier(), newStatus);
}

 

1 0
replied on June 29, 2016

I tried your script and got errors

 

The named user was not found. [9329] [9329]
---Stack Trace---

   at Laserfiche.RepositoryAccess.Admin.NamedUserDatabase.UpdateNamedUser(NamedUser user)
   at WorkflowActivity.Scripting.ScriptBase.ExecuteScript(ScriptExecutionContext context)

***

and I tried on another server and got another result

 

Access denied
---Stack Trace---

   at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
   at System.Management.ManagementObject.InvokeMethod(String methodName, ManagementBaseObject inParameters, InvokeMethodOptions options)
   at Laserfiche.RepositoryAccess.Admin.NamedUserDatabase.RegisterNamedUser(NamedUser user)
   at WorkflowActivity.Scripting.ScriptBase.ExecuteScript(ScriptExecutionContext context)

***

on both the windows account is created and features ricghts is set. but it is not set to read only and it is not trusted. this account should not be a named account. because we want to use it only for weblink.

0 0
replied on June 23, 2016

What error message did you get?

0 0
replied on June 29, 2016 Show version history

here my code used and got an access denied,

 

the account use by workflow has full privileges and rights and also the windows account that run the workflow services is members of the local admin who has rights to the admin console

string acctName = "Mydomain\\rperrault";
TrusteeInfo trustee = new TrusteeInfo();
trustee.FeatureRights = FeatureRights.Scan | FeatureRights.Search | FeatureRights.Print | FeatureRights.Export;

// Set the feature rights for the account
Trustee.SetInfo(acctName, trustee, RASession);


// before this point, it works because the windows user is created

AccountReference acctRef = new AccountReference(acctName, RASession);

            Server server = new Server();
            ServerManagement sm = new ServerManagement(server);


LaserficheNamedUserDatabase nudb = LaserficheNamedUserDatabase.GetFromServerManagement(sm);
TrusteeInfo userInfo = Trustee.GetInfo(acctRef, RASession);
if (nudb.GetLaserficheNamedUser(acctRef.ToSecurityIdentifier()) == null)
{
    NamedUserStatus newStatus = NamedUserStatus.ReadOnly;
    if (userInfo.NamedUserStatus == NamedUserStatus.None)
        nudb.RegisterLaserficheNamedUser(acctRef.AccountName, "CreeNation", newStatus);
   else if (userInfo.NamedUserStatus != newStatus)
        nudb.UpdateLaserficheNamedUser(acctRef.ToSecurityIdentifier(), newStatus);
}

 

0 0
replied on June 29, 2016

Well The only thing left to get work is to set the windows account as trust :allow acces in place to be set as Inherit authentication rights.

 

I successfully set the only allow read-only access checked by scripting.

 

By adding this code line to my code

trustee.ReadOnlyAccess = true;

 

so which script can set the windows account to trust: allow access

0 0
replied on June 30, 2016

You're most likely running into the same issue described in this thread. Try making the WF Server service user a System Manager on the Laserfiche Server.

0 0
replied on June 30, 2016

yes but I think I find what I need I just need to understand now how to use it

repository.GrantLogOnAccess(accountref, mysess);

 

because I do not need to set the account to be a named user account.

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...