You are viewing limited content. For full access, please sign in.

Question

Question

Forms in the DMZ making processes publicly available without a repository license

Updated February 27, 2018
asked on February 22, 2018

There are a couple of posts relating to forms being in the DMZ. 

https://answers.laserfiche.com/questions/96361/Forms-Portal-in-DMZ-to-the-Forms-Internal#96963

https://answers.laserfiche.com/questions/93786/Forms-Portal-access-to-Active-Directory

https://answers.laserfiche.com/questions/78230/Laserfiche-trustee-accounts-take-precedence

There doesn't seem to be definitive documentation on whether windows authentication can be used on the forms server in the DMZ.  The issue we are having is the customer is assigning licenses to the users windows accounts in LFDS.  But to make the form available on the public portal, someone has to log into the forms server in the DMZ.  If they can not do so with their windows account, then a license has to be assigned to the repository server, and an account created, so they can log in and make the form publicly available.  Does anyone have a work around?  

0 0

Replies

replied on February 22, 2018

I'm not sure how you have everything configured, but we have Forms accessible from the DMZ and users can log in with their Windows accounts, they just have to enter the domain along with the username.

For example, domain\username

If you're talking about auto-login or using the Windows Authentication button, I think that is significantly more challenging because, by definition, anyone accessing the site publicly through the DMZ portal is outside of your domain.

1 0
replied on February 27, 2018

If they are using LFDS for authentication to Forms, one solution would be to set up Active Directory Federation Services (ADFS) on the domain, which allows for essentially Windows authentication from off the domain. There is a more step-by-step tutorial to set this up here (the article is specifically for configuration with Office 365, but the first several steps are more generically to set up the Windows feature). Once this is done, LFDS single sign-on can be configured to use an ADFS authentication option to allow for Windows authentication.

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...