You are viewing limited content. For full access, please sign in.

Question

Question

directory server -participant licenses - forms

asked on February 7 Show version history

I will try to include as much information as possible of what I have done so far and in what order.

I am using LFDS 10.3.1.45,  Content Server 10.3.1 Build 236, Admin console 10.3.1.502, Forms Professional Version 10.3.1.635

We have been allocated 2 participant licenses in our master license. In LFDS I can verify these.

We have Root and 2 organizations set up. We do not have STS set up

I am attempting to assign 1 participant license to root and 1 to an organization.  The root organization has LFDS, content repository and forms all on the same server.

The 2 organizations are located outside the Root organization servers on their own servers with content repo and forms on their servers.

I have created the users. I then generate the license files for forms and for the content servers. I place the new license files in the installation paths and restart the services.

the first thing that could be a clue is in the forms license.. the advanced options when clicked, does not respond or do any actions. I can save and download the license files in this case on the organization server

I now launch the admin console to add a new Laserfiche Directory Account and when I query, I receive this error

NOTE: when I do this step on the Root organization admin console, it works, I was correctly able to query the new participant user and create it

But when I load forms and when I browse to the participant tab ( on the root organization server ). it says 

Participant Licenses: 0 assigned, 0 total

So really I have 2 issues... why can't I see the participant licenses in my root orgs forms ? Should I be able to allocate a number of participant licenses to a forms instance ? without naming users in LFDS ?

and on our org1 server, why can't they query LFDS ? We have verified org1 server can communicate with root LFDS on 5048 and 5049

Everything else is working great.. I can allocate Full licenses to my organizations content server, forms works normaly for full licensed users

We are working with our VAR and our network team.. but have not got these figured out yet. Any input would be great. thanks

 

0 0

Answer

SELECTED ANSWER
replied on February 9

Something that might make things a lot easier is to utilize Directory Server Authentication. Based on the "0 out of 0" message it would seem that you're using Repository Authentication.

When you use Directory Server Authentication you can allocate licenses directly at the LFDS level and they will carry over to Forms when in syncs.

However, with Repository Authentication you need to allocate them to the repository and then assign them directly in Forms (my memory is a bit fuzzy because we switched over a year ago).

For example, after we switched to LFDS Authentication, the participant tab simply says how many are "# assigned" instead of "# out of #"

I'm not sure about the multiple org issues, but it does sound like changing your Forms authentication will simplify some of the configuration.

 

On a side note, I would recommend redacting the computer name and fingerprint information from your screenshots (if you do, also make sure to go back and delete the previous version in the post's version history).

1 0
replied on February 11

Thanks for the advice, I will look into that and remove the fingerprints

0 0
replied on February 11

However, with Repository Authentication you need to allocate them to the repository and then assign them directly in Forms (my memory is a bit fuzzy because we switched over a year ago).

 

When we attempted to switch the forms authentication from "Use Laserfiche Server authentication" to Laserfiche Directory server, it was requested SAML endpoiints, federated search and some other items.. did you have to have all those set when you switched over ?

 

thanks

0 0
replied on February 11

Those were on your Forms config page (https://servername/formsconfig)?

Neither of those options are present on our Forms server. We are using Forms 10.3.1.635 but we switched to LFDS when we were on 10.2

1 0
replied on February 11

interesting.. so we are using the same forms version.. but the ONLY User authentication option is:

 

We do know about the cf_options hack in the db to expose the one-way option to switch( I beleive it was yourself that pointed that out to us in another, thanks again btw ) 

That option is what led us down the path of needing more of the windows services.. which we may end up having to do. I just wanted to exhaust this option of LF Server Authentication...

Did you have to use the cf_options database table flag change to enable LFDS option in your forms config ?

 

 

0 0
replied on February 11

Yes, if Forms is already configured then the db update is the only way to expose the LFDS authentication option.

We backed up the db beforehand as a precaution, but we didn't really have any problems with the switch. The only time it got tricky was configuring the STS page for the Forms Portal we have in the DMZ.

LF told us about the cf_options table flag, so it shouldn't be too risky. The key thing to watch out for is that you'll want a LFDS group ready to go so it will sync up your users properly.

In LFDS, we created a group called Forms, nested our AD groups inside of that, then added that group when we configured LFDS Authentication in Forms.

1 0
replied on February 11

Yes, we did a dry run of the LFDS switch and it worked.. but had trouble configuring STS and SAML ? which I dont know much about. We rolled back the changes and and now waiting to work with our Windows team. Thanks for the import group advice, I will pass that on.

0 0

Replies

You are not allowed to reply in this post.
You are not allowed to follow up in this post.

Sign in to reply to this post.