You are viewing limited content. For full access, please sign in.

Discussion

Discussion

Avante 10.4, LFDS and Forms Participants

Version 10 Forms Laserfiche
Updated April 9, 2019
posted on April 7, 2019

I am about to upgrade an existing site from 10.2.1 to 10.4.  The customer also requires LFDS and Forms Participant licenses migrated to LFDS.

As it is live and I have not done this before I would like to check my method and I have a few queries.

Steps:

1.  Upgrade 10.2.1 server and components to 10.4  (should this be done before or after the LFDS install?)

2.  Install LFDS and use the master license to create new lf.licx for all components - includes Forms and Forms portal on two servers.

3.  According to documentation: Add all AD users or LDAP users who are Forms Authenticated Participants to LFDS.  (Is there a method to import these to LFDS rather than manually adding them?  Can they be synced with a Group?) 

4.  Use Migration Tool to migrate Forms Participants to LFDS.  This keeps SIDs for users.

 

0 0
replied on April 8, 2019

I've done this a few times.  I tend to install LFDS first, but it really doesn't matter the order.  The key is to not connect the two until the Server is updated to 10.4 as there is a bug with earlier versions.  There is a utility that can be downloaded to convert the users to LFDS although I've not used it.  I typically have the IT create an AD account with the full licenses and one with participant users.  That way you can use the rules in the identity provider tab to manage them.  I then add the full user licences AD group as trusted in the Windows users section of the Admin Console and make sure everyone is in the correct groups.  

As for step 4, the one time I've done that, I've done it manually.  I did not use the migration tool.

2 0
replied on April 8, 2019

The specific compatibility issue is between versions of LF Server before 10.1 Update 3 (the issue was patched in that update) and versions of LFDS 10.2+.

Regarding transferring participants:

If you are only working with AD users, you do not need the account migration tool, but the white paper included in the download does provide instructions for migration Forms participants from AD. There's also some information in the help files on switching to LFDS, including how to enable the LFDS authentication option

Summary of migrating AD users:

  1. If you want to migrate them over to Windows AD users that can use Windows authentication, then you must first upgrade to Forms 10.4
    1. Follow the instructions in the whitepaper for how to convert your AD as LDAP users to be compatible with conversion to LFDS Windows users
    2. If you are not going to upgrade or don't want to convert, you should create the users in LFDS using the AD as LDAP option
    3. Either way, you can use the rules for AD synchronization mentioned above to get the users into LFDS
  2. After creating the LDAP users or Windows users in LFDS, you should then ensure they will be in LFDS groups that are connected to Forms
    1. To avoid manually adding users to LFDS groups, you should add the Active Directory groups themselves to the LFDS groups, as noted above
  3. Change the authentication type to use LFDS and add the groups that contain your AD users. Forms will then re-synchronize.
  4. If you had any non-AD participants in Forms, you will see an option to convert these users over to LFDS Laserfiche users on the authentication page

 

The account migration tool is necessary only if you have full named repository users that are logging into Forms. In addition to migrating the users created within a repository from LF Server to LFDS, it can then update their tasks, security, etc. in Forms.

1 0
replied on April 8, 2019

Thanks Brianna, that is very comprehensive.

The customer has Forms Participants that have been added manually; not through LDAP.

At point 3.  Are you saying that when I convert the Forms Config to LFDS and add the Groups, the Forms Participants will synchronise with LFDS?

There is no need to use the Migration tool to retain the SID's, tasks etc for Forms Participants in the current processes?

0 0
replied on April 9, 2019

That's correct: if you are not using AD users through LDAP for participants, the participants can be migrated by Forms itself --- no need for the new utility.

Regarding point 3:

The synchronization here is from LFDS to Forms (not the other way around). As such, if you have no AD users in LFDS, nothing will happen immediately --- the migration of the participants within Forms to LFDS requires the admin to initiate it since it is irreversible.

After you select LFDS as the authentication option and save your settings for that on the Forms config page, you will see a message telling you that you have unmigrated participants. The migration is one-way only to LFDS users, so make sure to back up your databases.

 

This has been supported for several versions of Forms, though I don't recall exactly when it was added (after 10.2, I think)
 

1 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...