You are viewing limited content. For full access, please sign in.

Question

Question

Enabling Laserfiche Directory Server User Authentication in Forms

Forms Directory Server Licensing
Updated April 9, 2019
asked on April 9, 2019

We have a scheduled meeting with a client and I'm trying to verify the proper steps to take in order to complete this process via the following listed KB article. Does anyone have any input or corrections?

 

Enabling Laserfiche Directory Server User Authentication in Forms 10(+)

 

1. Backup Forms and LFDS databases in SQL.

2. Confirm that the user is on Forms and LDFS version 10 or later.

3. Manually add Active Directory/LDAP/LDAP users and add participant licenses in Laserfiche Directory Server.

4. Add the following line to the LFDS database table called cf_options: LFDSChoice

5. Set that LFDSChoice value to "1"

6. Restart Forms services.

7. Verify that you see "Use a Laserfiche Directory Server for Single Sign-On authentication" option in the User Authentication tab in forms.

8. Configure a Directory Server user that will always have access to the Forms site.

9. Click save and run the utility (https://support.laserfiche.com/kb/1014036/laserfiche-account-migration-tool).

 

 

*NOTE: If any forms processes are configured to use a forms account, they will need to manually reconfigured for the new accounts after the process is complete.

 

Link to KB article: https://support.laserfiche.com/kb/1013710/enabling-laserfiche-directory-server-user-authentication-in-forms-10-when-upgrading-from-laserfiche-forms-9

0 0

Replies

replied on April 9, 2019 Show version history

Two things appear to be missing there based on our experience,

  • Create one or more Directory Groups for Forms and add your users or AD groups to those groups (the forms config page will ask for a group for granting users access)
  • Make sure they are updated beyond an early release of 10
    • there was a bug early on that caused users not to sync correctly until they logged in, and they would become invalid each time it re-synced
    • earlier versions of LFDS did not support AD groups inside of Directory Groups and this makes things infinitely easier to configure
1 0
replied on April 9, 2019

Thanks Jason. I'll make sure we add those items to the list. I think they're on 10.4 so we should be good on the version.

 

0 0
replied on April 9, 2019

Since that initial KB article, there have been a number of improvements to the migration process.

Specifically:

  1. Participants created in Forms can be migrated to LFDS (some time after Forms 10.2 I think) after you turn on LFDS authentication
  2. On Forms 10.4, AD as LDAP particiapnts can be migrated to regular AD users in LFDS, allowing them to both retain their tasks and switch to using regular windows authentication
  3. We have an account migration utility that supports moving repository full named users from LFS to LFDS, including their tasks in Forms.
    1. This utility requires version 10.3+ of LFDS, LFS, and Forms

 

See this recent post on migrating to LFDS. We have a whitepaper in the KB for the account migration utility which includes some info on the migration that takes place just within Forms. We are also working on increasing documentation on this topic.

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...