You are viewing limited content. For full access, please sign in.

Question

Question

Form DMZ with identity provider in DMZ

Directory Server Forms
Updated October 4, 2019
asked on October 3, 2019

I am trying to authenticate to my DMZ forms server with "Use a Laserfiche Directory Server for Single Sign-On authentication"

I have:

Internal LFDS

Internal FORMS

DMZ FORMS

DMZ WebSTS on the forms server

 

following the instructions on : https://www.laserfiche.com/support/webhelp/Laserfiche/10/en-us/administration/#../Subsystems/LFDS/Content/separate-sts.htm?Highlight=websts

 

I have configured the LFDS by getting the host name which is a .local domain.  Our SSL cert is a .ca I suspect this might be an issue.

 

but I did get this error message ( attached ) is there a way to configure forms to set the DNS identity ? I wasn't sure in which config file and in which section this could be done.

Thanks 

Capture.PNG
Capture.PNG (18.9 KB)
Download
0 0

Answer

SELECTED ANSWER
replied on October 4, 2019

I will close this. I fixed it this morning.

I had to set the identity in the WebSTS web.config in the DMZ server aswell for all the endpoints.

I can now log on to the DMZ forms using its STS.

1 0

Replies

replied on October 3, 2019

I found the Directory Server Single Sign-on PDF guide and at the bottom it explains how to resolve this.

I had to add the identity in both the /Forms and /Config Web.config files and now the DMZ forms server user authentication works.

But now when I browse to login Forms DMZ, I get an error, Event log on DMZ server shows:

An error has occurred

LicenseManagerWebSTS.Infrastructure.Exceptions.WebSTSException: An error has occurred ---> System.Exception: Unable to sign in: could not identify the Laserfiche Directory Server site for sign-in.
 

0 0
replied on October 4, 2019

It sounds like the sign in URL being sent to STS is getting messed up. I recommend contacting Support about this for more in-depth troubleshooting steps.

1 0
SELECTED ANSWER
replied on October 4, 2019

I will close this. I fixed it this morning.

I had to set the identity in the WebSTS web.config in the DMZ server aswell for all the endpoints.

I can now log on to the DMZ forms using its STS.

1 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Attachments
Related Posts
Loading ...