Question

Laserfiche 12 and Windows Authentication

Laserfiche

Updated November 7, 2024

asked on November 7, 2024

Morning All,

I've upgraded a couple of our dev environments to test LF12 and windows authentication has stopped working. Trying to login from LF11 client to server 12 produces a 9010 error:-

Is anyone else seeing this? Is Client 11 supported with 12 server?

Cheers!

Chris

0 0

Answer

SELECTED ANSWER

replied on November 7, 2024

I opened a support case on this and were able to resolve the issue locally (i.e. client and server on same machine) by reattaching the repository using the FQDN.

However the issue persisted on remote desktop clients until I changed the service account of the LFS 12 service to use a domain account (it was previously a local admin service account). Not sure at this stage if this is a requirement.

0 0

replied on November 7, 2024 • Show version history

This is a Kerberos error behind the scenes. Were you using an aliased name for the Laserfiche Repository Server FQDN?

If so, to use an alias when running the Repository Server service as built-in service account (Local System, Network Service), you need to set a Computer Name Alias to get the right Kerberos SPNs in place for Windows authentication from remote machines to work. See: Using Computer Name Aliases in place of DNS CNAME Records | Microsoft Community Hub

The Computer Name Alias guidance applies to any Laserfiche service running as a built-in account that a client with authenticate to with Kerberos Windows Authentication.

1 0

Replies

replied on November 7, 2024

Yes, I'm seeing the same with a new LF 12 install. Directory Server authentication does work, just requires a couple more clicks. Windows auth does work when accessing the LF 12 Admin Console.

0 0

replied on November 7, 2024

Please open support cases.

0 0

You are not allowed to follow up in this post.

Question

Question

Laserfiche 12 and Windows Authentication

Answer

Replies

Sign in to reply to this post.