Configuring Security for Laserfiche Plus.

November 2, 2005 | KB: 1011053
Plus 7

Summary

This article describes the security configuration required to allow a Laserfiche user to publish documents using Laserfiche Plus.

More Information

In order to publish documents using Laserfiche Plus, a Laserfiche user must have certain Laserfiche security settings. The Windows user who is logged in during the publishing process must also have sufficient rights to the Windows folders used during the publishing process.

Laserfiche security settings for Laserfiche Plus

Feature Rights Function
  • Export
The user who will be publishing documents will need the Export right.
Entry Access Rights Function
  • Browse
  • Read
The user must have the following rights for the folders and documents which they will be publishing: the Browse and Read rights.
Volume Access Rights Function
  • Read
The user must have the Read right for volumes containing documents which they will be publishing.
Field Access Rights Function
  • Read
The user must have the Read right for all fields on all templates that are associated with documents and folders which they will be publishing.

Windows security settings for Laserfiche Plus

  • Laserfiche Plus 7.0 and 7.0.2 must be both installed and run by a local administrator.
  • Laserfiche Plus 7.1.x must be installed by a Windows administrative user, but may be run by any Windows user.
  • The Windows user that the Laserfiche Server service is configured to run under must have Read, Write and Modify rights to the TMP environment variable path for that Windows user. You can configure or change this variable for a particular Windows user.

    Note: If the Laserfiche Server service is configured to run under the Local System account, then it already has the necessary rights to the TMP environment variable path. The following procedure is not necessary.

To determine or change the user TMP variable for the Windows user associated with the Laserfiche Server service

  1. On the computer hosting Laserfiche Server, log in as the Windows user associated with the Laserfiche Server service.
  2. From the Start menu, select Control Panel.
  3. Select System.
  4. Select the Advanced tab.
  5. Click the Environment Variables button.
  6. In the User variables for UserName section, select TMP.
  7. To change it, perform the following:
    1. Click the Edit button.
    2. In the Variable value option, input your new desired TMP location.
    3. Click Ok.
    4. You must restart the computer for this change to take effect.

Note: Plus 7.1.x installs the MSDE instance MSDE$LFPLUS with a random password assigned to the SA user (the default administrative user for Microsoft SQL Server). This password is encrypted and stored in the registry, and is used by Plus to log in to the Laserfiche Plus MSDE instance. This registry value should not be modified. If the value is manually modified, Plus will not be able to access MSSQL$LFPLUS, and therefore will not run.