Enabling Windows Authentication for WebLink.

February 6, 2006 | KB: 1011109
WebLink 7

Summary

Laserfiche WebLink allows an administrator to determine whether users will be allowed to authenticate to a repository through Windows authentication. The repository must first be configured to allow Windows authentication. Use the Laserfiche Administration Console to perform this in one of two ways:

  • Directly associating a Laserfiche user account with a Windows user account.
  • Adding a Windows user or group account to the list of trusted Windows accounts.

After configuring your Laserfiche repository, you must then perform the following steps:

  • Configure IIS to use Windows authentication.
  • Configure the WebLink Login.aspx page to automatically attempt Windows authentication.

In addition, you may also be required to configure DCOM security such that the appropriate Windows users can access Laserfiche.

More Information

After properly configuring the repository to support Windows authentication, you must then configure your IIS server to pass this authentication information to Laserfiche WebLink. Windows authentication support can be enabled from the Authentication Methods dialog box for the WebLink 7 virtual folder.

To configure IIS to use Windows authentication

  1. Load the IIS MMC snap-in. It can be found under Administrative Tools in the Control Panel.
  2. Select the WebLink7 virtual directory.
  3. From the Action menu, click Properties.
  4. In the WebLink7 Properties dialog box, select the Directory Security tab.
  5. Under Anonymous access and authentication control, click Edit
  6. In the Authentication Methods dialog box, clear the Anonymous access option.
  7. Select the Integrated Windows authentication option.
  8. Click OK to save your changes and close the Authentication Methods dialog box.
  9. Click OK to save your changes and close the WebLink7 Properties dialog box.

After setting up IIS to allow Windows authentication, configure the WebLink Login.aspx page to automatically try using Windows authentication to log in. If you do not edit the Login.aspx page, the page will always display. Users will then have to click Log In in order to pass their Windows authentication information to WebLink.

To modify the Login.aspx page to automatically use Windows authentication

  1. Using a text editor, open the Login.aspx page located in the Web Files folder of your WebLink installation folder.
  2. In the "logininterface" object, add the following attribute:

    AutoLogin="True"

  3. Save your changes.

Depending on your network setup, it may also be necessary to configure DCOM security such that the Windows users that are authenticating to WebLink can access the Laserfiche Server.

To enable local/remote activation on the Laserfiche Server DCOM application

  1. Click Start and then click Run.
  2. In the Run dialog box, type the following and then click OK to load the Component Services MMC snap-in.

    dcomcnfg

  3. Under Console Root, expand Component Services.
  4. Expand Computers.
  5. Expand My Computer.
  6. Expand DCOM Config.
  7. Select Laserfiche 7.x
  8. From the Action menu, click Properties.
  9. Click the Security tab.
  10. In the Launch and Activation Permissions section, select Customize and then click Edit.
  11. Add the desired Windows groups or users and grant them Local Activation and Remote Activation.
  12. Click OK to save your changes.