Enabling Laserfiche Directory Server User Authentication In Forms 10 When Upgrading From Laserfiche Forms 9.

December 15, 2017 | KB: 1013710

https://support.laserfiche.com/kb/1013710/enabling-laserfiche-directory-server-user-authentication-in-forms-10-when-upgrading-from-laserfiche-forms-9-

Forms 10

Laserfiche Forms 10 adds support for authentication through Laserfiche Directory Server 10. However, due to an incomplete migration process for existing Forms user accounts, the Directory Server authentication option is only available when configuring a new Forms 10 database. Upgrading an existing Laserfiche Forms installation to version 10 will default to the previous method of authentication through Laserfiche Server.

If you want to enable Directory Server authentication for an existing Forms site, add an option called LFDSChoice to the cf_options table in your Forms database and set the value to 1.

This enables the User Authentication tab in the Forms Configuration site to display the Directory Server authentication option.

Switching an existing Forms installation to Directory Server 10 authentication is an advanced procedure.

Forms 10 can migrate existing participant user information from the Forms database into Directory Server 10. However, the Active Directory users, LDAP users, and LDAP participants must be added manually in Directory Server 10.

There is no automated migration path for migrating Laserfiche repository named users from Forms to Directory Server 10. Existing Laserfiche repository named users will not be automatically matched with any newly created Directory Server 10 Laserfiche users. Be aware that the migration to Directory Server 10 can affect existing running process instances, because pending tasks assigned to these user types may be lost after the migration to Directory Server 10 authentication. Any processes configured to use repository user accounts and groups must be manually reconfigured. Similarly, there is no current support for migrating Laserfiche repository groups to Directory Server 10.

Please back up all appropriate databases prior to switching an existing Forms installation from Laserfiche Server authentication to Directory Server authentication as the process is not reversible.

After inserting the LFDSChoice option to the cf_options table, reload the User Authentication tab of the Forms Configuration page. If you do not see the Use a Laserfiche Directory Server for Single Sign-On authentication option, you may need to restart the Laserfiche Forms Routing Service.

Specify the address of the Directory Server STS and the appropriate licensing site name.

With Directory Server 10 authentication, Forms 10 controls access to the Forms site through Directory Server groups. Add the Directory Server groups that you want to allow to sign in to Laserfiche Forms.

Finally, you can configure a Directory Server user account that will always have access to the Forms site.

Once you click Save, Forms will launch the participant user migration utility.