Users may not be able to sign in to the Laserfiche app if authenticating through Laserfiche Directory Server without an alternate service configured or a UPN that matches the Laserfiche Directory Server

October 13, 2020 | KB: 1013915

https://support.laserfiche.com/kb/1013915/users-may-not-be-able-to-sign-in-to-the-laserfiche-app-if-authenticating-through-laserfiche-directory-server-without-an-alternate-service-configured-or-a-upn-that-matches-the-laserfiche-directory-server

Laserfiche App

Users may not be able to sign in to Laserfiche using the Laserfiche app if authenticating through Laserfiche Directory Server and an alternate service is not configured on the Laserfiche Mobile Server Configuration Page. Additionally, sign-in will also fail if the Laserfiche Mobile Server is not set up with the same Service User's user principal name (UPN) configured for Laserfiche Directory Server.

When the Laserfiche Mobile server tries to communicate with Laserfiche Directory Server, communication fails due to a missing client endpoint and UPN in the web.config XML file.

Modify the following Laserfiche Mobile web.config file to add the necessary client endpoint and UPN: C:\Program Files\Laserfiche\Mobile\Web Files\web.config

Using a text editor, open C:\Program Files\Laserfiche\Mobile\Web Files\web.config.
Add the following code inside the <client></client> tag:
<endpoint address="http://serverName:5048/LicenseManager/service" binding="ws2007HttpBinding"
bindingConfiguration="WS2007HttpBinding_ILicenseManager" contract="LicenseManagerService.ILicenseManager" name="LicenseManagerService">
<identity>
<userPrincipalName value="user@domain.com" />
</identity>
</endpoint>
<endpoint address="http://serverName:5048/LicenseManager/service" binding="ws2007HttpBinding"
bindingConfiguration="WS2007HttpBinding_ILicenseManager" contract="LicenseManagerService.ILicenseManager2" name="LicenseManagerService2">
<identity>
<userPrincipalName value="user@domain.com" />
</identity>
</endpoint>
<endpoint address="http://serverName:5048/LicenseManager/service" binding="ws2007HttpBinding"
bindingConfiguration="WS2007HttpBinding_ILicenseManager" contract="LicenseManagerSTS.ILFSecurityTokenService" name="LicenseManagerServiceSTS">
<identity>
<userPrincipalName value="user@domain.com" />
</identity>
</endpoint>

Replace serverName with the Laserfiche Directory Server and user@domain.com with the service user's user principal name.
Add the following code inside the <ws2007HttpBinding></ws2007HttpBinding> tag:

<binding name="WS2007HttpBinding_ILicenseManager" maxReceivedMessageSize="2147483647">
<readerQuotas maxStringContentLength="2147483647" maxArrayLength="2147483647" />
<security mode="Message" />
</binding>
<binding name="WS2007HttpBinding_ILFSecurityTokenService" maxReceivedMessageSize="2147483647">
<readerQuotas maxStringContentLength="2147483647" maxArrayLength="2147483647" />
<security mode="Message" />
</binding>
Save your changes.

1013904 List of Changes for Laserfiche 10.3.
1013905 Release Notes for Laserfiche 10.3.