Upgrade Considerations - Legacy Authentication Methods - Foundation 23.1 - Foundation 23.1 - Ready - OnBase - Essential - Premier - Standard - external - Standard - Essential - Premier

Legacy Authentication Methods

Legacy Authentication Methods
Foundation 23.1

The following upgrade considerations have been compiled by OnBase subject matter experts. These upgrade considerations are general and applicable to most OnBase solutions and network environments and should be considered each time an upgrade is performed.

Carefully consider the impact of making any changes, including those listed below, prior to implementing them in a production environment.

For additional general information about upgrading OnBase, refer to the Upgrade Guidelines reference manual , and visit the Hyland Community at: https://www.hyland.com/community.

The following information is specific to configuring Active Directory Federation Services (AD FS).

General Considerations

When the OnBase Web and Application Servers are upgraded, the web.config files of the servers are replaced, which means the previously configured AD FS instance is removed.

Before upgrading, the web.config files of the servers should be backed up. The AD FS configuration information can be copied from the backup of the previous versions of the web.config files into the upgraded versions. In most cases, additional reconfiguration is not required as long as the certificates did not change.

The following items should also be noted when configuring AD FS:

  • The default website name in the web.config files is case sensitive and must match exactly in all places it is configured.

  • The OnBase Application Server requires signing certificates for both AD FS and the Web application.

  • The AD FS Server requires signing certificates for both the AD FS Server and the Web application.

  • The account running the AD FS service on the AD FS server, and the account running the application pools on the OnBase Web and Application Servers, need read access to the private key of the SSL certificate.