Active Directory Federation Services (AD FS) - Legacy Authentication Methods - Foundation 23.1 - Foundation 23.1 - Ready - OnBase - Essential - Premier - Standard - external - Essential - Premier - Standard

Legacy Authentication Methods

Platform
OnBase
Product
Legacy Authentication Methods
Release
Foundation 23.1
License
Essential
Premier
Standard

The following information is specific to configuring Active Directory Federation Services (AD FS).

General Considerations

When the OnBase Web and Application Servers are upgraded, the web.config files of the servers are replaced, which means the previously configured AD FS instance is removed.

Before upgrading, the web.config files of the servers should be backed up. The AD FS configuration information can be copied from the backup of the previous versions of the web.config files into the upgraded versions. In most cases, additional reconfiguration is not required as long as the certificates did not change.

The following items should also be noted when configuring AD FS:

  • The default website name in the web.config files is case sensitive and must match exactly in all places it is configured.

  • The OnBase Application Server requires signing certificates for both AD FS and the Web application.

  • The AD FS Server requires signing certificates for both the AD FS Server and the Web application.

  • The account running the AD FS service on the AD FS server, and the account running the application pools on the OnBase Web and Application Servers, need read access to the private key of the SSL certificate.