Before you perform an update of your ImageNow system, make sure that you keep in mind the considerations specific to your system configuration.
Active-Active
- In an active-active environment, there should only be one node instance per machine, spread across several machines. While the separate hardware devices have some shared file systems states, they are provided through third-party clustered file system products.
- If you are switching to an active-active server configuration during your 7.0 or higher update, note that switching involves various considerations.
- The Perceptive Content Shared Directory location is specified via the environment.ini. To change the location of the Perceptive Content Shared Directory refer to the Perceptive Content Shared Directory Migration Guide.
64-bit
- A 64-bit operating system is required to run 64-bit applications. If you are not currently running a 64bit operating system, you must upgrade prior to upgrading Perceptive Content.
- Before you install Forms Server, you must have your web application server, such as Apache Tomcat, installed. The version of the web application server (32 or 64-bit) must be compatible with the Forms Server version (32 or 64-bit).
- Verify the compatibility of all of your applications and business applications with a 64-bit operating system before you install Perceptive Content.
Database
- Prior to ImageNow 6.7, the INOW6 database tables resided in the DBO schema. For new
installations of Perceptive Content 7.0 and higher, the default database name is
INOW and the tables reside in the INUSER schema. During an upgrade to Perceptive
Content 7.0 and higher, all tables are transferred from the DBO schema to the INUSER
schema. Any permissions that have been granted to the ImageNow tables, are lost
during the transfer.Note: This change also affects external systems that access the ImageNow database. If your users have hard-coded access to the ImageNow database tables using the OWNER.TABLE_NAME structure, you must change it when performing the update to 7.0 or higher.
- For Microsoft SQL databases, you must execute a command to grant permissions to the entire schema or multiple commands to grant permissions at the object level.
- To grant permissions to the entire schema, the following example shows the syntax structure used
to grant permissions on the entire INUSER schema to a specific
user:
GRANT SELECT [INSERT, UPDATE, DELETE] ON SCHEMA :: inuser TO reports;
-
A working statement is shown in the following.
GRANT SELECT ON SCHEMA :: inuser TO reports; -- To Grant only SELECT privs on the entire INUSER schema to the reports user. GRANT SELECT, INSERT, UPDATE, DELETE ON SCHEMA :: inuser TO reports; -- To Grant FULL privs on the entire INUSER schema to the reports user.
- For Oracle databases, the INUSER user needs the execute privilege on the DBMS_RANDOM package.
Before running the database incremental script, you must connect to the INOW6
database as SYS and execute the statement to grant the execute
permission:
SQL> grant execute on DBMS_RANDOM to inuser;
The incremental will not complete without this.
- Starting in version 6.7.0.2787, the INEMUSER schema was added to the database to hold the IN_EXTERN_MSG_SEQ table. This isolates the table from the rest of the INUSER schema. For SQL Server, the INEMUSER schema is owned by the INUSER user and has full privileges on the schema. For Oracle, in addition to the IN_EXTERN_MSG_SEQ table, there is also a sequence and a trigger that are created in the INEMUSER schema that is used for populating the table with sequential numbers. For Oracle, privileges should be granted on the INEMUSER objects to the INUSER user. If any database backup or replication jobs are schema based, they should be modified to include the INEMUSER schema.
- Filtered indexes are now part of the Perceptive Content 7.4 database schema.
Microsoft SQL Server
For the SQL Server to create and use filtered indexes, the following database parameter changes are required.
ALTER DATABASE INOW SET ANSI_NULLS ON ALTER DATABASE INOW SET QUOTED_IDENTIFIER ON ALTER DATABASE INOW SET CONCAT_NULL_YIELDS_NULL ON ALTER DATABASE INOW SET ANSI_PADDING ON ALTER DATABASE INOW SET ANSI_WARNINGS ON ALTER DATABASE INOW SET ARITHABORT ON ALTER DATABASE INOW SET NUMERIC_ROUNDABORT OFF
The following indexes are recreated as filtered indexes in the 7.2.3 to 7.4.0.3 database incremental scripts.
INUSER.IN_INSTANCE_PROP.INSTANCE_PROP_IDX_01 - Filter on WHERE (IS_NULL = 1) (new index) INUSER.IN_INSTANCE_PROP.INSTANCE_PROP_IDX_02 - Filter on WHERE (STRING_VAL IS NOT NULL) INUSER.IN_INSTANCE_PROP.INSTANCE_PROP_IDX_03 - Filter on WHERE (IS_NULL = 0) INUSER.IN_INSTANCE_PROP.INSTANCE_PROP_IDX_04 - Filter on WHERE (TIME_VAL <> '1970 01-01 00:00:00.000')
Filtered indexes help promote improved query performance and plan quality as well as reduced index maintenance and storage costs for the IN_INSTANCE_PROP table.
PostgreSQL
The following indexes are recreated as partial indexes in the Perceptive Content 7.2.3 to 7.4.0.3 database incremental scripts.
INUSER.IN_INSTANCE_PROP.INSTANCE_PROP_IDX_01 - Filter on WHERE (IS_NULL = 1) (new index) INUSER.IN_INSTANCE_PROP.INSTANCE_PROP_IDX_02 - Filter on WHERE (STRING_VAL IS NOT NULL) INUSER.IN_INSTANCE_PROP.INSTANCE_PROP_IDX_03 - Filter on WHERE (IS_NULL = 0) INUSER.IN_INSTANCE_PROP.INSTANCE_PROP_IDX_04 - Filter on WHERE (TIME_VAL <> '1970- 01-01 00:00:00.000')
Partial indexes help promote improved query performance and plan quality as well as reduced index maintenance and storage costs for the IN_INSTANCE_PROP table.
Deprecated Cryptographic Algorithms
The following cryptographic algorithms are deprecated and should no longer be used. Any user supplied keys that were generated using these algorithms should be updated to use newer algorithms to ensure compatibility with future Perceptive Content releases.
- Symmetric Ciphers - Blowfish, CAST, DES, IDEA, RC2, RC4, RC5, SEED
- Hashing Algorithms - MD2, MD4, MDC2, WHIRLPOOL, RIPEMD160
Digital Signatures
- If the system has been upgraded from a previous version of ImageNow to Perceptive Content 7.x, you must create a new Digital ID and password to apply digital signatures. Digital signatures applied to documents in ImageNow 6.6 or 6.7 appear correctly on the pertinent documents. However, to apply any new digital signatures in the Perceptive Content 7.x system, all users are prompted to create a new Digital ID.
- When migrating from Windows to Linux with a version of Perceptive Content Server prior to 7.2.0,
you must execute
the
intool ––cmd expire-digital-ids
command to immediately expire all active Digital IDs. Execute theinUpgradeutil upgrade-digsig-version
command when updating the database to enable use of digital signatures on the system administered from a Linux server.
Envoy Replacement
The 7.2 release added Perceptive SOAPBridge Connector 1.0 as a replacement for Envoy. Perceptive SOAPBridge Connector is a REST service that allows you to facilitate automated, back-end integration of your SOAP business application.
To configure SSL connections from Perceptive Content to Perceptive Connect Runtime, see the Perceptive Connect Runtime Installation and Setup Guide. To establish trust between SOAPBridge and a remote service, see the 1.0.x Perceptive SOAPBridge Connector Installation and Setup Guide.
Important Web Service Security, an extension to SOAP, is not supported.
The 7.2 release also removed the following Envoy-specific items from iScript INRemoteService.
- Deprecated
setLoggingInterceptor
-
Deprecated setSSLCredentials
-
Deprecated username and password from INRemoteService addWS(string serviceName, string url, string desc, INWSAuthType/string authType)
- Deprecated INRemoteService addWS(string newServiceName, string newWsdl, string newDesc, INWSAuthType/string authentication, string username, string password, INWSSPasswordType, string passwordType)
- Deprecated INRemoteService addWS(string newServiceName, string newWsdl, string newDesc, INWSAuthType/string authentication, sCertFilePath, sCertFilePwd, sPrivateKeyFilePath, sPrivateKeyFilePwd)
- Deprecated username and password from updateWS(string newServiceName, string newWsdl, string newDesc, INWSAuthType/string authentication)
- Deprecated updateWS(string newServiceName, string newWsdl, string newDesc, INWSAuthType/string authentication, string username, string password, INWSSPasswordType/string passwordType)
- Deprecated updateWS(string newServiceName, string newWsdl, string newDesc, INWSAuthType/string authentication, sCertFilePath, sCertFilePwd, sPrivateKeyFilePath, sPrivateKeyFilePwd)
Full Text Search Agent
- The 7.2 release removed Full Text Search Agent, which includes the removal of the Full Text section in the inow.ini file. Content automated system queues (ASQ) are no longer applicable since Content ASQs submitted items to Full Text Search Agent. Upgrading does not remove preexisting queues and unprocessed items could remain in the queue. You may need to update capture profiles, remove existing items from the queue and/or alter any routing rules associated with the queue.
- Upgrading to 7.2.x also removes all full text search filters. We recommend uninstalling inserverFT prior to upgrading to 7.2.x
- The removal of Full Text Search Agent now requires you to set the REMOTED value in the inserverRec.ini file to TRUE, even if Recognition Agent is running locally.
Integration Server
- Starting with Perceptive Content, version 7.0.x and higher, you must install Perceptive Integration Server as part of the Business Insight product suite.
- In the 7.9.0 release of Integration Server HTTP method overriding has been disabled by default. If using an HTTPClient which doesn’t support all necessary HTTP request methods, see Appendix E: Enable HTTP Method Override in the Integration Server Installation Guide.
Message Queuing Agent
Message Queuing Agent was removed with the 7.1.5.1516 release. This includes the removal of the following items.
- inserverMQ.exe on Windows
- inserverMQ on Linux
- inserverMQ.ini file
- IN_MESSAGE database table
- IN_MESSAGE_QUEUE database table
- IN_MESSAGE_QUEUE_MASTER database table
Object Store Manager
The 7.2 release removed the Content Addressable Storage (CAS) integration type used by OSM sets and OSM trees. The inUpgradeUtil upgrade-cas-to-ext command converts the OSM CAS sets to OSM EXT sets automatically for Windows as part of the upgrade process. On Linux, you must manually execute the command.
RabbitMQ and Erlang
- Perceptive Content Server and all Perceptive agents, versions
7.1.4.1269 and higher, depend on RabbitMQ, a third-party message
queuing broker. RabbitMQ is an open-source software that requires
Erlang, a programming language. You must download and install the
supported versions of both products prior to upgrading to Perceptive Content
7.1.4.1269 or higher. See the RabbitMQ website for more information,
and to download and install the product. For further considerations,
see the following list.
Important Prior to installing RabbitMQ and Erlang, review the Perceptive Content Server > Message Queuing specifications in the 7.1.x and higher Perceptive Content Technical Specifications for the supported versions of both products.
- Perceptive Content relies on the AMQP 0.9.1 protocol from RabbitMQ, which is enabled by default.
- When utilizing Active-Active mode for Perceptive Content, you must configure multiple cluster nodes of RabbitMQ to achieve high availability for the system. For more information, see the RabbitMQ Clustering Guide.
- You are not required to share the same operating system or host machine for Perceptive Content and RabbitMQ. We recommend separate resources for RabbitMQ cluster nodes for the best highavailability and workload balancing.
- You must configure RabbitMQ for privacy over data connections. For more information, see the RabbitMQ Configuration Guide.
- If running in a cluster environment, you must upgrade all nodes at the same time and all nodes must be shut down during the upgrade. RabbitMQ and Erlang require that you are running the same major and minor version on all nodes in a cluster. For more information, see the RabbitMQ clustering guide.
- Eight new server settings were added to the Message Queuing group in the inow.ini configuration file in Perceptive Content version 7.1.4.1269, and seven new client settings were added to the group in version 7.1.5.1516. On Windows, prompts allow you to update these settings during the upgrade. On Linux, you must update the inow.ini file manually. For more information on the new settings, see the “inow.ini [Message Queuing] settings” topic of Manage Content help. For information on updating the inow.ini file on Linux, see the Perceptive Content Server Installation and Setup Guide.
- Two new inUpgradeUtil commands were added to Perceptive Content, version 7.1.5.1516:
inUpgradeUtil process-jobs-invalid-state and inUpgradeUtil republish-jobs. The
inUpgradeUtil process-jobs-invalid-state command scans the job tables and identifies
jobs held in an invalid state. The jobs are marked as completed with an error
status. The inUpgradeUtil republish-jobs command scans the job tables and identified
jobs that have not started. These jobs are published using the new message queuing
system and then processed by the appropriate agent. Note that the Windows and Linux
install scripts run these commands as part of the upgrade process. Note: For more information on RabbitMQ, visit the RabbitMQ Documentation site.
- When you update your ImageNow system on Windows, perform the update steps with the administrator user account used when ImageNow was originally installed. If this account is no longer available, and you licensed your version of ImageNow per machine rather than per user, you can use a local administrator account.
Secure Protocols for Microsoft Windows HTTP Services
Perceptive Content leverages Microsoft Windows HTTP Services (WinHTTP) for web based integrations on Windows operating systems. Prior to Perceptive Content Foundation 22.2, secure protocols for HTTPS connections were explicitly specified when using WinHTTP. This meant that Perceptive Content could leverage secure protocols that could differ from system default secure protocols. Going forward, Perceptive Content applications will no longer specify secure protocols when using WinHTTP and will rely on the system DefaultSecureProtocols registry entry. This allows administrators of Perceptive Content to use newer TLS protocols and prevent older protocols natively without requiring updates to Perceptive Content. In some cases, the system default secure protocols may be different from the secure protocols that Perceptive Content previously used. If a secure protocol cannot be negotiated between Perceptive Content and an external Secure HTTP web service, connections will fail to be established. To resolve this issue ensure both the Windows operating systems hosting Perceptive Content and Secure HTTP services Perceptive Content integrates with are using the latest recommended secure protocols, such as TLS 1.2 or TLS 1.3. If Perceptive Content needs to support additional secure protocols those can be specified using the DefaultSecureProtocols registry entry.
For more information on configuring the DefaultSecureProtocols registry entry refer to Appendix G: Configure default secure protocols for Microsoft Windows HTTP Services.