Special Considerations - Perceptive Content Update Guide - Foundation 24.1 - Foundation 24.1 - Ready - Perceptive Content - external

Perceptive Content Update Guide

Platform
Perceptive Content
Product
Perceptive Content Update Guide
Release
Foundation 24.1
License

Before you perform an update of your ImageNow system, make sure that you keep in mind the considerations specific to your system configuration.

Active-Active

  • In an active-active environment, there should only be one node instance per machine, spread across several machines. While the separate hardware devices have some shared file systems states, they are provided through third-party clustered file system products.
  • If you are switching to an active-active server configuration during your 7.0 or higher update, note that switching involves various considerations.
  • The Perceptive Content Shared Directory location is specified via the environment.ini. To change the location of the Perceptive Content Shared Directory refer to the Perceptive Content Shared Directory Migration Guide.

64-bit

  • A 64-bit operating system is required to run 64-bit applications. If you are not currently running a 64bit operating system, you must upgrade prior to upgrading Perceptive Content.
  • Before you install Forms Server, you must have your web application server, such as Apache Tomcat, installed. The version of the web application server (32 or 64-bit) must be compatible with the Forms Server version (32 or 64-bit).
  • Verify the compatibility of all of your applications and business applications with a 64-bit operating system before you install Perceptive Content.

Database

  • Prior to ImageNow 6.7, the INOW6 database tables resided in the DBO schema. For new installations of Perceptive Content 7.0 and higher, the default database name is INOW and the tables reside in the INUSER schema. During an upgrade to Perceptive Content 7.0 and higher, all tables are transferred from the DBO schema to the INUSER schema. Any permissions that have been granted to the ImageNow tables, are lost during the transfer.
    Note: This change also affects external systems that access the ImageNow database. If your users have hard-coded access to the ImageNow database tables using the OWNER.TABLE_NAME structure, you must change it when performing the update to 7.0 or higher.
  • For Microsoft SQL databases, you must execute a command to grant permissions to the entire schema or multiple commands to grant permissions at the object level.
  • To grant permissions to the entire schema, the following example shows the syntax structure used to grant permissions on the entire INUSER schema to a specific user:
    GRANT SELECT [INSERT, UPDATE, DELETE] ON SCHEMA :: inuser TO reports; 
  • A working statement is shown in the following.

    GRANT SELECT ON SCHEMA :: inuser TO reports;                            -- To Grant 
    only SELECT privs on the entire INUSER schema to the reports user. 
    GRANT SELECT, INSERT, UPDATE, DELETE ON SCHEMA :: inuser TO reports;    -- To Grant 
    FULL privs on the entire INUSER schema to the reports user.
  • For Oracle databases, the INUSER user needs the execute privilege on the DBMS_RANDOM package. Before running the database incremental script, you must connect to the INOW6 database as SYS and execute the statement to grant the execute permission:
     SQL> grant execute on DBMS_RANDOM to inuser; 

    The incremental will not complete without this.

  • Starting in version 6.7.0.2787, the INEMUSER schema was added to the database to hold the IN_EXTERN_MSG_SEQ table. This isolates the table from the rest of the INUSER schema. For SQL Server, the INEMUSER schema is owned by the INUSER user and has full privileges on the schema. For Oracle, in addition to the IN_EXTERN_MSG_SEQ table, there is also a sequence and a trigger that are created in the INEMUSER schema that is used for populating the table with sequential numbers. For Oracle, privileges should be granted on the INEMUSER objects to the INUSER user. If any database backup or replication jobs are schema based, they should be modified to include the INEMUSER schema.
  • Filtered indexes are now part of the Perceptive Content 7.4 database schema.

Microsoft SQL Server

For the SQL Server to create and use filtered indexes, the following database parameter changes are required.

Note: You must have the proper privileges to set database options when executing the database incremental scripts.
ALTER DATABASE INOW SET ANSI_NULLS ON 
ALTER DATABASE INOW SET QUOTED_IDENTIFIER ON 
ALTER DATABASE INOW SET CONCAT_NULL_YIELDS_NULL ON 
ALTER DATABASE INOW SET ANSI_PADDING ON 
ALTER DATABASE INOW SET ANSI_WARNINGS ON 
ALTER DATABASE INOW SET ARITHABORT ON 
ALTER DATABASE INOW SET NUMERIC_ROUNDABORT OFF 

The following indexes are recreated as filtered indexes in the 7.2.3 to 7.4.0.3 database incremental scripts.

INUSER.IN_INSTANCE_PROP.INSTANCE_PROP_IDX_01 - Filter on WHERE (IS_NULL = 1)  (new 
index) 
INUSER.IN_INSTANCE_PROP.INSTANCE_PROP_IDX_02 - Filter on WHERE (STRING_VAL IS NOT 
NULL) 
INUSER.IN_INSTANCE_PROP.INSTANCE_PROP_IDX_03 - Filter on WHERE (IS_NULL = 0) 
INUSER.IN_INSTANCE_PROP.INSTANCE_PROP_IDX_04 - Filter on WHERE (TIME_VAL <> '1970
01-01 00:00:00.000') 

Filtered indexes help promote improved query performance and plan quality as well as reduced index maintenance and storage costs for the IN_INSTANCE_PROP table.

PostgreSQL

The following indexes are recreated as partial indexes in the Perceptive Content 7.2.3 to 7.4.0.3 database incremental scripts.

INUSER.IN_INSTANCE_PROP.INSTANCE_PROP_IDX_01 - Filter on WHERE (IS_NULL = 1)  (new 
index) 
INUSER.IN_INSTANCE_PROP.INSTANCE_PROP_IDX_02 - Filter on WHERE (STRING_VAL IS NOT 
NULL) 
INUSER.IN_INSTANCE_PROP.INSTANCE_PROP_IDX_03 - Filter on WHERE (IS_NULL = 0) 
INUSER.IN_INSTANCE_PROP.INSTANCE_PROP_IDX_04 - Filter on WHERE (TIME_VAL <> '1970-
01-01 00:00:00.000') 

Partial indexes help promote improved query performance and plan quality as well as reduced index maintenance and storage costs for the IN_INSTANCE_PROP table.

Deprecated Cryptographic Algorithms

The following cryptographic algorithms are deprecated and should no longer be used. Any user supplied keys that were generated using these algorithms should be updated to use newer algorithms to ensure compatibility with future Perceptive Content releases.

  • Symmetric Ciphers - Blowfish, CAST, DES, IDEA, RC2, RC4, RC5, SEED
  • Hashing Algorithms - MD2, MD4, MDC2, WHIRLPOOL, RIPEMD160

Digital Signatures

  • If the system has been upgraded from a previous version of ImageNow to Perceptive Content 7.x, you must create a new Digital ID and password to apply digital signatures. Digital signatures applied to documents in ImageNow 6.6 or 6.7 appear correctly on the pertinent documents. However, to apply any new digital signatures in the Perceptive Content 7.x system, all users are prompted to create a new Digital ID.
  • When migrating from Windows to Linux with a version of Perceptive Content Server prior to 7.2.0, you must execute the
     intool ––cmd expire-digital-ids
    command to immediately expire all active Digital IDs. Execute the
    inUpgradeutil upgrade-digsig-version
    command when updating the database to enable use of digital signatures on the system administered from a Linux server.

Envoy Replacement

The 7.2 release added Perceptive SOAPBridge Connector 1.0 as a replacement for Envoy. Perceptive SOAPBridge Connector is a REST service that allows you to facilitate automated, back-end integration of your SOAP business application.

To configure SSL connections from Perceptive Content to Perceptive Connect Runtime, see the Perceptive Connect Runtime Installation and Setup Guide. To establish trust between SOAPBridge and a remote service, see the 1.0.x Perceptive SOAPBridge Connector Installation and Setup Guide.

Important Web Service Security, an extension to SOAP, is not supported.

The 7.2 release also removed the following Envoy-specific items from iScript INRemoteService.

  • Deprecated
    setLoggingInterceptor
  • Deprecated setSSLCredentials

  • Deprecated username and password from INRemoteService addWS(string serviceName, string url, string desc, INWSAuthType/string authType)

  • Deprecated INRemoteService addWS(string newServiceName, string newWsdl, string newDesc, INWSAuthType/string authentication, string username, string password, INWSSPasswordType, string passwordType)
  • Deprecated INRemoteService addWS(string newServiceName, string newWsdl, string newDesc, INWSAuthType/string authentication, sCertFilePath, sCertFilePwd, sPrivateKeyFilePath, sPrivateKeyFilePwd)
  • Deprecated username and password from updateWS(string newServiceName, string newWsdl, string newDesc, INWSAuthType/string authentication)
  • Deprecated updateWS(string newServiceName, string newWsdl, string newDesc, INWSAuthType/string authentication, string username, string password, INWSSPasswordType/string passwordType)
  • Deprecated updateWS(string newServiceName, string newWsdl, string newDesc, INWSAuthType/string authentication, sCertFilePath, sCertFilePwd, sPrivateKeyFilePath, sPrivateKeyFilePwd)

Full Text Search Agent

  • The 7.2 release removed Full Text Search Agent, which includes the removal of the Full Text section in the inow.ini file. Content automated system queues (ASQ) are no longer applicable since Content ASQs submitted items to Full Text Search Agent. Upgrading does not remove preexisting queues and unprocessed items could remain in the queue. You may need to update capture profiles, remove existing items from the queue and/or alter any routing rules associated with the queue.
  • Upgrading to 7.2.x also removes all full text search filters. We recommend uninstalling inserverFT prior to upgrading to 7.2.x
  • The removal of Full Text Search Agent now requires you to set the REMOTED value in the inserverRec.ini file to TRUE, even if Recognition Agent is running locally.

Integration Server

  • Starting with Perceptive Content, version 7.0.x and higher, you must install Perceptive Integration Server as part of the Business Insight product suite.
  • In the 7.9.0 release of Integration Server HTTP method overriding has been disabled by default. If using an HTTPClient which doesn’t support all necessary HTTP request methods, see Appendix E: Enable HTTP Method Override in the Integration Server Installation Guide.

Message Queuing Agent

Message Queuing Agent was removed with the 7.1.5.1516 release. This includes the removal of the following items.

  • inserverMQ.exe on Windows
  • inserverMQ on Linux
  • inserverMQ.ini file
  • IN_MESSAGE database table
  • IN_MESSAGE_QUEUE database table
  • IN_MESSAGE_QUEUE_MASTER database table

Object Store Manager

The 7.2 release removed the Content Addressable Storage (CAS) integration type used by OSM sets and OSM trees. The inUpgradeUtil upgrade-cas-to-ext command converts the OSM CAS sets to OSM EXT sets automatically for Windows as part of the upgrade process. On Linux, you must manually execute the command.

RabbitMQ and Erlang

  • Perceptive Content Server and all Perceptive agents, versions 7.1.4.1269 and higher, depend on RabbitMQ, a third-party message queuing broker. RabbitMQ is an open-source software that requires Erlang, a programming language. You must download and install the supported versions of both products prior to upgrading to Perceptive Content 7.1.4.1269 or higher. See the RabbitMQ website for more information, and to download and install the product. For further considerations, see the following list.

    Important Prior to installing RabbitMQ and Erlang, review the Perceptive Content Server > Message Queuing specifications in the 7.1.x and higher Perceptive Content Technical Specifications for the supported versions of both products.

  • Perceptive Content relies on the AMQP 0.9.1 protocol from RabbitMQ, which is enabled by default.
  • When utilizing Active-Active mode for Perceptive Content, you must configure multiple cluster nodes of RabbitMQ to achieve high availability for the system. For more information, see the RabbitMQ Clustering Guide.
  • You are not required to share the same operating system or host machine for Perceptive Content and RabbitMQ. We recommend separate resources for RabbitMQ cluster nodes for the best highavailability and workload balancing.
  • You must configure RabbitMQ for privacy over data connections. For more information, see the RabbitMQ Configuration Guide.
  • If running in a cluster environment, you must upgrade all nodes at the same time and all nodes must be shut down during the upgrade. RabbitMQ and Erlang require that you are running the same major and minor version on all nodes in a cluster. For more information, see the RabbitMQ clustering guide.
  • Eight new server settings were added to the Message Queuing group in the inow.ini configuration file in Perceptive Content version 7.1.4.1269, and seven new client settings were added to the group in version 7.1.5.1516. On Windows, prompts allow you to update these settings during the upgrade. On Linux, you must update the inow.ini file manually. For more information on the new settings, see the “inow.ini [Message Queuing] settings” topic of Manage Content help. For information on updating the inow.ini file on Linux, see the Perceptive Content Server Installation and Setup Guide.
  • Two new inUpgradeUtil commands were added to Perceptive Content, version 7.1.5.1516: inUpgradeUtil process-jobs-invalid-state and inUpgradeUtil republish-jobs. The inUpgradeUtil process-jobs-invalid-state command scans the job tables and identifies jobs held in an invalid state. The jobs are marked as completed with an error status. The inUpgradeUtil republish-jobs command scans the job tables and identified jobs that have not started. These jobs are published using the new message queuing system and then processed by the appropriate agent. Note that the Windows and Linux install scripts run these commands as part of the upgrade process.
    Note: For more information on RabbitMQ, visit the RabbitMQ Documentation site.
  • When you update your ImageNow system on Windows, perform the update steps with the administrator user account used when ImageNow was originally installed. If this account is no longer available, and you licensed your version of ImageNow per machine rather than per user, you can use a local administrator account.

Secure Protocols for Microsoft Windows HTTP Services

Perceptive Content leverages Microsoft Windows HTTP Services (WinHTTP) for web based integrations on Windows operating systems. Prior to Perceptive Content Foundation 22.2, secure protocols for HTTPS connections were explicitly specified when using WinHTTP. This meant that Perceptive Content could leverage secure protocols that could differ from system default secure protocols. Going forward, Perceptive Content applications will no longer specify secure protocols when using WinHTTP and will rely on the system DefaultSecureProtocols registry entry. This allows administrators of Perceptive Content to use newer TLS protocols and prevent older protocols natively without requiring updates to Perceptive Content. In some cases, the system default secure protocols may be different from the secure protocols that Perceptive Content previously used. If a secure protocol cannot be negotiated between Perceptive Content and an external Secure HTTP web service, connections will fail to be established. To resolve this issue ensure both the Windows operating systems hosting Perceptive Content and Secure HTTP services Perceptive Content integrates with are using the latest recommended secure protocols, such as TLS 1.2 or TLS 1.3. If Perceptive Content needs to support additional secure protocols those can be specified using the DefaultSecureProtocols registry entry.

For more information on configuring the DefaultSecureProtocols registry entry refer to Appendix G: Configure default secure protocols for Microsoft Windows HTTP Services.