Professional Documents
Culture Documents
System - Administration - II - Laserfiche - 10 Es
System - Administration - II - Laserfiche - 10 Es
© 2017 Laserfiche
Laserfiche is a division of Compulink Management Center, Inc. Laserfiche®, Run Smarter® and Compulink® are registered
trademarks of Compulink Management Center, Inc. All other trademarks are properties of their respective companies. Due to
continuing product development, product specifications and capabilities are subject to change without notice.
About this Training Reference Guide
Purpose This Training Reference Guide is intended to be used as a reference when taking the
System Administration II online course.
This guide provides an outline of key points and is intended to complement the
online course and to aid in note taking. In addition, links to helpful resources are
provided for learners who would like more information about a particular topic.
Course This course is for system administrators who intend to use advanced features to
Description secure, back up, and monitor Laserfiche repositories.
Introduction This lesson provides an overview of volumes: what they are, how you can use them
to help manage a growing repository, and how to address information requirements.
In addition, this lesson discusses how to transfer information between repositories
and how to back up information.
Volumes contain pages from scanned documents, what most people think of as the
‘contents’. These include:
TIFF images
Thumbnails
Location files
Electronic files such as Microsoft Word documents
PDFs
Volumes exist on the hard drive of one or more computers, and, as your repository
grows, can be distributed across multiple computers. When a user scans or imports
a document, or adds new pages to an existing document, that document’s pages and
electronic file will be saved in a particular volume.
For more information on volumes, see the Laserfiche Help Files – What are
Volumes?
To make sure that you don’t run out of space on your hard drive, the physical
volumes within a logical volume will generally have a size limit. Once they reach
the limit, they will roll over, creating a new physical volume.
Logical volumes allow an administrator to control the size of physical volumes, and
distribute them across multiple computers. At the same time, users can just keep
scanning into the same volume without needing to change their workflow.
For more information on logical volumes and rollover, see the Laserfiche Help
Files – Logical Volumes and Volume Rollover.
If none of these is the case, you can simply make sure that the Default volume has a
rollover size that makes sense for your organization.
If you want to change the logical volume size limit, be aware that it will only affect
the new physical volumes created within that logical volume, not the existing
volumes. If you want to re-size existing physical volumes, the best way to do it is to
migrate the contents of the logical volume into a new logical volume with the correct
size limit.
Remember to distribute logical volumes so that you don’t run out of hard drive
space on a particular computer. This can be done by modifying the logical volume’s
path.
For more information on best practices for volume administration, see the
Laserfiche Help Files – Best Practices for Volume Administration.
Windows Security: You can use Windows security to lock down your
volumes. We recommend only allowing the user that the Laserfiche Server
Service runs to have access.
Laserfiche Security: Laserfiche security restricts who can see the parts of
a document stored in a volume, such as its pages or electronic file. It
doesn’t restrict access to other parts of the document, such as its metadata.
If you want to restrict access to the entire document, you should use Entry
Access Rights instead.
Exporting and If you want to move a volume from one repository to another, you can do so by
Attaching exporting or detaching the volume.
Volumes
Detaching or exporting a volume is different than simply copying the volume’s
folders on the hard drive, because it also includes information about the folder
structure and metadata of the entries. Note that some information, most notably
security, is not included when exporting or detaching a volume.
In most cases, we recommend exporting a volume rather than detaching it, even if
you intend to remove it from its original repository., This allows you to test the
volume in its new repository before deleting it.
Introduction This lesson introduces the component that handles most of the searching in your
repository: the Laserfiche Full-Text Search Engine.
Text Most searches are performed by the Laserfiche Indexing and Search Engine or your
Generation, repository’s database engine. There are two steps that must be performed before
Indexing, and these searches will return results:
Searching
Text Generation: Text must be generated from the document. This is done
by performing OCR or by generating text directly from electronic
documents. For more information on text generation, see the Laserfiche
Help Files – Search Engine Text Extraction.
Indexing: The document must be indexed by the search engine. When the
search engine indexes a document, it tracks the location of each word
within the document and stores that information in the search catalog. For
more information on indexing, see the Laserfiche Help Files – Indexing
Repository Content.
If the document is indexed, but has no text generated, then there is nothing to search
for. If the document has text generated but is not indexed, the search engine doesn’t
know where to find the text. We recommend enabling automatic text generation and
indexing for your repository to ensure that documents remain searchable.
Search To ensure that searches are performed as efficiently as possible, the Laserfiche
Architecture Indexing and Search Engine optimizes its search catalog files periodically. The
and Best search engine monitors the repository for off-peak hours and schedules to reduce
Practices the impact on general repository performance.
For more information on scheduling indexing, see the Laserfiche Help Files –
Scheduled Indexing Overview and Examples.
Unlike your repository’s database and volumes, it isn’t strictly necessary to back up
your search catalog files, because they can be regenerated from the documents
themselves.
For more information on managing the search catalog, see the Laserfiche Help Files
– Managing the Search Catalog.
Introduction This lesson describes how to back up your repository. You will learn the basic
principles and best practices of backup and recovery, and what files and
components in Laserfiche need to be backed up.
Backup Backups are vital in managing your repository. Without frequent, well-tested
Principles backups, important data may be permanently lost in the event of hardware failure,
user error, natural disasters, or other issues.
Back up your data often. Remember that any information that is added or changed
in Laserfiche since your last backup is vulnerable to being lost if you run into an
issue. The more frequently you back up, the less likely that you will need to redo
work (or, worse, lose data permanently).
Automated systems are especially good for ensuring that information is backed up
frequently, since they don’t require you to remember to manually perform a backup.
Differential backups, in which only the files that have changed since the last full
backup are backed up, can be helpful in backing up frequently. Since only changes
are backed up, rather than the full repository, they are much quicker and less likely
to cause performance issues.
For additional information on backup principles, see the Laserfiche Help Files –
Backup Principles.
Components to The Laserfiche repository, hosted by the Laserfiche Server, consists of four major
Back Up components that should be backed up:
For more information on backing up major components, see the Laserfiche Help
Files – Backup Scope.
In addition to these components you should consider what other Laserfiche products
you’re using:
Audit Trail: If you are using Laserfiche Audit Trail, it’s important to back up your
binary audit log files, since auditing data is not stored elsewhere and can’t be
recreated. By default, these logs are stored in the AUDIT folder of the repository
directory. For more information on backing up Audit Trail, see the Laserfiche Help
Files – Backing Up Audit Data.
For more information on backing up Workflow, see the Laserfiche Help Files –
Backing Up Workflow.
Web Client: Web Client configuration files are stored in the Web Access
installation directory, under Web Files. Back up the web.config file stored in this
folder, and then back up the Config folder.
Introduction This lesson describes how to monitor and improve the performance of your
Laserfiche system. It discusses ways of monitoring your repository’s performance,
best practices for improving it, and Laserfiche tools that you can use to make your
system perform more efficiently.
Monitoring To keep better tabs on your Laserfiche system’s performance, you can use
Performance Windows Performance Monitor, a tool included with Windows that allows you to
monitor activity in real time, or save a log of it for later review.
Performance There are several best practices to help identify potential bottlenecks and improve
Best Practices system performance:
Deploy SQL server and the search engine on different servers. This means
that they will each have their own dedicated resources.
Use performance metrics to determine times of heavy load, and find ways
to adjust his process to distribute them more evenly throughout the day.
Quick Fields Agent, like Import Agent, allows you to bring documents
into Laserfiche on a schedule, with the added benefit of the powerful
document processing of Quick Fields. For more information on Quick
Fields Agent, see the Laserfiche Help Files – Quick Fields Agent.
Settings Lockdown can ensure that your users don’t modify their options
in a way that will slow down their Laserfiche experience. For more
information on Settings Lockdown, see the Laserfiche Help Files – Settings
Lockdown.
Schedule Indexing for Off-Peak Hours to reduce the load on your search
engine. For more information on Index Scheduling, see the Laserfiche Help
Files – Scheduled Indexing Overview and Examples.
Introduction This lesson explores how to use Laserfiche Directory Server to manage your
Laserfiche Rio installations. It discusses what Laserfiche Directory Server is and
what it’s used for; user types, groups, and organizations; user license allocation;
application registration; and public portal licenses for WebLink.
What is Laserfiche Directory Server is a web application that allows you to manage your
Laserfiche Laserfiche Rio installation, including users and applications.
Directory
Server? With Directory Server, you can perform the following tasks:
Create Laserfiche users, add directory users, and grant user licenses.
Note that Laserfiche Directory Server is only used with Laserfiche Rio, not with
Laserfiche Avante.
For more information on Laserfiche Directory Server, see the Laserfiche Help Files
– Welcome to Laserfiche Directory Server.
Users and User Users who log into Laserfiche Rio must have an account and a license. There are
License three types of users:
Allocation
Directory Users: Can be either Windows accounts or LDAP accounts, and
are managed in Laserfiche Directory Server.
Any type of user can be allocated a named user license. However, unlike directory
and Laserfiche users, repository users are specific to a particular repository, and
cannot be granted access to other repositories.
Organizations are subsets of your Laserfiche Rio installation, for which you can
reserve licenses and use to organize your users.
Named devices are computers that have been granted licenses. Any user who logs
into one of these computers can access Laserfiche, even without their own license.
Named devices are often used as scan stations. You cannot access Laserfiche web
applications from or grant retrieval licenses to a named device.
For more information on managing accounts with Laserfiche Directory Server, see
the Laserfiche Help Files – Managing Accounts.
Application You can also use Laserfiche Directory Server to manage your application licenses.
Licenses
In most cases, you can automatically allocate a license to an application during
installation. To do so, when installing a product, select “Activate using the
Laserfiche Rio License Manager” and follow the specified steps.
You can view your allocated application licenses, and allocate new application
licenses manually, in Laserfiche Directory Server.
Directory Server will show you the version for the product, all your allocated
licenses, how many licenses you have remaining (if the installations aren’t
unlimited), and, for the Laserfiche Server, how many repository named user
licenses and public portal licenses you have allocated.
If you have two Laserfiche Servers that you want to be accessible via WebLink, you
will need two public portal licenses. In addition, public portal licenses are
categorized by number of processors on your Laserfiche Server. A dual-processor
Laserfiche Server must have a dual-processer public portal license, and a
multiprocessor Laserfiche Server must have a multiprocessor public portal license.
Any user who has been marked as read-only in the Laserfiche Administration
Console can log in to WebLink using the public portal license. If a user is not a
read-only user, they must have a license of their own. Access to Laserfiche via
WebLink is always read-only, no matter what type of license the user has.
For more information on public portal licenses, see the Laserfiche Help Files –
Public Portal Licenses.
Introduction This lesson highlights security considerations for Laserfiche Administrators. We’ll
list out mechanisms that serve as a baseline checklist of common security
configurations.
SSL/TLS Secure Sockets Layer (SSL) and its successor, Transport Layer Security (TLS), are
protocols used to secure web connections and are the default model for securing
data in transit.
With a secure channel, data in transit cannot be easily read by someone who
intercepts that data.
Windows Laserfiche provides robust security tools for controlling access to data within the
System Laserfiche repository. However, you also have to ensure that Laserfiche resources
Security themselves are properly secured outside of Laserfiche.
The Laserfiche SQL database and all volume files stored on disk must be properly
secured outside of Laserfiche.
If this data is not properly secured at the file system layer, users without access to a
document within Laserfiche may be able to bypass those security measures, by
accessing the data directly from the local machine.
Exceptions can be made to the firewall by allowing certain ports to be open, usually
on an application-by-application basis.
Ensure that appropriate communication channels are open for Laserfiche and its
related services when crossing firewall boundaries, while still maintaining a secure
environment.
For additional information on how to configure firewalls for use with Laserfiche,
please see the Laserfiche Help Files – Firewalls.
Audit Trail Laserfiche Audit Trail logs actions that occur within a repository.
Any action categorized for tracking through Audit Trail is saved to a log file as an
event, to be viewed by authorized users and administrators. These events may
include actions such as printing, searching, modifying documents, or altering a
user’s account.
While Audit Trail records changes, it does not prevent them from happening. In
addition, actions taken outside of Laserfiche (such as taking a screenshot using print
screen) are not tracked by Audit Trail.