File Changes required for your site - Akumina Community

File Changes required for your site

The AppManager App package provided to you from Akumina has 3 files that need to be customized for your site.  Unique values that are applicable to your SharePoint and AppManager must be set.  These files are the web.config, interchange.settings.config, and the unity.config files that were just extracted from the zip file.

 

Customizing the web.config File

Edit the web.config file using Notepad++ or a similar tool

  • Search for and set the SharePointURL to the base SharePoint Site URL where you will be installing AppManager (example: https:akdev11.onakumina.com for a cloud on-prem server)
  • Set the Client ID – you will copy and paste the value you have saved in your Notepad file “MyAppManagerInstallNotes.txt” (example similar to: b3824b0d-cffb-48c9-a006-508c7eda60f6)
  • Search for the customHeaders parameter
  • Set your SharePoint URL for the value of “Access-Control-Allow-Origin”
  • Uncomment the “Access-Control-Allow-Credentials”.  Leave the value as “true”
  • SAVE the web.config file

Customizing the interchange.settings.config File

Edit the interchange.settings.config file using Notepad++ or a similar tool

  • Set the “akumina:tempuploadpath” to a location in which you want temporary files from AppManager stored.

<add key=”akumina:tempuploadpath” value=”C:\TEMP” />

IMPORTANT: The folder specified MUST have Full Control set for EVERYONE to enable the correct access.
  • Update the following SMTP keys – with your appropriate values

<add key=”akumina:SMTPHost” value=”” />

<add key=”akumina:SMTPUser” value=”” />

<add key=”akumina:SMTPPassword” value=”” />

<add key=”akumina:SMTPPort” value=”” />

  • You must set the akumina:BackgroundProcessorKey whether or not you are using the Background Processor functionality (for Forms).  This key is also used by the AppManager for authentication.  It is recommended to use a GUID generator for the processor key value.

<add key=”akumina:BackgroundProcessorKey” value=””/>

 

  • For HIGH TRUST on-premises only, set the following key to “true”, for low trust leave as false.

<add key=”akumina:CustomCertificateValidation” value=”false”/>

 

  • For HIGH TRUST on-premises only, uncomment the following key

<add key=”akumina:SecureAPI” value=”true”/>

  • SAVE the interchange.settings.config file

 

Customizing the unity.config File

Edit the unity.config file using Notepad++ or a similar tool

  • In the “file” container name section, uncomment the “NtFileService” line, and comment out the “AzureBlobService” line.  The result should look as follows:
  • Remove AD from the key below (see the highlight in yellow)

    <!–Use PeopleDirectoryStorageHandlerService for SharePoint Profile Sync–>

<register type=”IPeopleDirectoryUserStorageHandler” mapTo=”PeopleDirectoryStorageHandlerServiceAD” />

  • SAVE the unity.config file

Enabling the Certificate for High Trust Environment

There are two options for enabling the use of the high-trust certificate that was created in a prior step:

Enabling Certificate Serial Number Use

The following steps will enable the use of the certificate serial number (instead of user credentials) when configuring an on-prem high trust environment.

  1. Edit the interchange.settings.config file and add the following key with a value of “S2S”

<add key=”akumina:AuthMode” value=”S2S” />

  1. Edit the web.config file and perform the following:
    1. Add the following key with the serial number value from your certificate*

    <add key=”ClientSigningCertificateSerialNumber” value=”<Serial Number>”/>

    1. Comment out (or delete) the following keys (they are not needed in this configuration)

    <!–<add key=”ClientSigningCertificatePath” value=”” /> –>

    <!–<add key=”ClientSigningCertificatePassword” value= “” /> –>

  2. Grant read permissions on the following folder for the App Pool account (in most cases it will be localservice or network service) or Everyone

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys

Note: Alternatively, you can grant read permission only to the private file related to your certificate, and not the entire directory.

* To find the serial number of your certificate, double click your .cer file, select the Details tab, and then select the “Serial number” field

Using Certificate Path and Password

Search and find the following 3 keys associated with the certificate. Uncomment the keys and add the values from your certificate process.

Views: 675
//]]>