Posts Tagged ‘worksite’

Recently a few users had the following bounce backs from Office 365 to an On-Prem Mailserver with the error

‘550 5.4.316 Message expired, connection refused(Socket error code 10061)

Checking the logs in 365 of this, this was due to the Fortigate adding some 365 SMTP servers to the IPS Quantarine List

Removing these servers from the Quarantine and also removing IPS checking in the Policy of 365 servers to on-prem via SMTP resolved this

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Public

Worksite permissions default to everyone have access to everything. When a workspace is set to Public no permissions are restricted every if they are listed in the security list

Private

Private mode restricts access per the permissions listed 

FAQ

Read/Write Permission vs Full Access

Full Access gives users permissions to change existing permissions. Read/Write gives full access to the data

How do I give users read Access to a Workspace

Set it as Private

Great a group with all users and assign this read

Setup Users to full access

How can I get a list of all private or public workspaces?

SELECT p.prj_id, p.prj_name, p.prj_descript, p.prj_owner FROM mhgroup.projects p (NOLOCK) WHERE p.subtype = 'work' AND p.default_security = 'X'

To get a list of public workspaces you would change p.default_security = ‘X’ to ‘P’.

SELECT p.prj_id, p.prj_name, p.prj_descript, p.prj_owner FROM mhgroup.projects p (NOLOCK) WHERE p.subtype = 'work' AND p.default_security = 'P'

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

You can set the author and default document class by setting the following registry key. The variable %USERID% will resolve to the user that is logged in.

[HKEY_CURRENT_USER\Software\Interwoven\WorkSite\8.0\iManExt\DefaultNewProfile]
“382”=”%USERID%”
“384”=”DOC”

VN:F [1.9.22_1171]
Rating: 9.0/10 (1 vote cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

By default this is disabled , to Enable , open the registry key : 

SOFTWARE\Interwoven\WorkSite\imDmsSvc\Databases\%databasename%

“Workspace Index”

Set to Y

Then

Restart Worksite Service

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)
  1. Make sure you have a Send Connector in O365 so that I route all emails from your subdomain e.g. imanage.domain.com back to the Public IP where your Communication Server is , use the Router to NAT port 25 from this IP to the communication server and make sure SMTP is allowed through the local firewall

  2. Update the ‘Email Domain’ on the ‘WorkSite Server’ properties to ‘imanage.domain.com’ stop and start the ‘WorkSite Server’ service.

  3. Then update the ‘Domain’ in the communication server ‘Exchange Online’ properties to ‘imanage.domain.com’ stop and start the ‘Exchange Online’ service.

  4. The above will allow internal recipients to Send and File , if  wanting external recipients to be able to file emails to this server, make sure you create an MX Record for imanage.domain.com externally to route to your communications server ( preferably via your Spam Filter) 

 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

 

Azure Single Sign-On 

Identifier (Entity ID): https://imanage.domain.com

Reply URL (Assertion Consumer Service URL): https://imanage.domain.com/api/v1/session/saml-login 

Download Certificate file (.cer) and store on iManage server e.g. C:\SSL\

HIVE: HKLM\SOFTWARE\Interwoven\WorkSite\imDmsSvc 

 

SAML Attribute: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name 

SAML Endpoint: https://myapps.microsoft.com/signin/iManage%20SAML/xxxxxxx-xxxxxx-xxxx

SAML Key File: C:\SSL\iManageSAML.cer 

SAML Logout Endpoint: https://login.microsoftonline.com/common/wsfederation?wa=wsignout1.0 

SAML Web RP: https://imanage.domain.com

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

The Web uses port 443 ( SSL ) TCP

The client uses port 1090 TCP

The client Auth used 1091 TCP

These all need to be open on the router for iManage URL connection to work externally. Also the below registry items need to be set for it to force the client to use a dedicated port instead or the normal client default

 

64bit

[HKEY_LOCAL_MACHINE\SOFTWARE\Interwoven\Worksite\8.0\Common\Options]

"Use Hosted DM"="Y"

"Hosted DM ServicePort"=dword:00000442 ( Decimal 1090 )

"Enable Hosted DM SSL"="Y"


32bit

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Interwoven\Worksite\8.0\Common\Options]

"Use Hosted DM"="Y"

"Hosted DM ServicePort"=dword:00000442

"Enable Hosted DM SSL"="Y"
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)
  1. Login to iManage / Worksite Communication Server 
  2. Go to : C:\inetpub\mailroot\Badmail to see the bad mail
  3. Open up one of the emails with wordpad / notepad
  4. Get the Folder ID ( FID ) of where the email is being filed
  5. Get the username of the operator trying to file the email (Control + F “ref” can help alot)

Subject: RE: xxxxxxxxxxxxx (Our Ref:  xxxxxx)[xxx-xxx.FID102361]
 
If the IRN is not visible in the subject, look for the folder ID

“{F102361}.xxx@dms.xxxx.com”

From this example, the folder ID is 650594.


Put that folder id into this SQL query and run it against the iManage SQL database:


Replace the XXXXXXX with the folder ID


select * from [%imanageDBName%].[MHGROUP].[PROJECT_NVPS] where PRJ_ID=’XXXXXXXX’
 
Look for the value of iMan_26. this is the IRN:

You may also use:
select * from [%imanageDBName%].[MHGROUP].[PROJECTS] where PRJ_ID=’XXXXXXXXX’

The IRN can be found under the PRJ_DESCRIPT column:
 
Once you have IRN,

In Outlook search for the workspace that is found in the reference number.
if reference number does not exsist search for a document and use the FID number to find workspace number.
open the IRN Workspace in Filesite/Outlook
expand the IRN so you can see the “File” Folder
right click on the “File” folder , click properties
click profile tab
select the operator Click “Add/Edit” button
The operator might have a Red Circle on it
this means the User is disabled – Enable the user or change to the live user.
Change to the live user is prefered
Click yes to the prompt (don’t need to tick any boxes) let it update, once complete click “close”
 
Now cut + paste the email from C:\inetpub\mailroot\Badmail to C:\inetpub\mailroot\Drop , make sure it does not go back into C:\inetpub\mailroot\Badmail.
 
If we see many emails (over 3) in the badmail folder the comms server may have lost contact with the DB server.
Start the worksite service manager from deskop (imanage user)

Check that the service account isn’t locked out 
Move all badmails to the drop folder and see what get’s bounced to badmail and work from there.
 
If doing alot of these, you may want to edit Communications Server port so it doesn’t bombard users with emails
 
Check User filing with email Enabled in the Database?
User filing has write access to database ( Archive01 only read only ) ?
User filing has the same Email Address she’s sending from then the Same in AD as iManage ?
Try enabling all users and refilling all
Check the Workspace Folder double check the author / operator is installed and change to enabled user
 


VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

There is a logon script that runs the following (Replace the server with whatever your imanage server is)

“C:\Program Files (x86)\Interwoven\WorkSite\addiman.exe” %IMANAGESERVER%

The details can also be added via Registry in the Group Policy : 

Key : HKCU\Software\Interwoven\WorkSite\8.0\Common\Login\RegisteredServers\%IMANAGESERVER%\

Value : Autologin
Type : REG_SZ
Value Data : Y

Value : DATABASES
Type : REG_MULTI_SZ
Value Data : %DATABASE%

Value : Local
Type : REG_SZ
Value Data : N

Value : Password
Type : REG_SZ
Value Data : 

Value : ServerName
Type : REG_SZ
Value Data : %SERVERNAME%

Value : TrustedLogin
Type : REG_SZ
Value Data : Y

Value : UserID
Type : REG_SZ
Value Data : 

 

 

VN:F [1.9.22_1171]
Rating: 8.0/10 (1 vote cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)