ADSS-Go-Sign-Connector-for-SharePoint-Deployment-Guide ...

© Ascertia Limited. All rights reserved.

This document contains commercial-in-confidence material. It must not be disclosed to any third party without the written authority of Ascertia Limited.

Commercial-in-Confidence

AD S S G o > S ig n C o n n e c t o r f o r

S h a r e P o i n t v 1 . 1

D e p l o y m e n t G u i d e

AS CE RTIA LTD

J U LY 2 0 2 0

D o c u m e n t V e r s i o n - 1 . 1 . 0 . 3

ADSS Go>Sign Connector for SharePoint - Deployment Guide

© Ascertia Limited Commercial-in-Confidence Page 2 of 17

CONTENTS

1 INTRODUCTION ....................................................................................................................... 3

1.1 SCOPE ................................................................................................................................ 3

1.2 INTENDED READERSHIP......................................................................................................... 3

1.3 CONVENTIONS ..................................................................................................................... 3

1.4 TECHNICAL SUPPORT ............................................................................................................ 3

1.5 WHAT’S NEW IN ADSS SHAREPOINT CONNECTOR V1.1 ............................................................ 3

2 SYSTEM REQUIREMENTS ....................................................................................................... 4

2.1 SIGNING PREREQUISITES ...................................................................................................... 5

3 INSTALLATION ........................................................................................................................ 6

3.1 OVERVIEW ........................................................................................................................... 6

3.2 SOLUTION PACKAGE ............................................................................................................. 6

4 INSTALLING CONNECTOR ...................................................................................................... 7

4.1 UPLOADING ADSS GO>SIGN SOLUTION PACKAGE ................................................................... 7

4.2 DEPLOYING SOLUTION .......................................................................................................... 7

5 REMOVING CONNECTOR ...................................................................................................... 10

APPENDIX A: CONFIGURATION ................................................................................................... 11

APPENDIX B: TROUBLESHOOTING ............................................................................................. 12

APPENDIX C: FLOW DIAGRAMS .................................................................................................. 14

APPENDIX D: KNOWN ISSUES ..................................................................................................... 16

APPENDIX E: NOTES FOR DEVELOPER ...................................................................................... 17



1 Introduction

1.1 Scope This manual describes the installation process for deploying ADSS Go>Sign Connector for Microsoft SharePoint 2013.

1.2 Intended Readership This manual is intended for SharePoint administrators who are responsible for managing SharePoint services.

1.3 Conventions The following typographical conventions are used in this guide to help locate and identify information:

• Bold text identifies menu names, menu options, items you can click on the screen, file names, folder names, and keyboard keys.

• Bold Courier New font identifies commands that you are required to type in.

1.4 Technical support Ascertia has a dedicated support team providing product technical assistance, integration assistance and general customer support. Ascertia Support can be accessed in the following ways:

Website https://www.ascertia.com

Email [email protected]

Knowledge Base https://www.ascertia.com/products/knowledge-base/adss-server/

FAQs http://faqs.ascertia.com/display/ADSS/ADSS+Server+FAQs

In addition to the free support service describe above, Ascertia provides formal support agreements with all product sales. Please contact [email protected] for more details.

A Product Support Questionnaire should be completed to provide Ascertia Support with further information about your system environment. When requesting help it is always important to confirm the following:

• System platform details

• Connector version number

• Details of the specific issue and the relevant steps taken to reproduce it

• Database version and patch level

• The product log files

1.5 What’s new in ADSS SharePoint connector v1.1 • Supports Microsoft SharePoint 2013.

• Option to trigger SharePoint workflows on signing and declining of a document is now configurable.

• Set Meta information against the document based on last performed action. See Appendix E: Notes for developer

mailto:[email protected]




2 System Requirements The following table summarizes the system requirements for installing ADSS Go>Sign connector:

Component Minimum Requirements

ADSS Go>Sign Connector for SharePoint

Server system The following SharePoint version(s) are supported:

• SharePoint Server 2013 (Foundation, Standard or Enterprise)

Client machines

(systems using the

service)

Any reasonable Windows or Linux system with a modern browser (see

below for supported browsers with JavaScript enabled).

If local signing is to be used then JRE v1.6.0-11 or above is required.

Browsers

(for end-users and

administrators)

The following browsers are supported:

• Internet Explorer 9

• Firefox 14.0 or above

• Chrome 21.0 or above

ADSS Server

ADSS Server ADSS Server is a mandatory component of the solution; it provides the

underlying security services required by the Go>Sign connector. See

ADSS Server Installation guide for more details.

The following operating systems are supported:

• Windows Server 2012, 2008, 2008 R2 (32 & 64 Bit)

• Solaris 11 (x86 only, 32 and 64 bit)

• Linux (Various – 32 and 64 bit)

Hardware: A modern multi-core CPU such as the Xeon E55xx or E56xx

range is recommend, with 4GB RAM (8 GB is recommended), 100 MB

Disk space for installation.

ADSS Server can be installed on the same machine as SharePoint,

however for highest performance a separate system is recommended.

Database server The following databases are supported by ADSS Server:

• Microsoft SQL Server 2005, 2008, 2012

(Express, Enterprise, Web Edition)

• Oracle 11g, 10g

• PostgreSQL v8.x, v9.x

• MySQL 5.x

The ADSS Server DBMS can be installed on the same machine as the

ADSS Server application however for high performance it is recommended

to use a separate database machine.

Hardware: A modern multi-core CPU such as the Xeon E55xx or E56xx

range is recommend, with 4GB RAM, typically 5-10GB disk space will be

required.



Component Minimum Requirements

DMZ proxy machine

(if used)

The following DMZ proxy machines are supported:

• Windows 2003/2008 Server + SP1 with IIS 6.0/7.0 or Apache Web

Server or IBM HTTP Server

• Linux with Apache Web Server or IBM HTTP Server

Hardware: Use a modern multi-core CPU, 2GB RAM,100 MB disk space

HSMs

(If these are used)

The following PKCS#11 Hardware Security Modules are supported:

• Thales SafeNet Luna and ProtectServer HSMs

• nCipher nShield Solo or Connect HSMs

• Utimaco HSMs

• Microsoft Azure Key Vault HSM

• Amazon AWS Cloud HSM

ADSS Server can also use PKCS#11 compliant smartcard(s) and secure

USB token(s). Other PKCS#11 v2.x compliant HSMs should also work and

can be supported upon request.

Admin/Operator

browsers

The following Internet browsers are supported for accessing the ADSS

Admin web console:

• Internet Explorer 8.x and above

• Firefox 20.x and above

• Google Chrome 26.x and above

The details given above are minimum system requirements; these may need to be revised to meet specific performance requirements.

2.1 Signing Prerequisites Ensure that the SharePoint end-users have sufficient rights so that they can digitally sign the document. You can assign any of the following rights individually or in a combination to allow end-user to update the SharePoint document library once signing is concluded.

• Design

• Contribute

• Approve

• Manage Hierarchy



3 Installation

3.1 Overview A typical deployment environment consists of the following:

• SharePoint Server 2013 The solution is added to the existing deployment of SharePoint 2013.

• ADSS Server This provides the back-end security services to the connector. The security services include

cryptographic key and trust anchor management, server-side signature creation, signature

verification and auxiliary services.

3.2 Solution Package The solution is deployed to a SharePoint Server using a package file (SignwithGoSign.wsp), which contains the components of the connector. See section 4 for the instructions on deploying the solution.



4 Installing connector The installation process involves the following steps:

1. Uploading the package file to SharePoint Server using SharePoint 2013 Management Shell.

2. Deploying solution using SharePoint Central Administration.

4.1 Uploading ADSS Go>Sign solution package To deploy a solution using SharePoint 2013 Management Shell, follow the steps given below:

1. On the Start menu, click All Programs.

2. Click Microsoft SharePoint 2013 products.

3. Click SharePoint 2013 Management Shell.

4. At the Management Shell command prompt, type the following command:

Add-SPSolution –LiteralPath <SolutionPath>

E.g. Add-SPSolution –LiteralPath

C:\Users\Administrator\Desktop\solution\SignwithGoSign.wsp

4.2 Deploying Solution 1. On the Start menu, click All Programs.

2. Click Microsoft SharePoint 2013 products.

3. Click SharePoint 2013 Central Administration. You will be re-directed to the Central Administration home page and then click Manage farm solutions.



4. Click signwithgosign.wsp.

5. Click Deploy Solution

6. Click OK.



7. Once deployed, the status of the solution changes to Deployed.

8. Go to C:\Program Files > Common Files > microsoft shared > Web Server

Extensions > 15 >TEMPLATE > LAYOUTS > SignwithGoSign.

9. Open the GoSign.xml file in a text editor.

10. Replace existing values of the tags as necessary (see Appendix A: Configuration for details).

11. Save the file.

12. Restart Internet Information Services (IIS).



5 Removing connector Follow these steps to remove the Go>Sign connector from SharePoint 2013:

1. In Central Administration >System Settings, click Manage farm solutions.


3. Click Retract Solution.

4. Click OK.

5. In Central Administration, in System Settings, click Manage farm solutions.


7. Click Remove Solution.



Appendix A: Configuration The configuration information can be changed by editing the default settings defined in the GoSign.xml file.

The following table describes each tag present in the configuration file.

Key Description

General Settings

GoSignServiceAddress Specifies the ADSS Server Go>Sign server address with

which the ADSS Go>Sign connector will communicate for

all back-end processing i.e. signing, verification etc. The

default value of this property is

http://localhost:8777/adss/gosign/service.

OriginatorId The Client ID used to communicate with ADSS Server.

This is configured in the ADSS Server > Client Manager

module. The default value of this property is

samples_test_client.

ProfileId Specifies the ADSS Server-managed Go>Sign Profile

used to sign the document. Ensure the profile exists in

ADSS Server. The default value of this property is

adss:gosign:profile:004.

UserFieldAssociation Specifies whether signature field is assigned on the basis

of logged in user’s name or signing order. If this setting is

set to USER_NAME, the document owner must specify

the exact username of the signer (which is configured in

SharePoint) at the time of creating a blank signature field.

Note that the SharePoint usernames are shown in the

SharePoint > Site Actions > Site permissions. If set to

SIGNING_ORDER, the signing sequence will be based

on a sequential order, determined on the basis of field

name i.e. Signature1 will be signed first and then

Signature2. The pre-fix i.e. Signature can be configure in

the ADSS Server > Go>Sign Service. The default value of

this property is USER_NAME.

TriggerWorkflow Specifies whether workflow is to be started as soon as

document is signed or declined. If set to False, the status

of workflow associated with the document (if any) remains

unchanged. The default value of this property is True.

http://localhost:8777/adss/gosign/service



Appendix B: Troubleshooting Following is the list of common issues and their resolutions:

Error The timer job for this operation has been created, but it will fail because the administrative service for this server is not enabled.

Resolution In case you receive an error message concerning failure of Timer Jobs retracting the solution, follow the steps given below:

1. In Central Administration, click the Job status link.

2. Click Application Server Administration Service Timer Job.

3. Click on the Run Now button.

4. At the SharePoint 2013 Management Shell command prompt, type the following command:

stsadm -o execadmsvcjobs

If SharePoint administrator is deploying SharePoint over internet then ensure that "Alternate Address Mappings" is configured properly which allows to map web requests to a specific URL. You can do this by using the SharePoint Central Administration Web site available inside IIS on the machine hosting SharePoint 2013. The SharePoint administrator has to add an "Internal URL" and have to select an "Access Mapping Collection".

Error Failed response: Error: Access is denied

Resolution This error message appears when you are using Internet Explorer (version 8 or above). To resolve this issue, follow the steps given below to change the Security settings in Internet Options:

1. Start Internet Explorer.

2. On the Tools menu, click Internet Options.

3. On the Security tab, click Internet, and then click Custom Level.

4. In the Security Settings list, change Access data sources across domains (under Miscellaneous) to Enable.

5. Click OK to close the Security Settings dialog box.

6. Click Yes when you receive the following message:

Are you sure you want to change the security settings for this zone?

7. Click OK to close the Internet Options dialog box.



Error Sorry, something went wrong

Resolution This is a generic error message displayed by SharePoint. This error message is usually displayed in the following situations:

1. When ADSS is not accessible to the SharePoint application: Verify that the address of ADSS Go>Sign service, mentioned in the configuration file, is correct.

2. ADSS session has expired: Re-open the document and try signing the document again.

3. User is not authorized to use the application or website: Assign rights to the users who are expected to sign documents.

4. ADSS Go>Sign Service license has expired: Contact Ascertia sales team ([email protected]) to acquire a new license file.

Error Blank Screen is shown

Resolution Verify that the option to run java scripts is turned on in the internet browser settings.

Error Sign and Draw buttons are disabled

Resolution The Sign and Draw buttons are shown as disabled when the option to use field name as prefix is enabled in the ADSS Go>Sign profile. You can read more about this feature at the following ADSS Admin Guide site:

http://manuals.ascertia.com/ADSS-Admin-Guide/default.aspx?pageid=pdf_signature1






Appendix C: Flow Diagrams





Appendix D: Known Issues The following is a list of known issues in ADSS SharePoint connector:

1. Username is incomplete or incorrect: If username of a user consists of a domain name (for example, domain\user.name), it may not be displayed completely.

2. Workflow status is not updated: The workflow status remains unchanged if a document is modified after signing or declining it.



Appendix E: Notes for developer Following lines of code can be used to get Meta information of document status programmatically which

can be useful to take different decisions while making your own custom workflow on the base of

document status.

SPListItem currentItem = workflowProperties.Item;

Hashtable ht = currentItem.Properties;

string documentstatus = ht["gosign_status"].ToString();

Document can have following statuses.

• "changed" - when empty signature field is created and saved by the user

• "changed_incomplete" - when form is partially filled by the user

• "signed" - when some signature field is signed by the user

• "declined" - when user clicks the decline button

• "unchanged" - when user does nothing and click finish

*** End of document ***

ADSS-Go-Sign-Connector-for-SharePoint-Deployment-Guide ...

Documents