Setting up a file server with logical folders

When file servers and logical folders are set up in the application, you can use them to specify locations for uploading or downloading files and documents. File servers and logical folder specifications can be used in either of these cases:

  • Cloud applications, where the file servers are predefined as Amazon Web Service Simple Storage Services (AWS S3) “buckets” by the Cloud team. Use of SFTP servers or web servers for logical folders is also allowed in the Cloud.
  • On-premises applications, where a shared UNC path, FTP/SFTP, or AWS S3 services can be used for logical folders.

Prerequisites:

  • You must be a system administrator for this application, with permission to access the appropriate forms.
  • Decide where your file servers should reside (cloud, FTP/SFTP server, Web Server, or shared on-premises server), and know the file path and login information, if on-premises.
  • You cannot read or write to a shared file server in a partial trust environment.
  • Decide what logical folders you need to create. Some logical folders are predefined by the application. Others might depend on your company’s needs, for example, HR documents.
  • Determine which logical folders should reside on which file server, if you have a choice of file servers.
  • Decide which users should have access to which logical folders.

To set up a file server with logical folders, use this procedure:

  1. For an on-premises application, define each file server on the File Servers form.
    For a cloud application, the file servers might be predefined by the cloud team. You can define your own file server in this environment by using the default AWS bucket with a root path, or with the Additional Properties section (see below). You can also set up a local web server as a file server.
    1. Provide this information:
      Active
      If the file server is currently active and available for use, select this option.
      Server Name
      Provide a name that describes the server, for example FTP_EDI, fileserver1, or EDI_bucket.
      Server Type
      Select one of these options:
      • FTP: Use this option for either cloud or on-premises applications.

        When you select this option, the FTP tab is automatically selected.

      • Shared Path: Use this option only for on-premises applications.
      • AWS S3: Use this option only for cloud applications.

        When you select this option, the AWS S3 tab is automatically selected.

      • SFTP: Use this option only for either cloud or on-premises applications.

        When you select this option, the SFTP tab is automatically selected, and the label of the Domain field changes to Host Name.

      • Mongoose Web Service: Use this option only for cloud applications.
      • Infor Document Management: Use this option if you are using Infor Document Management as your file server for either cloud or on-premises operations.

        When you select this option, the Infor Document Management tab is automatically selected.

    2. If you select a server type of FTP, provide this information:
      Domain
      Provide the domain for user logins.
      Shared/FTP Path
      Specify the root path where files are stored on the server. Use this format: FTP_Server/folder/
      User ID
      Provide the user ID to access the FTP site.
      Password
      Provide the user password to access the FTP site.
      Remote Server Name
      Optionally, specify the DNS name or IP address of the server.
      Enable SSL
      Select this check box to enable SSL.
      Use Passive
      Select this check box to enable Passive FTP.
    3. If you select a server type of Shared Path, provide this information:
      Domain
      Provide the domain for user logins.
      Shared/FTP Path
      Specify the root path where files are stored on the server. Use this format: \\server\share\
      User ID
      Provide the user ID to access the shared server.
      Password
      Provide the user password to access the shared server.
      Remote Server Name
      Provide the DNS name or IP address of the server.
      Use IDO Request Service Always
      To use the IDO request service at all times, select this option.
    4. If you select a server type of AWS S3, provide this information:
      Bucket Name/Set as Default Bucket
      Provide an AWS bucket name or select Set as Default Bucket to set this field to Default.
      Root Path
      Specify a sub path to use after the bucket path. Doing this, you can create different file servers under the same bucket name.

      For example: Server1 has a root path of /Benefits/

      The full path is infor-awsbucket-prd-csbi/PRIVATE/csbi/903/tenant1/site1/Benefits/

      Server2 has a root path of /CustomerOrders/

      The full path is infor-awsbucket-prd-csbi/PRIVATE/csbi/903/tenant1/site1/CustomerOrders/

      User ID
      Provide the user ID to access the AWS bucket.
      Password
      Provide the user password to access the AWS bucket.
      Remote Server Name
      Provide the DNS name or IP address of the server.
      Use IDO Request Service Always
      To use the IDO request service at all times, select this option.
      Server Side Encryption Method
      Select the encryption method. If the Set As Default Bucket is selected, this option is disabled.
      • None: If no encryption method is to be used, select this option.
      • AES256: To use Advanced Encryption Standard 256 encryption method, select this option.
      • AWSKMS: To use Key Management or KMS encryption method, select this option.
      Server Side Encryption Key
      Optionally, provide the key to be used for the AWS S3 file encryption. If the Set As Default Bucket is selected, this option is disabled.
      External Bucket Name
      Provide the bucket name to be used. If the Set As Default Bucket is selected, this option is disabled.
      AWS Access Key
      Provide the AWS access key.
      AWS Secret
      Provide the AWS secret access key.
      AWS Session
      Provide the AWS session token.
      Use Pre-Signed URL To Upload
      Optionally, to use the pre-signed URL to upload, select this check box.
      Use Pre-Signed URL To Download
      Optionally, to use the pre-signed URL to download, select this check box.
    5. If you select a server type of SFTP, provide this information:
      Host Name
      Provide the host name for user logins (for example, sftp.cilrebo.com:22).
      Root Path
      Specify a sub path to use after the bucket path. Doing this, you can create different file servers under the same bucket name.

      For example: Server1 has a root path of /Benefits/

      The full path is infor-awsbucket-prd-csbi/PRIVATE/csbi/903/tenant1/site1/Benefits/

      Server2 has a root path of /CustomerOrders/

      The full path is infor-awsbucket-prd-csbi/PRIVATE/csbi/903/tenant1/site1/CustomerOrders/

      User ID
      Provide the user ID to access the SFTP site.
      Password
      Provide the user password to access the SFTP site.
      Remote Server Name
      Optionally, provide the DNS name or IP address of the server.
      Authentication
      Select the authentication to use:
      • Basic: Requires only the user ID and password
      • Use Private/Public Key: Requires only the key value
      • Use Both Password and Key: Requires both the password and key value
      SSH/OpenSSH Key File Path
      This field contains the path to access the key file.
      Encrypted SSH/OpenSSH Key
      This field contains encrypted key value when you click the Save Key button.
      Pass Phrase / Key Password
      Provide a password to open or read the key file path or content. This value is encrypted when you click Save.
      Load Key
      To load the key content from the file, click this button.

      If you select Basic authentication, this button is disabled.

      Clear Key
      To clear the content or file path, click this button.

      If you select Basic authentication, this button is disabled.

      Save Key
      To encrypt the content or the file path, click this button.

      If you select Basic authentication, this button is disabled.

    6. If you select a server type of Mongoose Web Service, provide this information:
      Domain
      Specify the domain for user logins.
      URL
      Provide the URL for the Mongoose web service, for example: https://servicename:port/ca
      User ID
      Provide the user ID needed to access the web server.
      Password
      Provide the user password to access the web server.
      Remote Server Name
      Provide the DNS name or IP address of the server.
      Use IDO Request Service Always
      To use the IDO request service at all times, select this check box.
    7. If you select a server type of Infor Document Management, provide this information:
      Domain
      Provide the domain for user logins.
      URL
      Provide the URL for the IDM service, for example: https://servicename:port/ca
      User ID
      Provide the user ID to access the IDM server.
      Password
      Provide the user password to access the IDM server.
      IDM Document ID
      Provide the document ID of the document type that you created in IDM.
      Authentication
      Select the type of authentication to use:
      • Basic: Uses the domain account
      • OAuth1: Uses the consumer key as user name and secret key as password
      Note:  Although other authentication methods are listed, only Basic and OAuth1 are currently supported.
      Map IDM Entity with Logical Folder
      To use multiple document types for any single file server, select this option.
      Delete All Before Overwrite
      To remove all versions of the same document before you overwrite or update any existing document in IDM that have the same key, select this option.
      Use Tenant
      To use the Tenant ID with an IDM connection, select this option.
      Print Server
      To set the file server as the print server for IDM Enterprise Print, select this option.
      Validate Printer
      To validate the file server for IDM Enterprise Print, click this button.
      Use Authentication Service
      To attach an authentication service, instead of loading OAuth keys or specifying a consumer key and shared secret, select this option.
      Note: This field is enabled for OAuth1 authentication only.
      Service Name
      Select the service name, as specified in Configuration Manager.
      Set Single IDM User Name/ID
      Provide one IDM user name or ID to be shared across the application to access IDM.
      Note: 
      • If you keep this field blank, the application uses the Workstation Domain/ID that is specified in the Users form.
      • If you select Basic authentication, this field is disabled.
      Use Single IDM User
      Enable the use of a single IDM user name or ID to be shared across the application to access IDM.
      • For All Users: When selected, the Set Single IDM User Name/ID value is used for all users.
      • As Default: When selected, the Set Single IDM User Name/ID value is used for users who do not have IDM accounts.
      Configure IDM
      To open a new form where you can create and maintain IDM document types, click this button.
      Load OAuth Keys
      To load the OAuth JSON key file that contains the consumer key and secret key, click this button.

      If you select Basic authentication, this button is disabled.

      Clear OAuth Keys
      To clear the previously loaded OAuth JSON key file, click this button.

      If you select Basic authentication, this button is disabled.

    8. Optionally, to open the JSON Key Value Pairs form where you can set key-value pairs, click Additional Properties.

      See Additional Properties for File Servers.

    9. To verify the server login information, click Validate.
    10. Click Activate.
      The file server is now available for selection on other forms.
  2. On the File Server Logical Folders form, to create logical folders on a file server, provide this information:
    Active
    To immediately activate a new file server without restarting the IDO Runtime, select this option.

    File servers are automatically activated when the first login occurs in the application. The file server is available for use in other forms when Active is selected.

    Logical Folder Name
    Provide a name for the logical folder.
    Server Name
    Select the file server where you want the logical folder to reside.
    Folder Template
    Provide a substitutable folder path.

    These substitutable keywords can be used for any template:

    • USERGROUP() is replaced by the authorization group name.
    • LOGICALNAME() is replaced by the logical folder name.
    • USERNAME() is replaced by the session user name.

    If the template is form-specific, you can use P() and V() keyword values.

    Folder Access Depth
    Specify the level to which subfolders can be specified under this folder. This should be a value based on the folder path. For example:
    \depth1
\depth1\depth2
\depth1\depth2\depth3
    Note: For performance reasons, this value is set to 3. This cannot be overridden by the logical folder's folder depth. The logical folder's folder depth is also used to check the access depth of the user. If you want to increase the directory depth, you can do so by passing the recursive depth in the form script. But note that this can lead to huge performance issues.
    Attached Document Type
    Provide the IDM document ID for any logical folder the Mongoose file server created for IDM.

    See Example: Setting Up Templates for Logical Folders.

  3. Set up the user groups that can access certain logical folders:
    1. On the Groups form, set up a group and add users to it.
    2. Click Group Authorizations.
    3. In the Object Authorizations for Group form, for the selected group, select File Server as the Object Type.
    4. In the Object Name field, select a logical folder whose access should be restricted to this group.
    5. Set these access privileges to Granted: Delete, Edit, and Read.
  4. For on-premises applications, set up physical folders on the server machine to match the logical folder structure, and set up sharing on those folders as appropriate.
After the file servers and logical folders are defined, you can select them on parameters forms and on the Documents and Attached Documents forms. Users can then access the files from the File Maintenance form as shown in this diagram:

SelectFiles-LogicalFolders

You can also use the file server as back up in case the local file system gets shut down or pulled out from the application site. You must set up this report server location in Configuration Manager and any report generated is also copied to this file server. See the "New/Edit Application - Advanced tab" in the Configuration Manager help.

Related topics
  • List of Logical Folders to Define
  • Upgrading to Logical Folders from Flat Files
  • Setting up a File Server for ERP in the Cloud
  • Setting up a File Server for ERP On-Premises
  • Setting Up a Web-based File Server