System configuration

Contents:


By selecting System SettingsConfiguration from the menu, you will be directed to the elDoc Configuration page, where you can access and manage the system-wide settings.

Controls

- switches page into the edit mode (respective access-rights are required)

- saves settings (and validates LDAP credentials if any were provided)

- reloads system configuration defined in the eldoc.conf file

elDoc system configuration

License configuration

Provides information about currently installed license and allows to paste license code.

  • Licensed for - displays the name of the organization to whom the license was issued to
  • Licensed number of users - displays the number of users allowed to work with the system
  • License type - displays the type of the license, can be "Named" or "Concurrent"
  • License expiration date - displays the date when the license expires
  • License modules - displays the licensed (available) modules, may include "IDP", "BPM" or both
  • IDP pages per month - displays the licensed number of pages which can be processed by month* (month counted as last 30 days)
  • Instance ID - instance code to which the license is attached to

Community license limitations

elDoc community license comes with the following limitations:

  • Licensed number of users: 5 - community license comes with 5 Named users only
  • IDP pages per month: 50 - community license comes with 50 IDP pages per month, the same limitation applies when IDP module is not licensed
  • IDP forms limit: 3 - community license limits the number of Recognition Forms to 3, the same limitation applies when IDP module is not licensed

System settings

  • System url-address - defines system base url address
  • System time-zone - defines system-wide time-zone (can be overridden by end-users in their own profiles)
  • System date format - defines system-wide date format (can be overridden by end-users in their own profiles)
  • System time format - defines system-wide time format (can be overridden by end-users in their own profiles)
  • Mail notifications - enables email-notifications
  • Send from address - defines email address to send email notifications from
  • Email server login - defines email server (SMTP) login (if required)
  • Email server password - defines email server (SMTP) password (if required)
    NOTE: SMTP transport parameters are to be defined via eldoc.conf file
  • Send test email - allows to enter email address to which test email can be sent
  • Require MFA for users - sets MFA (Multi-factor authentication based on the TOTP algorithm) as a must requirement for users (except users added to the group with tag 'MFAIgnore')

AI document processing settings

  • Preprocessing queue - disables/enables IDP pre-processing queue
  • Preprocessing queue status - displays status of the IDP pre-processing queue
  • Recognition queue - disables/enables IDP processing queue
  • Recognition queue status - displays status of the IDP processing queue
  • Conversion queue - disables/enables IDP conversion queue
  • Conversion queue status - displays status of the IDP conversion queue

LDAP (AD) authentication settings

Provides configuration options for setting up integration with the AD LDAP server in order to perform users authentication.

NOTE: user profile should be present in the elDoc system in order to allow login into the elDoc system using LDAP-credentials. Use LDAP synchronization for the purpose of user profiles automatic creation.

  • LDAP authentication enabled - enables/disables LDAP integration for authentication
  • LDAP server URL - AD LDAP server URL-address (domain name or ip-address and port). NOTE: Several URLs can be provided (separated by whitespace) to ensure failover in case one of the AD LDAP servers is not accessible
  • LDAP system account login - AD LDAP system account login name for the elDoc system to act of behalf of it (requires read-only access)
  • LDAP system account password - AD LDAP system account password for the elDoc system (once entered - it is stored internally in encrypted way and doesn't require re-enter on subsequent settings update)
  • LDAP users search base entry name - DN of the OU-entry in the AD LDAP catalog hierarchy used to perform user lookup during authentication
  • LDAP user principal suffix - (optional) login suffix to be automatically added while login (for username@your-domain.com to be entered as @your-domain.com)

NOTE: once LDAP (AD) authentication is enabled - elDoc performs AD LDAP settings verification on each save of the configuration parameters and shows notification in case it can not verify provided connections parameters.

LDAP (AD) synchronization settings

Provides configuration options for setting up synchronization of AD LDAP user profiles and groups with the elDoc system.

NOTE: Groups synchronization doesn't support embedded groups on the LDAP side. All embedded groups are ignored during synchronization.

elDoc system performs incremental LDAP-synchronization by comparing Highest Committed USN with the one remembered from the previous incremental sync. Initial sync always performed as full sync.

Additionally to the "Highest Committed USN" the "InvocationID" attribute is also compared with the one remembered from the initial full sync and in case it has changed on the LDAP side - incremental sync will fail and full-sync is required to be performed manually in order to restore automatic scheduled incremental sync.

  • LDAP (AD) user synchronization enabled - enables/disables AD LDAP-synchronization of user profiles and groups
  • LDAP server URL - AD LDAP server URL-address (domain name or ip-address and port), single URL to be specified only
  • LDAP system account login - AD LDAP system account login name for the elDoc system to act of behalf of it (requires read-only access)
  • LDAP system account password - AD LDAP system account password for the elDoc system (once entered - it is stored internally in encrypted way and doesn't require re-enter on subsequent settings update)
  • Sync schedule (UTC) - defines synchronization schedule (time is UTC/GTM based)
  • LDAP root entry name - defines LDAP root entry (DN) name
  • LDAP entry name designating sub-tree for sync - defines LDAP entry which is the top-level entry used for defining sync scope (all sub-entries are synced only). Usually matches "LDAP users search base entry name" value of the LDAP (AD) authentication settings
  • LDAP objects search filter - defines LDAP objects search filter for locating user profiles and groups which are to be synced with elDoc internal directory
    NOTE: Contact your LDAP administrator for receiving most optimized filter expression
    Button: "Try query" - allows to perform test run of query in order to check included items before doing actual sync
    Button: "Reset" - resets query to the default value
  • LDAP deleted objects search filter - defines deleted LDAP objects filter for reflecting objects deletion in the elDoc internal directory
    NOTE: Contact your LDAP administrator for receiving most optimized filter expression
    Button: "Try query" - allows to perform test run of query in order to check included items before doing actual sync
    Button: "Reset" - resets query to the default value
  • LDAP to local DB attributes mapping: Users - defines attributes mapping between LDAP and elDoc directory for user-profiles
  • LDAP to local DB attributes mapping: Groups - defines attributes mapping between LDAP and elDoc directory for group-profiles
    HINT: in order to manage elDoc roles via AD LDAP - assign required roles in elDoc to the groups synchronized from the AD LDAP and then just add/remove users to those groups via AD LDAP
  • Button: "Incr. Sync" - performs incremental sync once pressed
  • Button: "Full Sync" - performs full sync once pressed

DB indexes initialization

Provides functionality for re-creating database indexes

System logging settings

Provides functionality for charging logging levels.

NOTE: It is highly recommended to keep logging levels as shown on the screenshot below for the production environments.

Additional settings

  • Primary node in the cluster - indicates that the current node is the primary instance in the cluster
  • File-attachments on-line editing functionality status - indicates on-line editing service status
  • File-attachments on-line preview functionality status  - indicates on-line preview service status
  • Cipher keys generator: Random 128bit cipher key (Hex-encoded) - generates random cipher key (to be used for eldoc.conf)
  • Cipher keys generator: Random 256bit cipher key (Hex-encoded) - generates random cipher key (to be used for eldoc.conf)


Last modified: August 13, 2024