Appleby Corporate Logo
Appleby Technotes
Tips from the technology department of Appleby & Company.

Archive for April, 2010

Laserfiche Workflow Tokens

A powerful add-on to Laserfiche’s document management software is  Laserfiche Workflow.  In it, you can drag-and-drop actions that will manipulate your documents and metadata under a specific condition.

Laserfiche has included an action composed entirely of .Net code (either C# or VB), which allows you to extend your Workflow to the limits of programming.  Unfortunately, passing values back and forth from your script to the other built-in Workflow modules can be less than intuitive.  This is accomplished using Laserfiche tokens (similar to variables).

From within a C# script you can get the value of a token created from a previous activity like this:

string InvoiceNumber = TokenReplace(“%(GetFieldValue_OrderNumber)”);

Where %(GetFieldValue_OrderNumber) is the token identifier, that you can find by using the token picker.
If you would like to pass a value out of your C# script into a future activity, you can create it like this:

LFDocument doc = (LFDocument)this.Entry;
this.SetToken(“GUID”, doc.EntryGUID);

Here we are finding the GUID of the active Laserfiche document and passing it into a Token we are naming “GUID.”

Finally, Laserfiche supports multi-value tokens that behave similar to an array in programming.  These will allow you to pass more than one value into a “For Each” activity in workflow.  These can be created like this:

string[] theArr = {“a”, “b”, “c”};
this.SetToken(“myToken_All”, theArr);

This technique will only work when the token has a name ending in “_All” to idenitify it to Workflow as multi-value.
Properly using Tokens will allow you to expand your utilization of Workflow’s features, and get the most out of your document repository.

OpenVPN Site-to-Site

OpenVPN is a great way to setup secure site-to-site links between networks on different subnets.  I recommend pfSense; it’s an open source FreeBSD based firewall OS that can run on embedded hardware (ALIX boards from PC Engines) or x86 hardware.  In our current setup our OpenVPN server is an x68 install of pfSense running as a VMware Appliance under VMware ESXi 4.0.  You will need to use the free VMware converter to put the appliance on ESXi.  If you used static routes to the other subnets on your main router you would not have to replace your main router if you wanted to run pfSense on the side to make the OpenVPN link.  In our setup our client routers are ALIX boards in the various location running as the main router.   To get started I would use this document on pfSense’s website as I’m not going to go step by step but just point out a few problems I ran into.

Server Setup

Protocal: UDP
Dynamic IP: Checked
Local port: (1194 is the default)
Address pool: (Set this to a /24 subnet outside of the range of all your networks; this is used for the back end routing for OpenVPN)
Use static IPs: unchecked
Local network: (I leave this blank and use custom options)
Remote network: (I also leave this blank and use custom options)
Client-to-client VPN: Checked
Cryptography: BF-CBC (128-bit)
Auth metyhod: PKI
Shared key: Grayed out
CA Cert, Server Cert, Server Key, DH Paramers: (All filled out with the certs generated by the steps in the pfSense document)
DHCP-Opt.: (These settings don’t do anything in Site-to-Site links; I did how ever disable NetBIOS)
LZO compression: checked

Now for the server’s custom options; this will all depends on your setup and how many networks you are going to link.  Each one of these should be separated by a semicolon and I will try to explain each one.

//This is so the OpenVPN server will configure the IP for the interface if you want to be able to filter VPN trafic.
dev tun0;

//This is the WAN IP the OpenVPN server will use on the router; make sure you have a rule added or have Auto-added VPN rules enabled under advanced.

//You need one of these for ever subnet you have; this pushes the router out to the client routers so they know how to get to the other networks.  When the VPN link goes down these routes are automatically removed.
push “route xxx.10.1.0″;       //Server’s subnet
push “route xxx.0.1.0″;         //Client subnet
push “route xxx.0.2.0″;         //Client subnet
push “route xxx.0.3.0″;         //Client subnet
push “route xxx.0.4.0″;         //Client subnet
push “route xxx.168.0.0″;     //Client subnet

//There are for the server to add the routers to the client networks.  Make sure not to have the server’s local subnet here.
route xxx.0.1.0;
route xxx.0.2.0;
route xxx.0.3.0;
route xxx.0.4.0;
route xxx.168.0.0

Now to need to tell the server what subnet should go to what client.  This is done why using the Client-specific configuration.

Disabled: unchecked
Common name: (the name assigned to the client router in the cert.)
Blocked: unchecked
Push reset: unchecked
Interface IP: (Leave this blank)
Custom options:  iroute XXX.0.2.0

Now for the client settings.

Protocal: UDP
Server address: (WAN IP of the server)
Server port: (what ever you setup on the server)
Cert Settings: (Same as the server but of course you use a custom client cert and key)
LZO compression: Checked
Dynamic sourceport: (You can enable this is you want)
Custom options: dev tun0

On the client routers you will want to setup an entire domain override setting for the DNS Forwarder to send all DNS request for your internal domains to you Active Directory or DNS servers else ware on your network.  This will allow client computers on a client network to go to internal sites on your network.  Send all DNS in this setup is not recommended because if the link goes down no DNS means no internet.  Best to only redirect what you need.

In a later post I will explain how to send all traffic and DNS from a client site over the VPN connection and have it fail back to the local connection if the link goes down.

Laserfiche Desktop Document Shortcut

A little info on the not so well documented desktop document shortcuts that are new to Laserfiche 8.x.  These are shortcuts or links from email or your desktop that you can click on that will open up the document or folder in the laserfiche client.  Basicly a XML file with a “.lfe” extension that points to a Laserfiche EntryID (Found by right clicking and selecting properties for either a folder or document).


<?xml version=”1.0″ encoding=”utf-8″?>
<repository name=”RepositoryName”>
<entry id=”1″ />

Well, even less documented is the fact you can add a shortcut to a specific page by simply adding page=”2″ to the <entry> element.
Note: the page number is a 0 based index. page=”2″ is really page 3 of the document.

<entry id=”1″ page=”2″ />