t4s hp trim to salesforce...
TRANSCRIPT
21 January 2016
Version 0.6
T4S HP TRIM to Salesforce Integration
From FuseIT
Server Install Documentation
AL10
Page 2 of 25
Se
rve
r In
sta
ll D
oc
um
en
tati
on
1. FuseIT Contact Details
Fuse Information Technologies Ltd
7 Forests Road
Stoke, Nelson
New Zealand 7011
+64 3 547 8200
+64 3 547 8209
AL10
Page 3 of 25
Se
rve
r Ins
tall D
oc
um
en
tatio
n
2. Confidentiality
This document contains confidential and proprietary information of Fuse Information
Technologies Limited (“FuseIT”). This document was prepared for the requesting parties
(“Customer”) for the sole purpose of evaluating the products and services proposed. It is
submitted to you in confidence, on the condition that you and your representatives have, by
receiving it, agreed not to reproduce or copy it, in whole or in part, or to furnish such
information to others, or to make any other use of it except for the evaluation purposes stated
above, and to return it to Fuse Information Technologies upon request. The previous
statement shall not apply to the extent that such statement violates any law requiring such
information to be made available to the public. In the event this document results in a
contract, you may retain this document for use, including making any necessary copies
related to the products and services covered by such contract. The offerings and prices
presented in this document, excluding any leasing quotes or rates, shall remain valid for a
period of 120 days from the document date unless Fuse Information Technologies authorises
an extension.
AL10
Page 4 of 25
Se
rve
r In
sta
ll D
oc
um
en
tati
on
3. Terms and Conditions
This document is subject to FuseIT’s standard terms and conditions which are available on
request. FuseIT reserves the right to vary the terms of this document in response to changes to
the specifications or information made available by the Customer. Submission of this document
by FuseIT in no way conveys any right, title, interest or licence in any intellectual property rights
(including but not limited to patents, copyrights, trade secrets or trademarks) contained herein.
All rights are reserved.
FuseIT does not assume liability for any errors or omissions in the content of this document or
any referenced or associated third party document, including, but not limited to, typographical
errors, inaccuracies or out-dated information. This document and all information within it are
provided on an "as is" basis without any warranties of any kind, express or implied. Any
communication required or permitted in terms of this document shall be valid and effective only if
submitted in writing.
All contracts with FuseIT will be governed by New Zealand Law and be subject to the exclusive
jurisdiction of the New Zealand courts.
AL10
Page 5 of 25
Se
rve
r Ins
tall D
oc
um
en
tatio
n
Contents
1. FuseIT Contact Details ................................................................................. 2
2. Confidentiality .............................................................................................. 3
3. Terms and Conditions .................................................................................. 4
4. Introduction ................................................................................................. 7
5. Overview ..................................................................................................... 8
6. Prerequisites ............................................................................................. 10
7. T4S IIS Setup ............................................................................................ 11
8. Install Salesforce Two-Way SSL Certificate ................................................ 12
9. Testing Two-Way SSL ................................................................................ 18
10. Creating a Client Certificate for Users ........................................................ 20
11. Installing Client Certificate into Users Web Browser .................................... 23
12. Troubleshooting ......................................................................................... 25
List of Figures
Figure 1 – T4S Bi-directional Exchange of Documents ............................................... 8
Figure 2 – T4S System Overview ............................................................................... 9
Figure 3 – IIS on the TRIM Web Server ................................................................... 11
Figure 4 – MMC Console ......................................................................................... 12
Figure 5 – Add/Remove Snap-In .............................................................................. 12
Figure 6 – Certificates Snap-In ................................................................................ 13
Figure 7 – Local Computer ...................................................................................... 13
Figure 8 – Import Task ............................................................................................ 14
Figure 9 – Certificate Import Wizard ........................................................................ 14
Figure 10 – Certificate Import Wizard....................................................................... 15
Figure 11 – Storing the Certificate ........................................................................... 15
Figure 12 – Certificate List ...................................................................................... 16
Figure 13 – Certificate Details ................................................................................. 16
Figure 14 – Open SSL Settings ............................................................................... 17
Figure 15 – SSL Settings ......................................................................................... 17
Figure 16 – New Trim Record .................................................................................. 18
AL10
Page 6 of 25
Se
rve
r In
sta
ll D
oc
um
en
tati
on
Figure 17 – Linked Record Details ........................................................................... 18
Figure 18 – Records Lookup .................................................................................... 19
Figure 19 – Export Certificate .................................................................................. 20
Figure 20 – Export Private Key ................................................................................ 21
Figure 21 – Delete Private Key ................................................................................ 21
Figure 22 – Create Certificate Name ........................................................................ 22
Figure 23 – Find Certificate ..................................................................................... 23
Figure 24 – Confirm Certificate ................................................................................ 24
Figure 25 – Enter Credentials .................................................................................. 24
Figure 26 – SSL Ignore Setting ................................................................................ 25
List of Tables
Table 1 – Prerequisites ........................................................................................... 10
Table 1 – T4S Server Requirements ........................................................................ 10
AL10
Page 7 of 25
Se
rve
r Ins
tall D
oc
um
en
tatio
n
4. Introduction
The T4S connector is an enterprise connector that empowers Salesforce with robust record keeping features. T4S is a composite application comprising a Salesforce package along with software installed on a Windows based network server hosting T4S software.
In building T4S, and other products in their range, FuseIT have combined the following strengths:
• FuseIT, leading Sitecore Technology Partner, Salesforce ISV Consulting Partner, HP IMAP Partner and Microsoft Certified Partner with enterprise experience and expertise in these technologies and;
• Salesforce, leaders in CRM and cloud computing. FuseIT is a Salesforce ISV Consulting Partner with involvement in a number of Australia’s largest Government Salesforce implementation at the Department of Business and Innovation in Victoria and;
• TRIM (HPE Records Manager/Content Manager), a document and records management system software. With tight desktop integration and the ability to scale across large, distributed environments, TRIM lets you capture, manage, access and make more secure your enterprise information, from electronic to physical records and from creation to ultimate disposal and;
• Sitecore CMS, the enterprise web content management software featuring online marketing tools and;
• Microsoft .NET, an integral part of many applications running on Windows and provides common functionality for those applications to run. FuseIT has been a Microsoft Certified Partner for over 15 years gaining huge experience across the range of .NET technologies
This document accompanies the document, “T4S_Salesforce_Install_Document.pdf” that outlines how to install the T4S package into Salesforce .
AL10
Page 8 of 25
Se
rve
r In
sta
ll D
oc
um
en
tati
on
5. Overview
5.1. High Level
T4S is a solution that enables documents to be exchanged between Salesforce and HPE Records Manager/Content Manager (called TRIM hereafter). The application is Salesforce centric in that most of the functionality is surfaced in Salesforce.
Figure 1 – T4S Bi-directional Exchange of Documents
T4S is a powerful product with many features:
• Onshore record retention solution.
• Documents can reside only in TRIM (referenced in Salesforce).
• Documents can reside in both TRIM and Salesforce (configurable).
• TRIM document search and view from Salesforce.
• Save, update, delete or download TRIM documents from Salesforce.
• Upload documents from Salesforce to context aware containers in HP TRIM.
• Save Salesforce records to TRIM as PDF documents.
• Save Salesforce emails or email attachments to TRIM as documents.
• Action saves to TRIM by
o Button click or
o Scheduled task or
o Salesforce Workflow
• Add direct links to TRIM documents in Salesforce.
• Show documents in selected TRIM containers in Salesforce.
• View all documents in a container from a predefined search.
• Save Salesforce data exports to TRIM or a local server using scheduled tasks.
• Control access with Salesforce roles and TRIM permissions.
AL10
Page 9 of 25
Se
rve
r Ins
tall D
oc
um
en
tatio
n
• Two-way SSL connection between Salesforce and the T4S server.
• Almost zero impact on TRIM (uses TRIM web services only)
• Configurable for multiple TRIM instances
• Mobile ready
T4S also offers a number of potential expansion options:
• Federation of Salesforce record data (plus attachments and documents) to other databases like SQL Server, Oracle, and PostGRES
• Expose Salesforce data in a local website for disaster availability and recovery
• Data mine Salesforce data using existing industry tools like SSIS.
T4S requires the provisioning of a network T4S server, either physical or a VM, running Microsoft Server 2008 or similar. This server will host G4S and supporting the T4S ancillary software.
Figure 2 – T4S System Overview
A T4S Salesforce package is also required to be installed in the connected Salesforce instance.
AL10
Page 10 of 25
Se
rve
r In
sta
ll D
oc
um
en
tati
on
6. Prerequisites
The following table indicates what is required before T4S can be successfully implemented in a Salesforce instance and network environment.
Prerequisites
Required – License for G4S
Action: A site wide license for G4S is required
Required – Install and configure G4S
Action: Purchase SSL Certificate (Salesforce approved)
Action: Use local resources or FuseIT to install G4S on the network TRIM server and configure to the Salesforce instance.
Table 1 – Prerequisites
T4S Server Requirements
Required – Windows Web Server
Action: A shared or dedicated Windows Web Server 2008 or better, with at least 8 GB RAM.
The server can be physical or virtual server (including Azure or Amazon EC2)
Required – IIS 7 or higher
Action: A new web site within Microsoft IIS set up on an existing or new Web server that is accessible through the firewall from Salesforce over SSL https protocol.
Required – Access to TRIM Web Services
Action: The T4S Web Service in IIS requires access to the TRIM Web Services.
i.e. Salesforce will communicate to T4S behind any firewall, and T4S will in turn communicate to the TRIM Web Services so they do not need to be exposed externally.
Table 2 – T4S Server Requirements
AL10
Page 11 of 25
Se
rve
r Ins
tall D
oc
um
en
tatio
n
7. T4S IIS Setup
On the server that will be running T4S bring up IIS Manager. Note: T4S does not need to be installed on the same server as TRIM Server, but T4S needs to be able to connect to TRIM Web Services through local network or Intranet.
Create a new Web site within IIS pointing to the T4S web directory.
T4S requires SSL https connection from Salesforce with a CA Certified Certificate. Please follow the recommended Microsoft procedures for obtaining and installing the certificate. The App pool can be set as Integrated v4.0 .NET Framework.
Figure 3 – IIS on the TRIM Web Server
Note: Test your SSL Connection and then modify your firewall rules to limit the IP Range able to connect with the site to Salesforce recommended IP range.
AL10
Page 12 of 25
Se
rve
r In
sta
ll D
oc
um
en
tati
on
8. Install Salesforce Two-Way SSL Certificate
During the T4S Package Install Setup you would have created a Salesforce Certificate (Refer to “Two-way SSL Certificate” in the Package Install document). Download this certificate and save somewhere on the T4S Server so that it is available for installation.
On the T4S Server, start a command prompt and type in “mmc” to bring up the MMC Console.
Cmd mmc
Figure 4 – MMC Console
Navigate to the Add/Remove Snap-in
Figure 5 – Add/Remove Snap-In
Add the “Certificates” snap-in selecting the “Computer account”
AL10
Page 13 of 25
Se
rve
r Ins
tall D
oc
um
en
tatio
n
Figure 6 – Certificates Snap-In
Select “Local computer”
Figure 7 – Local Computer
“Finish” and “OK” the dialog box.
Under “Trusted Root Certification Authorities” select “All Tasks” “Import”
AL10
Page 14 of 25
Se
rve
r In
sta
ll D
oc
um
en
tati
on
Figure 8 – Import Task
Follow the wizard import to find the saved Certificate.
Figure 9 – Certificate Import Wizard
If you named your Salesforce Org Company Profile accordingly (i.e. Production or Sandbox etc.) then it will be easier to check to see if you have installed the correct Certificate.
AL10
Page 15 of 25
Se
rve
r Ins
tall D
oc
um
en
tatio
n
Figure 10 – Certificate Import Wizard
Figure 11 – Storing the Certificate
AL10
Page 16 of 25
Se
rve
r In
sta
ll D
oc
um
en
tati
on
Figure 12 – Certificate List
Open the certificate to see the Org ID and the Org Company Profile Name.
Figure 13 – Certificate Details
AL10
Page 17 of 25
Se
rve
r Ins
tall D
oc
um
en
tatio
n
Within the IIS Manger select the T4S site and open “SSL Settings”
Figure 14 – Open SSL Settings
Turn on “Require” option under “Client Certificates”
Figure 15 – SSL Settings
AL10
Page 18 of 25
Se
rve
r In
sta
ll D
oc
um
en
tati
on
9. Testing Two-Way SSL
Within Salesforce add the “Trim Documents” button to a standard object such as Opportunity.
Open an existing Opportunity click on “Trim Documents” button click on “New Trim Record” button.
Figure 16 – New Trim Record
Click “Create Linked Record” button to bring up the New Linked Record page, then finally “Record Search”
Figure 17 – Linked Record Details
From this page you can make a TRIM Record search calling T4S web service.
AL10
Page 19 of 25
Se
rve
r Ins
tall D
oc
um
en
tatio
n
Figure 18 – Records Lookup
See the Troubleshooting Section if error message appears.
AL10
Page 20 of 25
Se
rve
r In
sta
ll D
oc
um
en
tati
on
10. Creating a Client Certificate for Users
Since T4S has been made more secure by two-way SSL certificates, the user will need to also install a “Client Certificate” into their web browser to be able to securely download TRIM records directly from T4S.
Note: This is a different Certificate than the one previously created in Salesforce to enable Salesforce to connect to T4S. You need to export your T4S CA Signed Server Certificate.
Open MMC and find the T4S CA signed Certificate you installed for enabling SSL binding and select “Export”
Figure 19 – Export Certificate
Include the Private Key.
AL10
Page 21 of 25
Se
rve
r Ins
tall D
oc
um
en
tatio
n
Figure 20 – Export Private Key
Select .PFX Format
Figure 21 – Delete Private Key
AL10
Page 22 of 25
Se
rve
r In
sta
ll D
oc
um
en
tati
on
Enter a password used when the Client installs the certificate. Add a name and location for the .PFX file to be created
.
Figure 22 – Create Certificate Name
AL10
Page 23 of 25
Se
rve
r Ins
tall D
oc
um
en
tatio
n
11. Installing Client Certificate into Users Web Browser
1. Open the Web Browser
2. Click “Tools” and then “Options”
3. In IE: Click “Content” and then “Certificates”
In FF: Click “Advanced”, “Encryption” and “View Certificates ”
In Chrome : Click “Under the Hood” and “Manage Certificates”
4. Click “Import”
5. Navigate to the folder containing the Client Certificate.
6. You may need to change File Type to “All Files” to see the .pfx file.
7. Enter Password when prompted by the wizard.
8. The imported Client Certificate should now show up within the list
Figure 23 – Find Certificate
9. Restart your web browser.
10. Navigate to your T4S server address within the Browser e.g. Error! Hyperlink
reference not valid.
You may receive a Server Certificate Prompt
AL10
Page 24 of 25
Se
rve
r In
sta
ll D
oc
um
en
tati
on
Figure 24 – Confirm Certificate
Alternatively you may wish to import the T4S CA Signed Server Certificate into your “Trusted
Root Certification Authorities” to bypass the prompt.
An end-to-end test would be to create a new “Linked Trim Record” within Salesforce as outline previously within “Testing Two-way SSL”, searching for an existing TRIM Record (making sure one exists to be certain results will be returned), and then clicking the “Download” link.
Figure 25 – Enter Credentials
AL10
Page 25 of 25
Se
rve
r Ins
tall D
oc
um
en
tatio
n
12. Troubleshooting
12.1. IIS SSL Setup
Any T4S web server errors will be displayed as Error messages above the grid.
If the connection is not working, first try turning off the “Require” Client certificates within IIS, applying the change to the T4S site, and try again. This can help determine if there is a general issue connecting to T4S under your standard SSL setup, or there is an issue with the Salesforce Certificate.
Figure 26 – SSL Ignore Setting