Welcome to the Sysero Knowledge Base

139 results found
< Back Clear Filters
Manual
Filters
Sort & View Options
Adjust View
Results Text Size
Metadata Direction
Manual: Server Setup
Detail:

Sysero Job Scheduler requires a timer service to be running to execute any scheduled jobs.

  • Download the timer service installation file which you can request from a Sysero employee.
  • Once installed on the server, open the registry and find HKLM\Software\Sysero\SyseroCTX
  • Enter the URL of your system in the URL key
  • For the GUID key, enter the GUID found under "Service setup" on the Admin > Job Scheduler page
  • Ensure the service is started in Windows and set to "Automatic"
  • If you require the Timer Service to run against multiple Sysero instances you can comma separate the URL's and GUID's as long as they are in the same order. For example the second comma separated URL must have corresponding second comma seperated GUID.
Relevance Score: 0.1891018
Manual: Server Setup
Detail:

Disabling Older TLS protocols

Command to disable vunerable encyption methods:

Disable-TlsCipherSuite -Name 'TLS_RSA_WITH_3DES_EDE_CBC_SHA'

Registry File Text to Disable old Clients:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

Securing Session Cookies

Please note the below goes in the <system.web> section of web.config.  The setting "requiressl" is obviously relevant if https site.

<httpCookies httpOnlyCookies="true" requireSSL="true" />

The samesite setting is not set on Sysero as default is Lax which is required.  This is auto set to none and partitioned if coming from a Office/Teams web applicaiton, as it is required for the functionality to work.

HSTS

<system.webServer>
  <httpProtocol>
    <customHeaders>
      <add name="Strict-Transport-Security" value="max-age=31536000"/>
    </customHeaders>
  </httpProtocol>
</system.webServer>
Relevance Score: 0.1891018
Manual: Troubleshooting
Manual: Internal
Manual Level Two: Useful SQL
Detail:

Most of the time reindexing of SQL is not required and often DBA's will run scripts anyway.  The below can be run to rebuild all indexes for a database.

Exec sp_msforeachtable 'SET QUOTED_IDENTIFIER ON; ALTER INDEX ALL ON ? REBUILD'
GO

Relevance Score: 0.1891018
Manual: Administration
Detail:

Process Sysero Backround Tasks will process the following:

  • Data Rooms with setting set auto archive.
  • Data Rooms with setting set auto delete.
  • Clear logs:
    • Clean index events over 180 days.
    • Clean import events over 180 days.
    • Clean exception events over 180 days.
    • Clean job scheduler events over 180 days.
Relevance Score: 0.1891018
Manual: Administration
Manual: Administration
Manual Level Two: Integrations
Manual Level Three: Office365
Detail:

Important!  This article details the setting up of user authentication to Sysero via Office365, please see seperate article for access to AzureAD/Office365 API (Microsoft Graph) and Key Vaults

Pre-requisite you will need to either be an administrator of your Office365/Azure/Entra ID environment or you will need to pass on the details to an administrator.

Office365 (Azure Active Directory) Settings

Please note the steps below may change from time to time, if they no longer match please let Sysero know and we will update this article.

  1. Go to Azure Portal > Azure Active Directory or Entra admin center.
  2. Click on App Registrations.
  3. Click on New Application Registration.
  4. Enter the name e.g. Sysero (User Delegated)
  5. Leave Supported Account Types as Single Tenant
  6. Set Redirect URL for Web type http://www.example.com/login2.aspx (whole URL is case sensitive).
  7. Copy the Application (client) ID, will be required in Sysero configuration.
  8. Copy the Directory (tenant) ID, will be requried in Sysero configuration..
  9. Under Authentication settings in App Registration ID Token needs to be checked.
  10. In API Permissions check that the following is set
    1. Microsoft Graph, User.Read, User Delegated permission, leave this in place and Grant Admin Consent.

Sysero

The below details how to set this up for System users of Sysero, see section Multi tenant Office365/AzureAD section below for external client access to client portals.

  1. Go to the Sysero > Admin > System page.
  2. Go to OAuth Settings.
  3. Set OAuth Mode Office365, this can be either two modes:
    1. Enabled Hidden : Allows &OAuth=Office365 on query strings but does not button on logon page.
    2. Enabled Visible : Button appears on Logon page.
  4. Take the Application (client) ID from App Registraton and put it in OAuth ClientID Office365 (User Delegated).
  5. Take the Directory (tenant) ID from App Registraton and put it in OAuth DirectoryID Office365.
  6. OAuth Secret Office365 (User Delegated) will be covered in another article and are not required for authentication.
  7. Save the Settings.
  8. Go to user accounts (Admin > Users) and edit the ones you want enabled for Office365, tick the Office365 box.

Logout and go to the login page, you should find a Microsoft Icon, click on the Microsoft Icon and follow instructions.

Multi tentant Office365/AzureAD/Entra ID

This is required when external client requires access to a client/site portal using their Office365/AzureAD account, follow these steps to setup:

  1. In Sysero > Admin > Client/Site go to User & Site Logon.
  2. Using Application (client) ID set OAuth ClientID Office365.
  3. Using Directory (tenant) ID set OAuth ClientID Office365.
  4. This OAuth tenant is selected by Sysero via either:
    1. OAuth Logon AuthSite QueryString Match being set to something unique like ClientA and in login2.aspx query string adding AuthSite=ClientA.
    2. Setup a different domain alias for client e.g. if main site was sysero.example.com the you could have a clienta.example.com as a secondary DNS alias.  So on Settings page of Client/Site in Domain Alias you set clienta.example.com.  Then the site will automatically know which OAuth tenant to use.

You have three additional options settings:

  1. Login Options : Which methods of logon can be used for this site/client.
  2. Valid Days for Auth Cookie when using OAuth : Recommend setting 1, but for example if set to 14 and account was disabled in Office365, then it will still work for 14 days more.
  3. Auto Enable Office365 OAuth from simple user management : If anyone is added via Simple User Management interface in Sysero, tick the box to Enable Office365 on creation.

Account Auto Creation and Validation

Both system level OAuth and site/client level OAuth have option to auto create accounts or validate domain is still acceptable for this method of logon.

Settings are found in either Sysero > Admin > Client/Site go to User & Site Logon or Sysero > Admin > System > OAuth Settings.

Following options for adding are:

  • Provider : Should be Office365 for this article.
  • Match Value : Should be in format of @example.com, matching e-mail domain of users being returned from OAuth token.
  • Role : Role user should be set to on creation.
  • Mode : Is this for creating user, or just validating e.g. for validation if no match found, logon will be rejected (but only if their are entries in this table, otherwise all are allowed).

Troubleshooting

  • Please note when already logged in it may say it cannot find ApplicationID.
  • Sysero server must have internet access to Microsoft Office365 OAuth servers.  This is because it talks directly to validate token.
Relevance Score: 0.1891018
Manual: Office Addin Installation
Detail:

Automatic Configuration

For most clients we set the correct sever in the MSI, contact Sysero if any settings are incorrect.

Manual Config

It is possible to customise a config.xml to set the server settings etc.

Usually having the CONFIG.XML in the same directory as the SyseroCTXOffficeSetup.MSI is sufficient prior to install. Although depending on the deployment solution there are a number of reasons why this might fail. Note : As with most installations SyseroCTXOffice must be installed by someone with Local Administrator rights on that workstation, after that it will run fine as a normal user. Alternatives to CONFIG.XML being in same directory:- 1. MSI can have param CONFIGDIR=< path to file not including filename> 2. Postinstall "C:\Program Files (x86)\Sysero\SyseroCTXOffice\SyseroCTXOfficeSetupRegistry.EXE" < path to file not including filename again>

Relevance Score: 0.1891018
Manual: Office Addin Installation
Detail: By default the chromium built in browser tries automatically add domain used to connect to server, but in certain scenarios there may be multiple domains.  If so you need to specifiy the current domain, plus additional domains to the below registry key.  Please Note : Remove WOW6432Node if 64bit Office.

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Sysero\syseroctxoffice\SyseroCTX_NTLM = www.sysero.com or www.sysero.com,server1.sysero.net.  Please note if not FQDN as connection e.g. http://server1.sysero.net, just put server1.
Relevance Score: 0.1891018
Manual: Office Addin Installation
Detail:

Sysero for Office adds Sysero functionality into Microsoft Office apps and is available for Windows PC’s only.  Whilst most people can use Sysero without this add-in it is used:

1.       If you need to automate Word templates
2.       If you want to use Sysero to create Word documents using templates.
3.       If you want to work mostly from Word, Excel, PowerPoint and Outlook.

Which version of Office are you using?

Sysero supports pretty much all versions of Word from 2007 BUT you need to know if you are using 32 or 64-bit versions of word.  They look identical so the only way to check is:

1.       Open Word and got to the File menu.
2.       Click Account which is at the bottom of this menu.
3.       Click the About Word button on the right.  This will open a screen which at the very top will have text like: Microsoft® Word 2016 MSO (Version 2111 Build 16.0.14701.20204) 32-bit 
4.       Note the 32-bit at the end of this sentence.  This text will say either 32-bit or 64-bit.

Important: Below version requires a 1.23.xxxx version of Sysero Server, so unless you system has been updated in 2023, please do not use below downloads:

32-bit Download is available here
64-bit Download is available here

Pre 2023 links:

32-bit Download is available here
64-bit Download is available here

Once downloaded, shut down Word if you have it open and the open it again.  At the right-hand side of the menu you should see a Sysero Login button.  Click this and login using the details you should have received by email.  If you don't see a login button, email support@sysero.com.  

Relevance Score: 0.1891018
Manual: Reporting
Manual: Administration
Manual Level Two: Data Actions
Manual Level Three: REST
Detail:

XMLField1.value('count(//RepeaterData/Repeat)', 'varchar(50)') obviously replace XMLField1 with whatever field you are using and varchar(50) is just for example.

Relevance Score: 0.1891018
Manual: Administration
Detail:

To allow a system to use the REST API you require the following setup.

Admin > System > API

  • ClientID : Named to client, avoid spaces and special characters.
  • Client Secret : Auto Generated
  • Allowed Actions : Select only ones required to keep security at maximum levels.
  • Allowed IPs : ; delimited, used when server to server communication or able to limit to specific range.

Admin > Users

  • Account needs creating that is only used for API, must have correct role permissions as normal user for tasks it will be completing.
  • Tick check box API Enabled.

Web.config

In some existing installs the following sections may be missing:

<appSettings>
<add key="owin:AutomaticAppStartup" value="true" />

<dependentAssembly>
<assemblyIdentity name="Microsoft.Owin" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-4.0.0.0" newVersion="4.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Owin.Security.OAuth" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.1.0.0" newVersion="3.1.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Owin.Security" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-4.0.0.0" newVersion="4.0.0.0" />
</dependentAssembly>

<remove name="ExtensionlessUrlHandler-ISAPI-4.0_32bit" />
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" /><remove name="OPTIONSVerbHandler" />
<remove name="TRACEVerbHandler" />

 

 

Relevance Score: 0.1891018
Manual: Reporting
Manual: Administration
Manual Level Two: Data Actions
Manual Level Three: SQL
Detail: DECLARE @ItemID as int = 7423 DECLARE @AllRecords as bit = 0 DECLARE @ApplicationID as int = 1147 IF (@AllRecords = 1) BEGIN IF OBJECT_ID('tempdb..#TempClaims') IS NOT NULL DROP TABLE #TempClaims SELECT * INTO #TempClaims FROM ClaimClaimRelationships WHERE ParentClaimID = @ItemID Declare @Id int WHILE EXISTS(SELECT * FROM #TempClaims) Begin Select Top 1 @Id = Id From #TempClaims SET @ItemID = (Select ChildClaimID FROM #TempClaims WHERE Id=@ID) SELECT * FROM Claims WHERE ID=@ItemID Delete #TempClaims Where Id = @Id End Drop Table #TempClaims END ELSE BEGIN SELECT * FROM Claims WHERE ID=@ItemID AND ApplicationID=@ApplicationID END
Relevance Score: 0.1891018
Manual: Reporting
Manual: Administration
Manual Level Two: Data Actions
Manual Level Three: SQL
Detail:

Input of this data action must be named InValue and come from root taxonomy setting.

if ISNULL(@InValue,'') = ''
BEGIN
SET @InValue = 'All'
END
DECLARE @TaxonomyID as int = 1;
DECLARE @ParentEntryID as nvarchar(max) = '';
DECLARE @Pos as int;
SELECT @pos = CHARINDEX('|', @InValue) ;
SELECT @ParentEntryID = SUBSTRING(@InValue, @pos+1, len(@InValue)-1);
IF ISNUMERIC(@ParentEntryID) = 0
BEGIN
SET @ParentEntryID = -1
END
Select ' - All - ' as Name, 'All' as Value UNION
Select Name, Value + '|' + RTRIM(LTRIM(CAST(ID as nvarchar(max)))) as Value FROM TaxonomyEntries WHERE ISNULL(ParentEntryID,0) = @ParentEntryID
and TaxonomyID=@TaxonomyID
Order By Name

Relevance Score: 0.1891018
Manual: Administration
Manual: Administration
Manual Level Two: Data Rooms
Manual Level Three: Forms Design
Detail:

You can either populate a dropdown from another data room in Sysero or from an external source, this article will use the internal option as an example:

  1. Create a new data action in Admin > Data Actions.
  2. Set the type to SQL.
  3. Set the Connection String, using the same one you used in the web.config when accessing Sysero.
  4. Find out the fieldnames from the data room you want to use data from e.g. ItemName and TextField1.  Also note the ApplicationID in the URL.
  5. Example SQL command will be something like this "SELECT ItemName, TextField1 FROM Claims WHERE ISNULL(Archived,0) = 0 AND ApplicationID=1 ORDER BY ItemName"
  6. Dropdowns will be populated with either one or two output mappings, if only one output mapping it added it will be both display value and stored value. 
  7. Output mappings should be set to "No Output" as not populating other fields.
  8. The first output mapping should be the display one e.g. ItemName, the second one should have the Hidden checkbox checked and in this example may be TextField1.  Sometimes you may decide to store the unique ID, the field for which in the Claims table is ID.
  9. Once the Data Action is created, go to the Form, set field type to Data Action, go to Data Action Settings and set display type to Dropdown and select the data action to populate it from.
Relevance Score: 0.1891018
Manual: Administration
Detail:

If you need to use a more complex xpath query to say join several elements, you can use syntax similar to the below.  Please note #prefix is required to tell Sysero that this is a more complex xpath query.  The codepoints-to-string(10) is an example of adding a carriage return.

#concat(/postadresse/land/text(),codepoints-to-string(10),/postadresse/adresse/text())

Relevance Score: 0.1891018
Manual: Administration
Detail:

To use a data action to read from UK Companies house, please first register for an API key https://developer.companieshouse.gov.uk/api/docs/

Data action settings:

  1. Type REST
  2. Example URL https://api.companieshouse.gov.uk/search?q=[!InputField!] where [!InputField!] = field to search with from Sysero form.
  3. Example Node XPath = //items
  4. Domain\UserName = API Key
  5. Password = blank (note must be blank lower case).
  6. Example Output field name = title
  7. Additional Settings = json set to true.

Once this is confirmed as working see other examples at https://developer.companieshouse.gov.uk/api/docs/

Relevance Score: 0.1891018
Manual: Reporting
Manual: Administration
Manual Level Two: Data Actions
Manual Level Three: SQL
Detail:

declare @xmlData xml;
declare @itemid integer = 1;

select (Repeater.Data.value('@Value','nvarchar(255)')) as ChoiceValue 
from Claims Cross Apply  @xmlData.nodes('//ChoiceValues/*') Repeater(Data)
where ID =  @itemid

Relevance Score: 0.1891018
Manual: Administration
Detail:

You can use this to archive a running workflow on the current item executing the data action.  Please note this is also available as a Task Action in the workflow, so primarily probably only used on a Data Action Button.

Relevance Score: 0.1891018
Manual: Administration
Detail:

For item called data action all fields marked as Personal Information (setting via Input Forms Editor) will be cleared.  This can be required for GDPR or other requirements such as a client not wanting data stored any longer than it needs to be.

Relevance Score: 0.1891018
Manual: Administration
Detail:

Simple way of filling dropdown from another data room / applications data.  More often than not SQL Data Actions are used to achieve this for more complex requirements.

Relevance Score: 0.1891018
Manual: Administration
Detail:

Deletes any pending documents, can be used where pending document is rejected in workflow.

Relevance Score: 0.1891018
Showing 1 - 20 of 139
Privacy Policy
Cookies help us to improve your user experience. By using this site you consent to cookies being stored on your device. Read more...
View or hide all system messages