Skip to main content
Skip table of contents

Gimmal Records Core Configuration (On-Premises)

The following details will help ensure a successful deployment.

IIS Configuration

The topics on configuring IIS apply to the core platform running on-premise.

Configuring the IIS Binding Securely using SSL
Installing a Custom Signing Certificate

Authentication with NTLM

Information Lifecycle STS must be configured to leverage Windows Authentication. If Kerberos Authentication is not enabled, browsers may have an issue successfully authenticating users using NTLM, even though both providers exist in IIS configuration. To ensure successful authentication, you should disable Kerberos authentication by performing the following steps:

  1. Open IIS

  2. Select Records Management STS

  3. Click Authentication Feature

  4. Select Windows Authentication

  5. Click the Providers… option in the pane on the right

  6. Select the Negotiate option and click Remove

  7. Click OK to close the Providers window

Configuring Fully Qualified Domain Name (FQDN)

To change the Gimmal Records URL so that it uses a Fully Qualified Domain Name (FQDN), you must configure the application so that it knows the URLs that will be used to access the site. To do so, after configuring DNS, perform the following steps:

Open a PowerShell command window, and execute the following commands:

POWERSHELL 
Set-RecordsManagerWeb -SiteName "Records Management"
-SiteUrl "https://url-to-manageweb"
-WSFedMetaUrl "https://url-to-sts/metadata/federationmetadata.svc/xml"
-WSFedMetaRealm “https://url-to-manageweb”
-WSFedMetaReply “https://url-to-manageweb”
-WSFedMetaAudience “https://url-to-manageweb”
-WSTrustUrl "https://url-to-sts/Trust.svc"
CODE 
Set-RecordsManagerSTSWeb -SiteName "Records Management STS"
-BaseUrl "https://url-to-sts"
-ExpectedAddress “https://url-to-manageweb"

Supporting FQDN from Browser on Localhost

If you attempt to access Gimmal Records using a Fully Qualified Domain Name from the local machine where the application is installed, IIS prevents you from being able to access the site with an HTTP 401.1 status code. This is because Windows performs a loopback check in this scenario to prevent reflection attacks on your computer, which causes Authentication to fail.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close