Application Connector Upgrade Guide

Overview

Applications are services (e.g. VPN or web application) that you want to protect with LoginTC. They allow you to reuse the same LoginTC tokens for a particular Domain across multiple services with their own policies. Policies can only be used with Applicaitons and allow for administrators to specify rules to be applied to groups of users during authentication. This guide will help understand how to upgrade your LoginTC Connectors to take advantage of Applications and Policies.

Upgrading is meant to be seamless and controlled so that your users are not impacted. Users do not need to reload tokens, the change to use Applications will be seamless for your users.

Create an Application

Before upgrading your connectors is a good idea to create an Application. See Creating an Application in the Applications Guide for step-by-step instructions on how to create an Application.

LoginTC RADIUS Connector

Upgrade your LoginTC RADIUS Connector to version 3.0.4+ to get the benefit of Applications and Policies.

Non-disruptive upgrade

Upgrading your configurations to use Applications is a two step process. The first step of upgrading the LoginTC RADIUS Connector to version 3.0.4+ will not impact your existing configurations. Configurations must be upgraded individually from the administrative interface before Applications and Policies can be used. Until individual configurations are upgraded, Domain configured configurations work as usual.

Iframe Authentication Mode

When upgrading configurations that are using the Iframe Authentication mode, the corresponding snippet will also need to be updated please see:

Step 1: Upgrade to version 3.0.4+

From 3.X

Follow these instructions to upgrade your LoginTC RADIUS virtual appliance to the latest version (3.0.4):

  1. SSH into the virtual appliance or open the console (use same username / password as web GUI)
  2. cd /tmp
  3. curl -O https://www.logintc.com/downloads/logintc-radius-connector-3.0.4-upgrade.sh
  4. sudo sh logintc-radius-connector-3.0.4-upgrade.sh

The upgrade script will restart your appliance after upgrading.

Upgrade Script Download Verification

Execute: sha1sum /tmp/logintc-radius-connector-3.0.4-upgrade.sh

Output SHA‑1 should match: d372582c6c8242de9cd4ce3e03e666fbd1cb20bb

From 2.X

Important: LoginTC RADIUS Connector 2.X End-of-life

The LoginTC RADIUS Connector 2.X virtual appliance is built with CentOS 6.8. CentOS 6.X is End of Lifetime (EOL) November 30th, 2020. See CentOS Product Specifications. Although the appliance will still function it will no longer receive updates and nor will it be officially supported.

New LoginTC RADIUS Connector 3.X

A new LoginTC RADIUS Connector 3.X virtual appliance has been created which runs CentOS 7.7.1908. It is virtually identical to the existing appliance, with the exception of the underlying operating system. Inline upgrade from CentOS 6.X to CentOS 7.X is not supported. As a result upgrade is deploying a new appliance. A migration script has been created to help quickly copy over existing configurations and ssl certificates to the new appliance and minimize manual steps.

Complete 2.X to 3.X upgrade guide: LoginTC RADIUS Connector Upgrade Guide

It is always recommended to take a VM snapshot prior to upgrading.

Step 2: Upgrade Configurations

Create an Application

Follow the simple steps to create a new Application before proceeding. This does not impact any existing settings or configurations.

Navigate to the appliance web interface URL, login and follow these steps:

  1. On the Configurations tab click the Configuration you wish to upgrade to use Applications: Applications

Configuration Issue Detected

Any configuration tied to a Domains will show a red button recommending to upgrade to use an Application.

  1. In the LoginTC Settings section click the Upgrade button: Applications
  2. Enter the Application ID and Application API Key: Applications
  3. Click Test then Save: Applications
  4. Configuration is now upgraded to use Applications: Applications

Click Test Configuration to test. The Domain token has not changed, there is no end-user change needed.

In order to revert load saved VM snapshot or simply create a new Configuration and in the first step select using a Domain link. This will allow Configurations to be created using Domains.

LoginTC RD Web Access Connector

Upgrade your LoginTC RD Web Access Connector to version 1.3.0+ to get the benefit of Applications and Policies. Download the latest version of the LoginTC RD Web Access Connector.

Create an Application

Follow the simple steps to create a new Application before proceeding. This does not impact any existing settings or configurations.

LoginTC RD Gateway SSO Connector

The LoginTC RD Gateway SSO Connector does not require an upgrade to use Applications and Policies. Only upgrade the LoginTC RD Web Access Connector.

  1. Install the LoginTC RD Web Access Connector (you may install over the old version) Applications
  2. Enter your Application ID and Application API Key when prompted
  3. Follow the rest of the prompts in the installer. If you are installing over an older version of the LoginTC RD Web Access Connector, the installer will pick up your settings.

In order to revert simply uninstall the LoginTC RD Web Access Connector and install an older version (logintc-rd-web-access-connector-1.2.0.0.msi).

LoginTC AD FS Connector

Upgrade your LoginTC AD FS Connector to version 1.2.0+ to get the benefit of Applications and Policies. Download the latest version of the LoginTC RD Web Access Connector.

Create an Application

Follow the simple steps to create a new Application before proceeding. This does not impact any existing settings or configurations.

  1. Uninstall LoginTC AD FS Connector, follow Uninstallation Steps
  2. Install new LoginTC AD FS Connector Applications
  3. Enter your Application ID and Application API Key when prompted
  4. Configure your AD FS to use the LoginTC MFA method, follow AD FS Configuration Steps

In order to revert simply uninstall the LoginTC AD FS Connector and install an older version (logintc-adfs-connector-1.1.1.0.msi).

LoginTC OWA Connector

Upgrade your LoginTC OWA Connector to version 1.3.0+ to get the benefit of Applications and Policies. Download the latest version of the LoginTC OWA Connector.

Create an Application

Follow the simple steps to create a new Application before proceeding. This does not impact any existing settings or configurations.

  1. Install the LoginTC OWA Connector (you may install over the old version) Applications
  2. Enter your Application ID and Application API Key when prompted
  3. Follow the rest of the prompts in the installer. If you are installing over an older version of the LoginTC OWA Connector, the installer will pick up your settings.

In order to revert simply uninstall the LoginTC OWA Connector and install an older version (logintc-owa-connector-1.2.0.0.msi).

Troubleshooting

Need help? Please see our Help Page, Knowledge Base or contact us directly at support@cyphercor.com.