Application Connector Upgrade Guide

Overview

Applications are services (e.g. VPN or web application) that you want to protect with LoginTC. They allow you to reuse the same LoginTC tokens for a particular Domain across multiple services with their own policies. Policies can only be used with Applications and allow for administrators to specify rules to be applied to groups of users during authentication. This guide will help understand how to upgrade your LoginTC Connectors to take advantage of Applications and Policies.

Upgrading is meant to be seamless and controlled so that your users are not impacted. Users do not need to reload tokens, the change to use Applications will be seamless for your users.

Create an Application

Before upgrading your connectors is a good idea to create an Application. See Creating an Application in the Applications Guide for step-by-step instructions on how to create an Application.

LoginTC RADIUS Connector

Upgrade your LoginTC RADIUS Connector to version 4.0.0 and get the benefit of Applications and Policies.

Non-disruptive upgrade

Upgrading your configurations to use Applications is a two step process. The first step of upgrading the LoginTC RADIUS Connector to the latest version inline. Configurations must be upgraded individually from the administrative interface before Applications and Policies can be used. Until individual configurations are upgraded, Domain configured configurations work as usual. If you are not on LoginTC the latest version of the LoginTC RADIUS Connector (4.0.0+), you can upgrade from 2.7.1 or 3.0.4 directly from the new appliance, more details see: LoginTC RADIUS Connector Upgrade Guide

Iframe Authentication Mode

When upgrading configurations that are using the Iframe Authentication mode, the corresponding snippet will also need to be updated please see:

Step 1: Upgrade to version latest inline

First upgrade your LoginTC RADIUS Connector to the latest 3.X / 2.X version.

From 3.X

Important: LoginTC RADIUS Connector 3.X End-of-life
The LoginTC RADIUS Connector 3.X virtual appliance is built with CentOS 7.9. CentOS 7.X is End of Lifetime (EOL) June 30th, 2024. Although the appliance will still function it will no longer receive updates and nor will it be officially supported.

Follow these instructions to upgrade your LoginTC RADIUS virtual appliance to the latest version (3.0.7):

  1. SSH into the virtual appliance or open the console (use same username / password as web GUI)
  2. cd /tmp
  3. curl -O https://www.logintc.com/downloads/logintc-radius-connector-3.0.7-upgrade.sh
  4. sudo sh logintc-radius-connector-3.0.7-upgrade.sh

The upgrade script will restart your appliance after upgrading.

Upgrade Script Download Verification

Execute:
sha1sum /tmp/logintc-radius-connector-3.0.7-upgrade.sh

Output SHA‑1 should match:
631fa21d614a1976e9c6141471878f114e544994

From 2.X

Important: LoginTC RADIUS Connector 2.X End-of-life
The LoginTC RADIUS Connector 2.X virtual appliance is built with CentOS 6.8. CentOS 6.X is End of Lifetime (EOL) November 30th, 2020. Although the appliance will still function it will no longer receive updates and nor will it be officially supported.

Follow these instructions to upgrade your LoginTC RADIUS Connector 2.X virtual appliance to the latest 2.X version (2.7.1):

  1. SSH into the virtual appliance or open the console (use same username / password as web GUI)
  2. cd /tmp
  3. curl -O https://www.logintc.com/downloads/logintc-radius-connector-2.7.1-upgrade.sh
  4. sudo sh logintc-radius-connector-2.7.1-upgrade.sh

The upgrade script will restart your appliance after upgrading.

Upgrade Script Download Verification

Execute: sha1sum /tmp/logintc-radius-connector-2.7.1-upgrade.sh

Output SHA‑1 should match: 158eed9fb93d9c63093298b01fa2e926ffd89d51

It is always recommended to take a VM snapshot prior to upgrading.

Step 2: Upgrade Configurations

Create an Application

Follow the simple steps to create a new Application before proceeding. This does not impact any existing settings or configurations.

Navigate to the appliance web interface URL, login and follow these steps:

  1. On the Configurations tab click the Configuration you wish to upgrade to use Applications: Applications

Configuration Issue Detected

Any configuration tied to a Domains will show a red button recommending to upgrade to use an Application.

  1. In the LoginTC Settings section click the Upgrade button: Applications
  2. Enter the Application ID and Application API Key: Applications
  3. Click Test then Save: Applications
  4. Configuration is now upgraded to use Applications: Applications

Click Test Configuration to test. The Domain token has not changed, there is no end-user change needed.

In order to revert load saved VM snapshot or simply create a new Configuration and in the first step select using a Domain link. This will allow Configurations to be created using Domains.

Step 3: Upgrade to 4.0.0+

New LoginTC RADIUS Connector 4.X
A new LoginTC RADIUS Connector 4.X virtual appliance has been created. The Operating System will be supported for many years. Inline upgrade is not supported. As a result upgrade is deploying a new appliance. The appliance has been significantly revamped and although the underlying functionality is identical, it has many new features to take advantage of.

You can upgrade to the LoginTC RADIUS Connector 4.0.0+ by following our step-by-step upgrade guide.

LoginTC RD Web Access Connector

Upgrade your LoginTC RD Web Access Connector to version 1.3.0+ to get the benefit of Applications and Policies. Download the latest version of the LoginTC RD Web Access Connector.

Create an Application
Follow the simple steps to create a new Application before proceeding. This does not impact any existing settings or configurations.


LoginTC RD Gateway SSO Connector
The LoginTC RD Gateway SSO Connector does not require an upgrade to use Applications and Policies. Only upgrade the LoginTC RD Web Access Connector.

  1. Install the LoginTC RD Web Access Connector (you may install over the old version)Applications
  2. Enter your Application ID and Application API Key when prompted
  3. Follow the rest of the prompts in the installer. If you are installing over an older version of the LoginTC RD Web Access Connector, the installer will pick up your settings.

In order to revert simply uninstall the LoginTC RD Web Access Connector and install an older version (logintc-rd-web-access-connector-1.2.0.0.msi).

LoginTC AD FS Connector

Upgrade your LoginTC AD FS Connector to version 1.2.0+ to get the benefit of Applications and Policies. Download the latest version of the LoginTC RD Web Access Connector.

Create an Application
Follow the simple steps to create a new Application before proceeding. This does not impact any existing settings or configurations.

  1. Uninstall LoginTC AD FS Connector, follow Uninstallation Steps
  2. Install new LoginTC AD FS ConnectorApplications
  3. Enter your Application ID and Application API Key when prompted
  4. Configure your AD FS to use the LoginTC MFA method, follow AD FS Configuration Steps

In order to revert simply uninstall the LoginTC AD FS Connector and install an older version (logintc-adfs-connector-1.1.1.0.msi).

LoginTC OWA Connector

Upgrade your LoginTC OWA Connector to version 1.3.0+ to get the benefit of Applications and Policies. Download the latest version of the LoginTC OWA Connector.

Create an Application
Follow the simple steps to create a new Application before proceeding. This does not impact any existing settings or configurations.

  1. Install the LoginTC OWA Connector (you may install over the old version)Applications
  2. Enter your Application ID and Application API Key when prompted
  3. Follow the rest of the prompts in the installer. If you are installing over an older version of the LoginTC OWA Connector, the installer will pick up your settings.

In order to revert simply uninstall the LoginTC OWA Connector and install an older version (logintc-owa-connector-1.2.0.0.msi).

Troubleshooting

Need help? Please see our Help Page, Knowledge Base or contact us directly at support@cyphercor.com.