This article describes how to setup the Higher Logic iMIS integration.

NOTE: Some terminology might not exactly line up, so reach out if there are any questions/errors.

Higher Logic recommends having an integration account that can access the SQL database. This account can be in either of two forms: a Windows user or a SQL account. The difference between these is how authentication works with the SQL server, but either will work for the Higher Logic integration.

NOTE: Do not delete this user (SQL or Windows). Doing so will result in the integration between iMIS and Higher Logic to go down.

Higher Logic assumes there are two servers for the iMIS application:

• The web server, which usually hosts the iMIS application, on a domain in Internet Information Services Manager (IIS). The iMIS installation files should also be on this server.
• The database server that usually hosts the SQL database that houses all the iMIS information. SQL Server Management Studio (SSMS) is usually installed on this server.

Some iMIS installations include all of the above functionality on one server. The database can be located on the web server or accessible on the web server. If that is the case, that is acceptable, but you must make that clear.

Higher Logic provides the following file structure in a compressed file:

• Stored Procedures and Views
  • iMISStoredProcedures.sql
• HigherLogic (HL API Bridge)
  • App_Code
    • DataServer.cs
    • HigherLogicProfile.cs
    • HigherLogicWebService.cs
    • LibraryUpdateWebService.cs
  • bin
  • HigherLogicWebService.asmx
  • web.config
• SSO
  • HLLoginRedirect.aspx
  • HLLogoutRedirect.aspx

Install stored procedures and views

1. Navigate to your iMIS SQL server and open your SQL explorer. It should be SQL Server Management Studio (SSMS).
2. Log in using whichever account (Windows or SQL authentication) is designated for the Higher Logic integration.

3. Copy the contents from iMISStoredProcedures.sql, paste them into the SSMS query window, and execute the query. It should create all the stored procedures and views.
4. To verify this, navigate to them using the SSMS Object Explorer. You can see the views and stored procedures in the same location as all other views and stored procedures.

Install the Higher Logic API bridge

1. Navigate to the iMIS web server.
2. Copy the HigherLogic folder to the C drive (path = C:\HigherLogic). This will serve as the folder with all the Higher Logic code. Do not move/remove this folder.
3. Copy the iMIS DLL (.dll) files from the iMIS application's bin folder (usually in C:\Program Files\(x86)\ASI\iMIS\Net\bin). Copy everything in this folder and paste into the Higher Logic bin folder, C:\HigherLogic\bin.

Edit the Higher Logic web.config file

You have to edit the web.config file that is provided in the HigherLogic folder as detailed in this section. To do this, open both web.config files.

• The iMIS web.config file is typically housed in C:\Program Files\(x86)\ASI\iMIS\Net\web.config.

NOTE: The following values in the Higher Logic web.config file must be edited to mirror the corresponding values in the iMIS web.config file.

• Authenticate.Anonymous.UserId (line 10)
• SecurityKey (line 19) - this should be a new, randomly generated GUID. This has to be provided to Higher Logic later in this process.
• System.WebLogin (line 20)
• System.WebPassword (line 21) - if this line does not exist in the iMIS web.config, remove it from the Higher Logic web.config.
• ImisWebServerUrl (line 23)

SOA section

The SOA section has to be added to the Higher Logic web.config file.

TIP: The SOA section is usually after the SystemParams section header in the iMIS web.config file.

1. Copy the SOA "section name" line from the iMIS web.config file.
2. Add the "section name" line to the configSections XML block in the Higher Logic web.config file as shown below.

<?xml version="1.0"?><configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<configSections>
  <sectionGroup name="iMIS">
    <section name="SystemParams" type="Asi.SystemConfig, Asi" />
    <section name="Soa" type="Asi.Soa.Core.Configuration.SoaConfiguration, Asi.Contracts" /> <----SHOULD RESEMBLE
</sectionGroup>

3. Copy the SOA section from the iMIS web.config file.
4. Place the SOA section after the SystemParams XML block but still be within the iMIS XML block.

<?xml version="1.0"?><configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
  <configSections>
    <sectionGroup name="iMIS">
      <section name="SystemParams" type="Asi.SystemConfig, Asi" />
      <section name="Soa" type="Asi.Soa.Core.Configuration.SoaConfiguration, Asi.Contracts" /> <----SHOULD RESEMBLE
    </sectionGroup>
  </configSections>
  <iMIS>
    <SystemParams>
      <add key="Authenticate.Anonymous.Allow" value="true" />
      <add key="Authenticate.Anonymous.UserId" value="MANAGER" />
    </SystemParams>
      <Soa> <---- MUST FOLLOW THIS STRUCTURE
        ...
      </Soa>
  </iMIS>

Edit the connectionString value

The connectionString (line 13) has to be edited in the Higher Logic web.config file in order to point to the iMIS SQL server.

• Server - specify the server name; e.g., IMISPROD
• Database - specify the database name; e.g., PROD_IMIS, iMIS, [Organization Code].
• User ID and Password - specify the appropriate credentials and note whether Higher Logic's integration will be using a SQL user or a Windows user.

If using a SQL user, edit connectionString to resemble:

<add name="AMSConnection" connectionString="Server=[Server Name];Database=[Database Name];User ID=[HL Integration Username];Password=[HL Integration Password];" />
<add name="DataSource.iMIS.Connection" connectionString="server=[Server Name];database=[Database Name];uid=[HL Integration Username];pwd=[HL Integration Password]" />

If using a Windows user, edit connectionString to resemble:

<add name="AMSConnection" connectionString="Server=[Server Name];Database=[Database Name];Trusted_Connection=Yes;" />
<add name="DataSource.iMIS.Connection" connectionString="server=[Server Name];database=[Database Name];Trusted_Connection=Yes;" />

The web.config is now set up and ready.

Create an Application Pool

1. Navigate to IIS on the web server to create an Application Pool for the Higher Logic application:

2. If Higher Logic is using a Windows user and the windows user has been set in the connection string on the web.config, right click the HigherLogic application pool and select Advanced Settings. In the Process Model section, locate the Identity property.

3. Click the ellipsis (…), click the Set button, and input the credentials of the Higher Logic integration user.

The Identity property on the previous menu should reflect the Higher Logic integration account.

4. Go to view your “Sites” in IIS. The Higher Logic application must be publicly accessible, require no authentication to hit the page, and have a domain binding. If these requirements are met, right click the site and select Add Application.

Make sure that the application pool is set to the one created earlier in this document. The physical path should be pointing to the HigherLogic folder that contains the HigherLogicWebService.asmx.

The configuration of the bridge is complete.

Post-configuration tests

Test by clicking Browse on the HigherLogicWebService.asmx file within IIS’s Content Explorer. This should open it based on the site and the bindings associated with the selected site; it should open a browser and be pointing to:

https://[site-binding]/HigherLogic/HigherLogicWebService.asmx

...which should look like this:

Now test the Higher Logic refresh services to ensure that everything is running as expected.

Navigate to the web service URL (https://[site-binding]/HigherLogic/HigherLogicWebService.asmx) and:

Periodic Refresh

• click GetChangedMembers, then:
  • specify the security key in the field (this is the same value as what was configured in the web.config)
  • specify today’s date in this format (YYYY-MM-DDT00:00:00) in the changedSince field. A list of member IDs is returned in a new tab; copy one member ID for the Member Refresh test.

Member Refresh

• click GetMemberDetails, then:
  • specify the security key in the field (this is the same value as what was configured in the web.config)
  • use the member ID that was saved in the Periodic Refresh test. That user’s information should be returned in a new tab.

Installing the SSO ASPX pages

In the SSO folder, there are two pages that do the following functionality:

• HLLoginRedirect.aspx handles initiating the sign-in process which includes redirecting the user to the iMIS sign in page and retrieving the mandatory user resources. Those user resources are sent to a corresponding Higher Logic page which will process and validate the information.
• HLLogoutRedirect.aspx handles the sign-out process which includes clearing the session of all login-related cookies and redirecting to the Higher Logic home page.

1. Place the two ASPX pages in the same directory as the iMIS Rise Sign_In.aspx page. The location of this page varies with version and the installation can be customized. To determine the location, navigate to your iMIS Sign_In.aspx page using a browser. Pay attention to the path contained in the URL as this will usually reveal the location of the page.
2. The two ASPX pages have default values that have to be updated. On lines 8-11 in HLLoginRedirect.aspx, change the following:
   • Domain (line 8) - change this to the main domain of your main site. For example, for a main site domain of “www.tenant.com”, the value would be “tenant.com”.
   • communitySite (line 9) - change this to your Higher Logic Thrive Community (Thrive Community) site URL.
   • webserviceURL (line 10) - change this to the URL of the Higher Logic API Bridge.
   • webserviceToken (line 11) - change this to the security key that lives in the web.config (which should be in the HigherLogic folder on the web server). See the steps for the installation of the Higher Logic API bridge to find this value.
   • Navigate to line 98 of HLLoginRedirect.aspx. This URL must point to the iMIS Rise Sign_In.aspx URL. See below; replace “https://example.tenant.org/EXAMPLEPATH/Sign_In.aspx”.

Response.Redirect(String.Format("https://example.tenant.org/EXAMPLEPATH/Sign_In.aspx?ReturnUrl={0}%3FRedirect={1}",

3. On HLLogoutRedirect.aspx, change the domain variable to match what was put for HLLoginRedirect.aspx.
4. Ensure that the MasterPageFile and Inherits parameters at the top of both pages match the iMIS Rise Sign_In.aspx page.

<%@ Page Language="c#" Title="Login" MasterPageFile="~/Templates/MasterPages/public.master" Inherits="Asi.ContentManagerNet.DisplayPageBase" %>

Finishing up

You’re done with the configuration! Send the following values to your Higher Logic point of contact.

• SecurityKey - The SQL GUID generated for the web.config.
• The full URL of the Higher Logic API Bridge/Application. The correct format is https://[site-binding]/HigherLogic/HigherLogicWebService.asmx
• The URLs for the HLLoginRedirect.aspx and HLLogoutRedirect.aspx pages; these should be in the same place as the iMIS Rise Sign_In.aspx page that is being used by your iMIS application.

Common issues and troubleshooting

There are many different installations of iMIS that we have encountered. Here are some issues that we have run into when installing this integration.

I cannot find the iMIS application’s bin folder at C:\Program Files(x86)\ASI\iMIS\Net\bin.

It is possible that the bin folder is located elsewhere. Typically, the bin is in ASI\iMIS\Net\bin, so finding the ASI folder is the critical piece. Unfortunately, this could be in many locations on any given server. Consult your technical team or the team that set up the iMIS installation if you’re unable to find the ASI folder.

There is a server runtime error when I hit the Higher Logic API Bridge URL.

You are currently seeing a general error that won’t provide much insight. Call the page from within the iMIS web server. This will give a better error message.

“Navigation.config could not be found”.

Find the Navigation.config file that lives in the NET folder within the iMIS installation. The default path is C:\Program Files\(x86)\ASI\iMIS\Net. Copy and paste that file into the HigherLogic folder (same place as the web.config).

“The entry DataSource.iMIS.Connection has already been added…”.

Navigate to the Higher Logic web.config file and place a “<clear/>” statement before the Data.Connection parameter. It should look like this:

<connectionStrings> <clear/> <add name="AMSConnection" connectionString="Server=DBSERVER\SQLEXPRESS;Database=iMIS;User ID=sa;Password=pwd123;" />
<add name="DataSource.iMIS.Connection" connectionString="server=DBSERVER\SQLEXPRESS;database=IMIS;uid=sa;pwd=pwd123" /> </connectionStrings>

When I try to refresh a user, I see a DataServer error.

This means that there was some issue with connecting to the database. Check the specific error.

• This can be due to an invalid set of user credentials for accessing the database. Make sure that the Windows user or the SQL user that Higher Logic is using is still valid within the web.config file (under the connectionStrings section).
• This can be due to a mismatch in schemas. Please make sure that the hlGetMemberDetails stored procedure and the table in the Member Refresh section of this document match. The most common case is for the DoNotEmail field. Here is what it should look like:

CAST(0 as bit) AS DoNotEmail

Any problems with Microsoft.Owin.

Navigate to the bin folder in the Higher Logic application and remove all .dll files that relate to Microsoft.Owin.

public.master does not exist

Make sure that the HLLoginRedirect.aspx and HLLogoutRedirect.aspx master page file headers match with what is put in the iMIS Rise Sign_In.aspx page.

An error that doesn’t match any of the above

Chances are that this installation is using a very old version of a web.config. Never copy the web.config when moving to a new iMIS server/version. Always use the web.config provided by Higher Logic since many modifications were added to fix any version related errors of iMIS (that wasn’t cloud).