KofaxTotalAgilityBestPracticesGuide EN
KofaxTotalAgilityBestPracticesGuide EN
KofaxTotalAgilityBestPracticesGuide EN
Date: 2018-06-12
© 2018 Kofax. All rights reserved.
Kofax is a trademark of Kofax, Inc., registered in the U.S. and/or other countries. All other trademarks
are the property of their respective owners. No part of this publication may be reproduced, stored, or
transmitted in any form without the prior written permission of Kofax.
Table of Contents
Preface...........................................................................................................................................................7
Related documentation.......................................................................................................................7
Training............................................................................................................................................... 8
Get help for Kofax products...............................................................................................................8
Chapter 1: Deployment topologies......................................................................................................... 10
Combined Web Application and Kofax TotalAgility Windows services............................................ 10
Separate tiers for Web and App...................................................................................................... 11
Combined Web App with separate App Servers running the Kofax TotalAgility Windows services...12
Separate tiers for Web, Core services App and Kofax TotalAgility Windows services App..............13
High availability and scaling.............................................................................................................14
High availability...................................................................................................................... 14
Scaling....................................................................................................................................15
Chapter 2: Performance........................................................................................................................... 16
Database...........................................................................................................................................16
Form..................................................................................................................................................20
Process............................................................................................................................................. 21
System Monitoring............................................................................................................................ 21
Capture Client...................................................................................................................................21
Chapter 3: Configure Transformation Server instances when processing push activities............... 22
Chapter 4: Security................................................................................................................................... 23
Protect data at rest...........................................................................................................................23
Protect data in transit....................................................................................................................... 23
Privileges...........................................................................................................................................23
Serve internal and external users.................................................................................................... 24
Protection against uploading malicious files in Scan Client.............................................................24
Server hardening.............................................................................................................................. 25
Protection against malicious database connections and web service URLs................................... 26
Chapter 5: Database................................................................................................................................. 27
Sizing................................................................................................................................................ 27
Deployment....................................................................................................................................... 27
Memory............................................................................................................................................. 28
Maintenance......................................................................................................................................28
Resiliency..........................................................................................................................................28
MSDTC............................................................................................................................................. 29
3
Kofax TotalAgility Best Practices Guide
4
Kofax TotalAgility Best Practices Guide
Forms maintainability............................................................................................................. 49
Form loading events.............................................................................................................. 49
Test forms.............................................................................................................................. 50
Business rules.................................................................................................................................. 50
Business rules maintainability............................................................................................... 51
Test a business rule.............................................................................................................. 51
Job Upgrader.................................................................................................................................... 51
Data management............................................................................................................................ 51
Distributed upgradability................................................................................................................... 52
Chapter 7: Troubleshooting..................................................................................................................... 53
Business process management....................................................................................................... 53
Forms..................................................................................................................................... 53
Processes...............................................................................................................................53
Business rules........................................................................................................................54
Performance...........................................................................................................................54
General...................................................................................................................................54
Capture............................................................................................................................................. 54
Transformation Server...................................................................................................................... 55
VRS...................................................................................................................................................55
Chapter 8: PDF handling..........................................................................................................................56
Chapter 9: Extraction and Classification Group design....................................................................... 57
Classification and extraction groups................................................................................................ 57
Shared Projects................................................................................................................................ 57
Classification and extraction groups versus shared projects...........................................................57
Fields.................................................................................................................................................58
Strong naming conventions................................................................................................... 58
Sequence and field groups................................................................................................... 58
Adding and removing document fields.................................................................................. 59
Chapter 10: Validation and formatter implementation.......................................................................... 60
Formatting......................................................................................................................................... 60
Field formatters...................................................................................................................... 60
C# activity and Visual Studio C# editor................................................................................ 61
Validation...........................................................................................................................................62
Capture table input in a business rule.............................................................................................64
Chapter 11: Folder and document locks................................................................................................ 65
Deleting objects................................................................................................................................ 66
Folder or document input variables................................................................................................. 66
Web Capture control........................................................................................................................ 67
5
Kofax TotalAgility Best Practices Guide
6
Preface
This guide describes the recommended best practices that you must follow while using TotalAgility to
improve performance, cost, maintenance, availability and security.
Related documentation
The product documentation set for Kofax TotalAgility is available at the following location.
https://docshield.kofax.com/Portal/Products/KTA/750-4kcae04o43/KTA.htm
In addition to this guide, the documentation set includes the following items:
• Kofax TotalAgility Prerequisites Guide: Provides system requirements for installing TotalAgility,
instructions for running the prerequisite utility, and a software checklist for various installation types.
• Kofax TotalAgility Installation Guide: Describes how to install and configure TotalAgility.
• Kofax TotalAgility Integration Server Installation Guide: Describes how to install Kofax Integration
Server and integrate it with other products.
• Kofax TotalAgility On-Premise Multi-Tenancy Installation Guide: Describes how to install and configure
On- Premise Multi-Tenant system.
• Kofax TotalAgility Configuration Utility Guide: Explains how to use the Configuration Utility to update
settings across various configuration files for different types of installation and deployment.
• Kofax TotalAgility Administrator's Guide: Provides information to the administrator on configuring and
maintaining a TotalAgility installation.
• Kofax TotalAgility Architecture Guide: Provides an overview of the TotalAgility architecture, covering
various deployments for on-premise, on-premise multi-tenancy and Azure environments.
• Kofax TotalAgility Features Guide: Provides an overview of the TotalAgility features.
• Kofax TotalAgility Migration Guide: Provides information on TotalAgility upgrades from different versions
and post upgrade configuration.
• Kofax TotalAgility Help: Provides details about using TotalAgility to design business jobs and cases,
assign resources, create forms, integrate with external applications, and more. Access the help from
the TotalAgility application by clicking the Help button.
• Kofax TotalAgility Workspace Help: Describes how to use the Workspace to manage activities, jobs,
and resources. Access the help from the TotalAgility Workspace by clicking the Help button.
• Kofax TotalAgility On-Premise Multi-Tenant System Help: Describes how to create and manage tenants
using the TotalAgility On-Premise Multi-Tenant system.
• Kofax TotalAgility Web Capture Control Help : Provides details on using a Web Capture control in
creating multi-page documents, creating a new document in a new folder, deleting pages that have
been incorrectly scanned, and more; also, describes the buttons available in a Web Capture control
toolbar.
7
Kofax TotalAgility Best Practices Guide
• Kofax Analytics for TotalAgility Product Features Guide: Provides an overview of the dashboards that
help you track data through the workflow, analyze the effectiveness of the processes and resources,
and address business problems.
• Kofax TotalAgility Tables: Describes the Kofax TotalAgility tables and fields used by Kofax Analytics for
TotalAgility.
• Migration From Kofax Products Guide: Provides information about migrating TotalAgility files and Kofax
Transformation Modules projects to TotalAgility.
Training
Kofax offers both classroom and computer-based training that will help you make the most of your Kofax
TotalAgility solution. Visit the Kofax website at www.kofax.com for complete details about the available
training options and schedules.
To access some resources, you must have a valid Support Agreement with an authorized Kofax Reseller/
Partner or with Kofax directly.
Use the tools that Kofax provides for researching and identifying issues. For example, use the Kofax
Support site to search for answers about messages, keywords, and product issues. To access the Kofax
Support page, go to www.kofax.com.
8
Kofax TotalAgility Best Practices Guide
Use these tools to find answers to questions that you have, to learn about new functionality, and to
research possible solutions to current issues.
9
Chapter 1
Deployment topologies
This chapter describes the advantages and disadvantages of the most common deployment options.
The selected deployment option is completely driven by requirements, which typically include:
• Good performance
• Low cost
• Ease of maintenance
• Prevention of a single point of failure and support for high availability
• Adequate security
We recommend that you install the Transformation Designer and the Reporting Server on their own
dedicated servers. Both applications perform highly intensive CPU operations and being installed on their
own server ensures better performance.
The deployment topologies assume the Transformation Designer and the Reporting Server are installed
on their own servers.
10
Kofax TotalAgility Best Practices Guide
Advantages:
• Calls to the SDK are most efficient as calls from the SDK to the Core services occur in memory.
Disadvantages:
• The Web server communicates directly with the database.
• The Web and Application server on the same server are not as secure as a split Web and Application
where additional layers of security can be applied.
• The Web server is not dedicated to serving Web requests as it contains components that process
background tasks.
The Web tier does not connect directly to the database, providing an additional layer of security. The Core
Web services communicate with the database. The additional security affects performance and the calls
to the SDK APIs in this deployment are slower than in a combined Web Application deployment as a cross
machine call to the Core services is required.
Advantages:
• The Web server communicates with the Application server and not the database, which means
additional layers of security can be applied to the App Server.
Disadvantages:
• The Core services reside on a separate server from the server where the SDK services reside and
hence API calls to the SDK require cross-machine calls from the SDK to the Core services. Therefore,
the calls to the SDK are not as efficient as in the Combined Web App and Kofax TotalAgility Windows
services deployment.
11
Kofax TotalAgility Best Practices Guide
Combined Web App with separate App Servers running the Kofax
TotalAgility Windows services
In this deployment, the Web Server contains the exposed SDK, the Core Web services, and also the
Kofax TotalAgility Windows services, as the Kofax TotalAgility installs them by default on a combined Web/
App.
When compared to the Combined Web App, and Kofax TotalAgility Windows services deployment,
this deployment frees the Web server from the CPU load generated by the Kofax TotalAgility Windows
services, making SDK requests perform better. Similarly, the server containing the Kofax TotalAgility
Windows services is not loaded with SDK API requests, allowing it to also perform more efficiently.
When compared to the Separate tiers for Web and App deployment, the SDK requests perform better in
this deployment.
Advantages:
• Calls to SDK are most efficient as calls from the SDK to the Core services occur in memory.
• Dedicated App Server is responsible for processing background tasks.
Disadvantages:
• Web Server communicates directly with the database.
12
Kofax TotalAgility Best Practices Guide
Separate tiers for Web, Core services App and Kofax TotalAgility
Windows services App
The main difference between this deployment and the Combined Web/App with separate App Servers
running the Kofax TotalAgility Windows services deployment is that Core Web services have their own
dedicated server. In this deployment, the App tier CPU load is spread across a Web Server and an App
Server; the Web server handles Web requests, and the App server handles background processing of
system and non-system worker tasks.
Advantages:
• Web Server communicates with the Core services App Server, and not the database, which results in
increased security.
• A dedicated App Server (containing the Core services) for receiving Web requests.
• A dedicated App Server (containing the Kofax TotalAgility Windows services) for processing
background tasks.
Disadvantages:
• Calls to the SDK are not as efficient as in the Combined Web App and Kofax TotalAgility Windows
services deployment, as the Core services reside on a separate server from the server where the SDK
services reside. Therefore, API calls to the SDK require cross-machine calls from the SDK to the Core
services.
13
Kofax TotalAgility Best Practices Guide
Also refer to section, "Scaling and Resiliency" in the Kofax TotalAgility Architecture Guide.
High availability
To ensure high availability, we recommend the following:
• Install the Kofax TotalAgility services across multiple servers to scale them horizontally. This approach
improves performance as the load is distributed across multiple App Servers.
Note It is not necessary for all the Kofax TotalAgility Windows services to be running on a single
server. You can disable some and set them to run on a different application server (or servers for
resiliency).
• Install the Reporting and Transformation servers on their own dedicated servers.
• Load balance multiple Web servers in a high availability web farm configuration. This approach ensures
that neither the Web tier nor the load balancer are single points of failure.
• Load balance the App Servers in deployments, where Web/App tiers are split and the load balancer sits
between the Web Servers and the App Servers.
• Introduce clustering, mirroring, or replication of the database to prevent a single point of failure.
14
Kofax TotalAgility Best Practices Guide
Scaling
Improve performance by scaling horizontally and/or vertically to meet increasing load demands.
Vertical scaling: Hardware is modified to meet the demands of an increased load, such as more memory,
or more cores on the server.
Horizontal scaling: The same software is run on multiple application servers, and you can have multiple
application servers running the Kofax TotalAgility Windows services. Load balancing the Web servers can
help improve the performance of your website.
See Possible deployment topologies for the advantages and disadvantages of different topologies.
15
Chapter 2
Performance
This chapter describes the recommended best practices for database, forms, work processing, and other
areas for improving performance.
Database
This section describes the best practices for databases.
• Move finished jobs to the archive tables or purge them when the jobs are complete (or periodically).
This approach ensures that the size of live database tables is minimized, so they do not grow
continually.
• Switch the audit log off, if you do not require it. This improves performance and reduces the database
size.
• Define the retention polices at both the system and process levels so that the database growth is
managed from the outset.
• All currently supported versions of SQL server offer maintenance of indexes online. While it is your
decision to avail this facility, consider the following attributes as they affect the performance of
TotalAgility:
1. Server resource utilization increases (Memory, Disk IO) to complete the rebuild. The extra reads
and writes are attributable to the second copy of the index that SQL Server creates during the
initial phase of the index rebuild.
2. Clustered indexes produce duplicate copies of both index and the data until the rebuild is
complete, affecting performance on concurrent table activity. Non-clustered indexes marginally
affect resource utilization.
3. Transaction logs grow substantially, attributable to the higher frequency of REDO entries.
4. Increased locking during the preparation and build phase ensures that other processes do not get
an exclusive lock on the object while the index is being rebuilt.
5. The last lock acquired, a schema modification lock (Sch-M lock), blocks all other concurrent
access to the table (while the old index is dropped and the metadata updated).
• When using SQL Server parallelism, in Properties>Advanced of the SQL Server, set the following
property:
• Under Parallelism, Cost Threshold for Parallelism = 35
16
Kofax TotalAgility Best Practices Guide
• When using SQL Server 2016, in Properties>Options of each TotalAgility database, set the following
properties:
• Under Automatic, Auto Update Statistics Asynchronously = True.
17
Kofax TotalAgility Best Practices Guide
18
Kofax TotalAgility Best Practices Guide
19
Kofax TotalAgility Best Practices Guide
Form
Decide whether to use form cache, and if using, what size. Consider the trade-off between the
performance of regularly used forms and the memory on the client machines for storing these forms. We
have set the default cache size appropriately.
Do not make large work queue calls or job searches. Any queries returning more than 50 rows impact
performance.
Do not search with process variables. This practice is outdated and only available in APIs for backward
compatibility.
20
Kofax TotalAgility Best Practices Guide
Process
When all steps are automatic, use synchronous processes. The system converts these processes to .NET
code that greatly reduces the load on the server.
When considering performance with small volume, such as during demonstrations, be aware of the
system behavior, which might cause performance issues. For example:
• If running an asynchronous map with 20 automatic activities, despite each activity taking milliseconds to
run, there is at least 1 second of interval (default core worker polling interval) between them causing the
map to take over 20 seconds.
• If performing an automatic capture activity, the Transformation Server goes to sleep for 30 seconds if
there is inactivity, slowing down the map progress.
System Monitoring
Use Kofax Monitor application monitoring software to get service level metrics, historical performance data
and the real-time processing status of TotalAgility.
This software helps you better manage and assess your TotalAgility platform by providing real-time
metrics on the operational health of your systems.
Capture Client
To achieve optimal UI responsiveness and performance while working with large jobs, we recommend the
following:
1. Use "single thumbnail display" mode instead of the default "multi-thumbnail display" mode.
The single thumbnail display mode instructs Kofax TotalAgility to render only thumbnails from one
document at a time, instead of rendering all thumbnails continuously in the background. This can
significantly improve UI responsiveness while working with large jobs.
Note This is a tradeoff between better performance, or the convenience of being able to see
thumbnails from multiple documents at once. A suggested threshold is when a job contains more
than 50 documents.
2. Use Chrome browser. While Kofax TotalAgility tries to achieve the best possible performance for
each supported browser, Kofax TotalAgility achieves the best UI responsiveness with Chrome
browser. This is especially true while working with large jobs.
21
Chapter 3
Push activities occur when a process designed to run a number of automatic steps returns to the user
the next activity to do within the same job. In Kofax TotalAgility, the classification, extraction, image
processing, and other such activities are purged to the Transformation Server instead of the normal
processing where the Transformation Server polls for work.
You can process push activity on any Transformation Server instance that is allowed to process it.
• To restrict which Transformation Servers will process push activities, set "EnableSynchronousCalls" to
false on servers that should not process push activities.
• For servers that should process only push activities, and not normal activities, set
"SynchronousOnlyProcessing" to true.
• On servers that should process both normal activities and push activities, set "ReservedSlotsNumber"
to 1 or 2 to prevent the occasional push activity from getting stuck in the queue.
22
Chapter 4
Security
Increase security using secure variables, assigning privileges, using virus scanners, applying Microsoft
security best practices prior to installation, and other such measures.
Encrypt the database by using the SQL Server TDE to provide a further layer of security. Encrypting the
database has an impact on performance; therefore, you must consider encrypting only those databases
that contain sensitive information, such as the main TotalAgility database and the Documents database.
The TotalAgility configuration files contain references to connection strings, among other sensitive
information. You can protect these details by encrypting the configuration files using the .NET utility.
See the section “Encrypting and Decrypting the TotalAgility Configuration Files” in the Kofax TotalAgility
Installation Guide.
You can increase security by using HTTPS, specifically for deployment with public facing website.
When you require a public facing website, you should deploy the Web server in a demilitarized zone
(DMZ) and protect it by a firewall. If traffic between the web server and the application server needs to be
secure, we also recommend the use of HTTPS on the application tier. To provide additional security, place
an additional firewall between the Web tier and the application tier.
Privileges
Apply the "Principles of Least Privilege" to increase security.
23
Kofax TotalAgility Best Practices Guide
24
Kofax TotalAgility Best Practices Guide
Server hardening
Depending on your setup, you can apply some or all of the following measures to protect against common
server attacks.
Provide cross-site scripting protection: This header configures the built-in XSS protection that is found
in most modern browsers. This header causes the browser to block a response if it detects an attack.
Install URL Scan Module: This security tool restricts the types of HTTP requests that IIS processes. By
blocking specific HTTP requests, the UrlScan security tool prevents potentially harmful requests from
reaching applications on the server. It screens all incoming requests to the server by filtering the requests
based on rules set by the administrator. Filtering requests helps secure the server by ensuring that only
valid requests are processed. It can be configured to filter HTTP querystring values and other HTTP
headers to mitigate SQL injection attacks while the root cause is being fixed in the application.
Reduce MIME Type Security Risks: To improve the security of your site against some types of drive-by-
downloads, add the following header to your site at the TotalAgility web-app level in IIS:
X-Content-Type-Options=nosniff
Disable client cache at the IIS Server level: Open the Command Prompt as Administrator and run the
following command:
appcmd set config /section:staticContent /clientCache.cacheControlMode:DisableCache
Configure HTTP Strict Transport Security (HSTS): This mechansim helps to protect your website
against protocol downgrading attacks and cookie hijacking. A protocol downgrade attack attempts to
force a server to abandon an encrypted connection, such as https in favour of an insecure one (http). This
may facilitate a cookie hijack and allow an attacker to access a valid session key. To implement HSTS,
configure the web.config for your site as follows:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" /
>
</rule>
</rules>
<outboundRules>
<rule name="Add Strict-Transport-Security when HTTPS" enabled="true">
<match serverVariable="RESPONSE_Strict_Transport_Security" pattern=".*" />
25
Kofax TotalAgility Best Practices Guide
<conditions>
<add input="{HTTPS}" pattern="on" ignoreCase="true" />
</conditions>
<action type="Rewrite" value="max-age=31536000" />
</rule>
</outboundRules>
</rewrite>
</system.webServer>
</configuration>
Add content security policy header: This header allows to define a white list of approved sources
of content for your website. It restricts the assets that a browser can load for a site and acts as a
countermeasure against cross-site scripting attacks. At the IIS level, set the following HTTP Response
header:
Content-Security-Policy=default-src https: data: 'unsafe-inline' 'unsafe-eval'
Provide anti-clickjacking protection: You can control the behavior of iframes on your site to prevent
clickjacking attacks. Set the X-Frame Options header to allow iframes from your site only:
X-Frame-Options=SAMEORIGIN
Disable OPTIONS verb: The OPTIONS verb can provide an attacker with information that is useful in
facilitating further attacks. On the web server the built-in IIS module:
Request Filtering -> HTTP Verbs -> Deny Verbs…
Remove unnecessary headers: An attacker can use non-functional headers, such as X-Powered during
a reconnaissance phase to identify a target platform. Remove such headers by using the IIS HTTP
Response Headers module.
26
Chapter 5
Database
Sizing
Employ a database server fit for your requirements. The size of the database depends on your overall
throughput of data, such as jobs and documents, and solution implementation. For example, solutions that
include a large number of long-running cases may require larger databases.
Ensure to employ the TotalAgility retention policies appropriately to manage the database growth.
If auditing is not required, switch it off so that database size does not grow unnecessarily.
Deployment
• Install the database server on a dedicated physical machine and not on a virtual server.
• Install the Reporting database on a separate database server from the core Kofax TotalAgility
databases. This reduces the load on the core TotalAgility database server, ensuring optimal
performance.
• The Documents database should reside on its own physical disk to limit contention of Disk I/O.
• Place the database and transaction logs on different drives; preferably separate physical drives.
• Distribute the MSSQL files over multiple logical drives. See the sample configuration.
• SQL Server Installation – E:
• SQL Server database data files – D:
• SQL Server database index files – I:
• SQL Server transaction logs – L:
• SQL Server TempDB data files – T:
• Backups – F:
Note Volume sizes and Input/Output Operations Per Second (IOPS) requirements for each of the
items mentioned above vary, depending on the document and user volume on the system.
• Ensure all disks containing MSSQL files are formatted with 64K block size.
• Ensure all file growth for database files are set values and not the default percentages. Recommended:
256 MB for data, index and transaction log files.
27
Kofax TotalAgility Best Practices Guide
• Configure a service account for all SQL Server services. The MSSQL installer automatically assigns
minimum privileges to the services account during installation.
• Install only the SQL Server Engine. You do not need additional components, such as Analysis services,
Reporting services and Integration services.
• When installing MSSQL, make sure to apply all needed service packs and cumulative updates used by
your organization.
Memory
Determine the maximum amount of memory you can assign to SQL Server by subtracting the memory
required for the OS and any other instances of SQL Server (and usage on other system, if the computer
is not wholly dedicated to SQL Server) from the total physical memory. See the Microsoft website for more
information on memory usage on SQL Server.
Maintenance
Schedule regular database maintenance plans to manage index fragmentation, statistics, backups and
archiving. Typically, the transaction log backups at 15 minute intervals are found to be appropriate,
as these occur at a reasonable frequency (ensuring the log does not grow out of control) but not too
frequently to impact performance.
You can run an antivirus program on the MSSQL servers, but exclude certain files to prevent performance
bottlenecks caused by virus scans. See the Microsoft website for a full list of exclusions.
Resiliency
Consider the database resiliency by employing SQL Server clustering, replication or mirroring. See the
High availability section.
28
Kofax TotalAgility Best Practices Guide
MSDTC
Enable MSDTC when transactions span multiple databases. MSDTC is only required in TotalAgility when
the Main database tables and the Archive database tables are split across different databases. See the
"Installing the databases" section of the Kofax TotalAgility Installation Guide for more information.
29
Chapter 6
Solution building
When building solutions, concentrate on the non-user interface aspects, such as documents, processes
and rules first to avoid rework on UX at a later stage. TotalAgility presents the data without forms in most
cases so the flow and interaction can be played back early and tested without the need to build lots of UX.
This can also facilitate earlier system testing.
System settings
TotalAgility is installed with a number of system defaults. You must review and if required, change them to
suit your production environment.
See "Configure the Settings for the System" in the Kofax TotalAgility Help for description and configuration
of these settings.
Session ID
For each installation of TotalAgility, a unique system session ID is generated. The system session ID
allows the execution of any secure SDK call.
You can regenerate the session ID if there is a security breach (example: if someone has used the
session ID to access the system without approval) or you can set this value (example: if moving from
a development to production environment, and you want to use the same session ID for both the
environments).
Note If you update the value, you need to update the Web.config files.
By default, TotalAgility allows only one active session per user. If a user logs on from another browser or
location, the first session is terminated.
With the multiple session support enabled, each user can have multiple sessions that act independently.
For example, each session can time out or log out without affecting the other.
30
Kofax TotalAgility Best Practices Guide
However, each additional session consumes a concurrent user license. So, while in some scenarios
it may make sense to allow multiple logons to increase usability, a rule of thumb is to not allow more
functionality than what is required.
If your users are never going to connect to more than one simultaneous session, disallowing multiple
logons reduces the risk of attack from an unauthorized user.
It may make sense to disallow multiple logons due to licencing, as closing the browser without specifically
logging out leaves the session open and consumes a concurrent license until the session times out.
Password Format
This property is a regular expression that can control both the length and complexity of user passwords.
We recommend that passwords be at least eight-characters long and must represent a combination of
character sets.
SHA-1 is also available; however, recent advances in cryptanalysis have detected weaknesses in the
SHA-1 algorithm. Scrypt is much stronger.
Use of the same email address for multiple resources would be appropriate in development and UAT
environments for testing purposes. Furthermore, in a production environment, it is possible for multiple
resources to be using the same distribution email address rather than individual email addresses.
Similarly, multiple groups may use the same distribution email address.
However, if you have external users logging in with their email address, we recommend that you disallow
duplicates.
To secure all non-authenticating "session acquiring" SDK methods, enable the "Disable logon without
password" setting.
31
Kofax TotalAgility Best Practices Guide
Therefore, you must consider your solution context and determine if there is an impact, and enable the
setting accordingly.
Timeouts
The timeout settings include the session timeout and batch session timeout.
Session timeout
The session timeout defaults to 1 hour. After this period (relative to the user’s last active date) the system
automatically invalidates the user session in TotalAgility.
If you want the TotalAgility sessions to time out, set the appropriate value or disable the "Process Session
Timeouts" system task.
If you use the session timeout, the session has a limited lifetime and expires after a period of time. We
recommend that you set the value appropriately for the purpose and nature of the application, to balance
security and usability, so that the user can comfortably complete operations without the session frequently
expiring.
You can also allow or restrict users from having multiple sessions. See Allow Multiple Logons.
If you want Capture batches to timeout, set the appropriate value or disable the "Process Capture
Timeouts" system task.
We recommend that you set the session timeout for your typical users, considering how long they take to
complete capture-related tasks and how intensive the capture work is. For example, consider the number
of documents they need to scan or validate at a time.
You can turn the Write to Audit Log setting off to reduce the database size, and increase performance.
However, if you do wish to maintain the audit log, configure the associated retention policy to delete the
old audit log entries.
32
Kofax TotalAgility Best Practices Guide
The Archive Finished Jobs setting is on by default. As a result, once a job is complete, the system task
"Archive Jobs" moves the job to the archive table.
This ensures that your live jobs tables are kept to a minimum and do not continually grow.
We recommend that you move finished jobs to the archive tables or purge them when the jobs complete
(or periodically).
Note If you do not require the history of some jobs, set the Record History setting to No in the process
(Process properties>Advanced tab).
Reporting
If you wish to perform analytics on your process data, and ensure that the data is picked up by Insight,
turn the "Update PI" setting on, per process (Process properties> Advanced tab).
The Capture data is stored in a Reporting database. To control how often the ETL agent handles
the system task (extract/transform/load) and transforms data from staging to warehouse, you can
configure the interval using the "Run Daily From" and "Run Daily To" system settings (System
Settings>Settings>General tab).
You can restrict this transformation to nightly hours so that it does not interfere with day-to-day
performance.
Form Cache
Form caching applies to desktop forms only. By default, the form caching is turned on.
We recommend that you enable caching of forms if the users use the same forms repeatedly. This
improves loading performance as forms are cached on the client-side browser for faster loading
performance.
The number specified is the number of most recently used forms added to the cache. For example, 10
means that 10 forms will be cached.
Under general conditions, the default settings provide the best balance between performance and client
storage requirements.
A form is added to the client cache when displayed. If the cache is full for a form type, the oldest accessed
form is removed from the cache to make space for the new form.
33
Kofax TotalAgility Best Practices Guide
Every time a form is loaded from the cache, its last accessed time in the cache is updated to prevent it
being removed from the cache.
This means the most frequently displayed forms are in the cache.
Refresh Durations
Custom pages and images can be uploaded to TotalAgility and then used in forms. The image or custom
page displayed at runtime is downloaded from the database and cached.
If the image or custom page is updated in the TotalAgility Designer, the latest version is not displayed to
users until the cache is refreshed.
To control the frequency of refresh, two settings are available: Image Refresh Duration and Custom Page
Refresh Duration. Both the settings default to 120 minutes.
We recommend that you set the interval considering the likelihood of images or pages being updated. In a
production environment, you can set this interval to a larger value as updates are less likely.
Business Calendar
The TotalAgility Workspace has a global business calendar that you can use to set working and non-
working days, and working hours across all resources. Each resource can also have a personal calendar
that is derived from the global calendar.
By default, the business calendar is turned off. When the business calendar is turned on, any date
calculations, such as job durations and activity due dates, are performed relative to the working hours.
If your application needs to take dates into consideration or you have service level agreements to meet,
we recommend that you enable the calendar capability.
Skill Level
By default the server based Skill Level is switched on (System Settings>Settings>Work Process). This
means that every task within a job checks the skill level of a resource; in this instance, the resource has
one value that encompasses all processes. The resource can only work on activities which they have the
appropriate skills for.
If you use the process-based skills, for every process the resource is assigned a specific skill. This may
require more maintenance, and is more intense on the database.
If you do not use the skill level, the database access becomes less complex and thus can increase
performance.
Exception Handling
Consider if there are any system level exceptions that the solution would benefit from. For example, when
a call to a Web service fails, in addition to suspending the job, would you want something else to occur?
You can configure exception handling at the system level to handle exceptions regardless of the source,
or configure it specific to a process.
34
Kofax TotalAgility Best Practices Guide
By default, the system does not handle exceptions; therefore, when an error occurs while processing a
job, the job is suspended and notification are not sent.
We recommend that if you have a high-value use case where you need to closely monitor and avoid any
downtime, or you have time-critical work to perform, you should configure the exceptions appropriately to
the purpose and nature of the application.
You can configure the exception handling process to be very general, such as only notifying that the
exception has occurred, or tailor it to use the initialization data that is passed to the map. This approach is
useful if you do not want to send notifications for every suspension, or if you want to customize a remedial
action for a certain type of exception.
Retention Policies
Good design and maintenance should advocate that older and unused items are manually removed from
the system to prevent unnecessary database growth.
Retention policies can automatically assist in minimizing the database size. By default, the system does
not provide any retention policies, and therefore all artefacts are retained indefinitely in the database
unless they are manually removed.
We recommend that you define retention periods to clean up unused items, manage database growth,
and optimize performance.
Max Number of Logon Attempts: This setting determines the number of failed logon attempts after which a
user account is locked out. The threshold set is a balance between operational efficiency and security, and
depends on your organization's risk level. To allow for user error and to prevent malicious attacks, keep
the setting above 4 and below 10 (default value is 5) as an acceptable starting point for your organization.
Account Lockout Duration: This setting determines the number of minutes (default value is 30 minutes) an
account remains locked out before automatically becoming unlocked.
You can configure this value to 0 so that the account is never unlocked automatically. Though it may seem
like a good idea; however, doing so can increase the number of requests to your administrator to unlock
accounts that are locked by mistake.
Password Reset
When using the manual authentication with passwords, set the system process that handles the password
reset requests.
Ensure that your users have valid email addresses and an SMTP server is configured.
35
Kofax TotalAgility Best Practices Guide
We recommend that you use the standalone approach because this approach is found to be the most
productive with the least downtime due to check in conflicts.
To determine which approach is best-suited to your organization, review the analysis provided in the
following sections.
36
Kofax TotalAgility Best Practices Guide
Advantages
• Fewer development environments to maintain.
Disadvantages
• All activity occurs on the server; therefore, a change that prevents from functioning could affect and
delay other developers.
• Only one version of custom .NET code can execute on the server, making it difficult to test without
affecting other developers.
• All developers are tied to the availability of a single development server.
Apply the following process for managing and tracking changes made to the solution:
1. Use the product Export functionality to create a separate ZIP file for each item, such as process and
form.
2. Place the ZIP files into a configuration management tool, such as Team Foundation Server.
3. Appoint a team member as Build Master to manage the following:
• Updating ZIP files
• Adding or updating global variables
• Adding or updating the theme and CSS
• Adding or updating the navigation menus and more
4. Developers send the file and elements to Build Master in the form of an exported ZIP file with just the
changed elements in it, and a note indicating what has changed, to assist the Builder Master.
37
Kofax TotalAgility Best Practices Guide
5. Each day developers check out the ZIP files from the configuration management file, implement the
required changes, and check them in when complete.
6. Each day, at a minimum, the Build Master must do the following:
• Import the latest ZIP files from the configuration management.
• Update the package with any new items and export the package.
• Alert developers and quality analysts that an updated and working package is available.
Assign access permissions on each package to prevent others from making unnecessary changes and
causing issues.
Resources
Allow or deny access permissions, and configure work allocation based on your requirements.
Access permissions
Manage the access permissions to grant and restrict resource access to the Designer and processes.
Designer
Restrict the access to the main areas of functionality within the TotalAgility Designer through system
settings to tighten constraints on those who can modify processes, forms or more importantly, system
settings.
Allowing access to "everyone" could result in incorrect changes being applied, causing your system to
behave unexpectedly. By default, only members of the Administrators group have access to these areas.
For example, any resource that has not been granted appropriate permissions for the Designer will not be
able to open the Designer to view processes, forms, and other areas.
See the topic "Assign Access Permissions to Different Areas of TotalAgility" in the Kofax TotalAgility Help
for more information about configuring the Designer access permissions.
38
Kofax TotalAgility Best Practices Guide
Process
Restrict the access to highly sensitive processes using the maintenance access functionality within the
process, so that changes to processes can be controlled and only made available for use once they
have been thoroughly tested and approved. As only one resource can have maintenance access, we
recommend that you configure a group for this purpose.
See the topic "Resource Related Properties of a Process" in the Kofax TotalAgility Help for more
information about configuring process access permissions.
Activity allocation
Work can be allocated automatically as soon as it becomes pending, manually by a supervisor or
scheduled to be allocated at a specific time. We recommend automatic work allocation as it does not
require any manual intervention.
39
Kofax TotalAgility Best Practices Guide
• The person assigned to a role may change on a job-to-job basis whereas resource groups are defined
system-wide.
• Both resource groups and roles are associated with ALL versions of a business process. However,
when role properties change, you do not need to re-release a process. This means the version number
of the process map does not increase.
External resource
Use external resources in combination with floating roles for resources that are not part of the organization
but are required to complete activities within the process (example: a loan applicant). These users can
participate in the process but with limited access to the TotalAgility Workspace and no access to the
TotalAgility Designer.
If you require the external resource to create jobs or cases or view the progress of a job or a case, use
the limited user session in conjunction with the limited user license. This gives more access to non-Kofax
TotalAgility users but is still restricted and managed.
Building processes
A process is an orchestration of activities; it is not a system of record, therefore do not use process
variables to store any information that is not required for either decision making, searching, or for passing
onto nodes.
A case can incorporate several processes involving various departments using multiple sources of
information. For example, processing an appeal could consist of a wide range of documents and forms,
and numerous processes, such as registering an appeal, setting up a tribunal session, checking medical
records, clearance of an appeal and many more. These processes may run independently of one another
yet they are all related to the one case.
Kofax TotalAgility supports multiple versions of the same process at any given time so a job can complete
on the same version it was started on.
• Be careful when updating processes that are embedded or used as subjobs.
Consider whether you want live parent jobs to have this change, as a parent job uses the latest version
of the subjob or embedded process. If not, create a copy of the process and use that copy going
forward.
• Group processes into logical categories, such as Invoice approval, PO processing, HR processing,
Shared, and more.
• Use categories within categories if you wish to have one overall category for your solution.
A process has a starting point, a defined path and an end point. For example, you can clearly define a
holiday request process up front and routinely execute it.
A case process consists of a base "case process" used to support the overall case, as well as several
processes or fragments, all of which are linked for collecting and sharing case-specific information. This
40
Kofax TotalAgility Best Practices Guide
does not necessarily execute in a logical start-to-finish manner. It can be the responsibility of the Case
Manager to determine the next steps to perform, or logic built into the case can automatically determine
next steps and create associated jobs based on fragments and other criteria. A consolidated case history
is maintained across the entire case in chronological order.
For example, processing an Appeals case could consist of a wide range of documents or forms, as well
as numerous processes such as registering an appeal, setting up a tribunal session, checking medical
records, and clearance of an appeal. All of these business processes may run independently of each
other, yet be related to a single Appeals case.
If you know the entire path from start to finish, and a definite set of steps must be completed in a set order,
use a process. If the required steps need to be determined at runtime depending on certain criteria, use a
case.
If you are still not sure whether to use a case or a process, use a process. It is possible to upgrade a
process to a case or a fragment, but not vice versa.
Use a process if it needs to be used independently from a specific case. As there is no direct access to
case data, the data will need to be passed into the process or retrieved real-time. Example: Send an email
to the customer’s preferred communication channel but record it as part of the case.
General practices
This section describes general practices that must be followed for optimal results.
• We recommend that you use work types for logical grouping of processes and metadata searching.
Work types create a more informative work queue and job lists without the need to drill into each item to
get access to key information. If you wish this information to be different throughout all fragments within
a case, be sure to set the Scope property on the metadata to Yes.
• Where a work queue may contain many types, consider using supporting information as a means to
display additional information, this may particularly apply to mobile devices where on-screen real estate
is very limited.
• Create a query for the work type. For example, a loan application gives flexibility so that the job
information (customer name and account number) can be displayed and filtered within the query editor.
41
Kofax TotalAgility Best Practices Guide
Work queue
For example, viewing the SLA (Activity) column in Work Queue - Loan Application Queue it is clear that
the loan application for Bob Smith and Jane Cameron is not meeting the deadline.
• Be proactive before these activities become overdue, so that you can take corrective action without
much cost. Design your process to self-administer using exceptions and triggers. For example,
42
Kofax TotalAgility Best Practices Guide
configure a trigger to launch before the activity is due so that work can be reassigned, and to raise an
exception after the activity is due.
• If a process within a solution is required to provide a quick response, consider Synchronous processing,
Activity Complete and Progress, Create New Job and Progress, and other such functionalities within
the solution design.
43
Kofax TotalAgility Best Practices Guide
Note Not all end nodes end the current job; as a result, you can use them to end a path while other
paths continue processing. See the topic " BPMN Event Types" in the Kofax TotalAgility Help for more
information on these nodes.
• When designing a map that has non-dependent parallel paths, use non-completing end nodes
to ensure your map is more readable. Avoid unnecessary synchronization points or dependent
configuration. See the following figures for examples.
In Figure 2, the job does not complete when "XYZ1" and "XYZ2" activities are completed. The job will
only complete when "ABC Else" activity is completed. The dependents are not configured on the End
node as was done in Figure 1 and also multiple converging lines do not exist. This makes the map in
Figure 2 more readable.
• Avoid naming case fragment variable the same as a case variable. Keeping the name same will cause
issues when deleting the case variable as the system may mistake this variable as being used within
the fragment. It may also lead confusion when viewing the map configuration as there is no indicator
within the map as which variable is being used. At runtime the scoping rules-process, case, server-will
result in the process variable always being used.
44
Kofax TotalAgility Best Practices Guide
• If you do not require to track the job history for auditing purposes, turn the Record History setting off
within the process (Process properties>Advanced tab). This helps manage your database size and
improve performance.
• Be careful of processes that repeat the same nodes (or set of nodes) with conditions and dependents.
They can stop the map progress, waiting for dependents that never become active because of the
conditions. Example: If Activity 3 is set as a dependent on Activity 4, Activity 4 may never become
pending.
• Do not use Synchronization nodes unnecessarily. Synchronization nodes can merge and converge
multiple paths in a process, adding load to the system and slowing down the database performance.
Design processes with multiple paths into and out of the Synchronization nodes and use dependents if
all paths must be complete before the Synchronization node can complete.
• If you wish to use a general work queue or job list form instead of work type specific queues, use the
"supporting info" functionality to display the job related information.
Process testing
We recommend the following practices when testing processes:
• Test all paths of your processes before they are put into production.
• Use the out-of-the-box forms first to ensure the process executes as expected before creating the user
interface for the solution.
45
Kofax TotalAgility Best Practices Guide
• Use the restart functionality within the job viewer instead of creating a new job and running it through
many steps to test a single part of your process. For example, if you make a change to a business rule,
restart the process at the business rule node instead of creating a new job.
Note In some instances, changes require either a new job or job upgrade.
• Understand the scope of your testing. A small change does not necessarily mean that you must retest
the entire map.
• When using subprocesses or embedded processes, be aware that only the latest version is taken.
Ensure that the process can be run and tested in isolation. For example, if the initialization data of a
contract is changed, it may cause issues when the subprocess is consumed. If there is any need to
align the process to a specific version of the subprocess, create a copy for the updates required and
use the copy where needed. Alternatively, use cases and fragments so that the versions are aligned.
• If you are using a business rule, use the built-in business rules testing feature to test using various input
values.
By default, everyone can create, suspend, terminate and restart a job, place the job on hold, view job
details, change scan/VRS profiles, change separation profiles, and update a document set.
By default, no one can create a customized version of the process for a live job.
We recommend that you assign access per function to more specific resources considering the skill
and role of the resources. For example, consider which resources should be able to create jobs, which
resources should be able to restart or terminate (ensuring those resources recognize the consequences of
terminating or restarting a job), or which resources should be allowed to only view the details of the job.
Building forms
Use the following practices when building forms.
46
Kofax TotalAgility Best Practices Guide
Design guidelines
Use the following guidelines when designing a form.
• Ensure your form is readable by using cells and columns to create the required layout instead of relying
on the margins and hidden controls. Each form should be easy to understand and a new member of the
team should be able to follow the logic and easily maintain the form.
• Use clear display names for controls and actions that reflect their use and purpose; you cannot change
the names once created.
• To reduce maintenance complexity and cost, do the following:
• Ensure that no event fires more that 10-20 actions.
• Events do not contain excessive conditional logic.
• Keep the number of controls on a form to a minimum.
• All forms are set to use the default menu and header. Update or remove the menu and header where
not needed. For example:
• The default header has links for unread resource notes and makes an API call. If you are not using
the resource notes, change the header or update the existing one.
• Remove the menus from the activity-based forms to prevent the user from navigating away from
the page without cancelling the activity. Updating the menu and header is particularly relevant to a
capture activity, as it also retains the document locks.
• Removing the menus also applies to forms that contain logon or logoff capabilities. Not updating
these may provide access to data or functionality without a valid session.
• It is common for desktop and phone forms to have significantly different navigation and form flow.
Therefore, it does not make sense to use the same form setting and have desktop, phone and
tablet versions within the same form. Decide the structure of your solution early and then select the
appropriate design factor.
• Use multi-view activity forms when you need to view other systems or data needed to complete an
activity.
• Use current view in phone forms, especially for MFP devices using MFP forms, to significantly improve
redirects. This helps in avoiding the lack of resources on the device reloading the Extjs libraries
and results in faster load times. While still applicable to other mobile devices, the same level of
improvement is not seen in them.
Be aware that Kofax TotalAgility has no built-in support for compensating transactions. If required, create
them as part of the implementation project.
47
Kofax TotalAgility Best Practices Guide
Form regeneration
TotalAgility supports multiple versions of the same process at any given time so a job can complete on the
same version it was started on.
Use the Form Regeneration functionality to support different versions of processes and different versions
of the associated forms.
There are various options within the regenerate functionality that will result in a different output.
• Whether to create a new version of the form or overwrite: Create a new form when you have live jobs
that require the current version of the form to run successfully.
• Whether to save or release the new form: Release the form only if it is available for use.
• The corresponding process has been released.
• The form does not need any further modifications.
• New jobs can use it.
Reuse forms/navigation/headers
Reuse forms, navigation and headers to avoid rework, and easier maintenance.
• For activities with minimal fields, or documents and folders with a small number of fields, you need not
always generate a form. Before you generate a form, review what is required on the form and if any
customization or custom logic is needed. Once you generate a form, the system automatically creates
the user interface for you at runtime. This reduces the number of forms, and maintenance required
subsequently.
• Do not assume the Workspace navigation as the default for your solution. The Workspace and its
default navigation provide immediate access to everything including the administration features that is
not required normally. Design the correct navigation required for your solution context.
• Consider removing the navigation menu from the Take Activity forms to ensure users complete or
cancel activities instead of browsing away and leaving the activity in a taken state.
• If the same functionality, such as work queues and administration pages, is required in multiple
solutions, create these forms once and share them between solutions. You can style them differently
using the theme associated with the site.
Security
Consider who should have access to forms and menu items in their entirety and whether all controls on a
form should be available to all users.
Security is available on forms and navigation menu items to allow or deny access to specific resources.
By default everyone has access.
For a more granular level of security, use the Security Tokens feature. Assign tokens to individual controls
or cells on a form, and only resources who belong to a role with these tokens can see the controls.
Note There is some overhead involved in rendering forms that have security tokens, as extra calls need
to be made to determine the roles of the current resource before determining the controls to display.
48
Kofax TotalAgility Best Practices Guide
Forms maintainability
Consider future maintainability when creating or modifying a form, as this is a key factor for the success of
any solution.
Reuse forms across activities so long as the contract (input and output) of the activity, such as number,
name and types of all inputs and outputs, are the exact same. This reduces the number of forms and
subsequent maintenance. Set the following process or activity properties to use the same form.
The Loaded event is the most commonly used event. Actions, such as Same Page, .NET and DB Query
that initialize controls or form variables are typically added to this control. Form controls cannot not be
loaded into the DOM at this point, so do not place actions that attempt to access form controls through
DOM (example: Javascript actions).
The BeforeRender event is fired at the point at which the form is about to be rendered. For example, the
BeforeRender event can be used to inject css into the head of the document prior to rendering. As per the
Loaded event, the Javascript actions executed here should not attempt to access form controls through
DOM as those controls will not be available at this point. See Access DOM elements through Javascript
actions.
The AfterRender event can be used to access DOM elements since the form is guaranteed to have been
fully loaded into the DOM. This is specifically useful when adding EventListeners to DOM elements to
achieve some non-standard functionality.
Note Capture activity forms operate differently from other forms types in how they render. This is due to
the ThinClient control, which requires that the onLoad actions complete before it can fully render itself.
So even though the BeforeRender or AfterRender events may have triggered on the containing form, the
form itself may not actually have been rendered to the required state.
49
Kofax TotalAgility Best Practices Guide
If we associate this Javascript action with either of the "Loaded" or "BeforeRender" events, it fails as the
form is not rendered fully and the DOM element is not available.
However, by associating the action with the "AfterRender" event, the code executes as expected as the
form is fully rendered. Associating the action with any control event, such as "TextChanged" or "Clicked"
also succeeds as the form is fully rendered.
Test forms
Test your forms thoroughly.
• Use the "Restart at" functionality to minimize the number of jobs created.
• Test business rules and other integration items in isolation before integrating them into your form.
• When multiple actions are involved, deactivate or activate some actions to locate the issue and isolate
the problem.
In the absence of any release or development versions of a form, be aware that continuous releasing of a
form for test purposes increases the final version number within the solution.
Business rules
A business rule is a means of implementing complex business logic without the need for custom code. Its
main purpose is to determine a result, based on the input provided. For example, determine the interest
rate on a loan depending on the agreed terms and conditions. Business rules cannot contain manual
activities as business rules are intended for straight through processing and should not be used for
updating systems of record and other such activities. If you require this functionality, use a synchronous
process.
Follow the process design guidelines when designing a business rule, avoid unnecessary inputs and
outputs, and use subrules where necessary.
50
Kofax TotalAgility Best Practices Guide
Be aware that adding the tracing will require the rule to be released, thus increasing the version number of
the business rule.
Job Upgrader
Use the Job Upgrader tool if you need a change to a process design to take immediate effect across all
new and live jobs. For example, a legislation change requires a change in SLA.
Use the Job Upgrader only when necessary. Be careful when you use it, as it may result in some
unexpected behavior. For example, if a new variable is used within a new activity, any upgraded jobs may
only have the default value.
Apply the same rules to the upgrade as you would apply to any software upgrade. For example, back up
the database and do appropriate regression testing. For the regression testing, use a backup of the live
database and use the actual jobs that are to be upgraded as your test data.
Data management
Entities provide a lightweight mechanism to define and store data in TotalAgility, such as the details of a
company, a customer, addresses and more. They are suitable for non-technical users, or when you do not
have a database or database skills.
They do not provide the same level of scalability or security provided by an actual database model. It is
not possible to move the actual instance data between systems.
You can only perform a basic search, but cannot report on data.
This feature is not suited for processing complex data structures that require strong data integrity, such as
views across multiple tables, foreign keys and intensive searching.
51
Kofax TotalAgility Best Practices Guide
Distributed upgradability
When building a solution that will be distributed to many customers, design your solution considering
upgradability so that you are able to send upgraded version (example: 2, 3, 4) of your solution to multiple
customers.
You can update the Core package and send to customers based on your release cycle, as you are in
complete control of this.
The Custom package requires customers to decide whether they want these or not. Always take new
items as they are likely needed based on possible core changes. If items are modified, again it is
customer's decision whether they need the updated items. However certain rules must be obeyed. For
example, customization cannot change the contract (initialization data) between any core items and
custom items. This also relates to forms, such as Create New Job and Activity forms.
52
Chapter 7
Troubleshooting
This chapter describes a number of issues related to business process management, Capture,
Transformation Server and VRS, and also provides the ways to avoid or overcome those issues.
Forms
• If a form does not display as expected, use "preview" to troubleshoot, or deploy the form and test its
function in the deployed environment.
• If a form does not function as expected, for example, controls do not populate correctly or actions do
not perform as expected, we recommend that you disable all other actions that do not depend on the
action being debugged so as to isolate the behavior.
• If you wish to see data that is currently not on the screen, such as form variables, create a debug panel
and use the Same Page actions to populate controls with the required data. Once the troubleshooting is
complete, remove the panel.
Processes
• If requiring a synchronous process as part of a solution, first create the process as asynchronous to
ensure the behavior is correct. Once the synchronous process is created, do the following to debug the
process:
• Check the event log for additional error information.
• Turn the record history on to view the path taken through the job viewer and to see the final values of
the variables.
• If you need to break this down further, add decisions or branching rules (XOR) with end nodes at the
various breakpoints to view the variable values at that point.
• Once the problem is isolated, copy the node into a test process for further isolated testing.
• To debug an asynchronous process, do the following:
• Check the job notes for additional error information.
• Turn the record history on to view the path taken through the job viewer and to see the final values of
the variables.
• Add manual activities to simulate breakpoints, and to interrogate and set variable values.
53
Kofax TotalAgility Best Practices Guide
Business rules
Test the business rule within the TotalAgility Designer with sample input and output. If the issue still
persists, see the Synchronous section of Processes for further troubleshooting.
Performance
If the general performance of a process is not good, use the process history to view the duration to
determine if the execution is slow. Use the Time Pending (in secs) parameter within the database for Job
History to determine if polling leaves the activity pending for longer than expected.
If system tasks, such as job evaluation, retention policies, archiving, or monitoring are not executing as
expected, ensure that the execution interval is as expected and the core worker service is started.
General
If the automatic activities are not being performed, yet the core worker is running and there are no
errors being written to the logs, ensure that there are no looping activities taking precedence over other
scheduled activities.
Capture
If documents classify or extract differently in the Transformation Designer and at runtime in the
Transformation Server, it is most likely due to the actual images being classified or extracted being
different.
54
Kofax TotalAgility Best Practices Guide
If you load this document in the Transformation Designer, you can analyze the difference between this
document and your original document.
Transformation Server
To analyze the failure of Transformation Server to pick up activities, ensure the following:
• The Transformation Server is running.
• The account specified in the installation for the Transformation Server service has “run as a service” set
in Windows local policy.
• “EnableSynchronousCalls” is set to false in the Transformation Server configuration file if you expect it
to process non-push activities.
• The capture activities do not have an unmet precondition defined in the Process Designer.
• Sometimes the Transformation Server goes into an interval of polling when it does not find more tasks.
You can lower the length of that interval by configuring the "PollingTimeout" in the configuration file.
VRS
After importing a process or package containing the Scan/VRS profile, if you receive the following error
while trying to scan a new job, restart your IIS to ensure the imported Scan/VRS profile settings are
propagated to the client.
55
Chapter 8
PDF handling
In Kofax TotalAgility, you can import the PDF documents and process them through Capture workflows
such as Image Processing, Classification, Extraction, Document Review, Validation, and Verification.
However, to ensure the best experience and performance, we recommend the following best practices.
• When processing PDF documents, use the Image Processing activity to process the PDF documents
so that a TIFF representation is available for actions such as OCR lassoing. The Image Processing
activity only adds a TIFF representation to the PDF document; it does not remove the PDF document or
text layer information in the PDF document.
• When using the Image Processing activity to process the PDF documents, we recommend that you
disable any processing algorithms that can alter auto crop, auto rotate, deskew, and other settings
related to page dimensions.
Disabling processing algorithms is important if the PDF text layers are being used for extraction, or if
the image processing leads to dimensional differences with PDF documents used in the Transformation
Designer.
• Place the Image Processing activity in a process as early as possible, especially before any
Transformation and Validation activities. This is to ensure that Online Learning works properly, as
Online Learning needs to occur on the same image as Transformation and Validation.
Use PDF Generation to recreate the PDF document if PDF is needed in the business process.
56
Chapter 9
This chapter describes the best practices for a classification group and an extraction group design.
Create the extraction groups first, as the classification groups require at least one extraction group before
they can be saved or released.
Once the classification and extraction groups are created, you can partly edit them in the Transformation
Designer, and partly in the TotalAgility Designer.
Shared Projects
Creating a new project in the Transformation Designer creates a shared project. The same outcome
occurs when a Kofax Transformation Modules project is imported into the Transformation Designer
through the file system.
In a shared project, the document classification and data extraction can be defined in one Transformation
Designer project. This type of project does not have a separate classification group or a separate
extraction group.
Note Rearranging the project structure for a shared project, a classification group, or an extraction
group, must be done in the TotalAgility Designer.
For example, a classification Group (CG) includes two separate extraction groups.
1. EG_AB: For processing document types A and B
2. EG_C: For processing document type C
57
Kofax TotalAgility Best Practices Guide
This scenario enables three project designers to work simultaneously on the project. For example:
• Project designer1 works on the classification of the three different types of documents
• Project designer2 works on the extraction of document type A and B
• Project designer3 works on the extraction of document type C
However, a disadvantage of using groups is that when you alter the project structure in a classification
group in the TotalAgility Designer, any linked extraction group projects will also need their project structure
altered to match the classification group. Since you cannot edit them at the same time, you must first
edit the classification group, close it and then open the extraction group in the TotalAgility Designer. The
extraction group classes can then be added or deleted, or existing classes can be moved within the
project structure by using the class Parent property.
Additionally, if using multiple extraction groups, it may be necessary to duplicate WinWrap scripts across
different groups.
Regardless of whether you are using a shared project or a combination of classification group and
extraction groups, formatting, validation configuration, and validation form design needs to be configured
in the TotalAgility Designer.
Fields
The following sections describe best practices for fields.
Since the names of fields are also used as variable names in the Transformation Designer WinWrap
scripts, it is important that the names reflect their purpose.
If a project is passed on, a new designer may not understand the naming of the fields, and may have
difficulties in script or in mapping fields to formatting and validation rules in the TotalAgility Designer;
strong and descriptive names minimize this problem.
Once a project is saved or released, any new fields are added to the field groups of that class. For
example, for ClassA creating Field1 and Field2 and then saving or releasing the project will add Field1
and Field2 to FieldGroup1 in that class.
In the Transformation Designer, if Field1a is added and moved to a position so that the sequence is
Field1, Field1a and Field2, after saving or releasing the project, Field1a is added to FieldGroup2. The
next time the project is opened in the Transformation Designer, the sequence will be Field1, Field2 and
Field1a.
58
Kofax TotalAgility Best Practices Guide
The fields in the Transformation Designer are displayed in the sequence they appear in the field groups in
TotalAgility Designer. As you cannot move the fields between field groups in the TotalAgility Designer, you
must plan the fields and their sequence before creating them in TotalAgility.
If there are active documents of the updated type, use the option to create a new form when regenerating
the form. In this case, the new form is used for newly created documents of the updated document type,
and the previous form is used for the existing active documents in the system.
59
Chapter 10
This chapter describes best practices for formatting and validation implementation.
Formatting
You can create formatting rules by applying formatting methods to a field in the Transformation Designer,
but you can define formatting of a field in the TotalAgility Designer.
The formatting and validation methods are available in Transformation Designer because some locators,
such as Invoice Group use these methods for extraction purposes. However, it may be necessary to
use the date formatter in Transformation Designer for document types, such as invoices, because the
date formatter in the TotalAgility extraction group does not have the month's replacement dictionary
functionality. If you try to format a date, such as January, 13, 2016, the TotalAgility date formatter fails to
format it.
In some scenarios, it is also advantageous to use a formatting rule in the Transformation Designer to
clean up the extracted value, before it is passed on to the TotalAgility extraction group for formatting and
validation.
In the Transformation Designer, you can test the extraction of a document with or without formatting and
validation.
• Testing without formatting and validation is helpful if you want to work on and improve extraction results.
• Testing with formatting and validation is important for benchmarking. The golden files used for
benchmarking are typically formatted and validated. Use formatting and validation when benchmarking
those golden files.
Field formatters
The Field Formatters in TotalAgility Designer (Data>Field Formatters) include three standard formatting
methods: Date, Amount and Percentage, and one non-standard formatting method: Business Rule.
A Business Rule is a TotalAgility process that has a Start and an End node with one or more activities in
between. A Formatting Business Rule has a number of input and output variables that are required. These
variables are case-sensitive and must be defined in a particular order for the business rule to work.
60
Kofax TotalAgility Best Practices Guide
• ErrorMessage, string
• FormattedText, string
• FormattedValue, string
There are many types of activities available. You can use the Expression activity to format a field value
and configure several Set Variables, such as Uppercase, Lowercase, Trim, Left, Mid, Right,
Replace, in the expression.
Note The Project Designer must have some basic knowledge of Visual Studio C# to work on this activity.
You can edit the C# code in the Configuration tab of the C# activity in TotalAgility Designer. This code box
in the Configuration tab is small, and offers no syntax highlighting, IntelliSense and testing capabilities. We
recommend that you use the C# editor in Visual Studio to create, edit and test your code.
The C# activity coding window provides some basic skeleton code that helps you get started. This code
contains the ScriptParameter.sp parameter. The same parameter needs to be used in C#. To do
this, you must reference the Agility.Server.Scripting.dll library in C#. This dll file is typically available at the
following location:
• \\TotalAgility\CoreWorkerService\Agility.Server.Scripting.dll
Example: Social Security Number
The Social Security Number in the USA has the format ddd-dd-dddd, where d is a digit. You can use the
following C# code to format a field that extracts a Social Security Number:
using System;
using Agility.Server.Scripting.ScriptAssembly;
namespace KTAformatter
{
public class SocialSecurityNumber
{
[StartMethodAttribute()]
public static void Method1(ScriptParameters sp)
{
string fieldText = sp.InputVariables["FieldText"].ToString();
string formattedText = fieldText.Replace("-", "");
formattedText = formattedText.Replace(" ", "");
var num = 0;
var isNumeric = Int32.TryParse(formattedText, out num);
//check the length for 9 digits and the value to be numerical
if (formattedText.Length == 9 && isNumeric)
{
formattedText = formattedText.Substring(0, 3) + "-" +
formattedText.Substring(3, 2) + "-" + formattedText.Substring(5, 4);
sp.OutputVariables["[FormattedText]"] = formattedText;
sp.OutputVariables["[IsValid]"] = true;
}
else
{
sp.OutputVariables["[FormattedText]"] = formattedText;
sp.OutputVariables["[ErrorMessage]"] = "SSN Value is not a valid";
61
Kofax TotalAgility Best Practices Guide
sp.OutputVariables["[IsValid]"] = false;
}
}
}
}
Once the code is tested positive, copy the code and paste it to the code box in the Configuration tab of
the Extended Properties page of the C# activity. Validate the code and then test it, before saving and
releasing the Business Rule.
Validation
The TotalAgility Designer has the following standard types of validation methods at class level in an
Extraction Group: Date, Regular Expression and Standard. These methods can only be used for single
field validation rules
"Business Rule" is a non-standard validation method that can be used for single field validation rules, but
more commonly for multi-field validation rules.
A Business Rule is a Kofax TotalAgility process that has a Start and an End node with one or more
activities in between. A Validation Business Rule has a number of input and output variables that are
required. The input variables are the fields used in the multi-field validation rule. If you are only using a
single field, only one variable is required. There are two output variables that are case-sensitive and must
have the following sequence for the business rule to work.
• Input variables (Name, type)
• <FieldName_1>, string
• <FieldName_2>, string
• .
• .
• .
• <FieldName_n>, string
• Output variables
• IsValid, boolean
• ErrorMessage, string
Use the C# activity Configuration tab in the TotalAgility Designer, if the Business Rule is a simple and
manageable process and does not require too many activities. For example, use the C# activity if the
process can be viewed on one screen without having to scroll or zoom out as in the following scenario:
Amount1 + Amount = Total.
This can be managed with one decision node and two expression nodes.
Use the Visual Studio C# editor, if the process is complex and requires many activities. For example, use
the Visual Studio C# editor if the process requires scrolling and zooming out.
If the logic of an activity is very complex and difficult to understand, create a custom DLL and use the DLL
through the Kofax TotalAgility store in a .NET activity.
62
Kofax TotalAgility Best Practices Guide
The logic for validating the IBAN in a business process would involve many activities and would quickly
become cluttered.
The C# activities code box presents some basic skeleton code that helps to get started. This code has
the ScriptParameter sp parameter. The same parameter needs to be used in C#. To do this, reference the
Agility.Server.Scripting.dll library in C#. This dll is available at:
\\TotalAgility\CoreWorkerService
The following C# code is easy to read and maintain. It can be developed and tested in the Visual Studio
C# editor.
namespace StandardCaptureValidators
{
using System;
using Agility.Server.Scripting.ScriptAssembly;
public class Iban
{
.net activity</param>
[StartMethod]
public void ValidateIban(ScriptParameters scriptParameters)
{
var iban = scriptParameters.InputVariables["Iban"].ToString();
if (this.ValidateGermanIban(iban))
{
scriptParameters.OutputVariables["[IsValid]"] = true;
}
else
{
scriptParameters.OutputVariables["[ErrorMessage]"] = "IBAN is not
valid";
scriptParameters.OutputVariables["[IsValid]"] = false;
}
}
/// <summary>Validate German Bank Account Number</summary>
/// <param name="iban">The International Bank Account Number</param>
/// <returns>True, if it is a valid German Iban number</returns>
public bool ValidateGermanIban(string iban)
{
// D=13 & E=14 & 00 -> 131400
var numericalCountryCode = "131400";
var checkSum = iban.Substring(2, 2);
var calculatedCheckSum = Convert.ToString(98 -
this.CalculateIbanCheckNumber(iban, numericalCountryCode));
return checkSum.Equals(calculatedCheckSum);
}
/// <summary>Calculate the Internation Bank Account Number checksum</summary>
/// <param name="iban">The International Bank Account Number</param>
/// <param name="numericalCountryCode">The Country Code coming</param>
/// <returns>The check number</returns>
private int CalculateIbanCheckNumber(string iban, string numericalCountryCode)
{
var temp = iban.Substring(4) + numericalCountryCode;
var part1 = Convert.ToString((Convert.ToInt32(temp.Substring(0, 6)) % 97));
var part2 = Convert.ToString((Convert.ToInt32((part1 + temp.Substring(6,
6))) % 97));
var part3 = Convert.ToString((Convert.ToInt32((part2 + temp.Substring(12,
6))) % 97));
return Convert.ToInt32((part3 + temp.Substring(18))) % 97;
}
63
Kofax TotalAgility Best Practices Guide
}
}
A validation business rule accepts both table column and an entire table (table field) as input.
If the validation rules are intended for individual table columns and table field as a whole, include all
the logic within a single multi-field validation business rule. Do not apply single-field validation rules to
individual table columns, and a separate multi-field validation business rule where the same table is used
as an input.
If a table field is set to valid by a multi-field validation business rule, all rows in that table are marked as
valid. Similarly, if a table field is set to invalid by a multi-field validation business rule, all rows in that table
are marked as invalid. So even though a cell is marked invalid by a single-field validation rule on a table
column, it can be overridden by a multi-field validation business rule that sets the table to valid. To avoid
this condition, include all validation logic for a table inside a single multi-field validation business rule.
Do not follow this rule, if the multi-field validation business rule is not using a table field as input, or if a
single-field validation rule is not assigned to any of the table columns.
64
Chapter 11
It is important to understand the locking behavior for documents and folders when designing your capture
processes. Locks can occur at the document level or folder level.
A folder exclusive lock allows users to change any object within folder hierarchy including both folders and
documents. The lock state is propagated down to the hierarchy. So, if you locked a folder, you can change
any object within that folder.
A document exclusive lock grants the user update rights for the locked document. However, it does not
allow you to delete the document, split or move it to a different folder. To do this, you need to obtain lock
on folder that contains the document.
The Scan Create New Job (SCNJ) creates a folder and locks it when the form is loaded. Unattended and
attended Capture activities also require locks.
65
Kofax TotalAgility Best Practices Guide
Deleting objects
Deleting an object requires an exclusive lock of the folder directly above the object in the hierarchy.
In the following locking scenario, document "a" or "b" can be deleted but folder "C" cannot be deleted.
If you are executing multiple sub-processes in parallel that are working on sub-folders, consider the
locking behaviors when adding a Delete activity. A Delete activity attempts to get a lock on the parent of
the sub-folder that is being deleted.
• If the Delete activity is in a sub-process, you may put the Delete activity in a thread pool of size one.
This forces the deletes in a series, and avoids locking conflicts.
• Alternatively, you can put the Delete activity in a parent process and delete the parent folder after all the
sub-processes are complete.
Alternatively, if the document is locked and a different user attempt to perform capture activities on the
folder, the following error occurs:
Folder cannot be locked since its hierarchy contains already locked objects. If you
need technical assistance, reference action: ValidationControlLoadbatchAction.
Similar locking problems can happen if you use a looping node or any process design that acts on
documents directly.
66
Kofax TotalAgility Best Practices Guide
To avoid locking collisions, be sure your process design has logic to avoid conflicts. One strategy to
accomplish this is to use preconditions to force process execution to wait until potentially conflicting jobs
or activities are completed.
Alternatively, if you choose not to display the Save button for users, calling the Save action on the Web
Capture control will also unlock the folder. This should be done prior to allowing the user of the form to
interact with folder content outside the Web Capture control and prior to any subsequent capture activities.
67
Chapter 12
TotalAgility uses each browser’s built-in image scaling algorithms to perform image scaling when
displaying images in a non-native resolution in the image viewer. As such, the quality of the image
displayed to the user may differ from browser to browser. The effect of this scaling on image quality is
outside of TotalAgility’s control since TotalAgility relies specifically on each browser to perform this task.
It is known that Internet Explorer 9 and later do not downscale images very well, and result in poor image
quality when downscaling. The Chrome and Firefox browsers handle image downscaling much better.
If the image display quality is important to your work process, use Chrome or Firefox browsers instead of
Internet Explorer.
68
Chapter 13
Online learning
Every time the system task runs, it creates a new knowledge base file. This file is not large, but older files
are not quickly deleted because there could still be jobs that require them.
As extraction training documents are accumulated, they sit in the Dynamic Extraction Knowledge Base,
but are only accessed if other extraction methods fail. This means two things:
1. Documents in this knowledge base are not used until all other options fail. This may mean that the
extraction performance can suffer.
69
Kofax TotalAgility Best Practices Guide
2. As the Dynamic Extraction Knowledge Base increases in size, the performance of the project may
suffer.
To ensure that Dynamic Extraction Knowledge Base does not get too large, and that you move your
extraction training documents into your Transformation Designer Extraction Set on a regular basis, import
your Extraction new Samples, resolve conflicts, and train your project regularly.
As classification training documents are accumulated, they are used by the Dynamic Classifiers, similarly
to extraction, as the training documents increase in number, the performance of the Transformation Server
may suffer. It is recommended to import both the classification training documents and the extraction
training documents into the Transformation Designer and then train your project for both classification and
extraction at regular intervals.
Note You can use the Transformation Designer at any time to see now many documents have been
collected and copied into the New Samples document set.
Set or modify the intervals depending on the volume of documents that you process and the number of
training that are accumulated.
After one year, your project should be successfully processing documents without problems. The training
documents are only collected when a new vendor or form is encountered. Continue to monitor your project
and import the document and re-train your project every six months or so.
70
Chapter 14
2. PackageService – ExportPackageToFile(): This API exports the package to a file that must
be accessible from the TotalAgility server.
2. PackageService – ExportPackageToFile(): This API imports the package from a file that
must be accessible to the TotalAgility server.
71
Chapter 15
TotalAgility includes windows performance counters to measure key indicators of a number of critical
services. See "Performance counter usage" in Kofax TotalAgility Administration Guide for more
information.
You can use the Kofax Monitor to monitor these counters, and send alerts when the values are outside of
defined ranges.
To enable monitoring of the TotalAgility windows performance counters, perform the following steps.
1. Make sure the WMI Performance Adapter windows service is running on the target TotalAgility
machine.
2. Verify WMI connectivity from the Kofax Monitor server to the TotalAgility server. Use the "Microsoft
wbemtest" utility to verify remote WMI access. See the Microsoft site for more information on
wbemtest.
3. On the Kofax Monitor Server, add the following WMI class definitions to the wmiclasses.ini file
located at <km install path>\ ReveilleSoftware\Reveille\ under the existing
‘[wmiclasses,NameSpace=\root\cimv2,Name=Default]:’ namespace section:
wmiclass=
Win32_PerfFormattedData_KofaxSearchandMatchingServer_KofaxSearchandMatchingServer
wmiclass= Win32_PerfFormattedData_KTAChildExportProcesses_KTAChildExportProcesses
wmiclass=
Win32_PerfFormattedData_KTACoreWorkerLockedActivities_KTACoreWorkerLockedActivities
wmiclass=
Win32_PerfFormattedData_KTACoreWorkerSystemTasks_KTACoreWorkerSystemTasks
wmiclass= Win32_PerfFormattedData_KTACoreWorkerThreads_KTACoreWorkerThreads
wmiclass=
Win32_PerfFormattedData_KTACoreWorkerWorkerTasks_KTACoreWorkerWorkerTasks
4. In the Kofax Monitor Admin module, run the WMI wizard, and choose a WMI class, such as
Win32_PerfFormattedData_KofaxSearchandMatchingServer_KofaxSearchandMatchingServer.
72
Kofax TotalAgility Best Practices Guide
5. Create a WMI test for the desired property, and optionally save the results in a metric for Kofax
Monitor Dashboard display.
a. Enable the TotalAgility performance metric and set desired evaluation thresholds.
73
Kofax TotalAgility Best Practices Guide
b. Assign a schedule and enable notification to the new TotalAgility performance monitor.
74
Kofax TotalAgility Best Practices Guide
Note For a complete description of Kofax Monitor out-of-the-box support for TotalAgility, see the
Use the Kofax Monitor Wizards document included with the Kofax Monitor documentation.
75
Chapter 16
The configuration of TotalAgility linked servers defines a two-way link between two separate TotalAgility
installations for moving documents between the systems. See the Kofax TotalAgility documentation for
more information.
The Distributed Server feature of Kofax Monitor enables the Kofax Monitor Server to proactively operate
at multiple TotalAgility linked server locations, running the same or different sets of TotalAgility Monitors
at each location. Kofax Monitor Remote Servers run local TotalAgility Monitors, and then send monitoring
results over encrypted Web Services connections. Additionally, local alerts can optionally be sent to one or
more Kofax Monitor master servers.
You can view the status and reports of a Kofax Monitor Remote TotalAgility Monitor as if the Monitors are
located and running at the Kofax Monitor master server location.
To enable the Distributed Server feature of Kofax Monitor for TotalAgility linked servers, perform the
following steps.
1. Install Kofax Monitor at each TotalAgility linked server location.
Refer to the Kofax Monitor Installation Guide.
2. Create TotalAgility Monitors at each TotalAgility linked server location using the TotalAgility Wizard.
Refer to the “Using the Kofax TotalAgility Wizard” section in the Using the Kofax Monitor Wizards
Guide.
3. Create a Kofax monitor distributed server connection by configuring the Kofax Monitor distributed
server at the Kofax Monitor Admin Console. The Kofax Monitor distributed server connection uses
the web services with optional SSL encryption to communicate between distributed Kofax Monitor
servers.
a. At the Kofax Monitor remote server, start the Kofax Monitor Admin Console and select File >
Distributed Server Configuration.
76
Kofax TotalAgility Best Practices Guide
77
Kofax TotalAgility Best Practices Guide
c. Define the Kofax Monitor master server connection, and click Save.
d. Save the master server configuration.
The connection is disabled until explicitly enabled at the Kofax Monitor master server.
e. To enable the Kofax Monitor remote server connection, perform the following steps:
78
Kofax TotalAgility Best Practices Guide
1. Select Kofax Monitor User Console > Administration > Remote Servers.
2. Enable the connection.
3. Click Save.
f. To verify the connection from the Kofax Monitor remote server, on the Distributed Server
Configuration, click Test Connection.
79