Upgrading from 20.2
Before you upgrade to iMIS 20.2, be sure you thoroughly review the System requirements, New Features, and the following upgrade changes that have occurred since 20.2. These changes could impact your upgrade and includes changes to existing functionality, the database schema, and infrastructure.
iMIS 2017 (20.2.64)
Warning! It is important that you are on the latest Service Pack to ensure protection from known security vulnerabilities. See the iMIS 2017 Service Pack page for more details. Download the latest Service Pack from the ASI Support Portal.
The iMIS application must be installed using an internal network address
Due to security considerations, iMIS prefers application and client components be installed on the same internal network. Customers will have difficulty remotely accessing an iMIS client (Desktop or Advanced Accounting Console) from an external network; by default the iMIS Application and Client must be connected to the same internal (192.168.x.x, 172.16.x.x through 172.31.x.x, or 10.x.x.x) network. However, this range can be extended by adding the IntranetIps line below to the web.config file in the SystemParams configuration area as follows, where 203.0.113.0/24 is an example IP address block representing the address range of the network segment where your iMIS Desktop workstations or terminal server are installed:
<iMIS> <SystemParams> <add key="IntranetIps" value="::1,127.0.0.1,10.0.0.0/8,192.168.0.0/16,172.16.0.0/12,203.0.113.0/24" /> </SystemParams> </iMIS>
Otherwise, customers attempting to remotely connect to an iMIS client on a network that is external to the network on which the iMIS application server is located will be unsuccessful.
Warning! If your organization stores credit card data via iMIS, PCI DSS v3.2.1 requirement 1.3.6 specifies that your iMIS SQL server be in an internal network zone, segregated from your DMZ and other untrusted networks. Even if you do not store credit cards, this is a best practice for protecting the privacy of your organization and constituents' personally identifiable information (PII) data. If your iMIS application server or iMIS Desktop/AAC workstations or terminal servers have difficulty accessing your SQL server, be sure to allow those SQL DB IP addresses access to the SQL servers ports 1433 and 1434 in your firewall configuration.
Password reset token configuration removed from Web.config
The configuration setting for the password reset token (<add key="Authentication.PasswordResetTokenExpireMinutes" value="20" />), which allowed users to define the number of minutes the reset password token is valid, will no longer be defined through the web.config file. Any changes to this setting in the web.config file will be ignored.
The web.config setting has been replaced with an Account management setting, Authentication.PasswordResetTokenExpireMinutes, which is accessible from the Staff site (Settings > Contacts > Account management). For more information, see PasswordResetTokenExpireMinutes.
Session timeout settings modified for PCI compliance
The following changes have been made to the Session timeout settings in accordance with Payment Card Industry Data Security Standard (PCI DSS) regulations:
- The Enable session timeout system for system administrators (located at Settings > Contacts > Authentication > Session timeout) is now enabled by default to prevent misuse of idle user sessions. After the session timeout minutes are set, system administrators will receive a two minute warning that their session is about to time out. For more on this setting, see Session Timeout.
- A pop-up message notifying users that their session is about to time out has been added. This pop-up works in conjunction with existing Session timeout settings. When a user's session is about to time out, they will be prompted to Sign Out or Stay Signed In.
-
Additionally, two Session timeout account notification messages have been added to the Account management section of the Staff site. The SessionTimeoutWarningMessage displays two minutes before a user's session times out, and the SessionTimeoutMessageSystemText lets the user know that the session has timed out. Both notification messages are customizable.
PCI-compliance security measures must be enabled for SysAdmins
PCI compliance requires that the following features be enabled and active for SysAdmins by the completion of installation or upgrade:
- Password Expiration -- SysAdmin passwords must expire within at least 90 days or less.
- Password Reuse -- SysAdmin cannot reuse any of their last four passwords or more.
- Session Timeout -- The SysAdmin session must timeout after 15 minutes of inactivity or less.
PCI-compliance requirements allow these features to be made more restrictive, for example, you could set passwords to expire every 60 days, but these requirements cannot be turned off.
Note: If your organization does not process credit card transactions, the PCI requirements do not apply. Contact ASI Technical Support for assistance with disabling these features.
If you want to enhance your security further, these features can also be applied to non-administrators. In the Staff site, go to Settings > Contacts > Authentication. However, these values can be set as desired. There is no requirement for minimum values for non-administrators. For non-administrators, these features can be enabled or disabled as desired.
Connecting to the Advanced Accounting Console using HTTPS
For PCI compliance, https is enabled by default. After upgrading, you must make sure you update the Server URL in your Advanced Accounting Console. If you do not update the Server URL, you will not be able to use the Advanced Accounting Console. You must have a valid SSL certificate to use the Advanced Accounting Console when https is enabled.
Default servers are required to have an SSL binding
For PCI Compliance and overall security purposes, default websites are required to have an SSL binding. For more information about setting an SSL binding, see Setting up an iMIS site at the root of an IIS website.
Password lockout when requesting an authentication token from the REST API
When requesting an authentication token from the REST API, the system will correctly lock the associated account after five incorrect password attempts.
Password-related methods have been modified
The following methods have been modified:
- The method SetUserPasswordWithLogin no longer sends a communication to users when their password has been changed by staff.
- Communications sent using the methods SetUserPassword and SetUserPassword2 no longer contain the new password.
Changes to the EncryptString and DecryptString method calls
The EncryptString(string source) and DecryptString(string source) method calls (found in Asi.Security.Utility.Encryptor) are now using AES 256 (Advanced Encryption Standard) instead of triple DES (Data Encryption Standard). An overload was added for both: EncryptString(string source, bool useAES) and DecryptString(string source, bool useAES). If you are using these method calls in any custom code and you want to continue using the old DES encryption, you must call EncryptString(source, false) and DecryptString(source, false).
Key-encrypting key
iMIS keys use encryption for securing sensitive cardholder information. The encryption keys used to store this data are also encrypted using a string stored in a key-encrypting key file. The key-encrypting key file is created during upgrade, as is the random starting position within the key-encrypting key file.
Warning! It is recommended that you do not modify or remove the key-encrypting key file. It is possible to irreparably damage the ability to retrieve encrypted information, which will prevent you from being able to log in to iMIS. If you inadvertently change or delete the key-encrypting key, contact ASI Technical Support immediately.
Third-party gateway Xtenders
Warning! Any third-party payment gateway Xtenders that need to encrypt or decrypt passwords will not work after the introduction of the key-encrypting key. If you are using ActiveX extensions for Crypto, ASI recommends you do not upgrade your system at this time.
Security enhancement for password reset functionality
In order to provide enhanced security, the length of time for which password reset tokens are valid has been shortened. The email, which is sent to a customer in response to a request to reset their password, will be valid for 20 minutes from the time it is sent. If the customer does not create a new password within this time period, they will be required to submit a new request.
To adjust the expiration duration, go to Account management in the Staff site and configure the Authentication.PasswordResetTokenExpireMinutes setting.
Enhanced password security to meet PCI compliance
iMIS now provides enhanced password hashing to secure all user login passwords. This enhanced password security complies with PCI 3.2 guidelines.
Your users might be unable to sign in with a valid password in the following situations:
- If you have already strengthened the hashing algorithm to one not supported by this upgrade, and your users have already reset their passwords in response.
- If your users have passwords that do not meet current password requirements.
If your users are unable to sign in due to the enhanced password hashing, you must let your users know they will have to reset their passwords.
The ability to remove historical encryption data has migrated to iMIS Scheduler page
The ability to remove historical encryption data has been migrated from the DB Maintenance utility. iMIS SysAdmin users with Terminal access can log in to the iMIS Scheduler page and select to remove historical encryption data.
Update content item connections on existing donation pages
For existing donation pages, you must ensure you manually connect the Submit Order Button Link content item as an Object Consumer to the Payment Creator content item before you can begin receiving donations after upgrading. This action can be performed before you are upgraded, or after you have already upgraded.
Self-hosted customers can use the Content Browser utility to identify all affected content records.
Note: This change is to ensure that all clients remain in compliance with PCI 3.2 guidelines.
Include Contact ID in Join URL
Existing Join page links need to be updated to include the contact ID in the URL. This allows company administrators to join contacts without using On Behalf Of.
SQL Server 2012 requires Microsoft Report Viewer 2012 Runtime for subreport display
Upgraded systems using SQL Server 2012 require an installation of the Microsoft Report Viewer 2012 Runtime to properly display SSRS subreports. Failure to install this application will result in subreports not loading, accompanied by an error message. SeeMicrosoft Report Viewer 2012 Runtimefor more information.
.NET version update not compatible with older versions of iMIS
Installing .NET 4.6.2 is required for iMIS 2017 (20.2.64) and is supported for previous versions of iMIS beginning with iMIS Q4 2015 (version 20.2.26), but is not compatible with versions prior to iMIS Q4 2015. If you have multiple versions of iMIS installed on the same server and those versions are different, only those versions beginning with iMIS Q4 2015 can be installed on the same server as iMIS 2017. Versions of iMIS prior to iMIS Q4 2015 must be installed on a separate server without .NET 4.6.2 installed.
Discontinued support of Internet Explorer 8-10
Earlier this year, Microsoft announced the end of support for Internet Explorer versions 8, 9, or 10. Microsoft will no longer provide critical security updates for these unsupported versions, which may introduce vulnerabilities to your data. Therefore, effective in the next release, iMIS no longer supports Internet Explorer versions 8, 9, and 10. Be sure to review the system requirements for supported browsers.
For more information, see System Requirements.
Discontinued support of Windows 8.0 operating system
Microsoft no longer supports the Windows 8.0 operating system. This means that users will not receive automatic fixes, or critical updates, which leaves systems running on this version open to security breaches. As a result, effective in the next release, iMIS will not support Windows 8.0. Please review the System Requirements for supported operating systems.
New business object: CsContactBasic
A new business object, CsContactBasic, has been added. This business object is for basic contact information, and is more efficient than CsContact.
Use the following business objects when querying:
- CsContactBasic – for basic contact information from the Name table
- CsContact – for financial or group membership information
- NetContact – if you need a GUID contact key
Many sample queries have been updated to use the new CsContactBasic business object.
New configuration option for the Invoice Payment Link content item
The Invoice Payment Link content item has a new configuration option, Enable join button for non-members and inactive members. This option enables a Join Now button on a contact's profile page. Staff users and company administrators can use this button to join as a member on behalf of the contact.
This new option is not enabled by default; however, this option is automatically enabled when the Invoice Payment Link content item is added to a content record.
Removal of ContentWorkflow.exe
The ContentWorkflow.exe has been removed and replaced with the Content and Navigation Workflow scheduled task in iMIS Process Automation. After upgrading, ensure that this task has been enabled and correctly configured in order to receive expiration notices of content and navigation that will be removed.
Removal of TributeNotificationContactID
The TributeNotificationContactID field has been removed from the GiftReport table, and removed from the related business objects (GiftHistory and GiftsReceived). The data from this column can be referenced from Trans_Notify.NOTIFY_ID.
Trans_Notify is a multi-instance table which more accurately reflects multiple notify contacts if the a tribute was entered through the iMIS Desktop or the Advanced Accounting Console. If any custom IQA queries or reports relied on the TributeNotificationContactID column, they must be updated to use either:
- CsTransNotify.Notify Id if showing all notify contacts per tribute is desired.
- FirstNotifyContactPerGift.Notify Id if showing just one notify contact per tribute is desired.
The FirstNotifyContactPerGift business object works for tributes made through the web where only one notify contact is allowed. This business object also keeps the donation from appearing multiple times within a query even if it has multiple notify contacts. To find queries that may need updating, we recommend running the Query Browser utility and clicking the Find All button in the section Scan for Bad Queries.
Removal of Content Html C# script blocks
On upgrade, C# script blocks will be removed from out-of-the-box Content Html content items. Any copied Content Html content items will no longer support C# script blocks, including any custom code that was added to any content. Once these content items are saved and published the C# script block will be removed.
JavaScript script blocks will continue to be supported. If JavaScript cannot be used instead of C#, the C# code needs to be ported to a first class content type and a new content item needs to be created.
Contact Account Creator simplified
The Confirm email and Confirm username fields have been removed from the Contact Account Creator content item.
Unsupported website themes
The following master pages and associated themes are no longer supported, and will eventually be removed:
- Forest: Aspen, Aspen Mobile, Aspen2, Birch
- Planets: Mars, Mercury, Venus
- Mountains: Everest
Each of these themes is marked as Deprecated in the Starter Database. If you are currently using one of these out-of-the-box themes, we recommend using a different theme, or creating and applying a copy of the theme. See Using out-of-the-box-themes for more information.
Crystal reports deprecated from the Staff site
Crystal Reports 9 runtime will no longer be installed, and 32-bit Crystal reports have also been deprecated from the Staff site. Crystal Report functionality for the Desktop and Advanced Accounting Console has not changed and will remain the same. User-created Crystal reports will not be deleted from the Staff site, but iMIS will not recognize the report as an accepted file format to be displayed. If you are using any of these reports, it is recommended that you recreate the report using IQA.
All iMIS Crystal reports have been removed from the Staff site, along with the following Continuum navigation items:
- Campaign reports
- Segmentation reports
- RFM reports
- Process Manager reports
Desktop source codes
Previously, source codes were created using general lookup/validation tables. In this release of iMIS, source codes are no longer created using general lookup tables, and are instead created through iMIS Marketing Campaigns. See Setting up campaigns for more information related to source codes.
Removal of Email a Friend
The Email a Friend functionality is deprecated. If you have links pointing to the Email a Friend page, you will see a message. The Social Share content item is the suggested replacement.
EntityManager class removed from API
EntityManager class was removed from the API including the FindSingle method. As a replacement, you should use Find(QueryData query) and FindByIdentity(IdentityData identity).
Consolidated SOA data contracts
Breaking changes have been made to the SOA data contract libraries. All SOA contracts are now consolidated to one Asi.Contracts.dll library. Namespaces and class names remain unchanged. Projects referencing data contract libraries will require updating
Remotely accessing the REST API
As a security enhancement, users must now be granted permission to remotely access the REST API. To grant access, add the RemoteService security role to approved users.
Changes to internal API for IQA
Some breaking changes to internal ASI API signatures have been made, including the internal API for IQA. This does not affect the supported SOA consumers.
Process any unposted import batches
Changes have been made to the way that import batch data is stored. Previously, import batch data was saved to the file system. Now the import batch data will be saved to the iMIS database in the ImportBatch table.
Before upgrading, be sure to completely process and post all previously uploaded import files including:
- Donations
- Campaign source codes
- Friendraising activities
- Standing Order payment files
Any previously processed import batch data will not be imported into the ImportBatch table.
The following SOA data contracts have been removed:
- Asi.Soa.Communications.DataContracts
- ImportSourceCodeBatchsummaryData
- ImportSourceCodeBatchData
- ImportSourceCodeBatchRequest
- Asi.Soa.Core.Datacontracts Namespace
- ImportLogData
- ImportLogDataCollection
For more information, see the iMIS SDK Developer Guide.
Multi-factor authentication preventing login with MembershipWebService API
If multi-factor authentication is enabled, system administrators will not be able to log in using the MembershipWebService API. System administrators must either log in as a non-system administrator user, or disable the multi-factor authentication in the Staff site.
Google Maps API key now required
A change to Google's API requires that users have a Google Maps API key in order to utilize Google Maps on their websites. To obtain a Google Maps API key, see the Google Maps API documentation. To enter this key in iMIS, go to Settings > RiSE > Quick setup, and enter the key in the Google Maps API key field.
Note: Depending on your usage, you may need to begin paying for this service. See Google's API Usage Limits for more information.
The DB Maintenance Tool and Panel Editor
When using the DB Maintenance Tool to add a multi-instance data source for use by the panel editor, the DB Maintenance Tool will no longer create the trigger asiUDMBO_<table name>_Insert
. For tables created prior to this release, you should manually delete the same trigger if you intend to use the table as a multi-instance panel editor data source.
DemoDB renamed to StarterDB
Formally known as DemoDB, the StarterDB is an existing database that is preconfigured with sample data, such as out-of-the-box Quick Start Sites. When installing iMIS, select StarterDB from the Use an existing database drop-down.
Accessing the WSDL metadata definition
In order for the WSDL definition to be properly accessed by third-party vendors, the out-of-the-box web.config file for the Scheduler site must be modified:
- Open the C:\AsiPlatform\Asi.Scheduler_[your instance]\web.config file.
- Change the line:
<serviceMetadata httpGetEnabled="true" httpGetUrl="" />
to the following:
<serviceMetadata httpGetEnabled="true" httpGetUrl="" httpsGetEnabled="true" httpsGetUrl="" />
Default publishing server must be enabled for process automation tasks to run
The Default publishing server must be enabled.
First, configure the Redis caching service to be accessible by any secondary servers:
- Locate the Redis folder on the Default server at C:\Program Files (x86)\Redis.
- Edit the redis.windows-service.conf configuration file. Change the line:
- Do the following to prevent unauthorized access through Redis:
- By default, Redis uses port 6379. Limit access to this port to specifically trusted IP addresses only. At a minimum, this includes the addresses of any secondary iMIS servers.
- To secure the host service’s port, configure Internet Protocol Security (IPSec) to prevent unauthorized access. For complete walkthroughs of Internet Protocol Security (IPSec) on Windows, see Microsoft’s IPSec guidance.
- To verify that the Redis Internet Protocol Security (IPSec) is working as expected, download the Redis Desktop Manager to a machine that should not have access. Attempt to connect to the Redis server. You should be unable to connect to the Redis server.
bind 127.0.0.1
to the following:
bind 0.0.0.0
Note: This will expose the Redis service publicly.
If the Default publishing server is disabled, your scheduled tasks will not run. If the Default publishing server is changed, then you must restart both the new and the former Default publishing servers.
For multi-server installs, you must use the same Default publishing server for all servers. Modify the web.config file for secondary servers to point to the primary server's URL:
- Locate the web.config files in the root of the website:
- C:\Program Files (x86)\ASI\iMIS\Net\web.config
- C:\AsiPlatform\Asi.Scheduler_[your instance]\web.config
Note: If you are not self-hosted, you must contact your host for assistance modifying web.config files.
- Modify the following in the web.config file:
- Modify the
<setting key="EntityManagerDefaultBaseUri" value="https://[www.yourdomainname.com]/asi.scheduler_[instance]" />
line to point to the primary server's URL. - Modify the
<setting key="localhost" value="[server_name]" />
line to include a value for the primary server’s machine name.
- Modify the
Publishing Server Code must be unique on all servers
In multi-server installs, the Publishing Server Code must be unique on all servers. The upgrade process will ensure there is only one publishing server marked Default:
- If you do not already have an existing publishing server, the upgrade process will create a publishing server that is then set as Default.
- If you have a single existing publishing server, the upgrade process will set that publishing server as the Default.
- If you have more than one existing publishing server sharing a database, the upgrade process will set one of the publishing servers as the Default per database.
After upgrade, you can verify the existence of a single default publishing server by going to RiSE > Maintenance > Publishing servers. The Default column will indicate which publishing server is the default.
Setting different time zones for instances on the same server
System Administrators can set the time zone of an iMIS database instance independent of other databases on the same server. If multiple instances are hosted on the same server, they do not have to use the time zone of the database server.
Upon upgrade, the new time zone setting is set to the pre-upgrade time zone of the database server. If hosting multiple databases on one server, you might decide to modify the time zone on a database instance. Before you change this setting, go to Setting the system Time zone to review items to be aware of.
Connect to a database when launching the Content Browser and Query Browser
The ContentBrowser.exe and QueryBrowser.exe now require database information before launching, such as the SQL Server Instance, Database User, Database Name, and User Password.
Existing iMIS instances created using the Multi-Instance Utility cannot be upgraded
The current iMIS Installer is not aware of existing iMIS instances created using the Multi-Instance Utility available in previous versions of iMIS, as those instances were not created using an installer. The Multi-Instance Utility functionality is now part of the iMIS Installer. iMIS instances created using the Multi-Instance Utility cannot be upgraded using the iMIS Installer. However, the instance can be recreated using the iMIS Installer.
Removal of Communities content from the search index
If you modified your C:\AsiPlatform\Asi.Scheduler_[your instance]\web.config file to prevent Communities from being indexed for search, that file is overwritten upon upgrade and your modified code is removed.
There is a new system setting to address disabling publishers, which will respect the disabled Communities publishing. The Communities checkbox in the Indexing preferences settings page will be deselected, and Communities will not be indexed for search.
Process automation
Users that have not purchased the Process automation - Plus license have been provided a limited ability to modify out-of-the-box alerts and tasks that includes adding and editing triggers, data sources, and actions. For more information, see Process automation FAQ.
Scoring
Users that have not purchased the Scoring - Plus license have been provided limited Scoring abilities.is now a licensed feature in iMIS:
- Scoring - Standard allows users to use and make basic changes to any starter formula included with iMIS, enable or disable specific score formulas, redefine starter-score formulas, display a contact's engagement score on your website, create Process Automation alerts (if licensed for Process Automation), and use scoring data in your own dashboard queries.
- Scoring - Plus gives users full control over scoring, allowing users to define an unlimited number of scores and reconfigure existing scores.
For more information, contact your AiSP or ASI Technical Support.
Changes to iATS and SecurePay payment gateway configuration
When configuring the iATS or SecurePay payment gateway, you must specify the Host URL. If no Host URL is specified:
- The ASI-hosted tokenization engine will default to the North American URL for iATS.
- SecurePay uses the Merchant ID and Password to determine whether a live or test URL should be used.
AutoPay service address moved and renamed
The AutoPay service address has been moved from Commerce to Finance under general Settings. It is now called DataVault service address.
Recurring membership queries have been updated
The following IQA queries have been updated to remove the column Frequency:
- $/Membership/DefaultSystem/Queries/AutoPay/Automatic payment enrollments
- $/Membership/DefaultSystem/Queries/AutoPay/Members enrolled in automatic payments
- $/Samples/Dashboards/AutoPay/Membership/Auto-pay membership details
- $/Samples/Dashboards/AutoPay/Membership/Cancelled membership enrollments
AR Statement report has been updated
The AR Statement report has been renamed as Account Statement. The updated report features an optional ID parameter, and a new header alignment.
Fundraising SSRS reports have been updated to remove legacy Appeal
Desktop Fundraising SSRS reports that made reference to an Appeal have been renamed to label the data as Source Code. This change is consistent with the Staff site Marketing module.
Certain user-created event queries and reports require a new filter
With the addition of event templates, the CsEvent business object was modified. This modification prevents event templates from appearing in system query results. However, if you are using a custom query or report that does not use a CsEvent business object but is still returning event templates (for example, custom SQL data sources for an SSRS report, custom business objects, or custom IQAs), you will need to modify the data source so that event templates do not appear in the results.
If the report or business object contains the Meet_Master table, then apply the following filter:
Meet_Master.Template_State_Code=0
Otherwise, you need to join tables to Meet_Master and apply the filter.
Contact security queries have been updated to return unique results
The AllUsersAccessQuery has been modified. By default, this query ($/Samples/Security/UserAccess/Contacts available to all users) is now configured so that the Only display unique results option is enabled. This ensures that duplicate contact rows are not returned, as this can cause the query to fail and search indexing to be interrupted, resulting in new contacts not being searchable through the keyword search.
Interaction Log type of Print
Currently, every issued receipt that was sent has an Interaction Log type of Email. After this release, the Interaction Log type will now include either Print or Email. Issued receipts that were printed previous to this release will continue to have the Interaction Log type of Email.
Recurring donation invoice queries have a hidden InvoiceRefNum column
The following queries used by the Batch Invoice Payment Processing content item have been updated to include a hidden code_InvoiceRefNum column:
- Find recurring donation invoices
- Find recurring donation invoices ALL
- Find recurring donation invoices TODAY
If you have created custom queries that are used by the Batch Invoice Payment Processing content item, you must update those queries to include the code_InvoiceRefNum column. Use the following values:
- Property - Reference Num
- Alias - code_InvoiceRefNum
If your queries are not updated, you will receive an error.
Scoring queries use new business object
Scoring queries now use the new business object, NetContactBasic. This business object is now the preferred method to get the Contact Key. It prevents duplicate records from being created for combo records.
Navigation items moved
The following Commerce settings navigation items have been moved to Finance:
- Automatic payment gateways
- AutoPay Status
- Payment method sets
Q4 2015 (20.2.26) Upgrade Changes
The following changes in iMIS Q4 2015 (20.2.26) could impact your upgrade and includes changes to existing functionality, the database schema, and infrastructure. Also, be sure to review the Q4 2015 enhancements, including the enhancements in the Interim updates.
Gift Aid claims query for new HMRC address requirement
As of April 6, 2015, HMRC now requires either a valid UK postcode or a record must be marked as a non-UK address. To support this new regulation, a new query is available in iMIS at $/Fundraising/DefaultSystem/Queries/GiftAid.
Advanced email configuration
The Advanced email feature will automatically be disabled after upgrading and must be reactivated. After the upgrade is complete, navigate in the Staff site to Settings > Advanced email and select the Reactivate button for live databases only.
Staff users must also enable Email Notifications because it is disabled by default. Do the following to enable Email Notifications:
- From the Staff site, go to Settings > Advanced email.
- At the bottom of this page, deselect the Disable notifications option.
- Click Save.
Increased Panel Editor string length
The maximum character limit for single and multi-line text fields depends on when the original panel table was created. Older tables will have a limit of 400 characters, while any newly created tables will have a limit of 4,000 characters.
Removal of Content Html C# script blocks
On upgrade, C# script blocks will be removed from out-of-the-box Content Html content items. Any copied Content Html content items will no longer support C# script blocks, including any custom code that was added to any content. Once these content items are saved and published the C# script block will be removed.
JavaScript script blocks will continue to be supported. If JavaScript cannot be used instead of C#, the C# code needs to be ported to a first class content type and a new content item needs to be created.
Using variables in messages in the Invoice Payment Link content item
iMIS users have the ability to add variables to the message that is displayed in the Invoice Payment Link content item when an AutoPay payment instruction exists. However, to use a variable in this message, the variable must be enclosed within square brackets. For example, if you enter the following text:
Your membership is due for renewal and will be automatically paid using [0].
the following message will be displayed:
Your membership is due for renewal and will be automatically paid using [Payment Method Description].
Locked operations in the MembershipWebService API
The following operations in the MembershipWebService API are locked so that they can only be called by a logged-in user with a SysAdmin role:
- GetUser
- RequestPasswordReset
- ResetPassword
- UnlockUser
Any user calling the MembershipWebService through a third-party tool should be logged in first, and the logged-in user must have a SysAdmin role.
Donation gift premiums
Products can be defined as gift premiums directly from the Staff site. If you already have premiums configured in the Advanced Accounting Console or Desktop, you can continue to define your premiums there, or you can establish premiums using the Staff site.
Note that the setup process for premiums that are to be displayed on RiSE-based sites are different from the setup process that has been used in the past. The key difference is where and how you define products to be used as premiums. RiSE-based sites do not recognize premiums associated with Appeals in the Advanced Accounting Console or Desktop, and premium configuration done in the Staff site is not recognized in the Advanced Accounting Console or Desktop.
Deprecation of iMIS Web View and Public View
The iMIS Web View and Public View has been removed:
- Public View installs are removed.
- Navigation for customer RiSE websites that point to Web View content pages are marked as Inactive.
- The BlueWave theme is upgraded to the Everest theme.
- Several navigation items in the iMIS Desktop that are directed to Public View are deleted.
- Impersonation is no longer supported.
Please review the Upgrading the iMIS Web View site for more information.
Resynchronizing payment gateways with the tokenization engine following upgrade
You must resynchronize your payment gateways with your tokenization engine when you upgrade from release 20.2.1.235 to the current release of iMIS. During the upgrade process, a new table is created (GatewayAccountLink). This table stores the payment gateway information used by both iMIS and the tokenization engine. If you do not resynchronize your payment gateways after upgrade, the payment gateways information will not be synchronized between iMIS and the tokenization engine, resulting in inaccurate payment options being displayed, that is, all AutoPay payment methods are disabled. Also, users can experience scrolling issues in the UI when making recurring donations. For more information, see Configuring the Staff site for recurring transactions (AutoPay).
Process Automation based on SQL server time
iMIS Process Automation has been updated to use the SQL server time when processing scheduled tasks so that everything is based on SQL server time.
Previously, scheduled tasks were run based on the iMIS application server time as opposed to the SQL server time. If your SQL time is different than your application server time, then the scheduled times must be adjusted to compensate for the differences. Time zone information is provided when scheduling a time for your tasks.
Assign document access to groups based on the Name property in a query
The security query $/Common/Queries/SecurityAdministration/GroupAdministration (used to assign access settings to documents including navigation, content, and so forth) has been modified. Previously, the query was used to determine group Types for which access could be assigned. Now, a new filter is added to the query that enables Staff users to determine groups by Name to which they can assign document access.
Change to CsOrders, CsOrderLines, CsRegistrations, CsRegFunctions, and CsInventory business objects
The quantities for the business objects CsOrders, CsOrderLines, CsRegistrations, CsRegFunctions, and CsInventory have been modified to only display whole numbers. If your organization is using partial quantities with these business objects in IQA queries or reports, the quantities will now be displayed as rounded numbers. Partial quantities are still supported in Desktop and Advanced Accounting Console orders.
To display partial quantities with decimals, create a new business object based on the object that was changed. For each quantity property, change the Data Type to Decimal.
Tagged list format templates and Social Share icons
The following Tagged list format templates supplied by ASI have been modified to include a placeholder for the Social Share icons:
- BlockTaggedList
- Mobile
- Short
- Simple
- SimpleWithHtml
These templates will be replaced during the upgrade process. Any customizations you have made to these standard templates will be overwritten. You should consider backing up these templates if you have customizations you wish to reinstate after the upgrade completes.
iMISLOG system user
iMIS now has a total of five system users: GUEST, MANAGER, ADMINISTRATOR, SYSTEM and IMISLOG. The additional system user named IMISLOG is used to process any Advanced email interactions, but could be used in the future for any other logging activities.
Staff site redesign
The Staff site has been redesigned to have a modern look and feel. The primary navigation has moved to the left, and paths have changed or been renamed. The new Orion theme and master page is responsive and mobile friendly.
All custom website themes have been moved to the Advanced section of the Look and feel tab.
System shortcuts
- Instead of modifying the sitemap to have access to the Advanced Accounting Console from the web, users can simply modify the new shortcut, AdvancedAccountingConsole, to point to the content record containing the Advanced Accounting Console content item.
- Previously, the only account page for organizations was accessed through the shortcut OrganizationAccount. System Administrators, Staff users, and Company Administrators all had editing access to the same information on this content record.
If you previously modified the sitemap, you will need to modify the new shortcut to point to your desired content record.
The new OrganizationFullAccountshortcut is used to display a separate view of an organization's account page for Staff users and System Administrators. The shortcut for Company Administrators remains OrganizationAccount, and is used for displaying the account page of an organization which the user can edit.