I am trying to setup a OAuth2.0 configuration to connect to a server within our Network using OAuth2.0. My previous attempt worked, however forgot to capture the steps before I had whipped the System so please bear with me.
I have an SSL/TLS Client configuration setup as we use the setup for our LDAP configuration.
When I go through the following steps within the Terminal, I am getting the following error...
In the Business Operation, how do we get to know which source is currently sending primary request if there are multiple requests coming at the same time?
We have messages that are in a queued state for various reasons and when we do a manual shutdown of the instance, they are moved to a Suspended state. I thought I saw in the documentation somewhere a setting to make sure these messages stay in a queued state and not suspend them. Can someone confirm and point me in the correct location for that documentation, as I am trying to ensure that if we do have to manually shutdown a instance, someone doesn't have to remember to go back in and check for suspended messages and resubmit them?
I am trying to troubleshoot an issue with LDAP and a specific user. Besides what is in the Audit Database is there another way to look to see the LDAP functionality that is being called and the response, like there is with OAuth and the ISCLOG? The Audit Log is returning a failure (Unexpected - /api/atelier login failure | InterSystems Developer Community) for this particular user, and I want to get proof that it might be something with the LDAP and not IRIS.
We recently went through an Audit of our Security Policies and Procedures when it comes to IRIS. As a result of that Audit, we need to make adjustments to the way that Security is setup within IRIS. I have already done my changes on our TEST and DEVELOPMENT environments, but now I am trying to plan out how do we make these changes in Production.
These changes include moving away from the PWS, setting up Apache/Web Gateway, moving to LDAP instead of using Delegated Authentication, updating Web Applications, updating Resources, updating Services, etc...
We recently moved from using the Private Web Server, to using an Apache/Web Gateway setup and moved towards using the built in LDAP functionality within IRIS. Since then, we have 1 user that uses VSCode (/api/atelier) heavily that continues to have issues signing into IRIS through VS Code and the /api/atelier extension.
I am new to IRIS, I was setting up the monitoring referring to the above documentation. Please can you help me how can I compile the my.metrics class mentioned in the documentation through CLI in the Linux VM where I am not having studio setup. Could you help me please?
We are successfully using System Default Settings to manage differences in settings across environments where the production and underlying code are otherwise identical. However, the TestingEnabled and LogGeneralTraceEvents settings don't appear to be settable via this mechanism. While we appear to be able to set them on the SDS page, they do not show up as selectable when resetting the settings on the Production Settings tab in the management portal - see screenshots below.
We are moving away from Delegated Authentication in which I stored a username and password for our LDAP in a GLOBAL to be called by ZAUTHENTICATE.
Is there a way to pull in that GLOBAL into the LDAP Configuration within the Managment Portal instead of having to manually enter it? There seems to be an issue with Copy/Paste that the password isn't being set correctly when I use Copy/Paste.
Else I just export/import the LDAP Configuration from 1 server to another and manually update the Certificate to point to the correct file.
I need to develop a tool to help to get what data is being consumed by a certain process, in order to get all data used to build an automated test scenario.
For example, some user process will pull data from ^GLOBAL(1)="dataString", ^GLOBAL(2)="dataString2", ^GLOBAL1(1)="data1String", ^GLOBAL2(4)="data2String4". Amidst all other data on these Globals, I will ignore everything that was not used in the user process, and get the specific keys used on it.
Will it hurt anything if I disable the user that installed IRIS, within IRIS? Does this cause a problem with background processes running or with the restart? I know the _Ensemble user is used to start/stop/restart objects within IRIS, just didn't see anything in the documentation about the user that installed IRIS.
I recently started work on trying to Tighten Security in our Development Instance of IRIS that is running based on recommendations from our Audit as you might of seen from my other posts. I am currently trying to get into the Private Web Gateway Manager within IRIS as CSPSystem, but when I attempt to sign in nothing happens.
I went through and reset the password in the CSP.ini and within IRIS for CSPSystem. I made sure it had the new GatewayRole per suggested
I am trying to lock down security within our Development environment per requirements from a Security Audit that was done earlier this year. I need to try to limit access at a public level, access to cache users, and exposure.
I installed IRIS with the Lockdown method, and have configured my web applications, services, resources, etc.
When I go into my namespace, I am constantly presented with the following error when I try to start or stop an Object...
We currently have a couple of Shell scripts we have written to EnableConfigItem from a Unix (Red Hat) command line, so we can control when a Service/Operation is running via the cron in Unix. We do this by calling
:>iris session xxxxx
using _system user.
During our Security audit it was mentioned that we need to lock down some of the cache users.
Using the Windows Subsystem for Linux (WSL2), is it possible to install IRIS and run it from there? I am wanting to test IAM, but unable to run Docker Desktop on my VM, and do not have access to a Linux machine to install and test with.
I'm at a loss with configuring the IRIS ODBC driver (v02.10) on my Amazon Linux machine, connecting to a REMOTE IRIS backend. It should be simplified by not requiring a DSN (the app uses a DSN-less connection and generates the connection string). I have
My original ZAUTHENTICATE.mac to use Delegated sign on did not include GetCredentials(), however I am being told it probably should have it so I am eliminate an error I am seeing when trying to troubleshoot the ZAUTHENTICATION. I am trying to add the GetCredentials() from the documentation to the existing ZAUTHENTICATE.mac but I am getting an error
Currently we are using Delegated Authentication using ZAUTHENTICATE to look at the groups that are associated with a user and if it matches a role within IRIS, to assign the user to that role within IRIS.
We are currently using different iterations of Ens.Director.EnableConfig items to start/stop objects within the Interoperability Namespace. We are looking for ways to minimize our downtime as we move from AIX to a new section of our Network and Red Hat Servers.
On a developer's laptop, having had two or three Ensemble installs with different settings/config changes made, and encountering unexplained errors compiling classes, wanting to scrub as much of the previous installs off the machine before doing any fresh installation... But can't find clear documentation on doing a complete uninstall!
Have stopped the server.
Am I safe to remove C:\InterSystems\Ensemble (for the instance installed into that folder)?
I am trying to finish build for moving to IRIS HealthShare Health Connect 2022.1 from HealthShare Health Connect 2018.1.3. I am currently using Delegated Authentication using an AD group to match up to the Role in IRIS. The Role has access to everything but the HS Resources because we don't really use the HS Resources for anything. We are mainly using IRIS for the Interoperability Engine.
I followed the instructions to setup the Port Authority Report in our new IRIS instances, but noticed if I tell it to run every hour I am getting the following error message...
We're looking to create a quick and simple test to see if all firewalls are open on 1972 between a linux based web server VM and a VM running InterSystems IRIS. Does anyone have any ideas for a quick command that can be run from UNIX console that will provide confirmation that traffic is able to get to 1972 on an IRIS machine?
BTW - I don't think it makes any difference but the IRIS machine is running Windows
By update
.png)
.png)
.png)