#System Administration

12

System administration refers to the management of one or more hardware and software systems.

Documentation on InterSystems system administration.

Is it possible to audit code changes in a namespace?

Ideally what we'd like to be able to do is check which classes were compiled (or deleted) in a time period, eg in last 3 months, and which user made those changes. Even better would be an audit of what those changes were, but that's less important (for us, as we can probably find that information in other ways).

1 7
1 67

I have created a New Database/Namespace within our TEST environment on both the Primary and Backup of the mirror. When I go to create the database/namespace on the DR node I am getting "Cannot open file '/ensemble/TEST/iris.cpf_...." while the cpf file that it references does not exist. Anyone have any clue to why this might be happening?

0 3
0 48

I have two instances of IRIS, one is Production and another one is Staging (both managed by Docker) and I want to set up a full daily recover of the Staging server from a full backup of the Production server. I know how to do this manually using the DBREST utility, as well as how to make a copy of the database by making a full copy of the durable directory (however this option requires a full stop of the Production-database). What is the best way to automatically restore all databases from a full backup using scripting?

0 1
0 52

I have created a class file that I want to execute daily to gather Metrics (Message Header, Space Available, etc..) and write the data into a Cache table. Now that I have written the class I want to add it to the Task Scheduler within Ensemble to run every morning. How do I go about getting the class file created as a Task within the Task Scheduler? The Documentation isn't as clear cut for creating custom tasks as one would expect.

0 8
0 706

Hi,

I recently had a company-enforced OS upgrade, and ever since going from mac OS 14.x to 15.x, I am currently having issues with SSL in IRIS.

An ARM (M3 pro) machine running OS 15.2, with the latest Docker Desktop (at the time of writing, 4.37.0). The Docker container runs IRIS for UNIX (Ubuntu Server LTS for x86-64 Containers) 2022.1.2 (Build 574_0_22161U). This container has not changed.

1 3
0 200

Hello,

I was just trying to get to the bottom of a TLS config - we have an interface with a TLS config that has had 'Server certificate verification' set to 'On', however the cert file specified either did not exist or contained a cert that was expired.

Does anyone know what the behavior is for this typically? I would expect this to not allow traffic on the interface, however this has been working fine for a few years now with an invalid cert specified for 'Server certificate verification' and set to 'On'.

0 0
0 92

Hi,

In a customer project we started enforcing the "Inactivity Limit" as defined in System-Wide Security Parameters. The customer would expect accounts to become Disabled after they have been inactive for the specified amount of days. However, that doesn't happen; it seems the Inactivity Limit is only established after logging in.

Furthermore, the account inactivity only starts being applied after the first login. Can you confirm that?

Lastly, for accounts that have been manually Disabled, and have an expired password, we see the following weird behavior:

0 0
0 94

I am developing locally on my IRIS instance using VSCode and client-side editing approach. How can I automatically export a single .cls file/a whole package to a remote TEST/PREPROD server using a script or command line and recompile the unit remotely? Are there any more simple and straightforward ways than CI/CD explained in the series of articles by Eduard?

0 3
0 134
Question
· Sep 25, 2018
Wireshark with ensemble

Hi,

We see a lot of TCPIP connection error for few of the components not sure if it is a network glitch at the source/target or is it with us. And most of the times these errors are very transient and vanish on their own and the connection gets re established and the messages get processed. Here is the error we mostly see

ERROR <Ens>ErrTCPTerminatedReadTimeoutExpired: TCP Read timeout (30) expired waiting for terminator SegTerminatorAscii=13, on |TCP|50007|10620, data received =''

or

1 3
1 1.6K
Question
· Sep 25, 2024
LDAP Authentication Question

I am trying to track down a problem we saw this morning with our TEST environment. We had a momentary issue where InterSystems HealthShare Health Connect could not connect correctly to LDAP. When we tried to login and could not connect to LDAP, the system would Delete our users.

the Test LDAP function would return a "Can't contact LDAP server". I went through the Certificates, made sure they had the correct permissions and were not expired.

0 2
0 171

Currently we are exploring how we can allocate additional disk space to our current environment as we have seen a significant increase in growth of our Database files. Currently we have 3 namespaces, all with 1 IRIS.dat each that contains both the Global and Routines.

Since we have started down the route of everything within a single IRIS.dat file for each namespace, is it logical as we see growth to be able to split the current IRIS.dat for each namespace into a separate IRIS.dat for global and a IRIS.dat with for routines for each namespace in a Mirror environment?

1 4
0 216

I have a few routines in ^rINDEX that are missing in ^ROUTINE. At least some of those routines lack a timestamp, probably Date and Time Modified in ^rINDEX. It causes D %RO crash when such a routine is referenced by a routine range, since "" is an illegal $ZDTH value.

Healthy entry (note the timestamp): ^rINDEX("ABC,"INT") = $lb("2021-06-15 15:08:38.846885",) ;The second argument is sometimes present and sometimes not, likely the routine size.

Unhealthy entry (note an empty timestamp): ^rINDEX("DEF,"INT") = $lb("",21)

0 3
0 141

We are constantly running into issues where there are billions of Orphaned messages in our system that cause problems, and we have to manually run a cleanup to fix performance issues.

In the following article about orphaned messages... https://community.intersystems.com/post/ensemble-orphaned-messages it mentions either programmatically eliminating the Orphaned messages or using a Utility like Demo.Util.CleanupSet in ENSDEMO.

0 7
2 878

We recently moved from using the Private Web Server, to using an Apache/Web Gateway setup and moved towards using the built in LDAP functionality within IRIS. Since then, we have 1 user that uses VSCode (/api/atelier) heavily that continues to have issues signing into IRIS through VS Code and the /api/atelier extension.

I am trying to troubleshoot two issues..

0 8
0 1.5K

We're looking to create a quick and simple test to see if all firewalls are open on 1972 between a linux based web server VM and a VM running InterSystems IRIS. Does anyone have any ideas for a quick command that can be run from UNIX console that will provide confirmation that traffic is able to get to 1972 on an IRIS machine?

BTW - I don't think it makes any difference but the IRIS machine is running Windows

0 19
0 602

Has anyone noticed weird behavior when upgrading to HealthShare Health Connect 2024.1?

Wednesday I upgraded our TEST environment from IRIS for UNIX (Red Hat Enterprise Linux 8 for x86-64) 2022.1.4 (Build 812_0_22913U) [HealthConnect:3.5.0-1.m1] [HealthConnect:3.5.0-1.m1] to IRIS for UNIX (Red Hat Enterprise Linux 8 for x86-64) 2024.1 (Build 267_2U) [HealthConnect:3.5.0-1.m1].

Some of our Business Processes have been throwing...

1 2
0 216

Hello community,

I guess this one will be easy to answer, but trial and error took me too long meanwhile, so I thought it might better to ask the experts.

I would like to get rid of %all rights for routine use at our productive environment. The things, that we have to do in routine are:

- Open productions and start / stop components
- Read messages and message logs
- Search and resend messages
- Deploy new Applications
- Edit settings and default settings
- Read database tables

0 2
0 192

Let's say I have an InterSystems IRIS instance with 6 Namespaces:

  • Foo1
  • Foo2
  • Foo3
  • Foo4
  • Foo5
  • Bar

And the number of Foo# namespaces can increase at any time for a number of reasons. I need to ensure that they all have identical configuration globals stored in a DB called CONFIG, so I do the following in my configuration file:

[Map.%ALL]
Global_SYS=%DEFAULTDB
Global_SYS("CommonConfig")=CONFIG
Global_SYS("CommonOtherSettings")=CONFIG
Global_SourceControl=CONFIG

1 9
0 300

I am trying to setup a OAuth2.0 configuration to connect to a server within our Network using OAuth2.0. My previous attempt worked, however forgot to capture the steps before I had whipped the System so please bear with me.

I have an SSL/TLS Client configuration setup as we use the setup for our LDAP configuration.

When I go through the following steps within the Terminal, I am getting the following error...

0 7
0 389