New post

#System Administration

14

System administration refers to the management of one or more hardware and software systems.

Documentation on InterSystems system administration.

We recently went through an Audit of our Security Policies and Procedures when it comes to IRIS. As a result of that Audit, we need to make adjustments to the way that Security is setup within IRIS. I have already done my changes on our TEST and DEVELOPMENT environments, but now I am trying to plan out how do we make these changes in Production.

These changes include moving away from the PWS, setting up Apache/Web Gateway, moving to LDAP instead of using Delegated Authentication, updating Web Applications, updating Resources, updating Services, etc...

1 4
0 83
Question
· Dec 14, 2023
LDAP Logging

I am trying to troubleshoot an issue with LDAP and a specific user. Besides what is in the Audit Database is there another way to look to see the LDAP functionality that is being called and the response, like there is with OAuth and the ISCLOG? The Audit Log is returning a failure (Unexpected - /api/atelier login failure | InterSystems Developer Community) for this particular user, and I want to get proof that it might be something with the LDAP and not IRIS.

Thanks

Scott

0 6
0 225

We recently moved from using the Private Web Server, to using an Apache/Web Gateway setup and moved towards using the built in LDAP functionality within IRIS. Since then, we have 1 user that uses VSCode (/api/atelier) heavily that continues to have issues signing into IRIS through VS Code and the /api/atelier extension.

I am trying to troubleshoot two issues..

0 7
0 684

This question originally appeared in the comments of the post: Making Prometheus Monitoring for InterSystems IRIS and Caché

I am new to IRIS, I was setting up the monitoring referring to the above documentation. Please can you help me how can I compile the my.metrics class mentioned in the documentation through CLI in the Linux VM where I am not having studio setup. Could you help me please?

0 1
0 88

We are successfully using System Default Settings to manage differences in settings across environments where the production and underlying code are otherwise identical. However, the TestingEnabled and LogGeneralTraceEvents settings don't appear to be settable via this mechanism. While we appear to be able to set them on the SDS page, they do not show up as selectable when resetting the settings on the Production Settings tab in the management portal - see screenshots below.

0 3
0 144

We are moving away from Delegated Authentication in which I stored a username and password for our LDAP in a GLOBAL to be called by ZAUTHENTICATE.

Is there a way to pull in that GLOBAL into the LDAP Configuration within the Managment Portal instead of having to manually enter it? There seems to be an issue with Copy/Paste that the password isn't being set correctly when I use Copy/Paste.

Else I just export/import the LDAP Configuration from 1 server to another and manually update the Certificate to point to the correct file.

Thanks

Scott

0 0
0 115

I need to develop a tool to help to get what data is being consumed by a certain process, in order to get all data used to build an automated test scenario.

For example, some user process will pull data from ^GLOBAL(1)="dataString", ^GLOBAL(2)="dataString2", ^GLOBAL1(1)="data1String", ^GLOBAL2(4)="data2String4". Amidst all other data on these Globals, I will ignore everything that was not used in the user process, and get the specific keys used on it.

1 12
0 378
Question
· Oct 20, 2023
Installation User

Will it hurt anything if I disable the user that installed IRIS, within IRIS? Does this cause a problem with background processes running or with the restart? I know the _Ensemble user is used to start/stop/restart objects within IRIS, just didn't see anything in the documentation about the user that installed IRIS.

Thanks

Scott

0 1
0 135

I recently started work on trying to Tighten Security in our Development Instance of IRIS that is running based on recommendations from our Audit as you might of seen from my other posts. I am currently trying to get into the Private Web Gateway Manager within IRIS as CSPSystem, but when I attempt to sign in nothing happens.

I went through and reset the password in the CSP.ini and within IRIS for CSPSystem. I made sure it had the new GatewayRole per suggested

0 2
0 216

I am trying to lock down security within our Development environment per requirements from a Security Audit that was done earlier this year. I need to try to limit access at a public level, access to cache users, and exposure.

I installed IRIS with the Lockdown method, and have configured my web applications, services, resources, etc.

When I go into my namespace, I am constantly presented with the following error when I try to start or stop an Object...

0 3
0 147
Question
· Aug 25, 2023
Reply Code Actions Question

Hi Everyone

I'm just wondering if anyone might have a list (or the experience to make a list) of the most often used / useful Reply Code Actions?

In the Help section of Health Connect Management Portal, it lists

'E=F' and ':?R=RF,:?E=S,:~=S,:?A=C,:*=S,:I?=W,:T?=C'

as the default options, though I'm curious if anyone else has found other codes or strings of codes useful?

Thanks in advance.

Best wishes

Robert

0 3
0 263

My original ZAUTHENTICATE.mac to use Delegated sign on did not include GetCredentials(), however I am being told it probably should have it so I am eliminate an error I am seeing when trying to troubleshoot the ZAUTHENTICATION. I am trying to add the GetCredentials() from the documentation to the existing ZAUTHENTICATE.mac but I am getting an error

0 7
0 251

I am trying to finish build for moving to IRIS HealthShare Health Connect 2022.1 from HealthShare Health Connect 2018.1.3. I am currently using Delegated Authentication using an AD group to match up to the Role in IRIS. The Role has access to everything but the HS Resources because we don't really use the HS Resources for anything. We are mainly using IRIS for the Interoperability Engine.

0 0
0 133
Question
· Apr 20, 2023
Uninstalling Ensemble

On a developer's laptop, having had two or three Ensemble installs with different settings/config changes made, and encountering unexplained errors compiling classes, wanting to scrub as much of the previous installs off the machine before doing any fresh installation... But can't find clear documentation on doing a complete uninstall!

Have stopped the server.

Am I safe to remove C:\InterSystems\Ensemble (for the instance installed into that folder)?

0 6
0 341

We're looking to create a quick and simple test to see if all firewalls are open on 1972 between a linux based web server VM and a VM running InterSystems IRIS. Does anyone have any ideas for a quick command that can be run from UNIX console that will provide confirmation that traffic is able to get to 1972 on an IRIS machine?

BTW - I don't think it makes any difference but the IRIS machine is running Windows

0 17
0 412

To prepare a migration to IRIS I use Docker images.
The (aged) application is built around Caché Terminal
And on Windows, IRIS uses the same ctelnetd.exe as Caché.

In my Docker installation, Telnet Settings are just grayed out in SMP.
and my Terminal can't 'connect.
Port mapping is OK and verified with TCP

Working from the console in Docker with the whole set of ESC and
screen formatting is not acceptable.
We tried WebTerminal but there is just no Partition behind as in Terminal.

2 4
0 210