#System Administration

12

System administration refers to the management of one or more hardware and software systems.

Documentation on InterSystems system administration.

I am trying to setup a OAuth2.0 configuration to connect to a server within our Network using OAuth2.0. My previous attempt worked, however forgot to capture the steps before I had whipped the System so please bear with me.

I have an SSL/TLS Client configuration setup as we use the setup for our LDAP configuration.

When I go through the following steps within the Terminal, I am getting the following error...

0 7
0 412
Discussion
· Nov 28, 2023
Monitoring Platforms

With System Alerting and Monitoring (SAM) being deprecated in the near future..

  • What is everyone's go-to for Monitoring IRIS?
  • What is readily available?
  • What is the cost surrounding it?

Just trying to get ideas floating around of what we might need to start looking at to satisfy IT leadership.

Thanks

Scott

1 10
0 496

[Background]

InterSystems IRIS family has a nice utility ^SystemPerformance (as known as ^pButtons in Caché and Ensemble) which outputs the database performance information into a readable HTML file. When you run ^SystemPerformance on IRIS for Windows, a HTML file is created where both our own performance log mgstat and Windows performance log are included.

Open Exchange app
12 2
3 756

InterSystems FAQ rubric

If the journal file is too large to be searched or filtered using the Management Portal, you can refer to it using the following two methods.

① How to use the ^JRNDUMP utility
② How to reference it in a program

================================================== ==========

5 0
1 430

InterSystems FAQ rubric

To remove InterSystems products installed on your Windows system, use Add or Remove Programs in Control Panel (in Windows 10, select Apps from Windows Settings).

Since we will be making changes to the system, you will need to log in as a user with administrator privileges.

1) Log in to the system as an administrator.

2) From the system tray, exit the launcher of the InterSystems product instance you want to uninstall (click launcher → exit).

4 0
0 423
Article
· Nov 9, 2016 5m read
How the Ensemble Scheduler Works

The Ensemble Scheduler is used for automatically turning on and off business hosts at certain dates and times. You could use it if, for example, you wanted to only run a business host from 9am to 5pm every day. Conversely, if you want do to trigger an event to occurr at a specific time, for example, a job running at 1am to batch up and send off all the previous day's transactions in one file, we recommend other methods such as the Task Manager.

8 5
3 3.9K
Question
· Dec 14, 2023
LDAP Logging

I am trying to troubleshoot an issue with LDAP and a specific user. Besides what is in the Audit Database is there another way to look to see the LDAP functionality that is being called and the response, like there is with OAuth and the ISCLOG? The Audit Log is returning a failure (Unexpected - /api/atelier login failure | InterSystems Developer Community) for this particular user, and I want to get proof that it might be something with the LDAP and not IRIS.

Thanks

Scott

0 6
0 468
InterSystems Official
· Nov 29, 2023
Introducing the Upgrade Impact Checklist

We are excited to announce a new part of InterSystems documentation that makes it easier to upgrade InterSystems IRIS® data platform, InterSystems IRIS® for Health™, or HealthShare® Health Connect. The Upgrade Impact Checklist at https://docs.intersystems.com/upgrade shows you all the things you need to consider – and only the things you need to consider – in an upgrade between any two versions.

18 8
3 670

InterSystems FAQ rubric

If the system does not stop for 24 hours, old journal files will be deleted at 0:30 according to the "Journal file deletion settings".

A possible cause of journal files remaining that are older than the "Journal file deletion settings" is that there are transactions that remain open.

In that case, you will be able to delete the journal file by searching for processes executing transactions and finalizing the transactions.

5 3
2 349

The ideal number of table permissions to assign for your users is zero. Permissions should be granted upon sign-in based on the application used for access. For web applications, we have a simple way of doing this by appointing application roles, matching roles, and required resources in the System Management Portal.

ODBC and JDBC connections present a different problem, however, especially when third-party applications are involved. As providers of an ERP system, our customers often wish to be able to employ various software packages to integrate with or report on their data. Many of these programs are capable of running any kind of query. Yet, letting them do that can be devastating to a customer’s data.

3 0
3 311

We recently went through an Audit of our Security Policies and Procedures when it comes to IRIS. As a result of that Audit, we need to make adjustments to the way that Security is setup within IRIS. I have already done my changes on our TEST and DEVELOPMENT environments, but now I am trying to plan out how do we make these changes in Production.

These changes include moving away from the PWS, setting up Apache/Web Gateway, moving to LDAP instead of using Delegated Authentication, updating Web Applications, updating Resources, updating Services, etc...

1 4
0 201
Article
· Jun 30, 2020 3m read
Replicating Audit Log Near Real Time
Many organisations implement centralised log management systems to separate and centralise the log data in order to e.g. automate threat detection (and response) and to comply with regulatory requirements. The primary systems of interest are the various user facing applications, but increasingly also other kinds of systems including integration platforms.
1 2
2 479

InterSystems FAQ rubric

There is no need to recompile the routines after the version upgrade, but since the version update overwrites %SYS, user-created INT and OBJ format routines (*.INT,*.OBJ) in %SYS will be deleted. Therefore, you need to be careful.

MAC, INT and OBJ routines with the following names are not deleted.

%Z*.INT, %z*.INT, Z*.INT,z*.INT
%Z*.OBJ, %z*.OBJ, Z*.OBJ,z*.OBJ

Please note that classes/CSPs need to be compiled after upgrading.

3 0
1 239

InterSystems FAQ rubric

To resolve the error <PROTECT>, remove the read-only attribute of the system-wide library database (IRISLIB for InterSystems IRIS, CACHELIB for Caché/Ensemble/HealthShare (Caché-based))

Once you have finished importing the routine, remember to change it back to read-only.

[Version 2013.1 and above]
[Management Portal] > [System Administration] > [Configuration] > [System Configuration] > [Local Database] Uncheck "Mount read-only" from the database name link.

4 3
0 502

I am often asked by customers, vendors or internal teams to explain CPU capacity planning for large production databases running on VMware vSphere.

In summary there are a few simple best practices to follow for sizing CPU for large production databases:

  • Plan for one vCPU per physical CPU core.
  • Consider NUMA and ideally size VMs to keep CPU and memory local to a NUMA node.
  • Right-size virtual machines. Add vCPUs only when needed.

Generally this leads to a couple of common questions:

5 7
0 6.6K

This question originally appeared in the comments of the post: Making Prometheus Monitoring for InterSystems IRIS and Caché

I am new to IRIS, I was setting up the monitoring referring to the above documentation. Please can you help me how can I compile the my.metrics class mentioned in the documentation through CLI in the Linux VM where I am not having studio setup. Could you help me please?

0 1
0 148
Article
· Jun 1, 2023 1m read
How to shrink the IRISTemp database

InterSystems FAQ rubric

You can set the maximum size of the IRISTemp database at IRIS startup by setting a configuration parameter called MaxIRISTempSizeAtStart.

After setting, the system will truncate IRISTemp to the set value (MB) at the next IRIS startup. If the current size is less than the specified MaxIRISTempSizeAtStart, no truncation will occur. Also, if 0 is specified, truncation will not be performed, so the size will start without changing. (Default) Settings are made from the menu below.

7 1
0 691

We are successfully using System Default Settings to manage differences in settings across environments where the production and underlying code are otherwise identical. However, the TestingEnabled and LogGeneralTraceEvents settings don't appear to be settable via this mechanism. While we appear to be able to set them on the SDS page, they do not show up as selectable when resetting the settings on the Production Settings tab in the management portal - see screenshots below.

0 3
0 291

We are moving away from Delegated Authentication in which I stored a username and password for our LDAP in a GLOBAL to be called by ZAUTHENTICATE.

Is there a way to pull in that GLOBAL into the LDAP Configuration within the Managment Portal instead of having to manually enter it? There seems to be an issue with Copy/Paste that the password isn't being set correctly when I use Copy/Paste.

Else I just export/import the LDAP Configuration from 1 server to another and manually update the Certificate to point to the correct file.

Thanks

Scott

0 0
0 159

Here in %SYS, we have already examined users, resources, and roles. Now that we know how to set all of that up, we should give it a purpose. Next we will talk about applications! As you may expect, we will see various identical class methods defined here that we have seen in the previous classes. However, some of them will have some tiny yet significant differences.

6 1
3 457