@Addy Naik, your request caught my attention last week, and even if I don't usually interact with the HealthShare container images, I was curious on the "iris: instance 'IRIS' not found" error:
why would "IRIS" not be there in the first place?

Well, it actually makes sense, once you know that the default name for an HS installation isn't "IRIS, but something "HS*" related:

in the case of the "healthshare_unifiedcarerecord_insight_patientindex" image, the default name is "HSUCR""

As such, the "solution" to get your "docker compose" to complete requires to specify a custom instance name with the option --instance "HSUCR" 

But, the actual answer that you are looking for is probably a much more complex deployment scenario for HS UCR, and on that front I can only point you to the matching documentation:

"Preparing to Deploy a Unified Care Record Instance"

We seem to also have a quite complete example on GitHub:


Hopefully this points you in the correct direction

For completeness, there is an existing Community article detailing a good debugging approach:
"Debugging a crashing container"

Hi Elisha,

I happened to have worked on a somehow similar request recently, even if not with the use of the FTP adapter within a production, but with the %Net.FtpSession class directly.

The short answer is probably that we do have support for the "new" SSLUseSessionResumption property, starting with the IRIS 2022.1 release.
The matching documentation in the  %Net.FtpSession class:

property SSLUseSessionResumption

Using the 2022.1 release, and the %Net.FtpSession class, you could adapt your code to include an extra set on the matching property, like "set ftp.SSLUseSessionResumption = 1"

In order to use the same property within the FTP adapter, it gets a bit more complex:
the matching change will come into the product with the 2022.2+ releases.

I would suggest that you perform a quick test using the %Net.FtpSession class in a 2022.1 installation, just to confirm that the use of the SSLUseSessionResumption property will allow the code to connect to your specific SFTP server.

Once you have that confirmed, you will probably want to open a WRC Support request to see if the change could be made available into your current release.


To get a list of the built-in aliases, try ":?", this is from 2021.1 for example:

 :<number>    Recall command # <number>
 :?           Display help
 :alias       Create/display aliases
 :clear       Clear history buffer
 :history     Display command history
 :unalias     Remove aliases

Note how indeed we don't have :sql in the 2021.1 release, it came later..

Buongiorno Robert,

Indeed "iris session" doesn't exist (yet) in the Windows world, but it will probably come at some point in the future.

The "InterSystems IRIS Adoption Guide" happens to have been updated recently to clarify this point, suggesting the use of the terminal/console/run options instead.

Your example could look as follow:

iris terminal IRIS JOBEXAM %SYS


My understanding is that while you can easily retrieve environment variables visible to your process using the $system.Util.GetEnviron() interface, you simply do not have access to an equivalent $system.Util.SetEnviron(), as setting of environment variables can be quite tricky, risky and very OS specific.

If you do absolutely need to be able to change an environment variable for your running process, and you are dealing with one specific platform, you can probably create your own $ZF("SetEnviron",var,value) code, based on OS specific calls like the Linux system service setenviron()..

Again: the short answer would be that out of the box you will be able to read but not set environment variables.
If you really do have the need of setting them, you would need to look into building the necessary $ZF call-out interface based on your target OS.


With the assumption that running a full integrity check on the primary, Live instance is not really an option here, my approach would be something along these lines:

- backup of your primary instance using your preferred third party tool

- automate the restore of the backup into a separate environment

- run the integrity check in this second server

I see a couple of advantages in such a scenario:
you can verify that your backups are indeed valid and can be restored, quite a good felling in case of actual needs at some point in time.

As an integrity check is quite I/O intensive, you would move all those extra IOs away from your Live storage and only affect a separate set of disks.

Our documentation includes a section on how to script integrity checks:

"Checking Database Integrity Using the ^Integrity Utility"

Hi Joyce,

I just tested the documentation steps on my Mac just to confirm that they would work correctly with the current Docker release, and it seems IO got everything going through correctly.

The "permission denied"  error suggests some kind of permission issue, and looking at your "docker run" command I have a strong suspicion that the problem may be coming from the --volume /Users/docker:/external mapping, as anything under "Users" is handled quite strictly by MacOS (and correctly so I would add:-)

Try your test by using a different path for your storage volume.. This is an example of what I ended up running with for my current test run (I used a /Temp/durable/ directory to store my key and password file):
docker run --name iris \
> --detach \
> --publish 52773:52773 \
> --volume /Temp/durable/:/external \
> --env ICM_SENTINEL_DIR=/external \
> acme/iris:stable \
> --key /external/iris.key \
> --before "/usr/irissys/dev/Cloud/ICM/changePassword.sh /external/password.txt"

docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                      NAMES
b23d2d4c8b1d        acme/iris:stable    "/iris-main --key /e…"   9 minutes ago       Up 9 minutes>52773/tcp   iris

Let us know if the /Users/docker path was indeed the cause of your issue.

While possibly being a bit out of scope for your specific request here, as it seems you may be working on a standalone server, I wanted to point out a recent Community article on "VM Backups and Caché freeze/thaw scripts" containing some useful batch examples too:


The article also includes discussions on the use of OS authentication for the script etc

Hi Anzelem,

if your question is "how can I allocate more than 2GB of memory for my shared memory segment", Dmitry already answered that pointing out that this is an expected limitation of your 32bit environment, with a switch to 64bit being the required factor to go over 2GB..

On the other hand, if your question is "why I am only getting 1.GB instead of the full 2GB", the answer is that by using manual configuration values, starting from your current 1622MB total shared memory, you can try to increase them by small amounts, until you find the ones that finally report a "Failed to allocate", but I would expect that you will not be able to go much further than a max of 1.7GB total:

there are internal structures both at the Caché and Windows level that also need to fit in the 32bit addressable space, thus reducing the actual space for the shared memory segment.

Hopefully this covers your question.. and let us know if there may be further points worth reviewing together.

Is there any specific reason for not wanting to use the RoutineList() query from the %Library.Routine class?

query RoutineList(spec As %String(MAXLEN=512), dir As %Integer, type As %Integer, nsp As %String)

    This query provides a list of all routines that match the pattern specified by spec.

    spec may contain both * and ? as wildcards. It may also consist of more than one, comma-delimited selections. For example:
    dir specifies the direction to search in, 1 is forwards and -1 is backwards.
    type is 1 to include OBJ files in the search and the default, 0 will just include INT, MAC, INC, BAS.
    nsp is the namespace to list from. If omitted, the query returns the routines from the current namespace. nsp can be either an explicit or an implied namespace. 

Your request could then be implemented with a simple call like:

 s tRS=##class(%ResultSet).%New("%Routine:RoutineList")
 d tRS.Execute("ABC*.INT")
 f  q:'tRS.Next()  s routName=tRS.GetData(1) w "Found ",routName,!

I have to pass.. as my example, expanded with your calculated/private Active property (a simplified version of it), still works as I would expect it to:

Property Name As %String(POPSPEC = "Name()") [ Required ];

Property NickName As %String(POPSPEC = "Name()") [ Private ];

Property Active As %Integer [ Calculated, Private, SqlComputeCode = { Set {Active}=($R(100))}, SqlComputed ];
select Name,NickName,Active from Test.PrivateTest
Name    NickName    Active
Hills,Lawrence B.    Wilson,Barb G.    0
Frost,Brendan H.    Smith,Zoe T.    98
Cooper,Tara C.    Edwards,Mo G.    19
Hanson,Howard H.    Cerri,Buzz X.    74
Hammel,Elmo P.    Klausner,Peter G.    77
Quincy,Robert Q.    Townsend,Alice M.    52

It will probably be "too basic" for your needs, but I was curious to test this, and got it working with the following class example:

Class Test.PrivateTest Extends (%Persistent, %Populate)
Property Name As %String(POPSPEC = "Name()") [ Required ];
Property NickName As %String(POPSPEC = "Name()") [ Private ];

A "select * from Test.PrivateTest" would only return my "Name" data, while a "select Name,NickName from Test.PrivateTest" returns the private property values too.

Can you get such a basic example working for you too?

If you post your class definition, someone could have some better suggestions/ideas.

I know this is not the ready-to-use procedure that you were looking for, but as a starting point for anyone landing here looking for ideas, some starting modules that you can use would be:

- automated restore of a BCK backup file can be accomplished with the EXTALL^DBREST or EXTSELCT^DBREST entry points.

- integrity check of one or multiple databases are available through the SYS.Database class, with the methods IntegrityCheck() or SilentIntegrityCheck()

Good morning Wolf,

I tested the 2017.1.726 Caché kit from our "Developer Download" page and, indeed, it is reporting an error during its un-zipping phase.

Using a copy of the same installation kit taken from an internal repository I could go through a normal installation without problems, so it would seem that the issue is limited to the copy made available through the download page.

We have asked for the archive to be replaced, and hopefully a new copy will go online soon.

For completeness, I wanted to mention that the Windows x64 Ensemble 2017.1.726 kit did download and install correctly in my tests.

Edit: let me edit this.. I got an error on the Ensemble kit too, different place. We will ask for that kit too being reviewed.


Hello Manoj,

I think I can at least explain how you were able to implement the no-username-required login under the old Cache 5.0.x environment:
back in those days there was the option to create a special user account, named "Telnet", that would act as a telnet-logins-catch-all, removing the need of entering a username, and only requiring a password, password that would have been common among all Telnet users..

Starting with the Caché 5.1 release, that special "Telnet" user account did not exist anymore, with every single Telnet user requiring its own separate account, and the complete username and password login prompts.

As Katherine and John have indicated, you will need to be somehow creative and come up with your own login logic if you want to duplicate the old 5.0.x Telnet login experience.


Hello Sansa,

I feel that I will need more details in your actual needs before I can be of actual assistance:
could you maybe expand a bit more in what you are trying to accomplish?

Back in the Caché 5.0.x days, we already had a system class %System.Process that could be used to retrieve several pieces of information on the running processes, including the UserName associated to those processes.

Very basic example of its use to retrieve the UserName of my Telnet login into a 5.0.21 instance:

%SYS>s Job=##CLASS(%SYSTEM.Process).%OpenId($J)
%SYS>w Job.UserName

But as you seem to also want to retrieve the password associated to a UserName, I may have misunderstood your needs..

The actual login for Telnet sessions is performed within the ^%MLOGIN routine, if that may be of any interest.

Let me know if you may be looking for something completely different than what the %SYSTEM.Process class offers.

Hi Eduard,

To put all together:
the documentation Alexander pointed you to is quite complete and should allow the creation of quite powerful scripts.

I wanted to get you started with something that I created a while back for a similar request:

a Windows command that would A) start our Telnet client to B) connect to a specific server and C) execute a script where we can then enable logging and perform multiple actions as needed..

My script example is nothing else as logging into a default namespace (without username/password, so the typical minimal security setting where you would end up in the USER namespace), enable logging, execute a %SS displa for the list of running processes, pause a few seconds, and exit..

The command line would look as follow:

C:\Temp\>C:\InterSystems\E20162\Bin\CTerm.exe /CONSOLE=CN_IPTCP:[23] C:\Temp\testlog.scr

And the content of the testlog.scr script:

;Script to test logfiles

logfile: C:\temp\TestLog.log

wait for: USER>
send: d ALL^%SS<CR>
wait for: >

send: H 10<CR>

send: HALT<CR>


Hopefully this will work for you too and act a useful starting point for your actual needs.

Hi Jiri,

You may get more complete answers later during the day:

no, there is no automated / programmatic way that you can use to "jump back" from .INT code lines to their originating line of code within a MAC / CLS / CSP method.

I would imagine that in most circumstances you would know where the "zWriteReport+25^SomeFile.1" routine used in your example is actually coming from: was it from a compiled MAC routine, or from a CLS class etc, so that you would also know where to start with your debugging work.

If you would have no idea where to start from, I would expect that by looking at the stack trace associated with the error, you can then then review the associated calls and related classes.

Hi William,

I write this as a new answer, and not as a comment on the existing threads, as I think I could spot what your actual issue is, and hopefully also how to get your command working..

You indicated your Powershell command as follow:

sample 1:  ..\bin\cache -s. -u%%sys ##class(backup.General).externalfreeze() <c:\temp\login.scr

We can see that you took the syntax directly from the Backup.General class documentation, where the example is part of a batch file example, and as part of being a batch file, in Windows you will need to escape special characters like "%", typing them twice, so that the parameter -U%SYS becomes -U%%SYS when scripted.

The problem is that you are not scripting it as a batch file..

Look what happens when I use your syntax in my test environment:

PS C:\InterSystems\E20161\mgr> ../bin/cache -s. -U%%sys

Knoten: VM-WIN8, Instanz: E20161

Zugriff verweigert

That error translates to access denied, only in German..

Look now if I remove the double %% to the -U parameter:

PS C:\InterSystems\E20161\mgr> ../bin/cache -s. -U%sys

Knoten: VM-WIN8, Instanz: E20161


Success, I actually logged in %SYS!

And now I can even complete your original call to ExternalFreeze(), PowerShell-style:

PS C:\InterSystems\E20161\mgr> ../bin/cache -s. -U%SYS "##Class(Backup.General).ExternalFreeze()"
PS C:\InterSystems\E20161\mgr> ../bin/cache -s. -U%SYS "##Class(Backup.General).ExternalThaw()"

All of the above assumes that you have "Unauthenticated" allowed for your %Service_Console service, option that I understand you have?

I am not that great in PowerShell scripting at all, so my final examples are very, very basic, but the two following PowerShell do work for me and call ExternalFreeze() and ExternalThaw():


C:\InterSystems\E20161\bin\cache -sC:\InterSystems\E20161\mgr -U%SYS "##Class(Backup.General).ExternalFreeze()"


C:\InterSystems\E20161\bin\cache -sC:\InterSystems\E20161\mgr -U%SYS "##Class(Backup.General).ExternalThaw()"

Hopefully these examples will A) work for you too, and B) allow you to further continue your scripting work..

Keep us updated on your progress

While I don't know the answer, I simple wanted to add a rough Google translation, hoping that this may be of help in getting some suggestions:


Mounted on Aix7.1 root user to install cache2016.1.1.107, and create cacheusr users during the installation process; after the change umask cacheusr the operating system, modify the file compiled by the database (eg, js, csp, etc.) on the small plane permission to view unchanged (-rwxrw-r-- cacheusr cacheusr test.js).

Objective: readable and writable by other users database compiled files.