All
Accepted answers
Vic Sun · Apr 2, 2021 go to post

If you look at a modern version of Caché or IRIS you'll find that ^%SYS.SECURITY is hidden. I would be curious how long ago you found out about the method you are suggesting, as it has been hidden since at least 2016.

Full disclosure, I work at InterSystems, but I try not to say anything on the community that goes beyond the bounds of what a non-InterSystems community member would be able to say. If you want the official InterSystems word, I would recommend you reach out to the WRC / your account rep, but I can almost guarantee they'll echo Steve's and my response.

Vic Sun · Apr 1, 2021 go to post

Whether you think internal calls are likely/unlikely to change, using undocumented and unsupported code is an unnecessary risk and not a best practice. If InterSystems finds you using these commands, you would be urged to replace them.

Vic Sun · Apr 1, 2021 go to post

I suspect Jeffrey is onto the right track here, but do note that as the documentation indicates, the optional auto-refresh feature and automatic logout behavior are separate settings.

Also, keep in mind that the automatic logout was added for security reasons. if you want to avoid logouts, another option would be to increase the session timeouts, but keep in mind how long you actually want users to stay logged in.

Vic Sun · Apr 1, 2021 go to post

As Sergey suggests, you shouldn't make this (or any) change to management portal pages shipped with InterSystems products. Please reach out to the WRC so they can investigate this behavior with you.

Vic Sun · Mar 17, 2021 go to post

In that case (and unless I'm missing something), it seems possible that you could export the updated production class alongside the new classes, and you could apply that deployment to an existing production. If you wanted to do a quick test you could use the portal's deployment features to see if this will work for your use case, and if it does then you can implement a programmatic version.

If this doesn't work, then I definitely think a more in-depth conversation with your ISC contacts would be warranted. 

Vic Sun · Mar 17, 2021 go to post

Sorry Phil, I didn't address that part of your question.

The standard Ensemble deployment can either export a full production or update an existing production's components. Since the production class contains the details of what components are in a production, I wasn't able to find a built-in way to create/import a partial production. In the normal use cases you export the production class if you need everything or otherwise just the components that you need to update.

You might be able to tweak the production class export to fit what you want, but you should test carefully. This is kind of a hack so probably not a process you would want to rely on. This wouldn't be easy to automate either.

Another possibility would be to perform the full export/deployment, and then you could programmatically remove the items that you don't want (Ens.Config.Production). If that is going to be a lot of items, this could be a pain.

What's the reason behind your inability to export the full production, size?

If this is a functionality you really need, if nobody else in the community has a suggestion, you could try reaching out to your ISC account team rep / WRC so they can look into whether there is a way to perform a partial deployment or if this feature could be added in the future.

Vic Sun · Mar 17, 2021 go to post

It's difficult to make a recommendation for how often these items should be synced. It is basically dependent on how often you make changes to these items, what types of changes you want to sync, how prepared you want to be for potential failovers, and what your recovery process during a failover would entail. If you make a change that the backup needs to take over and run your application, you should probably sync that change as soon as possible. Other changes may not be as critical.

Vic Sun · Mar 15, 2021 go to post

Hello Michael,

If you haven't seen it already, the IRIS Server Migration Guide contains a list of items outside of databases that you can export/import (such as web app definitions and tasks). You might find that useful as a starting point / reference.

You would need to custom-design a solution if you wanted to intermittently sync your other instances based on these exports.

Vic Sun · Feb 9, 2021 go to post

Hello Ravi,

This is probably a better question for the WRC. You've redacted some information (the domain name) that could be helpful in understanding this behavior, and I suppose you'd be comfortable sharing those specifics with them. I'd look into the details of your environment such as permissions, etc., and make sure you followed the installation documentation.

Running the Installer on Linux or macOS

https://docs.intersystems.com/irisforhealth20201/csp/docbook/Doc.View.cls?KEY=HXIHINST_install#HXIHINST_attended_linux_macos

Note that only Mac 10.13/10.14 are supported for that version of IRIS for Health, and for development only.

Supported Technologies

https://docs.intersystems.com/irisforhealth20201/csp/docbook/Doc.View.cls?KEY=ISP_technologies#ISP_platforms

Vic Sun · Feb 8, 2021 go to post

Mohana,

I'm confused about your mentioning Caché and IRIS for Health as those are separate products.

Depending on what your jobs are doing, they could certainly require a license. Why do you suspect a license issue, and why don't you have a license applied?

I'd check the various IRIS.logs, probably the audit and messages.log first. Without more details on what is going wrong, how it is going wrong, what you are trying to do, and information on your configuration, it's difficult to say what could be the cause.

Vic Sun · Jan 29, 2021 go to post

There is no 1 universal answer to explain 100% license usage, nor 1 solution to free up the licenses. Longhua Huang asked if a restart would "fix" the license problem, but that entirely depends on what is using the licenses. If you restart and the licenses get used again, you are no better off.

You need to look at what is taking up your licenses and understand what is going on in your application that could be triggering this. Were you running the instance without license issues before? If so, what changed? Maybe it is unusually high levels of activity or some particular action, but it would be unlikely for you and your commenters to be experiencing the same issue.

You can use the methods in this linked documentation to view your license usage. If you can't make progress in investigating, the WRC can work with you to look into your license usage.

Vic Sun · Jan 27, 2021 go to post

I'm not sure I understand your question, but I would strongly warn against using Task Manager to terminate Caché processes. This could cause all sorts of problems including hanging your instance. If you need to stop a process,  you should use methods within Caché. If that doesn't work because the process is stuck at the OS level, then the safest thing to do is restart the instance/server. Failing that, you should reach out to the WRC.

For stopping the instance, I would agree with Kurro that "force" can be used if a clean shutdown can't continue for whatever reason, though you probably want to understand why.

Vic Sun · Jan 18, 2021 go to post

Hi Joe,

That error doesn't indicate that it found the file, it just describes the path where it is looking for the file (per your configuration). If Ensemble can't access a file despite the file existing, this is likely an OS permissions issue. I would check to make sure the OS user Ensemble is using has permission to access the directories/file.

Outside of that, perhaps there would be other helpful evidence in the OS log, Ensemble ^SYSLOG, or the Ensemble event log.

Vic Sun · Jan 11, 2021 go to post

Hello Yatin,

That's a known RDP issue that has been fixed in modern versions of Caché. To get around it you can use ccontrol console:

Using Multiple Instances of Caché

"ccontrol [run | console | cterminal] instname    Runs Caché in programmer mode with either no device, the console, or the terminal for $Principal (Windows only)."

Vic Sun · Dec 10, 2020 go to post

Great, glad you were able to figure that out. The page I linked documents that the private key need to be in PEM format (your command seems to be taking that into account) and public key in OpenSSH format, which presumably you already had correct.

Key formats are definitely a common gotcha!

Vic Sun · Dec 10, 2020 go to post

Hello Vermon,

To be clear, SFTP "private key authentication" is really key pair authentication, meaning you need both a private and public key configured. If you just have 1 or the other configured, your service will attempt username authentication instead. The need for both keys is intrinsic to SFTP and is not Caché specific.

Settings for the FTP Inbound Adapter > SSL Config

"Once you indicate you are using SFTP, you can then configure the SFTPPublicKeyFile and SFTPPrivateKeyFile settings. If you supply values for both SFTP Public Key File and SFTP Private Key File, the adapter attempts key pair authentication. It does this in conjunction with the username and password supplied via the Credentials setting, using the password in the Credentials as the passphrase for the private key."

I'd suggest reviewing the following article for suggestions on how you can debug why the key pair authentication is failing:

https://community.intersystems.com/post/using-and-debugging-netsshsession-ssh-connections

Hope that helps!

Vic Sun · Dec 9, 2020 go to post

Hello Yuri,

I am sure your InterSystems sales team would be happy to have an environment configuration planning discussion with you.

Outside of that, take a look at the following documentation. I am also going to link a developer community article series that covers some topics and best practices for Caché that you can apply to IRIS as well.

Vertically Scaling InterSystems IRIS

Preparing to Install InterSystems IRIS

https://community.intersystems.com/post/intersystems-data-platforms-capacity-planning-and-performance-series-index

Vic Sun · Dec 3, 2020 go to post

Hello Rodolfo,

There is no supported method to update OpenSSL (thereby getting TLS 1.2 support) other than to upgrade your Caché version. Your current version of Caché is quite old so this would be a great opportunity to get onto something more modern.

Vic Sun · Nov 17, 2020 go to post

Just as a quick caveat, I want to reiterate Nicholai's note on that post that the private web server should not be used for a production system; the private web server is primarily intended for out-of-the-box management portal access. If you need a full featured and https-secured web server to run your application, you should install a full web server.

Vic Sun · Nov 9, 2020 go to post

Hello Eduardo,

I have some experience on this with Windows, but if you are on another OS the following won't apply. On Windows, the installer language is controlled by the "Language for non-Unicode programs" Windows setting.

Vic Sun · Nov 6, 2020 go to post

Hello Brian,

I'm not sure what your other code for this alerting looks like, but would the Ensemble Utility Function "Contains" be useful?

TEST>w ##class(Ens.Util.FunctionSet).Contains("FromVendornameSiteADT","Vendor"))
1

There are also utility functions to convert a string to all upper/lowercase, if you need that also.

Vic Sun · Nov 2, 2020 go to post

Hi Paul,

I'm not sure what exactly you are looking for but this online course might be helpful.

"RESTful FHIR & Messaging in Health Connect

See how the off-the-shelf components of Health Connect allow you to transform an HL7® C-CDA document into discrete FHIR resources, post those resources to a FHIR server, and then use a REST testing tool to search for individual pieces of clinical data. "

https://learning.intersystems.com/course/view.php?id=773

Vic Sun · Oct 29, 2020 go to post

For Caché, the restore should just be compatible. I just tested restoring a 2015 cbk to 2017 and confirmed that. For IRIS you'd need additional steps.

Supported Version Interoperability (docs for Caché 2017.2)

I'd look into confirming that the cbk isn't corrupt for whatever reason. Can you restore it on the original system? Perhaps you can review the checksum? Maybe you can try taking a new online backup or an external backup?

Outside of that, I'd second Robert's suggestion to reach out to the WRC (especially if the problem is urgent). Does the organization you are working with/for have a support contract?

Vic Sun · Oct 19, 2020 go to post

Hello Azezur,

Info on the CSPSystem user can be found in a few places in the docs, like here:

Predefined User Accounts

"Default account representing the Web Gateway when it connects to InterSystems IRIS via Instance Authentication for Normal and Locked-down instances. InterSystems recommends that you change the password for this account from its initial value prior to going into production."