|
|
(77 intermediate revisions by 13 users not shown) |
Line 1: |
Line 1: |
| = INSTALLING NEOSYS SERVICE =
| | [[Checklists]] |
|
| |
|
| == Main installation: ==
| | [[Technical / Hardware requirements]] |
|
| |
|
| === Downloading and running installation files ===
| | [[Preliminary Check-list and other Misc items]] |
|
| |
|
| # http://www.neosys.com/support/accounts.exe Install to X:\Neosys
| | [[Configure Firewall]] |
| # http://www.neosys.com/support/adagency.exe Install to X:\Neosys
| |
|
| |
|
| === Creating shortcuts ===
| | [[Setting up and using remote support]] |
|
| |
|
| Make desktop shortcut ‘Maintenance’ from X:\Neosys\Neosys\Adagency.bat
| | [[Installing NEOSYS Service]] |
|
| |
|
| === Activating NEOSYS using authorization number ===
| | [[Configuring Antivirus for NEOSYS]] |
|
| |
|
| Start NEOSYS Maintenance and it will give a “Computer Number” and ask for an “Authorisation No”
| | [[Configuring NEOSYS on Windows 10]] |
|
| |
|
| Send the computer number to NEOSYS admin to get the authorization no.
| | [[Installing & Configuring Apache]] |
|
| |
|
| If you cannot get the authorization number immediately then you can close NEOSYS and when you reopen NEOSYS it will still give the same computer number and accept the same authorization number.
| | [[Setting up Host Name]] |
|
| |
|
| === Installing initial Database ===
| | [[Benchmarking NEOSYS]] |
|
| |
|
| First time entering maintenance you will enter a command box (like NEOSYS F5)
| | [[Handling backup in Virtual Server]] |
|
| |
|
| Type FILEMAN and then restore. You will need a BACKUP.ZIP file in C:\ containing the initial database.
| | [[Backup and Restore#Configuring NEOSYS automated backup|Configuring NEOSYS automated backup]] |
|
| |
|
| === Creating a .CMD file to start NEOSYS Service: ===
| | [[Installing EMS Magic]] |
|
| |
|
| In x:\neosys create a file startmain.cmd
| | [[Establishing Emergency Support Procedures]] |
|
| |
|
| x:
| | [[Setting up for non-latin characters]] |
| cd \neosys\neosys
| |
| Start neosys.js /system ADAGENCY /database <b>databasecode</b> /user NETSERVICE /pass NETSERVICE
| |
|
| |
|
| (where <i>databasecode</i> is the code of the database)
| | [[Configuring and Administering Multi-site Installations]] |
|
| |
|
| In x:\neosys create a file starttest.cmd
| | [[Installing on Windows 7]] |
|
| |
|
| x:
| | [[Restricting usage of NEOSYS to licence period]] |
| cd \neosys\neosys
| |
| Start neosys.js /system ADAGENCY /database <b>testdatabasecode</b> /user NETSERVICE /pass NETSERVICE
| |
|
| |
|
| (where <b>testdatabasecode</b> is the code of the testdatabase)
| | [[Configuring NEOSYS for various language character sets]] |
|
| |
|
| === Differences for Pure Accounts Module Only Installations ===
| | [[Configuring NEOSYS to display local time]] |
|
| |
|
|
| | [http://itwiki.neosys.com/index.php/Setting_up_monitoring_in_Nagios#Adding_a_new_NEOSYS_installation_.28new_client.29 Setting up Monitoring from Nagios] |
|
| |
|
| Accounts module only has a slightly different startup command. In the above, replace '''/system adagency''' with '''/system accounts''' to startup a service and use '''accounts.bat''' instead of '''adagency.bat''' to start up maintenance. Other than that, accounts module setup is identical. Pure accounts clients are very few and tend not to upgrade often so care needs to be taken when upgrading. Upgrade is perhaps surprisingly done using the adagency.exe file.
| | [[Implementing NEOSYS]] |
|
| |
|
| === Creating a .CMD file to copy maindata to testdata ===
| |
|
| |
|
| In x:\neosys create a file copymain2test.cmd
| | Obsolete: |
|
| |
|
| Xcopy x:\neosys\data\<i>maindatabasecode</i> x:\neosys\data\<i>testdatabasecode</i> /s /y
| | [[Configuring IIS]] |
|
| |
|
| === Setting up daily scheduled tasks ===
| | [[Setting up HTTPS]] |
|
| |
|
| Maindata – 3 processes starting 6:00 am, 6:01 am, 6:02 am
| | [[Installing IE7 & IE8 Download Blocker]] ** required for Windows Server 2003 |
| | |
| Testdata – 1 process at 6:04 am
| |
| | |
| Copy Maindata to Testdata – 1 process at 2:45 am
| |
| | |
| For multiple sites on the same computer put the second site starting five minutes later at 6:05, third site starting five minutes earlier at 5:55, the third site starting five minutes later at 6:10 and so on.
| |
| | |
| == Measuring the speed of NEOSYS ==
| |
| | |
| | |
| | |
| In NEOSYS maintenance press F5:
| |
| | |
| | |
| | |
| Filespeed Measures the speed at to create and delete a file with 1000x1Kb records - lower time is better
| |
| | |
| | |
| | |
| Procspeed Measures the processor speed – higher speed is better
| |
| | |
| | |
| | |
| Memspeed Measures the memory speed – higher speed is better
| |
| | |
| | |
| | |
| SSL / HTTPS:
| |
| | |
| Get SELFSSL – iis60rkt.exe from Microsoft
| |
| | |
| (deselect all options – except SSL) – Install
| |
| | |
| Start > Programs > IIS Resources > Self SSL
| |
| | |
| Type command – use standard one, but put V:9995 instead of V:7
| |
| | |
| In case the secure port 443 has to change, you need to change it here
| |
| | |
| ((need sample command))
| |
| | |
| ((explanation on how to handle multiple sites))
| |
| | |
| = CLOSING NEOSYS SERVICES =
| |
| | |
| Two automatic ways:
| |
| | |
| *NEOSYS services will automatically initiate a database integrity check, “backup” and close down at 2am by default.
| |
| | |
| To change the time of the automatic process do F5 ED DEFINITIONS
| |
| | |
| line 3 is the minimum time to start the backup and shutdown (default 7500 ie 02:00)
| |
| line 4 is the maximum time to start the backup and shutdown (default 7800 ie 02:05)
| |
| | |
| both times must be in seconds past midnight
| |
| | |
| press F5 and type PRINT ICONV(’02:00’,’MTH’) to calculate this easily
| |
| | |
| | |
| | |
| *NEOSYS will automatically close down during the upgrade procedure.
| |
| | |
| | |
| | |
| Three manual ways:
| |
| | |
| | |
| | |
| Warning: NEOSYS services do not shutdown automatically on server shutdown so you need to use one of these methods before shutting down or rebooting a server.
| |
| | |
| | |
| | |
| *To close individual services, press Esc three times on a service and then ctrl+C once or twice. Repeat for each service that you want to close.
| |
| | |
| This can only be done if you can actually see the services on the screen but the services will not be visible if they were started by scheduled tasks while administrator was not logged in to the server … unless you login as /console with remote desktop.
| |
| | |
| | |
| | |
| *To close all services for one site/neosys installation, use the NEOSYS Support Menu – Stop/Restart NEOSYS
| |
| | |
| Currently this has no option to stop the services for any other neosys sites/installations on the same server
| |
| | |
| | |
| | |
| *To close all services for all sites and installations of NEOSYS under a particular folder, use NEOSYS maintenance (or any other program) to create and then delete a GLOBAL.END file in the parent folder of all the neosys installations. eg if the installations are located in x:\hosts\clientcode\neosys etc then create and delete a file called x:\hosts\GLOBAL.END
| |
| | |
| | |
| | |
| #In NEOSYS Maintenance press F5 to get a NEOSYS command prompt
| |
| | |
| #Type ED DOS ..\..\GLOBAL.END and press Enter
| |
| (use ED DOS GLOBAL.END instead if you only want to close the services of the current site)
| |
| | |
| #Press F9 to create the GLOBAL.END file
| |
| | |
| #Wait until the processes close. Should be almost immediate.
| |
| | |
| #Press alt+D twice to delete the GLOBAL.END file otherwise Neosys services will refuse to start
| |
| | |
| | |
| | |
| | |
| | |
| = USING RSYNC TO BACKUP SERVERS =
| |
| | |
| == Notes ==
| |
| | |
| http://rsync.samba.org/
| |
| | |
| | |
| | |
| http://en.wikipedia.org/wiki/Rsync
| |
| | |
| | |
| | |
| rsync doesnt do any encryption so must be run over ssh
| |
| | |
| | |
| | |
| rsync uses port 873
| |
| | |
| | |
| | |
| rsync only copies over only the bits of the files that have changed but this is not effective for files like ZIP which are completely recreated.
| |
| | |
| == Setting up rsync server ==
| |
| | |
| install rsync using cygwin/setup.exe
| |
| | |
| | |
| | |
| To expose /cygdrive/x/neosys folder as name "neosys" without any security so be careful that port 873 is not open
| |
| | |
| | |
| | |
| create file /etc/rsyncd.conf
| |
| | |
| | |
| | |
| [neosys] | |
| | |
| path = /cygdrive/x/neosys
| |
| | |
| comment = location of all neosys data and programs
| |
| | |
| | |
| | |
| to start rsync manually
| |
| | |
| rsync --daemon
| |
| | |
| == Setting up rsync client ==
| |
| | |
| Setup a target folder
| |
| | |
| md x:\hosts
| |
| | |
| md x:\hosts\clientname
| |
| | |
| | |
| | |
| install rsync using cygwin/setup.exe
| |
| | |
| === Connecting Interactively ===
| |
| | |
| tunnel local port 873 to remote port 873 eg by using putty/ssh in the usual way or:
| |
| | |
| ssh -L 873:127.0.0.1:873 administrator@clientname.support.neosys.com -p 19580
| |
| | |
| | |
| | |
| then in a new shell
| |
| | |
| | |
| | |
| rsync -avz localhost::neosys/ /cygdrive/x/hosts/clientname --delete --ignore-errors --exclude=/proc --exclude=/cygdrive/[a-z]
| |
| | |
| (or just –az for warnings and errors only)
| |
| | |
| === Connecting Automatically ===
| |
| | |
| (this seems to hang in some cases on cygwin)
| |
| | |
| Use rsync to issue the ssh command like this:
| |
| | |
| | |
| | |
| rsync -az –e “ssh –p 19580” administrator@clientname.support.neosys.com:neosys/ /cygdrive/x/hosts/clientname/ --delete --ignore-errors --exclude=/proc --exclude=/cygdrive/[a-z]
| |
| | |
| | |
| | |
| e.g.
| |
| | |
| rsync -avz -e "ssh -p 19580" administrator@adlined.neosys.com:/cygdrive/d/neosys/ /cygdrive/d/hosts/adlined/ --delete --ignore-errors --exclude=/proc --exclude=/cygdrive/[a-z]
| |
| | |
| === Connecting without password (not best possible security) ===
| |
| | |
| On client as administrator
| |
| | |
| | |
| | |
| ssh-keygen –t dsa –b 1024 (generates priv/pub keys in .ssh no passphrase for autologin)
| |
| | |
| chmod 600 ~/.ssh/id_dsa (priv must not be accessible to anybody but owner)
| |
| | |
| | |
| | |
| (copy the PUBLIC key to the server)
| |
| | |
| scp -P 19580 ~/.ssh/id_dsa.pub administrator@servername.neosys.com:/home/Administrator/.ssh/
| |
| | |
| | |
| | |
| On server as administrator
| |
| | |
| | |
| | |
| cd ~/.ssh
| |
| | |
| cat id_dsa.pub >> authorized_keys (add the clients public key to the list of auth keys)
| |
| | |
| chmod 644 authorised_keys (if new then make sure auth keys accessible to other processes)
| |
| | |
| | |
| | |
| Back on Client as Administrator to test
| |
| | |
| | |
| | |
| ssh administrator@adlined.neosys.com -p 19580 should login without password now
| |
| | |
| === Connecting without password (allow rsync only) ===
| |
| | |
| Administrator@una-srvr ~
| |
| | |
| $ mkdir /home/Administrator/rsync
| |
| | |
| | |
| | |
| Administrator@una-srvr ~
| |
| | |
| $ ssh-keygen -t dsa -b 2048 -f /home/Administrator/rsync/mirror-rsync-key
| |
| | |
| DSA keys must be 1024 bits
| |
| | |
| | |
| | |
| Administrator@una-srvr ~
| |
| | |
| $ ssh-keygen -t dsa -b 1024 -f /home/Administrator/rsync/mirror-rsync-key
| |
| | |
| Generating public/private dsa key pair.
| |
| | |
| Enter passphrase (empty for no passphrase):
| |
| | |
| Enter same passphrase again:
| |
| | |
| Your identification has been saved in /home/Administrator/rsync/mirror-rsync-key
| |
| | |
| .
| |
| | |
| Your public key has been saved in /home/Administrator/rsync/mirror-rsync-key.pub
| |
| | |
| .
| |
| | |
| The key fingerprint is:
| |
| | |
| b0:a1:bc:b1:fa:7a:d7:2b:76:9d:34:20:ff:d8:ab:19 Administrator@una-srvr
| |
| | |
| | |
| | |
| ssh-keygen -t dsa -b 1024 -f /home/Administrator/rsync/mirror-rsync-key
| |
| | |
| | |
| | |
| scp -P 19580 ~/rsync/mirror-rsync-key.pub administrator@adlined.neosys.com:/home/Administrator
| |
| | |
| | |
| | |
| on ssh server
| |
| | |
| | |
| | |
| vi ~/rsync/checkrsync
| |
| | |
| | |
| | |
| #!/bin/sh
| |
| | |
| case "$SSH_ORIGINAL_COMMAND" in
| |
| *\&*)
| |
| echo "Rejected"
| |
| ;;
| |
| *\(*)
| |
| echo "Rejected"
| |
| ;;
| |
| *\{*)
| |
| echo "Rejected"
| |
| ;;
| |
| *\;*)
| |
| echo "Rejected"
| |
| ;;
| |
| *\<*)
| |
| echo "Rejected"
| |
| ;;
| |
| *\`*)
| |
| echo "Rejected"
| |
| ;;
| |
| rsync\ --server*)
| |
| $SSH_ORIGINAL_COMMAND
| |
| ;;
| |
| *)
| |
| echo "Rejected"
| |
| ;;
| |
| esac
| |
| | |
| | |
| | |
| chmod 700 ~/rsync/checkrsync
| |