Post Installation Procedure for Astra Schedule Distributed Configuration |
|
|
|
|
Post Installation Procedure for Astra Schedule Distributed Configuration |
|
|
|
|
|
||
The following procedure should be executed after installing the Astra Schedule web application and task agent service if the two components are installed on separate servers.
1.Create a local user with the same name and password on the web server and task agent server(s).
2.Make sure this user has full control to the Files folder under the Astra Schedule instance on all computers. This access MAY come with being a member of the built in Authenticated Users group. If not, it will need to be explicitly granted.
3.Create a new application pool in IIS. Configure the Advanced Settings as follows:
For IIS 7+:
•Enable 32-Bit Applications: true
•Identity: use user account and password created in step 1
•Load User Profile: true
For IIS 6:
•From the Identity tab: change radio button to Configurable and use the user account and password created in step 1
4.Grant IIS app pool access to machine key store.
Must run the command prompt as administrator.
Replace [YourAppPoolName] with the app pool name created in step 3.
aspnet_regiis -pa "NetFrameworkConfigurationKey" "IIS APPPOOL\[YourAppPoolName]"
5.Grant permissions to local user account.
For IIS 7+, add the user created in step 1 to the IIS_IUSRS group.
For IIS6, grant permissions using Table 1 below.
6.Update Virtual Directory to use new IIS app pool
For IIS 7+:
•Go to IIS Manager -> right click on virtual directory -> Manage Application -> Advanced Settings
•Update Application Pool to the one created in step 3.
•Go to IIS Manager -> your virtual directory -> Authentication
•Right click on Anonymous Authentication and click Edit
•Select the radio button option for Application Pool Identify
For IIS 6:
•Open IIS Manager and navigate the tree to the virtual directory
•Right click and select Properties
•Change the Application Pool dropdown on the Virtual Directory tab to the one created in step 3.
•Click Directory Security tab
•Click the Edit button
•Change the user name and password to the one created in step 1.
•You MAY need to add this to your web.config using the user created in step 1:
•<identity impersonate="true" userName="YourIdentity" password="YourPassword" />
•Reference: http://msdn.microsoft.com/en-us/library/ff649223.aspx
7.Update Log on user for task agent services:
•Navigate to Control Panel -> Administrative Tools -> Services
•Right click on the task agent service and click Properties
•Click the Stop button to stop the service.
•Click the Log On tab
•Select the This Account radio button and enter the account info from step 1.
•Click the Apply button.
•Click the General tab and click the Start button to restart the service.
Table 1: IIS 6 Permissions
Folder |
Permissions |
Comments |
C:\Windows\Microsoft.NET\ |
Full Control |
This is the ASP.NET dynamic compilation location. Application code is generated in a discrete directory for each application beneath this folder. |
Application folder |
Read |
This is the location of your Web application files (that is, your application's virtual root directory: for example, c:\inetpub\wwwroot\webapp1). |
C:\Windows\Microsoft.NET\ Framework\v2.0.50727 |
Read |
ASP.NET must be able to access .NET Framework assemblies. |
C:\Windows\assembly |
Read |
This is the GAC. You cannot use Windows Explorer to edit ACLs for this folder. Open a command prompt as Administrator and run the following command: |
Web site root: |
Read |
ASP.NET reads configuration files and monitors for file changes in this folder. |
C:\Windows\system32 |
Read |
This location is for system dynamic-link libraries (DLLs) loaded by the .NET Framework. |
