Omnify Server Installation and Setup Guide
Help Files | HelpDesk
Configuring the Omnify Server and Services
Skip Navigation Links.
Links
Help Files Help Files
Server Home Page Server Home Page
Omnify HelpDesk HelpDesk Module
Omnify Support Portal Omnify Support Portal
Email Omnify Support Email Omnify Support
Overview
The Omnify Server applications and services are highly configurable to meet your specific requirements. Many of the options are controlled through an XML file (web.config) that resides in the virtual directory of your server installation (e.g.: C:\inetpub\wwwroot\Omnify5). Other settings are specified within the applications such as the Omnify Administrator and Omnify Desktop (User Preferences).

These settings should only be modified by (or with the help of) a qualified Omnify Software Application Engineer.
Omnify Database Connections Top
For the Omnify Server applications and services to communicate with the correct database, you must then modify the web.config file to identify the Omnify metadata, documents, and Toolkit databases. The Server applications and services use 3 connection strings:

• OmnifyDatabase – connection string (http://www.connectionstrings.com) to the Omnify metadata database
• OmnifyDocumentsDatabase – connection string to the Omnify documents database
• OmnifyToolkitDatabase – connection string to the Omnify Toolkit database

You can modify the web.config by opening the file in a text editor.



Or using the IIS Manager, by selecting the Omnify virtual directory and clicking the Connection Strings option.





<connectionStrings>
  <add name="OmnifyDatabase" connectionString="data source=(local);Initial Catalog=Omnify;User ID=User;Password=Pwd;" providerName="System.Data.SqlClient"/>
  <add name="OmnifyDocumentsDatabase" connectionString="data source=(local);Initial Catalog=OmniDocs;User ID=User;Password=Pwd;" providerName="System.Data.SqlClient"/>
  <add name="OmnifyToolkitDatabase" connectionString="data source=(local);Initial Catalog=OmnifyToolkit;User ID=User;Password=Pwd;" providerName="System.Data.SqlClient"/>
</connectionStrings>

In each connection string set the Data Source and Initial Catalog settings to the correct server and Omnify database. The defaults are:

Connection String Server (Data Source) Database (Initial Catalog)
OmnifyDatabase (local) Omnify
OmnifyDocumentsDatabase (local) OmniDocs
OmnifyToolkitDatabase (local) OmnifyToolkit

If the Web Applications and Services server is the same as the Omnify database server, you may not need to modify these settings.
Mail Services Top
The Omnify applications can be configured to send automatic and interactive email to users. All email settings are defined in the Omnify Administrator. To set the email settings, launch the Omnify Administrator from the Omnify Server Home Page.



From the Omnify Administrator navigation tree, select the Advanced Options page.



All email settings are assigned in the Mail Settings section.



You can define/modify the following settings:
SMTP Server Name/Address Specifies the Mail Server name or IP Address
SMTP Port Specifies the outgoing TCP Port for mail traffic (usually 25 or 465 [SSL])
Authorization Mode Select the authorization mode the applications should use to authenticate and send mail through the mail server. Options include:
Option Description
Ignore Credentials Only use when mail server does not require authentication for sending mail via SMTP
Use Network Credentials Uses the currently logged user for authentication
Use Specified Credentials Uses the specified "Authorized" settings to define the user, password, and domain for authentication
Authorized User Name When the Use Specified Credentials option is selected, this setting defines the username to use for authentication
Authorized Password When the Use Specified Credentials option is selected, this setting defines the password to use for authentication
Domain When the Use Specified Credentials option is selected, this setting defines the domain to use for authentication
SMTP From Address Specifies the email address that the messages are to be sent from
SMTP From (Friendly) Name Specifies the user name that will appear as the "From" field in the user's mailbox
Use Secure Sockets Layer (SSL) When checked, email will use Secure Sockets Layer (SSL) to send mail.


Once all necessary settings have been defined, you can test the mail services by clicking the Test Settings link.


Document Vaulting Top
When vaulting documents, Omnify can be configured to store the documents in the following locations:
Location Description
Documents Database Entire document is stored in a database, no physical file is present/available. When a user requests a document, the Omnify services create the physical file from the database and transmit it to the user.
File/Folders-based Each vaulted document is stored as a physical file in a protected area of the server. Physical files are renamed with unique identifiers that are known to the databases and services. When a user requests a document, the Omnify services rename the stored file to the original file name and then transmit it to user.


There are benefits and drawbacks to each method. You should consult a qualified Omnify Software Application Engineer to determine the best setup for your environment.

In addition to the physical location of files, Omnify's vaulted document services provide the following additional options for document storage:

Option Description
Single Server, Single Document Database The default architecture of the vaulted document services and database is to have a single server that manages a single document database. In this scenario, all vaulted documents are stored in a single document database.
Single Server, Multiple Document Databases In this scenario, 2 or more document databases can be created on the Omnify Server and the services can be modified to determine the best location for storing the file content. Advantages to this configuration include smaller database files, more intuitive document locations, and improved upload/extract performance.
Multiple Servers – Replicated Document Using this configuration, the web services will write document content to 2 or more servers when documents are checked-in/uploaded. Advantages to this configuration include automatic document backups and improved extraction/viewing for various client locations. This configuration is common for customers with multiple, remote, locations/sites where network performance is a concern.
Multiple Servers – Split Document Storage Similar to the previous configuration, the web services can determine the location to store the contents of a particular file. The additional benefits of using this configuration include smaller and more intuitive document databases.
Hybrid – Vaulting/File Based Storage The vaulted document services can store document contents in either the document database or maintain the file as a physical file on the server. The services also allow employing a "hybrid" approach where some files are stored in the database and others stored as physical files on the server. The benefits of this configuration include smaller documents databases, access to files without going through Omnify, and ability to leverage other file storage systems.


When using a File/Folders-based vaulting strategy, the physical location of vaulted files is controlled in the web.config with the following settings:
Setting Description
DocumentServices-UseFileSystemForVaulting If "yes", the services will use a File/Folders-based vaulting strategy
If "no", the services will use a Documents Database vaulting strategy
DocumentServices-MaxKBVaultLimit If a Documents Database vaulting strategy is in use, this setting defines a maximum file size (in KB) allowed by any single file in the database. If a file exceeds this limit, the services will use a File/Folders-based vaulting strategy for the individual file.
DocumentServices-FileSystemVaultLocation Defines the physical location (as known to the web application [IIS]) for files to be stored when using a File/Folders-based vaulting strategy
DocumentServices-FileSystemVaultLocation-Changes Defines the physical location (as known to the web application [IIS]) for files assigned to Changes/ECOs to be stored when using a File/Folders-based vaulting strategy
DocumentServices-FileSystemVaultLocation-Items Defines the physical location (as known to the web application [IIS]) for files assigned to Items/Parts/BOMs to be stored when using a File/Folders-based vaulting strategy
DocumentServices-FileSystemVaultLocation-Projects Defines the physical location (as known to the web application [IIS]) for files assigned to Projects to be stored when using a File/Folders-based vaulting strategy
DocumentServices-FileSystemVaultLocation-Quality Defines the physical location (as known to the web application [IIS]) for files assigned to Quality/CAPA items to be stored when using a File/Folders-based vaulting strategy
DocumentServices-FileSystemVaultLocation-Service Defines the physical location (as known to the web application [IIS]) for files assigned to Service Objects to be stored when using a File/Folders-based vaulting strategy
DocumentServices-FileSystemVaultLocation-Training Defines the physical location (as known to the web application [IIS]) for files assigned to Training items to be stored when using a File/Folders-based vaulting strategy
DocumentServices-FileSystemVaultLocation-Vendors Defines the physical location (as known to the web application [IIS]) for files assigned to Vendors to be stored when using a File/Folders-based vaulting strategy
DocumentServices-FileSystemVaultLocation-VendorItems Defines the physical location (as known to the web application [IIS]) for files assigned to Vendor Items to be stored when using a File/Folders-based vaulting strategy


Please refer to the Security/Folders section for more information on setting folder security.

Security/Folders Top
.NET application security configuration and IIS security configuration are completely independent and can be used independently or in conjunction with each other.

IIS maintains security related configuration settings in the IIS database. However, .NET maintains security (and other) configuration settings in XML configuration files (web.config).

.NET implements authentication using authentication providers, which are code modules that verify credentials and implement other security functionality such as cookie generation. .NET supports the following three authentication providers:
  • Forms Authentication - Using this provider causes unauthenticated requests to be redirected to a specified HTML form using client side redirection. The user can then supply logon credentials, and post the form back to the server. If the application authenticates the request (using application-specific logic), .NET issues a cookie that contains the credentials or a key for reacquiring the client identity.
  • Passport Authentication - This is a centralized authentication service provided by Microsoft that offers a single logon facility and membership services for participating sites.
  • Windows Authentication - This provider utilizes the authentication capabilities of IIS. After IIS completes its authentication, .NET uses the authenticated identity's token to authorize access.
<!-- web.config file -->
<authentication mode = "[Windows/Forms/Passport/None]">
</authentication>
Authentication Using Windows
Accounts Using Windows Authentication mode you can use accounts maintained by a Windows domain controller or Active Directory. When authentication happens using this method, .NET constructs and attaches a Windows Principal object to the application context based on the authenticated user. As a result, the .NET thread can run as the authenticated user and can obtain the user's group membership.

Impersonation and Delegation
With impersonation, .NET applications can optionally execute with the identity of the client on whose behalf they're operating. Impersonation is usually performed for resource access control.

If impersonation is enabled, .NET will receive the token to impersonate from IIS. This is controlled by specifying a value in the application's Web.config file.
<identity impersonate="true"/>
To identify a specific account, use the name and password attributes:
<identity impersonate="true" userName="domain\user" password="passwd"/>

Many operations performed with Omnify will interact with the physical file folders/directories of the web server. For example:
Operation Description/System Interaction
User checks-in/adds a document The user specifies a local or shared document that they wish to "upload"/assign to an object. The web server accepts the local file and uploads it to a location accessible to the IIS server. The services then determine if the file is to be moved to a vaulted document area or loaded into the documents database.
User checks-out/views a document The service determines the location of the physical file (folder or database) and copies or creates the file to a location accessible to the IIS server. The service then transmits the file (through the browser) from the accessible location.
User imports a BOM The user specifies a local or shared document that they wish to "upload"/assign to be read and assigned as BOM items. The web server accepts the local file and uploads it to a location accessible to the IIS server. The services then read the local file for its contents as BOM child items.


There are many scenarios like this in which the system needs to access and create files on the Web Server. The system will use the system security settings as assigned to the .NET user (as described above).

Thus, for the system to operate correctly, the .NET user must have access to the files\folders for these operations. Most of the locations are configurable in the web.config file. By default, you should provide read/write access for the .NET user to the following locations:

Location Default Folder Description
StorageArea C:\inetpub\wwwroot\Omnify5\StorageArea Default location for File/Folders-based vaulted files.
TempUpload C:\inetpub\wwwroot\Omnify5\TempUpload Default/temporary area that the system uses when a user uploads a file for vaulting, import, etc.
VaultView C:\inetpub\wwwroot\Omnify5\VaultView Default/temporary area that the vaulting services use to create/copy vaulted files that a user would like to view/check-out.

To set permissions, open the Windows Explorer and navigate to the desired folder.



Using the right mouse button menu, click the Properties command.



From the folder properties dialog box, select the Security tab, and click the Edit button.



From the Permission dialog box, select the user, check the Full Control option, and click the OK button.



You will notice that the desired user now has full control of the folder, click the OK button to assign the security.


web.config Settings Top
The Web.config file contains many options for the Web Services and Applications. These settings can be found in the <appSettings> section.

Option/Setting Description
DocumentServices-UseFileSystemForVaulting If enabled ("yes"), the system will place vaulted files in folders defined by the DocumentServices-FileSystemVaultLocation option.
DocumentServices-MaxKBVaultLimit This setting defined the file size limit to vault files in the database. Files that exceed this limit will be placed in folder defined by the DocumentServices-FileSystemVaultLocation option.
DocumentServices-FileSystemVaultLocation The settings defines the default location for files to be stored when using the File System option
DocumentServices-FileSystemVaultLocation-Changes The settings defines the default location for files assigned to Changes/ECOs to be stored when using the File System option
DocumentServices-FileSystemVaultLocation-Items The settings defines the default location for files assigned to Items to be stored when using the File System option
DocumentServices-FileSystemVaultLocation-Projects The settings defines the default location for files assigned to Projects to be stored when using the File System option
DocumentServices-FileSystemVaultLocation-Quality The settings defines the default location for files assigned to Quality/CAPA items to be stored when using the File System option
DocumentServices-FileSystemVaultLocation-Service The settings defines the default location for files assigned to Service Objects to be stored when using the File System option
DocumentServices-FileSystemVaultLocation-Training The settings defines the default location for files assigned to Training items to be stored when using the File System option
DocumentServices-FileSystemVaultLocation-Vendors The settings defines the default location for files assigned to Vendors to be stored when using the File System option
DocumentServices-FileSystemVaultLocation-VendorItems The settings defines the default location for files assigned to Vendor Items to be stored when using the File System option
DocumentServices-VaultViewWriteFolder This setting defines the location the Web Services will place files during vaulting extraction and other operations
DocumentServices-AppendIDsOnView If enabled ("yes"), the system will append the user ID to the file name during viewing operations
DocumentServices-PlaceInIDFolder If enabled ("yes"), the system will extract vaulted files to separate user folders.
DocumentServices-ReadChunkSizeKB If greater than 0, the system will read/load vaulted files in chunks defined by this size.
DocumentServices-WriteChunkSizeKB If greater than 0, the system will write vaulted files in chunks defined by this size.
DocumentServices-AlternateExtractWebServerURL For vaulted files that reside on other servers/databases, this setting defines the Web Services pointer to call the document extraction services.
DocumentServices-SecondaryDocDBConnectString For vaulted files that reside in a secondary database, this setting defines the name of the connection string (in the section) to use to extract vaulted files.
DocumentServices-UseHTTPReturn If enabled ("yes"), the system will use the HTTP return path string during viewing operations.
DocumentServices-UseHTTPDownload If enabled ("yes"), the system will force the user to download vaulted documents through port 80 (or 443) during viewing operations.
DocumentServices-VaultViewReturnPath This setting defines the return string that the Web Services will return to the client to view/open the vaulted file after an extraction operation.
DocumentServices-VaultViewReturnPathHTTP This setting defines the HTTP return string that the Web Services will return to the client to enable viewing/opening documents through port 80 (or 443)
WebServices-TempUploadArea This setting is used by various web applications (Desktop, License Monitor, Server Wizard) as a temporary storage area for files. Note: this must be "writeable" by the user running the Web Server.
WebServices-UseIPAddress If enabled ("yes"), the system will use the IP Address as opposed to the server name when creating hyperlinks in email content.
EmailServices-UseUserEmailAsSentAddress If enabled ("yes"), the system will set the appropriate user as the sender when generating automatic emails
EmailServices-LogEmailAlerts If enabled ("yes"), automatic emails will be logged in the objects history list.
EmailServices-ObjectHyperlinkPath Specifies the URL to be used when creating hyperlinks in email content.
EmailServices-IncludeHyperlink If enabled ("yes"), the email services will include object hyperlinks in email content.
ServerMonitor-RunViewDirCleanup If enabled ("yes"), the Server Monitor will run the directory cleanup routine.
ServerMonitor-CleanupFolders A semicolon delimited list of server folders to be purged when the ServerMonitor-RunViewDirCleanup option is enabled
ServerMonitor-EmailAlert_RunProjectTaskAudit If enabled ("yes"), the Server Monitor will run the Project specific Task Alert routine.
ServerMonitor-EmailAlert_RunChangeTaskAudit If enabled ("yes"), the Server Monitor will run the Change/ECO specific Task Alert routine.
ServerMonitor-EmailAlert_RunQualityTaskAudit If enabled ("yes"), the Server Monitor will run the Quality/CAPA specific Task Alert routine.
ServerMonitor-EmailAlert_RunTrainingTaskAudit If enabled ("yes"), the Server Monitor will run the Training specific Task Alert routine.
ServerMonitor-EmailAlert_RunUserTrainingAudit If enabled ("yes"), the Server Monitor will run the User Training specific Alert routine.
ServerMonitor-EmailAlert_RunItemSignoffAudit If enabled ("yes"), the Server Monitor will run the Item Signoff Alert routine.
ServerMonitor-EmailAlert_RunChangeSignoffAudit If enabled ("yes"), the Server Monitor will run the Change/ECO Signoff Alert routine.
ServerMonitor-EmailAlert_RunQualitySignoffAudit If enabled ("yes"), the Server Monitor will run the Quality/CAPA Signoff Alert routine.
ServerMonitor-EmailAlert_DueDateDaysBefore This setting specifics the day buffer to be used when running the automatic email alerts for tasks and user training.
ServerMonitor-EmailAlert_EmailDayBuffer When automatic email alerts are enabled, this setting determines the "grace period" for re-sending emails alerts.
Desktop-LoadOmnifyNewsFeed If enabled ("yes") the system will display the Omnify News RSS feed on the user's Home Page (Desktop)
Desktop-DictionaryFolder Specifies the location/folder of all XML Dictionary files
NewObject-ExpandList If enabled ("yes") the system will automatically expand the Object Type drop list when the New Object Wizard is launched
NewObject-EnableFieldPaste If enabled ("yes") the system will allow users to paste text-based fields to be added as object field data in the New Object Wizard
NewObject-PasteFieldMap-Item-? Specifies the field mapping for pasted fields in the New Object Wizard. Omnify field name appears after the last dash (e.g.: NewObject-PasteFieldMap-Item-Value would indicate fields that get mapped to the Omnify field "Value"). Multiple fields to be mapped can be delimited with a semi-colon (e.g. value="Capacitance;Resistance In Ohms;Resistance;Inductance").
BOM-EnableQtyNumericSort If enabled ("yes") the system will sort the Qty field of a BOM as numeric
BOM-EnableFindNumericSort If enabled ("yes") the system will sort the Find number field of a BOM as numeric
BOM-AllowDuplicateRefdes If enabled ("yes") the system will allow duplicates reference designators for multiple items in a BOM
DocumentPackager-PackageArea Specifies the location of zipped files when the Document Packager is launched.
TaskUpdate-UpdatePastTasksOnly If enabled ("yes") the system will automatically update all tasks (past and future) dependent task dates when a predecessor task date is modified. If disabled ("no") the system will only update future tasks dependent task dates when a predecessor task date is modified.
HelpDesk-LoadProductTipsRSS If enabled ("yes") Product Tip feeds will appear on the HelpDesk home page
HelpDesk-DocumentLocation Location for storing attached Blog/Ticket documents
Administrator-DefaultEmailDomain Populated on the user form when creating database users (Administrator)
Administrator-AllowDisabledViewing If enabled ("yes") disabled/deleted items (expired records) will appear for some sections.
EnableSingleLoginForAllApps If enabled ("yes") when the user logs in to any application, they will be able to launch other applications without an additional login (if the user does not logout first).
LightDirLoginMode If set to "0", the system will only use the user name and password as defined in the Omnify Administrator.
If set to "1", users will be able to login with the network login credentials (LDAP)
If set to "2", the system will check both LDAP authentication and the Omnify database login credentials
LightDirDomainName Specifies the default domain for LDAP authentication.
OmnifySoftWeb.OmnifyWeb Omnify Web Site Web Services Location
Login/LDAP Top
Lightweight Directory Access Protocol, LDAP, is an Internet protocol that email and other programs use to look up information from a server. Omnify applications can use LDAP to lookup network users for authentication and access to the Omnify tools/modules.

With LDAP enabled, users can specify their network user name and password.



Omnify will look up the specified user name and password through LDAP. If the user is validated, the system will then check the Omnify database for a matching user name.

Note: for LDAP authentication to operate correctly, the user's network login and Omnify login names must match.

To enable/disable LDAP authentication, you must set the LightDirLoginMode option in the web.config file to one of the following:
Setting/Value Description
<add key="LightDirLoginMode" value="0"/> The system will only use the user name and password as defined in the Omnify Administrator
<add key="LightDirLoginMode" value="1"/> The system will use the specified user name and password to validate with network login credentials (LDAP)
<add key="LightDirLoginMode" value="2"/> The system will check both LDAP authentication and the Omnify database login credentials