Difference between revisions of "Configuring vsrvtcp"
(→Connection Setup in Visimage3) |
|||
(31 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | == Configuring | + | == Configuring vsrvtcp.ini for Individual User Profiles == |
− | The vsrvtcp.ini file contains the user profile definitions for your Visimage3 users. | + | The vsrvtcp.ini file contains the user profile definitions for your Visimage3 users. While many CUs create two or three profiles for users to share (for example one each for live, eom and test), others prefer to setup individual (password protected) profiles for each user. These CUs generally enforce password aging as well. |
− | This article describes the recommended way to setup your vsrvtcp.ini file to support individual profiles for all users. | + | This article describes the recommended way to setup your vsrvtcp.ini file to support individual profiles for all users. The layout described here requires vsrvtcp version 4.9.2.x or higher. |
− | === | + | A discussion of the different sections of a sample INI file follows. At the bottom of the page, the INI file is repeated in its entirety to allow you to copy/paste all of the sections. |
+ | |||
+ | === User Profiles === | ||
+ | |||
+ | The individual username sections do not require very much information because they link to other profiles. Each user profile requires: | ||
+ | *The username between [...] | ||
+ | *The "Admin=Y" key for administrator users. | ||
+ | *The "profile=spec_$VSVAR1" key is required for all users. The $VSVAR variables are explained in more detail below. | ||
+ | *A password. | ||
<pre> | <pre> | ||
+ | [john.doe] | ||
+ | profile=spec_$VSVAR1 | ||
+ | password=GrantMeAccess! | ||
+ | |||
[jane.doe] | [jane.doe] | ||
− | Admin=y | + | Admin=y |
− | profile= | + | profile=spec_$VSVAR1 |
− | password=Iamyouradmin! | + | password=Iamyouradmin! |
+ | </pre> | ||
+ | |||
+ | #This sample uses the convention "first.last" for the user names. Choose a convention that makes sense for your organization. | ||
+ | #Because Jane is an Admin user, she can create & delete other Visimage3 users and reset their passwords. This [https://vimeo.com/511279811/06de7698e0 video] gives more information on using the Visimage3 Admin menu. | ||
+ | #The "password" key is the unencrypted password. Use this key when editing the vsrvtcp.ini file. When the password is changed from Visimage3, the encrypted password will be stored in the v_password key. | ||
+ | |||
+ | === Connection Setup in Visimage3 === | ||
+ | When a user creates a connection in Visimage3, the "Host Profile Name" they specify is their username followed by "!live", "!eom" or "!test". If the "!xxxx" is omitted, the connection will fail. The text that follows the first ! char is stored in VSVAR1, thus when a user connects using "username!live" the variable $VSVAR1 is set to the value '''live'''. This means that the "profile=spec_$VAVAR1" will be evaluated as "spec_live". This simple "switch" allows a user to connect to live, eom or test data all from a single user profile. | ||
+ | |||
+ | {| class="wikitable" style="border-spacing: 2,2,2,2;" | ||
+ | |'''Option''' ||'''Value''' | ||
+ | |- | ||
+ | | Host Address || 123.123.123.123 | ||
+ | |- | ||
+ | | Host Port || 29500 or ... | ||
+ | |- | ||
+ | | Host Profile Name || username!live or username!eom | ||
+ | |} | ||
+ | |||
+ | We recommend that Visimage3 users create different connections for live, eom and possibly test. Each Visimage3 connection will use a different "Host Profile Name" using the syntax "username!live", "username!eom" and "username!test". | ||
+ | |||
+ | === The VSVAR Variables === | ||
+ | There are three VSVAR variables that are available using the syntax shown above. If a user connects with "username!one!two!three", then VSVAR1=one, VSVAR2=two and VSVAR3=three. Not all variables need to be used. For example, a connection with "username!live!!e852" will connect to the spec_live profile and execute AskPlus version E.8.5.2 (see the AskPlus section discussed later). | ||
+ | |||
+ | === The LIVE, EOM and TEST profiles === | ||
+ | |||
+ | As discussed above, each user must connect using "username!xxx" where xxx is one of live, eom or test. Based on their connection, they will use one of the three (spec_live, spec_eom or spec_test) profiles shown below. These profiles set unique variables and then switch to the spec_common profile which contains the core information needed to complete the connection. The use of variables (and shared profiles) minimizes the INI file complexity because the same information does not have to be repeated. | ||
− | [ | + | <pre> |
− | + | [spec_live] | |
− | + | filogin=bolive | |
− | + | finame=LIVE | |
− | profile= | + | profile=spec_common |
− | [ | + | [spec_eom] |
− | + | filogin=bolive | |
− | + | finame=LIVE | |
− | + | profile=spec_common | |
− | profile= | ||
− | [ | + | [spec_test] |
− | + | filogin=botest | |
− | + | finame=TEST | |
− | + | profile=spec_common | |
− | profile= | ||
− | [ | + | [spec_common] |
− | directory=/var/summit/spectrum/$ | + | login=$filogin |
+ | directory=/var/summit/spectrum/$finame/FI/VISIMAGE | ||
temp=./temp | temp=./temp | ||
+ | Enable_Data_Import_Task = y | ||
+ | Data_Import_Path = ./temp | ||
batchdir=$SPX_HOME/FI/VISIMAGE | batchdir=$SPX_HOME/FI/VISIMAGE | ||
+ | EQ_DBSERVER=localhost:eloq-$finame | ||
vmgr=/ASKPLUS/visimage/vmgr_$VSVAR1 | vmgr=/ASKPLUS/visimage/vmgr_$VSVAR1 | ||
profile=default_settings | profile=default_settings | ||
profile=askplus | profile=askplus | ||
+ | </pre> | ||
+ | |||
+ | #The variable $filogin is used to specify which UNIX login will be used for the connection. The login is the same for live and eom, but usually different for test. The actual login is used in the spec_common profile using the statement "login=$filogin" | ||
+ | #The variable $finame is used in the spec_common profile to configure the default directory and set the value of EQ_DBSERVER. | ||
+ | #Depending on the valid values for EQ_DBSERVER, you may need to use another variable. | ||
+ | #You can also set the value of EQ_DBUSER by referencing a filename that contains the username and password to use for the database connection. | ||
+ | #The spec_common profile contains all of the shared connection information and uses pre-defined variables where needed to customize the connection. Notice the use of $VSVAR1 again in the vmgr statement. | ||
+ | #Introduced in AskPlus E.8.5.4 batchdir is a new variable that overrides the directory setting when AskPlus is launched in batch using "-ausername!live". | ||
+ | #These examples show settings for live, eom and test, but you can also configure connections to train or other instances of your Eloquence data. | ||
+ | |||
+ | === Enabling Visimage3 Data Import === | ||
+ | The Visimage3 Data Import functionality must be explicitly enabled in the vsrvtcp.ini file. The feature must be enabled for each user that will be granted access. In the above sample, the feature is enabled in the [spec_common] profile for all users that share that profile. By default, Data Import will transfer files to the Visimage3 user's default directory. That location can be over ridden as shown below: | ||
+ | <pre> | ||
+ | Enable_Data_Import_Task = y | ||
+ | Data_Import_Path = ./temp | ||
+ | </pre> | ||
+ | |||
+ | === Other Default Settings === | ||
+ | The default_settings profile contains a variety of AskPlus settings that rarely change. These are kept in a single profile for convenience and referenced by the spec_common profile. | ||
+ | <pre> | ||
[default_settings] | [default_settings] | ||
ASKCHAR=ROM8 | ASKCHAR=ROM8 | ||
Line 52: | Line 113: | ||
DISABLE_STREAM_CMD=Y | DISABLE_STREAM_CMD=Y | ||
ALLOW_EDIT_HOST_FILE=N | ALLOW_EDIT_HOST_FILE=N | ||
+ | </pre> | ||
+ | |||
+ | === The AskPlus Profile === | ||
+ | |||
+ | Traditionaly the AskPlus run statement is also saved in a separate profile. | ||
+ | <pre> | ||
[askplus] | [askplus] | ||
− | askplus=/usr/bin/nice -20 /ASKPLUS/askplus | + | askplus=/usr/bin/nice -20 /ASKPLUS/askplus $VSVAR3 |
+ | </pre> | ||
+ | |||
+ | #Notice the $VSVAR3 variable on the AskPlus run line. As noted previously, this allows a user to start server requesting a specific version of AskPlus. | ||
+ | |||
+ | === Requiring Password Aging === | ||
+ | |||
+ | The following should be added to the [VSRVTCP Manager] profile. | ||
+ | |||
+ | <pre> | ||
+ | [VSRVTCP Manager] | ||
+ | ... | ||
+ | RequireEncryptedPasswords=yes | ||
+ | RequirePasswordAging=yes | ||
+ | PasswordAgingDays=90 | ||
</pre> | </pre> | ||
− | + | #Encrypted passwords should always be required. | |
− | When | + | #When password aging is activated, passwords will expire after the number of days specified by "PasswordAgingDays". |
− | === | + | #When a password has expired, users can no longer start server from Visimage3, but they can still reset their password. |
− | + | #If not specified, the default for "PasswordAgingDays" is 90 days. | |
− | + | ||
− | + | === Complete INI File === | |
+ | |||
+ | <div class="toccolours mw-collapsible mw-collapsed" data-expandtext="View" data-collapsetext="Hide"> | ||
+ | <div style="font-weight:bold;line-height:1.6;">Sample INI File</div> | ||
+ | <div class="mw-collapsible-content"> | ||
+ | <pre> | ||
+ | [john.doe] | ||
+ | profile=spec_$VSVAR1 | ||
+ | password=GrantMeAccess! | ||
+ | |||
+ | [jane.doe] | ||
+ | Admin=y | ||
+ | profile=spec_$VSVAR1 | ||
+ | password=Iamyouradmin! | ||
+ | |||
+ | [spec_live] | ||
+ | filogin=bolive | ||
+ | finame=LIVE | ||
+ | profile=spec_common | ||
+ | |||
+ | [spec_eom] | ||
+ | filogin=bolive | ||
+ | finame=LIVE | ||
+ | profile=spec_common | ||
+ | |||
+ | [spec_test] | ||
+ | filogin=botest | ||
+ | finame=TEST | ||
+ | profile=spec_common | ||
+ | |||
+ | [spec_common] | ||
+ | login=$filogin | ||
+ | directory=/var/summit/spectrum/$finame/FI/VISIMAGE | ||
+ | temp=./temp | ||
+ | Enable_Data_Import_Task = y | ||
+ | Data_Import_Path = ./temp | ||
+ | batchdir=$SPX_HOME/FI/VISIMAGE | ||
+ | EQ_DBSERVER=localhost:eloq-$finame | ||
+ | vmgr=/ASKPLUS/visimage/vmgr_$VSVAR1 | ||
+ | profile=default_settings | ||
+ | profile=askplus | ||
+ | |||
+ | [default_settings] | ||
+ | ASKCHAR=ROM8 | ||
+ | IEEE=1 | ||
+ | ASKODX=1 | ||
+ | ASKJOINS=1 | ||
+ | VMGRLIST=1 | ||
+ | DBCLOSEMODE2=1 | ||
+ | ASK_OLDDATE=1 | ||
+ | HPSPLITYEAR=50 | ||
+ | ASKERR=1 | ||
+ | GAUGE=1 | ||
+ | CISAM=Y | ||
+ | DISABLE_STREAM_CMD=Y | ||
+ | ALLOW_EDIT_HOST_FILE=N | ||
+ | |||
+ | [askplus] | ||
+ | askplus=/usr/bin/nice -20 /ASKPLUS/askplus $VSVAR3 | ||
+ | </pre> |
Latest revision as of 19:20, 20 January 2023
Configuring vsrvtcp.ini for Individual User Profiles
The vsrvtcp.ini file contains the user profile definitions for your Visimage3 users. While many CUs create two or three profiles for users to share (for example one each for live, eom and test), others prefer to setup individual (password protected) profiles for each user. These CUs generally enforce password aging as well.
This article describes the recommended way to setup your vsrvtcp.ini file to support individual profiles for all users. The layout described here requires vsrvtcp version 4.9.2.x or higher.
A discussion of the different sections of a sample INI file follows. At the bottom of the page, the INI file is repeated in its entirety to allow you to copy/paste all of the sections.
User Profiles
The individual username sections do not require very much information because they link to other profiles. Each user profile requires:
- The username between [...]
- The "Admin=Y" key for administrator users.
- The "profile=spec_$VSVAR1" key is required for all users. The $VSVAR variables are explained in more detail below.
- A password.
[john.doe] profile=spec_$VSVAR1 password=GrantMeAccess! [jane.doe] Admin=y profile=spec_$VSVAR1 password=Iamyouradmin!
- This sample uses the convention "first.last" for the user names. Choose a convention that makes sense for your organization.
- Because Jane is an Admin user, she can create & delete other Visimage3 users and reset their passwords. This video gives more information on using the Visimage3 Admin menu.
- The "password" key is the unencrypted password. Use this key when editing the vsrvtcp.ini file. When the password is changed from Visimage3, the encrypted password will be stored in the v_password key.
Connection Setup in Visimage3
When a user creates a connection in Visimage3, the "Host Profile Name" they specify is their username followed by "!live", "!eom" or "!test". If the "!xxxx" is omitted, the connection will fail. The text that follows the first ! char is stored in VSVAR1, thus when a user connects using "username!live" the variable $VSVAR1 is set to the value live. This means that the "profile=spec_$VAVAR1" will be evaluated as "spec_live". This simple "switch" allows a user to connect to live, eom or test data all from a single user profile.
Option | Value |
Host Address | 123.123.123.123 |
Host Port | 29500 or ... |
Host Profile Name | username!live or username!eom |
We recommend that Visimage3 users create different connections for live, eom and possibly test. Each Visimage3 connection will use a different "Host Profile Name" using the syntax "username!live", "username!eom" and "username!test".
The VSVAR Variables
There are three VSVAR variables that are available using the syntax shown above. If a user connects with "username!one!two!three", then VSVAR1=one, VSVAR2=two and VSVAR3=three. Not all variables need to be used. For example, a connection with "username!live!!e852" will connect to the spec_live profile and execute AskPlus version E.8.5.2 (see the AskPlus section discussed later).
The LIVE, EOM and TEST profiles
As discussed above, each user must connect using "username!xxx" where xxx is one of live, eom or test. Based on their connection, they will use one of the three (spec_live, spec_eom or spec_test) profiles shown below. These profiles set unique variables and then switch to the spec_common profile which contains the core information needed to complete the connection. The use of variables (and shared profiles) minimizes the INI file complexity because the same information does not have to be repeated.
[spec_live] filogin=bolive finame=LIVE profile=spec_common [spec_eom] filogin=bolive finame=LIVE profile=spec_common [spec_test] filogin=botest finame=TEST profile=spec_common [spec_common] login=$filogin directory=/var/summit/spectrum/$finame/FI/VISIMAGE temp=./temp Enable_Data_Import_Task = y Data_Import_Path = ./temp batchdir=$SPX_HOME/FI/VISIMAGE EQ_DBSERVER=localhost:eloq-$finame vmgr=/ASKPLUS/visimage/vmgr_$VSVAR1 profile=default_settings profile=askplus
- The variable $filogin is used to specify which UNIX login will be used for the connection. The login is the same for live and eom, but usually different for test. The actual login is used in the spec_common profile using the statement "login=$filogin"
- The variable $finame is used in the spec_common profile to configure the default directory and set the value of EQ_DBSERVER.
- Depending on the valid values for EQ_DBSERVER, you may need to use another variable.
- You can also set the value of EQ_DBUSER by referencing a filename that contains the username and password to use for the database connection.
- The spec_common profile contains all of the shared connection information and uses pre-defined variables where needed to customize the connection. Notice the use of $VSVAR1 again in the vmgr statement.
- Introduced in AskPlus E.8.5.4 batchdir is a new variable that overrides the directory setting when AskPlus is launched in batch using "-ausername!live".
- These examples show settings for live, eom and test, but you can also configure connections to train or other instances of your Eloquence data.
Enabling Visimage3 Data Import
The Visimage3 Data Import functionality must be explicitly enabled in the vsrvtcp.ini file. The feature must be enabled for each user that will be granted access. In the above sample, the feature is enabled in the [spec_common] profile for all users that share that profile. By default, Data Import will transfer files to the Visimage3 user's default directory. That location can be over ridden as shown below:
Enable_Data_Import_Task = y Data_Import_Path = ./temp
Other Default Settings
The default_settings profile contains a variety of AskPlus settings that rarely change. These are kept in a single profile for convenience and referenced by the spec_common profile.
[default_settings] ASKCHAR=ROM8 IEEE=1 ASKODX=1 ASKJOINS=1 VMGRLIST=1 DBCLOSEMODE2=1 ASK_OLDDATE=1 HPSPLITYEAR=50 ASKERR=1 GAUGE=1 CISAM=Y DISABLE_STREAM_CMD=Y ALLOW_EDIT_HOST_FILE=N
The AskPlus Profile
Traditionaly the AskPlus run statement is also saved in a separate profile.
[askplus] askplus=/usr/bin/nice -20 /ASKPLUS/askplus $VSVAR3
- Notice the $VSVAR3 variable on the AskPlus run line. As noted previously, this allows a user to start server requesting a specific version of AskPlus.
Requiring Password Aging
The following should be added to the [VSRVTCP Manager] profile.
[VSRVTCP Manager] ... RequireEncryptedPasswords=yes RequirePasswordAging=yes PasswordAgingDays=90
- Encrypted passwords should always be required.
- When password aging is activated, passwords will expire after the number of days specified by "PasswordAgingDays".
- When a password has expired, users can no longer start server from Visimage3, but they can still reset their password.
- If not specified, the default for "PasswordAgingDays" is 90 days.
Complete INI File
[john.doe] profile=spec_$VSVAR1 password=GrantMeAccess! [jane.doe] Admin=y profile=spec_$VSVAR1 password=Iamyouradmin! [spec_live] filogin=bolive finame=LIVE profile=spec_common [spec_eom] filogin=bolive finame=LIVE profile=spec_common [spec_test] filogin=botest finame=TEST profile=spec_common [spec_common] login=$filogin directory=/var/summit/spectrum/$finame/FI/VISIMAGE temp=./temp Enable_Data_Import_Task = y Data_Import_Path = ./temp batchdir=$SPX_HOME/FI/VISIMAGE EQ_DBSERVER=localhost:eloq-$finame vmgr=/ASKPLUS/visimage/vmgr_$VSVAR1 profile=default_settings profile=askplus [default_settings] ASKCHAR=ROM8 IEEE=1 ASKODX=1 ASKJOINS=1 VMGRLIST=1 DBCLOSEMODE2=1 ASK_OLDDATE=1 HPSPLITYEAR=50 ASKERR=1 GAUGE=1 CISAM=Y DISABLE_STREAM_CMD=Y ALLOW_EDIT_HOST_FILE=N [askplus] askplus=/usr/bin/nice -20 /ASKPLUS/askplus $VSVAR3