Difference between revisions of "Configuring vsrvtcp"

From Vital Soft Wiki
Jump to: navigation, search
 
(26 intermediate revisions by the same user not shown)
Line 1: Line 1:
== Configuring the vsrvtcp.ini File on the Host ==
+
== Configuring vsrvtcp.ini for Individual User Profiles ==
  
The vsrvtcp.ini file contains the user profile definitions for your Visimage3 users. Many CUs create two or three profiles for their users to share: one each for live, eom and test. Others prefer to setup individual (password protected) profiles for their users.  These CUs generally enforce password aging as well.
+
The vsrvtcp.ini file contains the user profile definitions for your Visimage3 users. While many CUs create two or three profiles for users to share (for example one each for live, eom and test), others prefer to setup individual (password protected) profiles for each user.  These CUs generally enforce password aging as well.
  
This article describes the recommended way to setup your vsrvtcp.ini file to support individual profiles for all users. This system required vsrvtcp version 4.9.2.x or higher.  Using this approach, you will have both regular and admin users.  You will need at least one admin user who can create and delete users and also reset user passwords.  Admin users are identified by the "Admin=Y" key in their profile.  In the example below we are using the convention "first.last" for our user names.  You can choose to use any convention that you like.
+
This article describes the recommended way to setup your vsrvtcp.ini file to support individual profiles for all users. The layout described here requires vsrvtcp version 4.9.2.x or higher.
  
=== Sample INI file ===
+
A discussion of the different sections of a sample INI file follows.  At the bottom of the page, the INI file is repeated in its entirety to allow you to copy/paste all of the sections.
 +
 
 +
=== User Profiles ===
 +
 
 +
The individual username sections do not require very much information because they link to other profiles. Each user profile requires:
 +
*The username between [...]
 +
*The "Admin=Y" key for administrator users.
 +
*The "profile=spec_$VSVAR1" key is required for all users. The $VSVAR variables are explained in more detail below.
 +
*A password.
 
<pre>
 
<pre>
 +
[john.doe]
 +
  profile=spec_$VSVAR1
 +
  password=GrantMeAccess!
 +
 
[jane.doe]
 
[jane.doe]
   Admin=y                       << Note 1 >>
+
   Admin=y
   profile=summit_$VSVAR1         << Note 2 >>
+
   profile=spec_$VSVAR1
   password=Iamyouradmin!         << Note 3 >>
+
   password=Iamyouradmin!
 +
</pre>
  
[summit_live]
+
#This sample uses the convention "first.last" for the user names. Choose a convention that makes sense for your organization.
  filogin=bolive                << Note 4 >>
+
#Because Jane is an Admin user, she can create & delete other Visimage3 users and reset their passwords.  This [https://vimeo.com/511279811/06de7698e0 video] gives more information on using the Visimage3 Admin menu.
  fipath=LIVE                    << Note 5 >>
+
#The "password" key is the unencrypted password. Use this key when editing the vsrvtcp.ini file.  When the password is changed from Visimage3, the encrypted password will be stored in the v_password key.
  EQ_DBSERVER=localhost:eloqdb  << Note 6 >>
 
  profile=summit_common
 
  
[summit_eom]
+
=== Connection Setup in Visimage3 ===
 +
When a user creates a connection in Visimage3, the "Host Profile Name" they specify is their username followed by "!live", "!eom" or "!test".  If the "!xxxx" is omitted, the connection will fail. The text that follows the first ! char is stored in VSVAR1, thus when a user connects using "username!live" the variable $VSVAR1 is set to the value '''live'''.  This means that the "profile=spec_$VAVAR1" will be evaluated as "spec_live".  This simple "switch" allows a user to connect to live, eom or test data all from a single user profile.
 +
 
 +
  {| class="wikitable" style="border-spacing: 2,2,2,2;"
 +
    |'''Option''' ||'''Value'''
 +
    |-
 +
    | Host Address || 123.123.123.123
 +
    |-
 +
    | Host Port || 29500 or ...
 +
    |-
 +
    | Host Profile Name || username!live or username!eom
 +
    |}
 +
 
 +
We recommend that Visimage3 users create different connections for live, eom and possibly test.  Each Visimage3 connection will use a different "Host Profile Name" using the syntax "username!live", "username!eom" and "username!test".
 +
 
 +
=== The VSVAR Variables ===
 +
There are three VSVAR variables that are available using the syntax shown above.  If a user connects with "username!one!two!three", then VSVAR1=one, VSVAR2=two and VSVAR3=three.  Not all variables need to be used.  For example, a connection with "username!live!!e852" will connect to the spec_live profile and execute AskPlus version E.8.5.2 (see the AskPlus section discussed later).
 +
 
 +
=== The LIVE, EOM and TEST profiles ===
 +
 
 +
As discussed above, each user must connect using "username!xxx" where xxx is one of live, eom or test. Based on their connection, they will use one of the three (spec_live, spec_eom or spec_test) profiles shown below.  These profiles set unique variables and then switch to the spec_common profile which contains the core information needed to complete the connection.  The use of variables (and shared profiles) minimizes the INI file complexity because the same information does not have to be repeated.
 +
 
 +
<pre>
 +
[spec_live]
 +
  filogin=bolive
 +
  finame=LIVE
 +
  profile=spec_common
 +
 
 +
[spec_eom]
 
   filogin=bolive
 
   filogin=bolive
   fipath=LIVE
+
   finame=LIVE
  EQ_DBSERVER=localhost:eloqdb
+
   profile=spec_common
   profile=summit_common
 
  
[summit_test]
+
[spec_test]
 
   filogin=botest
 
   filogin=botest
   fipath=TEST
+
   finame=TEST
  EQ_DBSERVER=localhost:eloq-TEST
+
   profile=spec_common
   profile=summit_common
 
  
[summit_common]                 << Note 7 >>
+
[spec_common]
 
   login=$filogin
 
   login=$filogin
   directory=/var/summit/spectrum/$fipath/FI/VISIMAGE
+
   directory=/var/summit/spectrum/$finame/FI/VISIMAGE
 
   temp=./temp
 
   temp=./temp
   batchdir=$SPX_HOME/FI/VISIMAGE << Note 8 >>
+
  Enable_Data_Import_Task = y
 +
  Data_Import_Path = ./temp
 +
   batchdir=$SPX_HOME/FI/VISIMAGE
 +
  EQ_DBSERVER=localhost:eloq-$finame
 
   vmgr=/ASKPLUS/visimage/vmgr_$VSVAR1
 
   vmgr=/ASKPLUS/visimage/vmgr_$VSVAR1
 
   profile=default_settings
 
   profile=default_settings
 
   profile=askplus
 
   profile=askplus
 +
</pre>
 +
 +
#The variable $filogin is used to specify which UNIX login will be used for the connection.  The login is the same for live and eom, but usually different for test.  The actual login is used in the spec_common profile using the statement "login=$filogin"
 +
#The variable $finame is used in the spec_common profile to configure the default directory and set the value of EQ_DBSERVER.
 +
#Depending on the valid values for EQ_DBSERVER, you may need to use another variable. 
 +
#You can also set the value of EQ_DBUSER by referencing a filename that contains the username and password to use for the database connection.
 +
#The spec_common profile contains all of the shared connection information and uses pre-defined variables where needed to customize the connection.  Notice the use of $VSVAR1 again in the vmgr statement.
 +
#Introduced in AskPlus E.8.5.4 batchdir is a new variable that overrides the directory setting when AskPlus is launched in batch using "-ausername!live".
 +
#These examples show settings for live, eom and test, but you can also configure connections to train or other instances of your Eloquence data.
  
[default_settings]               << Note 9 >>
+
=== Enabling Visimage3 Data Import ===
 +
The Visimage3 Data Import functionality must be explicitly enabled in the vsrvtcp.ini file. The feature must be enabled for each user that will be granted access.  In the above sample, the feature is enabled in the [spec_common] profile for all users that share that profile. By default, Data Import will transfer files to the Visimage3 user's default directory. That location can be over ridden as shown below:
 +
<pre>
 +
  Enable_Data_Import_Task = y
 +
  Data_Import_Path = ./temp
 +
</pre>
 +
 
 +
=== Other Default Settings ===
 +
 
 +
The default_settings profile contains a variety of AskPlus settings that rarely change.  These are kept in a single profile for convenience and referenced by the spec_common profile.
 +
<pre>
 +
[default_settings]
 
   ASKCHAR=ROM8
 
   ASKCHAR=ROM8
 
   IEEE=1
 
   IEEE=1
Line 53: Line 113:
 
   DISABLE_STREAM_CMD=Y
 
   DISABLE_STREAM_CMD=Y
 
   ALLOW_EDIT_HOST_FILE=N
 
   ALLOW_EDIT_HOST_FILE=N
 +
</pre>
 +
 +
=== The AskPlus Profile ===
 +
 +
Traditionaly the AskPlus run statement is also saved in a separate profile.
  
[askplus]                       << Note 10 >>
+
<pre>
 +
[askplus]
 
   askplus=/usr/bin/nice -20 /ASKPLUS/askplus $VSVAR3
 
   askplus=/usr/bin/nice -20 /ASKPLUS/askplus $VSVAR3
 
</pre>
 
</pre>
  
=== Connection Setup in Visimage3 ===
+
#Notice the $VSVAR3 variable on the AskPlus run line. As noted previously, this allows a user to start server requesting a specific version of AskPlus.
When a user creates a connection in Visimage3, the "Host Profile Name" that they specify will be their username followed by "!live", "!eom" or "!test". If the "!xxxx" is omitted, the connection will fail. When a user connects using "username!live" the variable $VSVAR1 is set to the value '''live''' and therefore the next profile used will be "summit_live". This simple "switch" allows a user to connect to live, eom or test data all from a single user profile.
+
 
 +
=== Requiring Password Aging ===
 +
 
 +
The following should be added to the [VSRVTCP Manager] profile.
 +
 
 +
<pre>
 +
[VSRVTCP Manager]
 +
  ...
 +
  RequireEncryptedPasswords=yes
 +
  RequirePasswordAging=yes
 +
  PasswordAgingDays=90
 +
</pre>
 +
 
 +
#Encrypted passwords should always be required.
 +
#When password aging is activated, passwords will expire after the number of days specified by "PasswordAgingDays".
 +
#When a password has expired, users can no longer start server from Visimage3, but they can still reset their password.
 +
#If not specified, the default for "PasswordAgingDays" is 90 days.
 +
 
 +
=== Complete INI File ===
 +
 
 +
<div class="toccolours mw-collapsible mw-collapsed" data-expandtext="View" data-collapsetext="Hide">
 +
<div style="font-weight:bold;line-height:1.6;">Sample INI File</div>
 +
<div class="mw-collapsible-content">
 +
<pre>
 +
[john.doe]
 +
  profile=spec_$VSVAR1
 +
  password=GrantMeAccess!
 +
 
 +
[jane.doe]
 +
  Admin=y
 +
  profile=spec_$VSVAR1
 +
  password=Iamyouradmin!
 +
 
 +
[spec_live]
 +
  filogin=bolive
 +
  finame=LIVE
 +
  profile=spec_common
 +
 
 +
[spec_eom]
 +
  filogin=bolive
 +
  finame=LIVE
 +
  profile=spec_common
 +
 
 +
[spec_test]
 +
  filogin=botest
 +
  finame=TEST
 +
  profile=spec_common
  
In the summit_live, summit_eom and summit_test profiles, variables are set which can then be used later by the summit_common profile. The use of variables (and shared profiles) minimizes support because the same information does not have to be repeated.
+
[spec_common]
 +
  login=$filogin
 +
  directory=/var/summit/spectrum/$finame/FI/VISIMAGE
 +
  temp=./temp
 +
  Enable_Data_Import_Task = y
 +
  Data_Import_Path = ./temp
 +
  batchdir=$SPX_HOME/FI/VISIMAGE
 +
  EQ_DBSERVER=localhost:eloq-$finame
 +
  vmgr=/ASKPLUS/visimage/vmgr_$VSVAR1
 +
  profile=default_settings
 +
  profile=askplus
  
=== VSVAR Variables ===
+
[default_settings]
There are three VSVAR variables that are available using the syntax discussed above.  If a user connects with "username!one!two!three", then VSVAR1=one, VSVAR2=two and VSVAR3=three.  Not all variables need to be used.  For example, using the INI file above, a connection with "username!live!!e852" will connect to the summit_live profile and execute AskPlus version E.8.5.2 (see Note 9).
+
  ASKCHAR=ROM8
 +
  IEEE=1
 +
  ASKODX=1
 +
  ASKJOINS=1
 +
  VMGRLIST=1
 +
  DBCLOSEMODE2=1
 +
  ASK_OLDDATE=1
 +
  HPSPLITYEAR=50
 +
  ASKERR=1
 +
  GAUGE=1
 +
  CISAM=Y
 +
  DISABLE_STREAM_CMD=Y
 +
  ALLOW_EDIT_HOST_FILE=N
  
=== Notes: ===
+
[askplus]
#Indicates that Jane is an Admin user.
+
  askplus=/usr/bin/nice -20 /ASKPLUS/askplus $VSVAR3
#When Jane connects using "jane.doe!live" the variable $VSVAR1 will have the value live and therefore the profile used will be "summit_live".  This simple "switch" allows Jane to connect to live, eom or test data all from a single user profile.
+
</pre>
#When Jane changes her password, the new password will be stored encrypted in the INI file.
 
#The variable filogin is used to specify which UNIX login will be used for the connection.  The connection is the same for live and eom, but usually different for test.  The actual login is used in the summit_common profile using the statement "login=$filogin"
 
#The variable fipath is used later in the summit_common profile to configure the default directory.
 
#The EQ_DBSERVER will need to be different as well.  Here we just use a different value, but possible we could have used the fipath variable depending on the valid values for EQ_DBSERVER.  You can also reference a filename that contains the username and password to use for the database connection.
 
#The summit_common profile contains all of the shared connection information and uses pre-defined variables where needed to customize the connection.  Notice the use of $VSVAR1 again in the vmgr statement.
 
#Introduced in AskPlus E.8.5.4 batchdir is a new variable that overrides the directory setting when AskPlus is launched in batch using "username!live".
 
#The default_settings profile contains general AskPlus settings. These are typically saved in a separate profile, but that is not required.
 
#Notice the $VSVAR3 variable on the AskPlus run line. As noted previously, this allows a user to start server requesting a specific version of AskPlus.
 

Latest revision as of 19:20, 20 January 2023

Configuring vsrvtcp.ini for Individual User Profiles

The vsrvtcp.ini file contains the user profile definitions for your Visimage3 users. While many CUs create two or three profiles for users to share (for example one each for live, eom and test), others prefer to setup individual (password protected) profiles for each user. These CUs generally enforce password aging as well.

This article describes the recommended way to setup your vsrvtcp.ini file to support individual profiles for all users. The layout described here requires vsrvtcp version 4.9.2.x or higher.

A discussion of the different sections of a sample INI file follows. At the bottom of the page, the INI file is repeated in its entirety to allow you to copy/paste all of the sections.

User Profiles

The individual username sections do not require very much information because they link to other profiles. Each user profile requires:

  • The username between [...]
  • The "Admin=Y" key for administrator users.
  • The "profile=spec_$VSVAR1" key is required for all users. The $VSVAR variables are explained in more detail below.
  • A password.
[john.doe]
  profile=spec_$VSVAR1
  password=GrantMeAccess!

[jane.doe]
  Admin=y
  profile=spec_$VSVAR1
  password=Iamyouradmin!
  1. This sample uses the convention "first.last" for the user names. Choose a convention that makes sense for your organization.
  2. Because Jane is an Admin user, she can create & delete other Visimage3 users and reset their passwords. This video gives more information on using the Visimage3 Admin menu.
  3. The "password" key is the unencrypted password. Use this key when editing the vsrvtcp.ini file. When the password is changed from Visimage3, the encrypted password will be stored in the v_password key.

Connection Setup in Visimage3

When a user creates a connection in Visimage3, the "Host Profile Name" they specify is their username followed by "!live", "!eom" or "!test". If the "!xxxx" is omitted, the connection will fail. The text that follows the first ! char is stored in VSVAR1, thus when a user connects using "username!live" the variable $VSVAR1 is set to the value live. This means that the "profile=spec_$VAVAR1" will be evaluated as "spec_live". This simple "switch" allows a user to connect to live, eom or test data all from a single user profile.

Option Value
Host Address 123.123.123.123
Host Port 29500 or ...
Host Profile Name username!live or username!eom

We recommend that Visimage3 users create different connections for live, eom and possibly test. Each Visimage3 connection will use a different "Host Profile Name" using the syntax "username!live", "username!eom" and "username!test".

The VSVAR Variables

There are three VSVAR variables that are available using the syntax shown above. If a user connects with "username!one!two!three", then VSVAR1=one, VSVAR2=two and VSVAR3=three. Not all variables need to be used. For example, a connection with "username!live!!e852" will connect to the spec_live profile and execute AskPlus version E.8.5.2 (see the AskPlus section discussed later).

The LIVE, EOM and TEST profiles

As discussed above, each user must connect using "username!xxx" where xxx is one of live, eom or test. Based on their connection, they will use one of the three (spec_live, spec_eom or spec_test) profiles shown below. These profiles set unique variables and then switch to the spec_common profile which contains the core information needed to complete the connection. The use of variables (and shared profiles) minimizes the INI file complexity because the same information does not have to be repeated.

[spec_live]
  filogin=bolive
  finame=LIVE
  profile=spec_common

[spec_eom]
  filogin=bolive
  finame=LIVE
  profile=spec_common

[spec_test]
  filogin=botest
  finame=TEST
  profile=spec_common

[spec_common]
  login=$filogin
  directory=/var/summit/spectrum/$finame/FI/VISIMAGE
  temp=./temp
  Enable_Data_Import_Task = y
  Data_Import_Path = ./temp
  batchdir=$SPX_HOME/FI/VISIMAGE
  EQ_DBSERVER=localhost:eloq-$finame
  vmgr=/ASKPLUS/visimage/vmgr_$VSVAR1
  profile=default_settings
  profile=askplus
  1. The variable $filogin is used to specify which UNIX login will be used for the connection. The login is the same for live and eom, but usually different for test. The actual login is used in the spec_common profile using the statement "login=$filogin"
  2. The variable $finame is used in the spec_common profile to configure the default directory and set the value of EQ_DBSERVER.
  3. Depending on the valid values for EQ_DBSERVER, you may need to use another variable.
  4. You can also set the value of EQ_DBUSER by referencing a filename that contains the username and password to use for the database connection.
  5. The spec_common profile contains all of the shared connection information and uses pre-defined variables where needed to customize the connection. Notice the use of $VSVAR1 again in the vmgr statement.
  6. Introduced in AskPlus E.8.5.4 batchdir is a new variable that overrides the directory setting when AskPlus is launched in batch using "-ausername!live".
  7. These examples show settings for live, eom and test, but you can also configure connections to train or other instances of your Eloquence data.

Enabling Visimage3 Data Import

The Visimage3 Data Import functionality must be explicitly enabled in the vsrvtcp.ini file. The feature must be enabled for each user that will be granted access. In the above sample, the feature is enabled in the [spec_common] profile for all users that share that profile. By default, Data Import will transfer files to the Visimage3 user's default directory. That location can be over ridden as shown below:

  Enable_Data_Import_Task = y
  Data_Import_Path = ./temp

Other Default Settings

The default_settings profile contains a variety of AskPlus settings that rarely change. These are kept in a single profile for convenience and referenced by the spec_common profile.

[default_settings]
  ASKCHAR=ROM8
  IEEE=1
  ASKODX=1
  ASKJOINS=1
  VMGRLIST=1
  DBCLOSEMODE2=1
  ASK_OLDDATE=1
  HPSPLITYEAR=50
  ASKERR=1
  GAUGE=1
  CISAM=Y
  DISABLE_STREAM_CMD=Y
  ALLOW_EDIT_HOST_FILE=N

The AskPlus Profile

Traditionaly the AskPlus run statement is also saved in a separate profile.

[askplus]
  askplus=/usr/bin/nice -20 /ASKPLUS/askplus $VSVAR3
  1. Notice the $VSVAR3 variable on the AskPlus run line. As noted previously, this allows a user to start server requesting a specific version of AskPlus.

Requiring Password Aging

The following should be added to the [VSRVTCP Manager] profile.

[VSRVTCP Manager]
  ...
  RequireEncryptedPasswords=yes
  RequirePasswordAging=yes
  PasswordAgingDays=90
  1. Encrypted passwords should always be required.
  2. When password aging is activated, passwords will expire after the number of days specified by "PasswordAgingDays".
  3. When a password has expired, users can no longer start server from Visimage3, but they can still reset their password.
  4. If not specified, the default for "PasswordAgingDays" is 90 days.

Complete INI File

Sample INI File
[john.doe]
  profile=spec_$VSVAR1
  password=GrantMeAccess!

[jane.doe]
  Admin=y
  profile=spec_$VSVAR1
  password=Iamyouradmin!

[spec_live]
  filogin=bolive
  finame=LIVE
  profile=spec_common

[spec_eom]
  filogin=bolive
  finame=LIVE
  profile=spec_common

[spec_test]
  filogin=botest
  finame=TEST
  profile=spec_common

[spec_common]
  login=$filogin
  directory=/var/summit/spectrum/$finame/FI/VISIMAGE
  temp=./temp
  Enable_Data_Import_Task = y
  Data_Import_Path = ./temp
  batchdir=$SPX_HOME/FI/VISIMAGE
  EQ_DBSERVER=localhost:eloq-$finame
  vmgr=/ASKPLUS/visimage/vmgr_$VSVAR1
  profile=default_settings
  profile=askplus

[default_settings]
  ASKCHAR=ROM8
  IEEE=1
  ASKODX=1
  ASKJOINS=1
  VMGRLIST=1
  DBCLOSEMODE2=1
  ASK_OLDDATE=1
  HPSPLITYEAR=50
  ASKERR=1
  GAUGE=1
  CISAM=Y
  DISABLE_STREAM_CMD=Y
  ALLOW_EDIT_HOST_FILE=N

[askplus]
  askplus=/usr/bin/nice -20 /ASKPLUS/askplus $VSVAR3