Installer Execution Screens - 20.3

Automate Evolve Installation Guide
Version
20.3
Language
English
Product name
Automate Evolve
Title
Automate Evolve Installation Guide
First publish date
2018

During the installation process, you will move through the screens listed below. The side panel on each screen includes information relevant to the screen you are working with.

  • Welcome
  • Terms and Conditions
  • Pre-Installation Check
  • Windows Feature
  • Configuration Checklist
  • Server Farm
  • Database
  • User Authentication
  • Website
  • Application Pool
  • Installation
  • Finish

The Welcome screen includes the product name and version, and links to system requirements, the Precisely website, and Customer Support.
If you want to stop installation, click Cancel. Click Next to proceed.

The Terms and Conditions screen allows you to accept or decline the terms and conditions, and you can print the page. Also provided here are links to the Winshuttle EULA andthe Winshuttle privacy policy.

Note: The default security settings in IE 11 on Windows Servers block the scripts needed for System requirements URL to operate correctly.

For the link to work properly, add the following entries in the trusted sites list of IE 11:

The Preinstallation Check screen notes the availability of required applications, services, and environments.

For the Studio Manager Server Installer, preinstallation checks confirm the following:

  • OS - Microsoft Windows Server 2016 or 2019
  • PowerShell 5.1 or above
  • Microsoft .Net 4.8.x
  • IIS 10.0 or above
  • SAP GUI 750 or above

If not already installed, Microsoft Visual C++ 2008, 2010, 2013, and 2015-2019 redistributables will automatically be installed.

If the requirements have not been met, the status of each requirement is indicated and Next is disabled. Click Back to return to the Terms and Conditions screen. If you would like to stop the installation, click

Cancel. When all requirements have been met, click Next to continue.

Windows Features screen notes the Windows features enabled with the installation, as listed below.

  • ASP.NET 4.5
  • MSMQ Server Core
  • MSMQ Active Directory Domain Services Integration
  • Web Management Tools
    • IIS Management Console
    • IIS Management Scripts and Tools
    • IIS Management Services
  • Application Development features

    The

    • .NET Extensibility 4.5
    • Application Initialization
    • ASP.NET 4.5
    • ISAPI Extensions
    • ISAPI Filters
  • Common HTTP features
    • Default Document
    • Directory Browsing
    • HTTP Errors
    • HTTP Redirection
    • Static Content
  • Health and Diagnostics
    • Custom Logging
    • HTTP Logging
    • Logging Tools
    • ODBC Logging
    • Request Monitor
    • Tracing
  • Performance features
    • Dynamic Content Compression
    • Static Content Compression
  • Security
    • Request Filtering
    • Windows Authentication

Click Back to return to the Preinstallation Check screen. If you want to stop the installation, click Cancel. Click Next

to proceed.

Configuration Checklist screen lists remaining details required for a successful installation:

  • Authentication Type
  • An existing or new Farm
  • Evolve URL
  • App Pool User
  • Database Server
  • Database Name
  • Database Authentication
  •
    Installation Location

Click Back to return to the Windows Features screen. If you want to stop the installation, click Cancel. Click

Next to proceed.

The Server Farm screen defines the server farm and offers a choice between an existing and a new server farmconnection type.

Definition: a server farm is a collection of two or more servers that share configuration data.

  • If you want to create an NLB setup, connect to an existing DB, or connect to a or a backup DB, click Yes.
  • If you want to create a new server farm, click No. A new DB will be created during installation.

    Click Back to return to the Configuration Checklist screen. If you want to stop installation, click Cancel.Click Next to proceed.

    Database screen requests the database server and name in addition to account-related details.

    Provide the following account details forDB authentication:

    Windows Authentication - for the user executing the Installer

    SQL Server - username and password for the user with access to the server

    By default, the Authentication mode is set to Windows Authentication and the username and password fields are disabled.

    • The database server and name are required if the Authentication mode is set to Windows Authentication.
    • The database server and name, the username, and the password are required if the Authentication mode is set to SQL Server.

      Note: SQL Server 2017 and above are supported.

      A SQL Server database connection can be created with:

    • machine name
    • localhost
    • Use “dot” to indicate the machine currently being used

Cloud db includes additional methods to create a SQL Server database connection.

We do not support localhost and dot. If you want to use “dot” or localhost, all products must be installed on the same machine; please be aware that the Studio Manager server, App Pool, Web site, and Worker services may be impacted.

  • When you click Next, the Installer validates the information you provided. If the validation fails, a descriptive error message will appear.
Possible Validations
Database server and database name fields must be completed.
Username and password fields must be completed for SQL Server Authentication.
Database server details must be valid.
For an Existing Server Farm setup, the database name must already be in use.
For an Existing Server Farm setup, the database must be the same version as the Installer.
For a New Server Farm setup, the database name must be new (not already in use).
For the SQL Server authentication mode, the credentials provided must be correct.

The logged-in user (the installation user) must have both the security admin role and the DB creator role on the SQL server provided. With an Existing Server Farm setup, the logged-in usermust also have the DB

owner role on the DB server provided.
The logged-in user can select the authentication mode (Windows or SQL) to set up the Application connectivity with database and the Application database.

When you have a role ‘higher’ than DB Owner for upgrades, add-WFE, Modify, Repair, or otherprocesses, and when you have a role ‘higher’ than DB creator for a fresh installation, the Installer will not check for

‘lower’ roles such as DB Owner.
Now supporting AWS RDS (SQL Server 2017 and above) for SQL server database.

There is support for database names with up to 120 characters. Increased timeout and extra parameter for DacPac execution: Timeout (/TargetConnectionString:"Server=CHA- EN-

VST602\SQLEXPRESS;Database=WSEvolveDB;Trusted_Connection=Yes;Connection Timeout=600" and

/p:CommandTimeout=600)

Now supporting Azure SQL Managed instance

Note:

Below character set is restricted for the respective fields. An error is thrown in case restricted character set is used.

  • Database Name - " ' * ? ;

 Error message - " ' * ? ; characters are not allowed. Please provide a valid Database Name. 

  • Database Server- " ' * ? ;

Error message - " ' * ? ; characters are not allowed. Please provide a valid SQL Server Name. 

  • User Name - " ‘ ;

Error message -" ‘ ; characters are not allowed. Please provide a valid User Name. 

  • Password - " ‘ ;

Error message - “ ' ; characters are not allowed. Please provide a valid User Password. 

A new database will be created in a New Server Farm setup. With an Existing Server Farm setup, no change will be made to the database schema, but other changes will be configured – changes such as setting user permissions and database roles.

The file growth properties are set to 2 GB for both the database and the database logging files.

For Azure SQL managed Instances and AWS RDS we are using SOL authentication only and windows authentication is not supported. For Application database setup the SQL User must have DB creator and Security admin roles.

Note: The 20.2 Installer is set to Simple. If you are upgrading, it will remain a “full recovery model” (as of version 20.0). We recommend that after upgrading, you set it to Simple.

Click Back to return to the Server Farm screen. To stop the installation, click Cancel. Click Next to proceed.

On the User Authentication screen, select the account to configure for the application authentication – choosing Windows Authentication, SAML Authentication, or OAuth 2.0. (OAuth is an open-standard authorization protocol or framework that provides applications the ability for secure, designated access.)

If you select Windows Authentication, the Windows authentication security feature in IIS is enabled. If you select SAML Authentication, no change is made.

Click Back to return to the Database screen. If you want to stop the installation, click Cancel. Click Next toproceed. The Website screen allows you to indicate where and how you will deploy the application. The website will be deployed and configured according to the details you provide on this screen – you select the website name, secure or insecure mode, the IP, the port, and the host name. For secure mode, you must also select the SSL Certificate.

If SSL Certificate details are fetched when this screen is loaded, and if a new certificate is added, go back and proceed again to the Website screen.

When you click Next, the Installer validates the information you provided. If the validation fails, you will receive an error message.

  • The website name, port number, and host name fields must be completed.
  • With an https address, you must select SSL Certificate.
  • The port number must include numeric values only.
  • The website name and website bindings (a combination of the IP address, the port, and the host)

cannot already be in use.

  1. If you use a port already in use by other services in the system (though not by the IIS), the validations will succeed, and the installation can be completed with that port number. You may, though, be unable to browse the site later. The Installer provides a list of occupied port numbers in the logs.
  2. When installing Studio Manager for the first time on the machine, the default hostname will be the machine name. It is recommended that user should validate the hostname before proceeding for the installation.

    The hostname is changed in the following cases:

    1. If user selects https protocol from http
    2. user provides hostname manually

API Gateway certificate security will only be supported on HTTPS installation and it will not be supported forHTTP or SSL offloading installation.

Click Back to return to the User Authentication screen. If you want to stop the installation, click Cancel. Click

Next to proceed.

On the Application Pool screen, enter the App Pool name and identity. You can choose either of the following for the App Pool Identity:

  • Custom account – provide the username (domain\userid) and password

    The Installer validates the credentials on a “TempDir”. If the credentials are successfully validated, the Installer

    logs the information in the log file (example: “Returning LASTEXITCODE: 0”).

    If the validation of the credentials fails, the Installer logs the information in the log file as follows:

    • wsx\Testuser123: There was no mapping between the account names and security IDs.
    • “Returning LASTEXITCODE: 1332” in the log file. The Installer then displays a message such as the one below:
Special characters are supported for the username and password.

If Group Managed Service Account selected, then Username should be like domain\account$ (last character should be $).

Group Managed Service Account authentication check will be skipped

Note: Group Managed Service Account should be configured on installed machine. On Evolve/Worker Installation, if Group managed account is used as app pool user then Installer will not be validating the account so customer must provide correct and valid value.

When you click Next, the Installer validates the information provided. If the validation fails, you will receive an error message.

  • The app pool name field must be completed.
  • An existing app pool name cannot be used.
  • Username and password fields must be completed for a custom account
  • Credentials must be valid with a custom account.

The following modifications are made during installation, in accordance with the app pool settings you provide. The App Pool Identity user is provided with the following DB roles and permissions:

  • WSDBAccessRole: with CONNECT, SELECT, EXECUTE, DELETE, INSERT, UPDATE, CREATE VIEW, ALTER

ANY SCHEMA, VIEW ANY COLUMN ENCRYPTION KEY DEFINITION, VIEW ANY COLUMN MASTER KEY

DEFINITION, VIEW DATABASE STATE permissions on Application DB

  • WSDBReportRole: SELECT, VIEW ANY COLUMN ENCRYPTION KEY DEFINITION, VIEW ANY COLUMN MASTER KEY DEFINITION permissions on Reporting DB

The App Pool Identity user is added to the default schema of the DBO. Allow Access rights (ReceiveMessage, PeekMessage, ReceiveJournalMessage, GetQueueProperties, SetQueueProperties, GetQueuePermissions, ChangeQueuePermissions, TakeQueueOwnership, WriteMessage) on MSMQs, and full control rights on private queues with Winshuttle Studio Manager are provided as follows:

  1. If NETWORK SERVICE is selected, the NETWORK SERVICE account will be provided the rights on MSMQs.
  2. If Application Pool Identity is selected, IIS AppPool\<AppPoolName> will be provided the rights on MSMQs.
  3. If Custom Account is selected, the custom account will be provided with the rights on MSMQs.

Click Back to return to the Website screen. If you want to stop the installation, click Cancel. Click Next to proceed.

On the Installation screen, designate the destination directory for installation. You can either use the default path provided or click Browse to select a different path.

The Studio Manager Server folder gets Read permissions to “IIS_IUSRS” – local machine group. The Studio Manager Server folder gets Read permissions to “IUSR” – local machine user.

  • Read & execute
  • List folder contents
  • Read

Note: A warning message is displayed if the provided installation directory is not empty when installing for thefirst time. It is recommended that user should provide an empty directory and then proceed for the installation.

Click Back to return to the Application Pool screen. If you want to stop the installation, click Cancel. Click Next

to proceed.

Click Back to return to the Application Poolscreen. If you want to stop the installation, click Cancel. Click Next toproceed.

The Installation screen post destination path includes details you previously provided. You can verify that all configurations are correct.

The Installationscreen will display the current status, as in the example below

The Finish screen indicates a successful installation and includes the configurations. To launch the site, check
the Launch Site checkbox and click Finish.

  1. If you are doing a fresh installation of the server and there are keys for SAP GUI entries, the Installer sets those keys to zero. If keys for SAP GUI entries do not exist, the Installer establishes new keys with a default value of zero.
    • Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\SAP\SAPGUI Front\SAP Frontend Server\Security - Key: Security Level
    • Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\SAP\SAPGUI - StartSAPLogon
  2. If Studio Manager Server and Studio Manager Worker will be installed on the same machine, the following SAP GUI registry entries will be reset to 0 on every fresh and repair installation.
    • SecurityLevel
    • StartSAPLogon