SecureDoc Web Reporting Installation (a how-to document)
Affected Platforms : Windows Server 2003, IIS 6
1 Automatic Installation
1.1 Pre-requisites
Minimum: Windows Server 2003, IIS 6
Microsoft .Net Framework version 3.5 SP1
Microsoft Chart Controls
Crystal Reports Runtime
Browser: IE 7
Screen Resolution: Minimum: 1200 pixels width
1.2 Installation Steps
On the Windows Server:
1. Run the provided installation executable.
2. You must re-boot if .Net 3.5 SP1 is installed during this process
1.3 What the Installation Package Does
The installation process performs the following:
Installs .Net framework version 3.5 SP1
Installs MS Chart Controls for .Net 3.5 SP1
Installs Crystal Reports Runtime (CR 2008 SP1)
Copies the "SecureDocWeb"� application files to "\inetpub\wwwroot"�
Creates an IIS application with "Scripts and Executables" for the copied folder (using the Default application pool)
Changes the authentication scheme by removing anonymous and adding Windows authentication
Changes the ASP.Net framework to 2.0
1.3.1 Database Preparation
To carry out the next step, you need to be a member of the "db_owner"� role in the SES database:
3. Add the required views to the database (App_Data\SESWebreporting.sql) by opening up a command prompt and running "sqlcmd"� with the following parameters (replace "server\instance"�, "dbname"�, "sa", and "password" with appropriate values for your database):
When using Windows Authentication:
sqlcmd ""E ""S server\instance ""d dbname ""i SESWebReporting.sql
When using SQL Server authentication:
sqlcmd ""U sa ""P password ""S server\instance ""d dbname ""i SESWebReporting.sql
1.3.2 Web Application Setup
The SES reporting application requires a database connection to the SES database. WinMagic recommends that this connection be established under a login ID that has read-only permissions on the SES database. For instance, the login ID could be a member of the "db_datareader"� role in SQL Server on the target SES database.
Using the IIS manager:
4. Modify "web.config"� either using notepad or using ASP.Net tab; change the data source to point to the database
If the database is local and the version is SQL Express 2005 or 2008, you can use this sample:
Data Source=.\sqlexpress;Initial Catalog=SESDBNAME; Integrated Security=True
If the database is local but SQL Server is a full install (not express):
Data Source=.;Initial Catalog=SESDBNAME; Integrated Security=True
If the database is on a different machine, use this sample:
Data Source=DBServer;Initial Catalog=SESDBNAME;User ID=sa; Password=sapassword
NOTE: To successfully authenticate and connect to a remote database using Windows Authentication, the default Windows user running the application may have to be modified. By default, IIS assigns the Memory pools to run under "Network Service"�. It is very likely that this machine-specific user does not have the privileges to connect to the database server. Ensure that the corresponding identity for the memory pool for the SES reporting application is changed accordingly.
5. To authorize users to use the SES reporting application, you need to edit the file "SecureDocWeb\App_DATA\WMRoles.xml"�:
There are currently two distinct recognized roles:the "Report Manager"� (who may view all device, user, and key reports), and "Auditor" (who can view the audit log entries).
For each role, add the intended users by typing their domain name and user IDs in the following format:
<Member>DOMAIN\USERID</Member>
6. Restart IIS
1.3.3 Launching the Application
On a separate machine or on the same server:
7. Launch the browser and navigate to: http://localhost/SecureDocWeb/
2 Manual Installation
If you would like to install the SecureDoc Web Reporting application on a different server or install a second instance of the application on the same server, the following steps must be performed prior to the steps in 1.3.1 and 1.3.2.
1.Download and install .Net framework 3.5 SP1 if not installed already (Free)
2. Reboot
3. Download and install MS Chart Controls for .Net 3.5SP1 (Free)
4. Download and install Crystal Reports 2008 SP1 runtime if not installed already (licensed by WinMagic for distribution)
5. Copy the supplied web application (SecureDocWeb) to \inetpub\wwwroot
NOTE: If you are creating a second instance on the same machine, then you need to rename the copied folder to something else.
Using IIS Manager:
6.Expand the "Default Web Site"� and right click on the Web Reporting folder you just created. From the context menu, select Properties. On the "Directory" tab, click Create. On the "Execute permissions"�, select "Scripts and Executables"�.
You can use the default application pool or create a new one.
7. On the "Directory Security"� tab click "edit"� beside "Authentication and access control"�. Check off the Anonymous authentication. Enable "Integrated Windows authentication"�.
8. On the "ASP.Net"� tab, change the ASP.Net version to 2.0.xxxx.
2.1 Alternate Authentication Setup
Under Manual Installation-Step 7, the authentication can be set to something other than "Integrated Windows authentication". This option is chosen as the default because it means the users do not have to type in their user-id and password if they are already logged on to the same domain.
However, other types such as Basic Authentication or Digest Authentication can be set up.
3 Troubleshooting
3.1 Environment""related Issues
If the IIS environment is not configured correctly, the browser page will show an IIS error message.
3.1.1 ASP.Net Version is Incorrect
Symptom:
Fix:
Change the ASP.Net version for the web reporting application in IIS to 2.0 or higher (see Manual Installation "" step 8)
3.1.2 Missing Components
The web reporting application relies on specific libraries and components: .Net 3.5, MS Chart Controls, and Crystal Reports runtime. If any of these components are missing, an IIS error page is displayed.
Symptom:
Fix:
Perform the automated or manual installation again.
3.1.3 Non-existent IIS Application
If an IIS application is not created (or created but removed later on), an error similar to that shown below is displayed. To fix the error, make sure that you carry out the IIS manager steps in Manual Installation.
3.2 Application""related Issues
If the application settings or the connection strings are incorrect, an error message is shown at the top of the page (in red text). If the message is descriptive enough, change the appropriate setting, restart the browser and navigate to the application home page.
3.3 Authorization Issues
If the current user on the browser has insufficient permissions for a report(s), an "authorization denied" message is displayed (see below).
The problem could be caused by a few mis-configurations:
"App_Data\WMRoles.xml" does not have an entry for the user for the correct role, or the entries are mis-typed.
·The IIS application is not configured to use Windows Integrated security or the application is allowing anonymous users (see Manual Installation).
·The user belongs to a domain or workgroup not trusted by the IIS server.