1 / 42

COMMANDbatch Security and Administration

COMMANDbatch Security and Administration. Mark Sinclair msinclair@commandalkon.com 205-879-3282 ext. 2122. Session Objective.

milt
Download Presentation

COMMANDbatch Security and Administration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. COMMANDbatch Security and Administration Mark Sinclair msinclair@commandalkon.com 205-879-3282 ext. 2122

  2. Session Objective • This session is designed for those who manage and administer your COMMANDbatch system. The session will focus on user security, back-up utilities, software reinstallation, and the software upgrade process. COMMANDbatch Security and Administration

  3. COMMANDbatch Users • Access to your data should be restricted to protect the plant configuration and limit access to sensitive information • COMMANDbatch Users should not be confused with Windows Users. • To add new users you must login to COMMANDbatch using the ‘sa’ user. • COMMANDbatch has a highly configurable security setup • Forms can be fully or partially locked out • Components (Fields) on the Forms can also be hidden or locked out COMMANDbatch Security and Administration

  4. COMMANDbatch Users • Users form is used to add or modify existing users. • Super User will have access to all forms except for Soft Manual Station. • Non-Super User will require Form Authorizations to be configured • Group Authorizations can be assigned to users COMMANDbatch Security and Administration

  5. User Password • A Password is initially required for any new users • The user can use the ‘User Information’ form to change their password COMMANDbatch Security and Administration

  6. User Forms Editing Permission • The Editing Permissions is used to restrict the user from making changes to the form design • Experienced Windows users can be configured for Basic to allow them to change grid column widths and position, change Form Size/Splitter position, and Field Labels and positions. • Most Users should be set to None so they can’t accidently modify a form design COMMANDbatch Security and Administration

  7. User Plant Context Form • The Change Plant form is used on Multi-Plant configurations • This will allow the user to switch control from one plant to another. • This configuration requires each plant to be within the same site location • This form is also used for language support • The error messages will display in the selected language COMMANDbatch Security and Administration

  8. User Extensions – Rules Tab • The Rules on the User Extensions form allows restriction on the Batch Setup for a Dispatched Ticket • Viewing Prices can be restricted on the Batch Setup and Orders forms COMMANDbatch Security and Administration

  9. User Extensions – Batching Tab • The Batching Tab allows users to change the behavior of COMMANDbatch while batching • Default Sequence should ONLY be used on a Remote Batch user • Load Status will determine when the Ticket will move from the Current View to the History View on Batch Setup • Batch Setup Sort Type will determine the sorting order of the Tickets on Batch Setup COMMANDbatch Security and Administration

  10. User Extensions – Colors Tab • The Order colors allows the user to customize the colors for the different Order Statuses • The Low Inventory color is the only color setting under the Ticket that currently functions • The Alert Sounds allow for a sound file to be played for these events • LowInventoryAlert.wav • NotificationAlert.wav • NotificationLoadAlert.wav • WINXP:C:\Program Files\COMMANDbatch\Custom\Scripts • WIN7:C:\ProgramData\CAI\COMMANDbatch\Custom\Scripts COMMANDbatch Security and Administration

  11. Users - Authorizations • The Object Authorizations for User form is used to select which forms this User has access to and what privileges he/she has on that particular form COMMANDbatch Security and Administration

  12. Users – Form Privileges • You have 7 privilege levels you can control for each form you allow access to. • Delete • Edit (Modify) • Execute (Open) • Insert (Add New) • Read (Show/Hide) • Update (Read Only) • Bulk Update (Change multiple records at one time) COMMANDbatch Security and Administration

  13. Users – Component Privileges • The Component Privileges allows you to control access to individual fields (components) within the form COMMANDbatch Security and Administration

  14. Users – Component Privileges • The Component Authorization for User form will allow you to select fields (components) from a particular form and control the Read (Show/hide) and Update (Read Only) privileges. COMMANDbatch Security and Administration

  15. Users – Group Authorizations • User Groups can be configured to make it easier to assign to existing or new users without having to configure individual user authorizations. COMMANDbatch Security and Administration

  16. Users – Group Authorizations • The Object Authorization for Groups is the same as the Object Authorizations for Individuals. • NOTE: A zero will have to be entered to revoke the privileges in this form. COMMANDbatch Security and Administration

  17. Users – Group Component Privileges • The Component Authorization for Groups is the same as the Component Authorizations for Individuals. • NOTE: A one will have to be entered to grant the privileges in this form. COMMANDbatch Security and Administration

  18. Exporting and Importing Users • Users and User Groups can be exported out of COMMANDbatch and imported into another COMMANDbatch system COMMANDbatch Security and Administration

  19. Windows Users • CAI configures two default users inWindows • COMMAND BATCH • USER • The COMMAND BATCH is the normal user with no password • The USER is used for remote access, since windows requires a user with a password for remote access COMMANDbatch Security and Administration

  20. Setting up Restricted Windows Users • COMMANDbatch requires a user with administrative privileges to the local machine to perform installations or patches • General operation will work with no additional modifications for Admin or Power Users • Restricted users will require some modifications to Windows Registry keys and file folder security settings to allow general operation • Note: See the Install.pdf file located on your CMDbatch system’s Documentation folder for details. COMMANDbatch Security and Administration

  21. Microsoft SQL Server 2008 R2TM COMMANDbatch stores… • All user entered information in a database file called ‘ebatch’ (typically contains up to 90 days of ticket information) • Ticket info > 90 days in the ‘ebatch_archive’ database file • (Inventory transactions, such as, Auto and Manual Usages, Inventory Receipts, and Inventory Adjustments are not archived by default) • Forms information in the ‘ebatch_forms’ database file • Forms data consist of field labels and positions. • Form sizes and grid settings COMMANDbatch Security and Administration

  22. Database Utility • DBUtility program is a tool used to perform database backup and recovery operations. • The typical user would not need access to this program. COMMANDbatch Security and Administration

  23. DBUtility – Database Actions • Under the Settings section you can select one of the following Database Actions in the drop-down menu: • Install New Database • Upgrade Database(s) • Restore Database(s)* • Apply Database Patches • Archive Database Maintenance • Repair Database • Backup Database(s)* • Archive Database • Purge Database • End of Year Maintenance • Repair User • Verify Database(s) Integrity • Reset CPM Sync Values • Database Maintenance • Precision Water System Maintenance • Start/Stop Services COMMANDbatch Security and Administration

  24. DBUtility - Backup • DBUtility can be used to manually or automatically backup the Database files • The backup, archive, and purge process is normally ran through the “End of” Day process • Backing up the databases using DBUtility will not copy the backup files to an external drive automatically, i.e. CD, Network Share, or USB Flash drive. • The default local drive backups are stored on the • WINXP: C:\Program Files\COMMANDbatch\Custom\DBBackup • WIN7: C:\ProgramData\CAI\COMMANDbatch\Custom\DBBackup COMMANDbatch Security and Administration

  25. Database Backup - External Drive • The “End of” process can be configured to Write the Database backup files to a CD or USB Flash drive • This process uses the ‘ebcdburn.exe’ program to compress the latest database files and any files under the following folder: • WINXP: C:\Program Files\COMMANDbatch\Custom • WIN7: C\ProgramData\CAI\COMMANDbatch\Custom • and compresses them to a CBBackupFiles.zip that is written to the external drive. COMMANDbatch Security and Administration

  26. Archive Control • Archive Controls allows you to control what is archived and how long to keep current data in the ‘ebatch’ database. • Auto Archive/Purge and Backups can be enabled COMMANDbatch Security and Administration

  27. PC Requirements • Currently all CMDbatch versions support Windows XP Professional (32bit Only) • CB1.8.x.x or higher supports Windows 7 (64bit Only) Enterprise(English/Non-English) or Professional(English Only) • This includes Main and Remote installations COMMANDbatch Security and Administration

  28. PC Requirements • Main Batching PC (external RTC) • 2.0Ghz or faster CPU • 2GB of RAM (4GB WIN7x64) • DVD-RW Drive • 80GB HDD or greater (7200RPM preferred) • 20 GB free disk space • Integrated 10/100MB NIC for the Business Network • Intel GigaLAN PCI Express NIC for the CBControlNet • (1) Parallel Port for Ticket or Batch Weights • (1) Serial Port • Main Batching PC (vRTC) • Please contact CAI Batch Service for hardware specifications COMMANDbatch Security and Administration

  29. Recommended PC Protection • PC must be protected by an Anti-Virus and Anti-Malware program which will need to be purchased and maintained by your IT department. • Uninterruptable Power Supply (UPS) • Should be capable of supplying power to the PC and monitor long enough for the operator to properly shutdown the PC • CAI can supply an APC 450VA (250Watt) UPS • Dust Enclosure or perform routine cleaning of the PC and Printer(s) COMMANDbatch Security and Administration

  30. Network Firewalls • Network firewalls, hardware or software, are also effective ways to protect the PC from unauthorized access • COMMANDbatch will require special considerations when using firewalls • SQL Server Database requires port 1433/TCP • CBManager requires port 3000/TCP • Remote Clients and RTC requires port 1200/TCP • RTC Error logging requires port 1202/TCP • UltraVNC Remote Control Software requires port 5900/TCP • Load Event Status (Truck Signaling) Interface is typically configured for port 2105/UDP • Dispatch TCP/IP Link Interface is typically configured for port 7000/TCP COMMANDbatch Security and Administration

  31. COMMANDbatch Software Installation • When CAI supplies the PC you will receive… • Dell Windows OS installation CDs • Dell Device Driver CD • vRTC Recovery CD/DVD/USB, if applicable • CAI also provides all COMMANDbatch customers with… • COMMANDbatch Installation CD/DVD/USB • COMMANDbatch Tools CD/DVD/USB • It is very important that you store these CDs/DVDs/USBs in a safe and accessible area for future system recovery in an event of a PC failure COMMANDbatch Security and Administration

  32. COMMANDbatch Software Installation • The COMMANDbatch Installation CD/DVD/USB will allow you to reinstall COMMANDbatch and any of it’s support applications • If Autorun is enabled on the CD/DVD drive the COMMANDbatch Install Menu will appear when inserted into the CD drive COMMANDbatch Security and Administration

  33. COMMANDbatch Software Installation • A full COMMANDbatch installation is required if upgrading to a newer major version • i.e. 1.7.x.x to 1.8.x.x • An upgrade patch can only be performed for the same major version • i.e. 1.8.2.0 patch can be performed on any previous 1.8.x.x versions • 1.8.2.0 patch can NOT be performed on a 1.7.x.x version COMMANDbatch Security and Administration

  34. COMMANDbatch Software Licensing • All COMMANDbatch systems with 1.06.x and higher require a License file to be used to brand the system. • The License file will be your system’s S.O. (Sales Order) number • Once a system is branded with that license on the first CB installation the license file is not required on future reinstallations or upgrades (except for upgrades to 1.8) • A system that was branded with the incorrect license can be rebranded using rebranding files supplied by a CAI’s Batch Support Specialist COMMANDbatch Security and Administration

  35. COMMANDbatch Software Licensing • COMMANDbatch systems with 1.8.x.x and higher will enforce license checking • Additional Plant Controls will require the appropriate license (Note: Do not add any additional controls until the correct license is added or the system will not allow for future production) • Order Entry and Projects will require the appropriate license • 2nd Client/Remote Batch Clients will require the appropriate license COMMANDbatch Security and Administration

  36. COMMANDbatch Installation Types • Main Batching PC (active) which is the typical installation for single PC setups • Main Batching PC (inactive) which is used as a remote client in a multi-plant configuration but can be converted to a Main Batching PC in event the Main Host Batching PC fails • Remote PC which is for Remote Order Entry, Data Entry, Supervisory or Remote Batching COMMANDbatch Security and Administration

  37. Automating CB Software Installation • Install.ini file can be configured to automate the installation of COMMANDbatch • This file defines… • if the Installer’s Welcome screen is displayed • what drive COMMANDbatch is installed on • what install type to perform • whether COMMANDassist (ARA) is installed • whether CAI’s Annoucement Service is installed COMMANDbatch Security and Administration

  38. COMMANDbatch Software Update Center • The Update Center allows you to download upgrades and control which plant sites have access to download and what version they can download https:/updatecenter.commandalkon.com/cb COMMANDbatch Security and Administration

  39. COMMANDbatch Software Update Center • The Web Browser form inside COMMANDbatch or Internet Explorer can be used to access this site COMMANDbatch Security and Administration

  40. COMMANDbatch Software Update Center • COMMANDbatch Web Browser can be configured to default to the Update Centers webpage • An ActiveX Control will need to be downloaded the 1st time so the Update Center can determine the S.O.# of the PC COMMANDbatch Security and Administration

  41. COMMANDbatch Announcement Service • The Announcement Service is installed by default on new CB systems • Internet access is needed for this to operate • The following announcements can be displayed… • Upgrades • Critical • Informative COMMANDbatch Security and Administration

  42. Please Complete Your Evaluation • Be sure to circle the session you are evaluating on the back of your card • Batch Plant Automation (Track name) • BAT-003 (session code) • COMMANDbatch Security & Administration (session title) • All breakout session materials can be accessed at:www.commandalkon.com/cc2013/update/index.htm • Thank You! COMMANDbatch Security and Administration

More Related