windream Failover Cluster Installation

windream windream Failover Cluster Installation windream GmbH, Bochum

Copyright 2006-2011 by windream GmbH Wasserstr.219 44799 Bochum Stand: 06/11 1.0.0.3 Alle Rechte vorbehalten. Kein Teil dieser Beschreibung darf in irgendeiner Form (Druck, Fotokopie oder einem anderen Verfahren) ohne Genehmigung der windream GmbH reproduziert oder unter Verwendung elektronischer Systeme verarbeitet, vervielfältigt oder verbreitet werden. Wichtige Hinweise Alle Informationen und technischen Angaben dieser Beschreibung wurden von den Autoren mit größter Sorgfalt zusammengetragen. Sie können jedoch weder Garantie noch juristische Verantwortung oder irgendeine Haftung für Folgen, die auf fehlerhafte Angaben zurückgehen, übernehmen. Wir weisen darauf hin, dass die in dieser Beschreibung verwendeten Softund Hardwarebezeichnungen und Markennamen der jeweiligen Firmen im allgemeinen einem Warenzeichen-, Marken- oder Patentrechtschutz unterliegen.

Inhalt i Inhalt windream Failover Cluster Installation Configuration windream on a Failover Cluster 1 windream Server Installation 1 Requirements 1 Installation 1 After the Installation 2 windream Administration 3 windream Services 3 windream Maintenance Mode 3 windream User and Group Accounts 3 windream ArcLink Installation 3 windream Client Installation 4 windream web portal Installation 4 windream with Firewall 4 windream Installations with windream Share Drive on a Windows Server 2008 R2 Failover Cluster 6 Configuration 6

Configuration windream on a Failover Cluster 1 Configuration windream on a Failover Cluster This document serves as a guideline for the installation, configuration and administration of windream for windream Server installations on a failover cluster. windream Server Installation Requirements The requirement for the installation of the windream Server on a cluster is an installed Windows 2000/2003/2008 Cluster with configured database access (i.e. SQL Client or Oracle Client). Installation Install windream Server on all nodes The windream Server must be installed separately on all cluster nodes. Please make sure that all settings are identical (e.g. installation path, path for file storage etc.). The windream temporary directory should be a local directory. File storage on a shared drive The file storage must lie on a shared drive. Install windream database on first node only For installations on the first node, the database must be installed as well (user-defined installation with database components). For all further nodes, the windream Server must be installed without a database (user-defined installation without database components). Do not start windream services At the end of the installation, the windream services may not be started. windream users and groups You may only select domain accounts for the windream mainuser and the windream user main group. The windream user main group must also be a global group (otherwise, it cannot be used for DCOM rights). Exception: For native Windows 2000/2003 domains, a universal group can be used, too. However, please consider that the windream group administration will only read users and NO subgroups for universal groups.

2 Configuration windream on a Failover Cluster After the Installation Change start type of windream services to Manual After the installation, the start type of the windream services (windream Agent, windream DMS Service, windream TCP Service, windream Fulltext Service) must be set Manual. Create and configure group/service or application of type Common Service in the cluster administration Now, a new group is created in the cluster administration. In this group, the following resources are created: Physical storage medium (file storage) IP address (IP address of virtual server) Network name (host name of virtual server) Default service windream DMS Service Default service windream TCP Service Default service windream Agent Default service windream Fulltext Service (service name: WMFt) Default service windream Thumbnail Service Default service windream Objectstore Service Default service windream ArcLink Service (only in windream ArcLink installations). For all resources of type Default Service option Use Network Name as Computer Name must be active in the parameters. The following dependencies should be entered: Network name dependent on IP address. windream DMS Service dependent on network name, and physical storage medium. All other windream default services dependent on the windream DMS Service. Keys in the registry application of the DMS Service Also, the following keys should be entered in the registry application of the windream DMS Service: SOFTWARE\A.I.S. GmbH\windream\3.6\CommonFiles SOFTWARE\ A.I.S. GmbH\windream\3.6\Database SOFTWARE\ A.I.S. GmbH\windream\3.6\DBG SOFTWARE\ A.I.S. GmbH\windream\3.6\FSD SOFTWARE\ A.I.S. GmbH\windream\3.6\Connection SOFTWARE\ A.I.S. GmbH\windream\3.6\Fulltext

Configuration windream on a Failover Cluster 3 SOFTWARE\ A.I.S. GmbH\windream\3.6\License SOFTWARE\ A.I.S. GmbH\windream\3.6\Reporting SOFTWARE\ A.I.S. GmbH\windream\3.6\Event SOFTWARE\ A.I.S. GmbH\windream\3.6\Annotation SOFTWARE\ A.I.S. GmbH\windream\3.6\Shell SOFTWARE\ A.I.S. GmbH\windream\3.6\WMC SOFTWARE\ A.I.S. GmbH\windream\3.6\Thumbnails SOFTWARE\ A.I.S. GmbH\windream\3.6\TextExtraction windream Administration windream Services On a cluster, the windream services may no longer be started via the Windows Service Manager or the windream Service Manager. The corresponding functions of the cluster administration must be used instead. For this purpose, simply set the corresponding group in the cluster administration to Online or Offline. windream Maintenance Mode Furthermore, menu item Start Maintenance Mode in the windream Management Console may no longer be used, since it also uses the Windows Service Manager. Instead, tool WMClus must be used. It executes the same function via the cluster API. windream User and Group Accounts If windream is executed on a cluster, no local user and group accounts may be used, except if all cluster nodes are domain controllers of a common domain. This limitation is necessary, since otherwise all changes to the user and group accounts would have to be executed separately on all cluster nodes. Also, they would actually be different users/groups, even then (the operating system IDs would differ). These various IDs could then result in problems when adjusting the windream Management Console. windream ArcLink Installation For installations of windream ArcLink on a failover cluster, value ManualValid must be set manually on each node in the Windows Registry under key HKLM\SOFTWARE\Wow6432Node\A.I.S. GmbH\windream\3.6\Connection\.

4 Configuration windream on a Failover Cluster Here, the last part of the cluster IP address is entered as a Hex value. For this purpose, the last part of the IP address, e.g. for IP address 172.12.0.117, the decimal number 117 must be converted to a Hex value (here: 75). Then, the digits must be inverted and the value (here: 57) must be entered for registry entry ManualValid. windream Client Installation The installation and use of the windream Client for cluster installations is not different from the installation on other windream Server configurations. The name of the virtual server must be used as a server name for the installation (Cluster Administration>Resource: Network Name). In case of a failover, the connection to the server must be reestablished manually (close and restart windream Control Center). windream web portal Installation Das windream web portal pro is first installed normally on all nodes. Please make sure that setup type Web Server is selected. After the installation, a new resource of type IIS Server Instance is added to the windream group via the cluster administration. In the properties of the resource, select parameter WWW and the IIS Server created during the web portal installation. In the dependencies, enter the IP address and the network name of the windream group (if the web portal shall be accessed via another IP address, you can also create a second IP address/network name pair and set it to these resources). windream with Firewall The Windows cluster requires DCOM/RPC for the synchronization of the cluster nodes and for the cluster administration. Therefore, the corresponding ports may not be blocked by a firewall. Further information on the configuration of a firewall on a Windows cluster can be found in the TechNet articles Enable a network for cluster use and Using Windows Firewall with a server cluster, to be found online under URL "http://www.microsoft.com/technet". Further information on this topic can be found in the following articles: "Using Windows Firewall with a server cluster" http://technet2.microsoft.com/windowsserver/en/library/e0 2eff65-f863-4bf5-aa22-773628a8f8b51033.mspx?mfr=true

Configuration windream on a Failover Cluster 5 "Enable a network for cluster use" http://technet2.microsoft.com/windowsserver/en/library/2 52262df-acd5-484d-b7b3-80ffe0d9d1b21033.mspx "An "Error 1721" error message occurs when you use Cluster Administrator" http://support.microsoft.com/kb/826154 "How to configure RPC dynamic port allocation to work with firewalls" http://support.microsoft.com/kb/154596/en-us "Using Distributed COM with Firewalls" http://msdn.microsoft.com/library/default.asp?url=/library/e n-us/dndcom/html/msdn_dcomfirewall.asp A short summary: If you are protecting your network with a firewall other than Windows Firewall, take note of the following list of ports needed by server clusters: 135 (RPC endpoint mapper/dcom). 135 (RPC endpoint mapper over UDP). 3343 (used by the Cluster Network Driver). 445 (SMB). 139 (NetBIOS session service). For cluster nodes running many services, ports 5000-5099 (or more) might need to be open for remote RPC connectivity to Cluster Administrator. When these ports are closed, event log error 1721 might occur when you connect to a cluster through Cluster Administrator (unless you just type a period in Cluster Administrator). This problem can occur because the Cluster service requires at least 100 ports for communication through remote procedure calls (RPC). The number of ports available to the Cluster service can become too small when other services are using some of the necessary ports. Such services include Windows DNS service, Windows Internet Name Service (WINS), the Microsoft SQL Server service, and others. If the nodes are separated by a firewall, ports 8011-8031 must be open for internode RPC connectivity. Otherwise, errors in the cluster log will indicate that a "Sponsor" is not available. These errors occur because there are not enough ports available for RPC communication between a node that is trying to join the cluster and a node that can "sponsor" that node.

6 Configuration windream on a Failover Cluster windream Installations with windream Share Drive on a Windows Server 2008 R2 Failover Cluster In order to operate the windream Server and the windream Share Drive on a Windows Server Failover Cluster, the windream Server will be installed on all nodes. Additionally, the windream Share Drive will be installed on all nodes. Note: This installation and the configurations for operating the windream Server and the windream Drive on a Windows Server failover cluster were tested on a Windows Server R2. An initialization of a corresponding installation with analogous settings under Windows Server 2003 R2 is probably possible, too however, it has not been tested. Installation The installation of the windream Server is carried out like a windream installation without Share Drive (see also "Installation", page 1): The file storage must lie on a Shared Drive. The windream database may be installed on the first node only. The windream services may not be started. You may only select domain accounts for the windream mainuser and for the windream user main group. Additionally, the windream Share Drive will be installed on all nodes. The system can then be configured in such a way that either the windream Server and the Share Drive run simultaneously on one node by default or, for a higher efficiency of the computers, that the windream Server runs on a cluster node and the windream Share Drive on another node by default. Configuration After the installation, as after the installation of the windream Server without windream Share Drive, the following configurations must be made (see also "After the Installation", page 2): The start type of the windream services must be changed to Manual.

Configuration windream on a Failover Cluster 7 A new group must be created and configured in the cluster administration in which the required resources are configured. The keys in the registry application of the DMS Service must be entered. Furthermore, other settings are required: Access to network share (windream Share Drive) via DNS Alias name Since the Share Drive of both cluster nodes must be accessed, the name of the corresponding computer (node) cannot be used for the UNC path. In order to access the Share Drive, they must be accessible via the Alias cluster name of the virtual server (e.g. WDCluster). This is only possible via a corresponding DNS Alias and from Windows Server 2003 R2 forward requires additional configurations in the Windows Registry of the corresponding nodes. See also "Access to Network Share via DNS Alias Name with Registry Key "DisableStrictNameChecking"". Configure automatic restart of VFS Service In order to enable the switch from one cluster node to the other and thus the access of the windream Clients to windream via the share drive, the VFS Service on the corresponding node must be closed and restarted once the windream Server (DMS Service) is stopped on one cluster node and started on another (see "Configure Automatic Start of VFS Service "). Automatic activation/deactivation of task "Archive and Delete windream Objects" The job (scheduled task) is installed with the windream installation and configured and activated in the Windows Task Planner. The task starts the windream Agent in regular intervals, which archives the windream documents. In order for the windream Agent to always be started on the cluster node only, the task must be activated or deactivated on the corresponding node, once the DMS Service is closed on one node and started on another (see "Configure Automatic Activation/Deactivation of Task "Archive and Delete windream Objects " "). Access to Network Share via DNS Alias Name with Registry Key "DisableStrictNameChecking" From Windows Server 2003 R2, access to network shares via a DNS Alias name is no longer possible.

8 Configuration windream on a Failover Cluster In order to enable access to the windream Share Drive via the cluster name of a virtual server (Cluster Administration>Resource: Network Name), an additional value of type DWORD Value (32 Bit)must be added in the Windows Registry under key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Se rvices\lanmanserver\parameters and be set to value 1. Note: This setting must exist on all cluster nodes on which the share drive is installed. Configure Automatic Start of VFS Service In order to configure the system in such a way that the VFS service is started automatically on the corresponding node after closing the DMS Service (switch from one node to another), proceed as follows: I. Copy scripts into the script directory of the windream installation directory 1. Copy script vfssvc_watch.vbs on both Cluster Nodes into the script directory in the windream program directory (e.g. C:\program files\windream GmbH\windream\scripts). 2. Copy Reconnect_VFSIDX.vbs on both cluster nodes into the script directory in the windream program directory (e.g. C:\program files\windream GmbH\windream\scripts). II. Cluster administration settings for the VFS Service 3. Make sure that a resource exists and is configured for the VFS Service in the cluster administration under Services and Application (e.g. devshare). III. Adjust entries in the Windows Registry 1. The windream DMS Service must be accessible for the Share Service via the network name of the resource. For this purpose, two additional entries must be added on both cluster nodes in the Windows Registry under key [HKEY_LOCAL_MACHINE\SOFTWARE\A.I.S. GmbH\windream\3.6\Connection]: "SVCRemoteServer"=<Network name of the DMS Resource> (Type String of Characters), e.g. SVCRemoteServer=DEVWDCLUSTER)and "UseSVCRemoteServerOnly" of type DWORD Value (32 Bit)and value 1.

Configuration windream on a Failover Cluster 9 IV. Assign administrative rights for the windream mainuser 1. Make sure that the user account of the windream mainuser possesses administrative rights on the cluster nodes, entitling the account to set the resource for the VFS Service to offline or online. V. Create task "VFS_RECONNECT" in the Scheduled Tasks Now, create a task named VFS_RECONNECT on both cluster nodes in the Task Planner. 1. Open the Task Planner. 2. Select command Create Task. Figure 1: Create new task VFS_RECONNECT 3. On tab page General, enter name VFS_RECONNECT. 4. Select the user account of the windream mainuser (e.g. MyDomain\windream), as the account to be used for executing the task. 5. Activate option Execute Independent of User Log-On (save with password). 6. Check box Execute with Highest Privilege. 7. Switch to tab page Actions.

10 Configuration windream on a Failover Cluster Figure 2: Properties of VFS_RECONNECT - Actions 8. Via button New, enter the program with the parameters to be executed. For this purpose, select action Start Program in dialog field New Action, program wscript.exe in field Program/Script and enter the following parameters in field Add Arguments (optional): //B "C:\Program Files\windream GmbH\windream\scripts\Reconnect_VFSIDX.vbs" 9. On tab page Conditions, the default settings can be kept. Figure 3: Properties of VFS_RECONNECT - Conditions

Configuration windream on a Failover Cluster 11 10. Switch to tab page Settings. Figure 4: Properties of VFS_RECONNECT - Settings 11. Activate options Allow Execution of Task on Demand and Enforce Cancelling of Active Task if not Closed on Demand. VI. Configure script resources in the cluster administration In the failover cluster administration, a script resource for script vfssvc_watch.vbs must be integrated via the corresponding commands under Services and Applications in the group of the VFS Service (e.g. devshare). 1. For this purpose, configure a script resource named vfssvc_watch skript of type Common Script (path of script vfssvc_watch.vbs, e.g. C:\program files\windream GmbH\windream\scripts). The resource must be dependent on the resource of the VFS Service (e.g. devshare).

12 Configuration windream on a Failover Cluster Figure 5: Create resource for script "vfssvc_watch.vbs" Additionally, you must make the following settings on the various tab pages of the resource: 2. On tab page Dependencies, enter the resource of the VFS Service (e.g. devshare).

Configuration windream on a Failover Cluster 13 Figure 6: Dependencies of script resource vfssvc_watch script 3. On tab page Guidelines in section Reaction to Resource Errors, activate option On Resource Error, Attempt Restart on Current Node and enter 01:00 as Time Period for Restart (mm:ss). In field Maximum Number of Restarts in Specified Time Period, select 2. 4. Deactivate option A Failed Restart has Negative Effects on All Resources. 5. Check option Repeat Restart after Specified Time Period (hh:mm) and enter 02:00 as the time period. 6. Enter 00:30 as Due Time Limit (mm:ss).

14 Configuration windream on a Failover Cluster Figure 7: Guidelines of script resource vfssvc_watch script 7. On tab page Extended Guidelines, activate setting Use this Time Period (mm:ss) and enter 10 seconds (00:10). 8. In section Interval for Complete Resource Integration Check, select option Use Default Time Period for Resource Type (time period 01:00). 9. Deactivate setting Execute this Resource with an Own Resource Monitor.

Configuration windream on a Failover Cluster 15 Figure 8: Extended Guidelines of script resource vfssvc_watch Skript Figure 9: Configurations in the failover cluster manager VII. Logging Logfiles of scripts The online/offline actions or errors of script vfssvc_watch.vbs are logged in file vfssvc_watch.log in the windream reporting

16 Configuration windream on a Failover Cluster dialog (e.g. C:\Program Files\windream GmbH\windream\Reporting\vfssvc_watch.log. The actions and errors of script Reconnect_VFSIDX.vbs are logged in the Windows Event Service (under Windows User Logs with WSH as source). Additionally, you can configure via command line item cluster log /g that file Cluster.log shall be created in directory %SYSTEMROOT%\Cluster\Reporting\. Configure Automatic Activation/Deactivation of Task "Archive and Delete windream Objects " With script arcjob_activator.vbs, task "Archive and Delete windream Objects" in the Windows Task Planner can be activated or deactivated automatically, once the windream DMS Service is started or closed (set to online/offline). For this purpose, a script resource for the script is configured in the failover cluster administration via the corresponding commands under Services and Applications in the group of the DMS Service (e.g. DEVWDCLUSTER) next to the resource for the windream Agent. I. Task must be configured in the Task Planner 1. Please make sure that task "Archive and Delete windream Objects" is configured on both nodes in the Windows Task Planner. Note: If you do not require the windream archiving functions, the task can once be deactivated manually in the Task Planner of the single cluster nodes. Further configurations (described in the following sections) are then no longer required. II. Copy script into script directory of the windream installation directory 1. Copy script arcjob_activator.vbs on both cluster nodes into the script directory in the windream program directory (e.g. C:\program files\windream GmbH\windream\scripts). III. Configure script resource in the cluster administration In the cluster administration, a script resource for script arcjob_activator.vbs must be integrated via the corresponding commands under Services and Applications in the group of the DMS Service (e.g. DEVWDCLUSTER).

Configuration windream on a Failover Cluster 17 1. For this purpose, configure a script resource named arcjob_activator of type General Script (path of script arcjob_activator.vbs, e.g. C:\program files\windream GmbH\windream\scripts). The resource must be dependent on the resource of the windream agent. Additionally, make the following settings in the properties of the resource: 1. On tab page Dependencies, enter the resource of the windream Agent. 2. On tab page Guidelines in section Reaction to Resource Errors, activate option On Resource Error, Attempt Restart on Current Node and enter 01:00 as Time Period for Restart (mm:ss) 01:00. In field Maximum Number of Restarts in Specified Time Period, select 2. 3. Deactivate option A Failed Restart has Negative Effects on All Resources. 4. Check option Repeat Restart after Specified Time Period (hh:mm) and enter 02:00 as the time period. 5. Enter 00:30 as Due Time Limit (mm:ss) 00:30. 6. On tab page Extended Guidelines, activate setting Use this Time Period (mm:ss) and enter 5 seconds (00:05). 7. In section Interval for Complete Resource Integrity Check, select option Use Default Time Period for Resource Type (time period 01:00). 8. Deactivate setting Execute this Resource in a Separate Resource Monitor. IV. Logging Logfiles of scripts The online/offline actions or errors of script arcjob_activator.vbs are logged in file arcjob_activator.log in the windream reporting directory (e.g. C:\Program Files\windream GmbH\windream\Reporting\arcjob_activator.log. Additionally, you can configure via command line item cluster log /g that file Cluster.log shall be created in directory %SYSTEMROOT%\Cluster\Reporting\.