SALTO WINDOWS SERVICE Using Service without Domain in a Workgroup Document name: SWS_without_Domain.pdf Version: 1.2 Last updated date: 19.10.2011 Update: 1.1 – Add /etc/hosts when no DNS is present 1.2 – Rewrite, Add more options and issues. Tested with Service 184.108.40.206 and PA 10.5.0.142 Enviroment: PC’s without Domain, only Workgroup Overview: 1.) Create the ability to resolve names. a. You have a DNS Server? You don’t need to make any action. b. You don’t have a DNS Server? You have to edit the host file on the client. 2.) Open the Ports and Programs in the Firewall a. Database Port b. Service Port c. Communication Ports 3.) Create the User with same Password that want to use the Online Monitoring on Server 4.) Install the Client, open DB and set Local Monitor Ports 5.) Test system 1.) Create name resolve over host file: When you don’t have a DNS server or correct name resolve system, you must do it by you own. First you can test the working, by these steps: Start the Windows Command Prompt on the Client. Do a “PING” to the name of the server. For Example: “ping serverde” When you get a correct answer you don’t have to worry. When you get no answer you must make the entry for the name. Here a picture, that shows at top the correct answer and at the bottom the wrong. To solve this, you must execute the following command on the client: “notepad c:\windows\system32\drivers\etc\hosts” Enter a line with the IP of the server and the name for the server. For example 192.168.5.10 serverdede After adding it, you can save the file and close it. The change takes affect eminently after saving the file. Now you can check the ping command again. When you see an answer like this: It can have normally two issues: 1. Windows or another Firewall blocks “ping” 2. You have an error in the IP or name entered in the hosts To allow ping working with windows Firewall, go to the Windows Firewall configuration and there under the point “Advanced” go to ICMP -> Settings. Here activate the point “Allow incoming echo requests”. After this, check ping again. Still no connection, then test the network cable and values in the host file. 2.) Open Ports in Firewall: To get this working well, you should first set all needen applications to one single port. SALTO Service: The SALTO Service always uses only one port. Default: TCP-Port 8099 SALTO Service Peripheral: Normally we use UDP Ports 5000 – 10000. In Firewall environment, you should change it to one port set by you. For Example 5099 Set it in the SALTO Service RW Configurator like this: After save this, restart SALTO service. Database: You must activate the TCP Connection to the database and set a static port. For this you should use the MS SQL Configuration tools. Here is an example for Version 2008R2: Start the configuration Tool: After this, go to “SQL Nativ Client 10.0 Configuration” and there to “Client Protocols. Here double click on TCP/IP. Check the following values: Apply the changes and restart the Database service. Now you have to configure the Firewall. For this got to the Firewall configuration and add new Exceptions. Here a Example for Windows Firewall: To find the correct SQL server you have to browse to the file “sqlservr.exe” in my installation it is: C:\Program Files\Microsoft SQL Server\MSSQL10_50.SALTO_SQL_2008R2\MSSQL\Binn\sqlservr.exe You must also add the SALTO executable Files for Service “SaltoServiceRW.exe” and when you use SALTO Wireless in your system the “rwProAccessForService_SQL.exe”. After this you should be able to connect to the Database from a Client using SQL Server authentication. 3.) Create User on Server: To get a connection with the service, you need to create a User on the Server, that has exactly the same name and password like the windows user is on the client. First look for the correct username on the client. For this go to the “Administrative Tools” and there to “Computer Management”. Here go to “Local Users and Groups” and to Users. Find the correct spelling of Username in the line “Name”. The password cannot be looked here, you must know it or the user must enter it itself. Now go to the Server on the same position (Users). Now make a new user by opening “Action” -> “New User …”. Fill out the form like this (use your values in the yellow fields) After this safe the user. Next point is to deactivate the Windows easy filesharing. For this open a Folder and go to Tools -> Folder Options…. Then to “View” and uncheck the Point “Use simple file sharing (Recommended)”. Disable the option on Server and Client. Now you should be able to connect with online monitoring to the service. 4.) Install Clint, Open DB and Check Local Monitor Ports: Next step (if not done) is to install the client on the Client PC and open the DB. Also check that .NET Framework is installed, because you need it for Online Monitoring. When the Client is installed and the DB is open, go to “Tools -> Configuration -> Local Options”. Here look if the Ports for Monitoring und “Advanced options” are set to 5000 10000. If not set them. If you Firewall ask for exception, say “unblock”, so that the firewall don’t block the ports. 5.) Test the System: Go to Periperals -> Monitoring of online control units See if you get a connection on the bottom dot. If connection is not set, check again all settings. Some issues you still could have: - Your Firewall on the client blocks something. -> Turn it of temporary to test this You get the message “Invalid configuration error” -> Retry it directly. Check Local Ports. Restart PC. If this all don’t help, you can try to disable the .NET Security Settings. Deactivate Security check for .NET systems To use Windows Service in a Network without a Domain and without Active Diretory you have to change the .NET Framework default settings. This must be done, in case of some security features we are using. Normally only PC’s that are trusted in a Domain are able to connect to the Windows Service. To change the Settings you must have the Microsoft .NET Framework 2.0 (SDK) installed. You can get it here: http://www.microsoft.com/downloads/de-de/details.aspx?FamilyID=fe6f2099-b7b4-4f47a244-c96d69c35dec After installing it (only need the part “Tools and Debugger”), you have the ability to change the .NET settings. To do it, you must open the Administrative Tools of Windows and start the “Microsoft .NET Framework Configuration”. You can also start “c:\Program Files\Microsoft.NET\SDK\Bin\MScorcfg.msc” directly. Here you see the following screen. Here you must go to the shown option: Then open the red point (show rights). Here double click on the point “Security”. In the new Windows activate the point at the bottom. Now apply changes and close everything. The same must be done under: - Organisation Computer User First do it on the server. If it still not works, do the same on the Client. When you still have no connection, please contact a SALTO consultant, to get support for you problem.