Installing ARIS Connect/ARIS Design Server using a Microsoft SQL Server (Windows authentication/SQL Server authentication)

This procedure describes the installation on the active computer. To perform remote installations on Microsoft Windows machines, first run the ARIS Agent setup on the remote computers.

By default, Microsoft SQL Server uses Windows authentication. The Windows authentication is only used during the installation process using the user credentials of the executing user. The Microsoft SQL Server authentication is used during run time using the values specified for the MSSQL_SAG_APP_USER key and the MSSQL_SAG_APP_PWD key.

Prerequisites

Procedure

  1. Adjust the settings used by all configuration scripts.

    Edit the envset.bat file to specify the connection data of the Microsoft SQL server instance. It's a good idea to write down the credentials. They must be entered later during the ARIS setup process.

    To specify the connection data of the Microsoft SQL instance, modify the highlighted parameters and refer to the comments:

    REM

    REM You may edit this section for customizing purposes.

    REM

    REM This script is intended to be executed on the Microsoft SQL server machine, therefore the default value is 'localhost'

    REM If the MSSQL_SAG_FILEGROUP_FILE_DIR directory exists on the Microsoft SQL server machine, you can run the script remotely. When executed locally, the script creates this mandatory directory.

    REM If you use a default instance, an instance name is not required.

    REM If you use named instances, enter a backslash ‘\’ followed by the instance name.

    SET MSSQL_SAG_MSSQL_SERVER_NAME=localhost

    REM This script is configured for the use of Windows authentication by default.

    REM Windows authentication uses the user account running this script and does not require user credentials to be specified in this script.

    REM If you want to use user/password authentication instead, uncomment the following lines and modify the settings for use by the SQL Server command line tool (sqlcmd).

    REM SET SQLCMDUSER=sa

    REM SET SQLCMDPASSWORD=manager

    REM name of database that will be created by the script.

    SET MSSQL_SAG_DATABASE_NAME=ARIS10DB

    REM folder in which the database files should be stored.

    SET MSSQL_SAG_FILEGROUP_FILE_DIR=F:\msqldata\ARIS10DB

    REM credentials of the login that is used by the application.

    SET MSSQL_SAG_APP_USER=ARIS10

    REM If using % character in your password: Write %% to yield a single % character.

    SET MSSQL_SAG_APP_PWD=*ARIS!1dm9n#

    REM schema names for the default and master tenants

    SET MSSQL_SAG_TENANT_DEFAULT=ARIS_DEFAULT

    SET MSSQL_SAG_TENANT_MASTER=ARIS_MASTER

    REM

    REM The rest of the script must not be modified.

    ....

  2. Edit the install.sql file:
    1. If the login to be used does not exist change the CREATE LOGIN command as follows:

      CREATE LOGIN [<domain account>] FROM WINDOWS WITH DEFAULT_DATABASE=[$(database)]

      In the CREATE USER command for login replace $(username) with the domain account to be used:

      CREATE USER [$(username)] FOR LOGIN [<domain account>]

    2. If the login to be used already exists delete the following section from the file:

      USE [master]

      GO

      CREATE LOGIN $(username) WITH PASSWORD=N'$(password)', DEFAULT_DATABASE=[$(database)]

      GO

      In the CREATE USER command for login replace $(username) with the domain account to be used:

      CREATE USER [$(username)] FOR LOGIN [<domain account>]

  3. Edit the create_tenant.sql file:

    In the GRANT IMPERSONATE ON USER command replace $(username) with the domain account to be used.

  4. Execute the inst.bat file. This will create the database including the two mandatory tenants and the application user. The application user (APP_USER) is the Microsoft SQL user connecting ARIS and the Microsoft SQL database. The default user name is ARIS10. But you may have changed that name in the envset.bat earlier. Two schemes are mandatory. One for the master tenant and one for the default tenant. The values must be entered later during the ARIS Server setup process.
  5. If you need additional tenants, you must create additional schemes for each new tenant. If you are going to create additional tenants for ARIS10.0 to migrate data from ARIS 9.8.7 or later, make sure to use identical names in both ARIS versions.

    Run the script create_schema_for_tenant.bat and pass the schema name as parameter, for example:

    create_schema_for_tenant.bat <schema name for additional tenant>

    If the schema already exists it will be dropped and recreated automatically. If you do not use the scripts you can also setup the database and create an empty schema for each tenant manually.

    If you use an external database management system and you have created empty schemes for additional tenants, you must assign additional tenants to these schemes after the ARIS Server setup is completed. The default tenant and the master tenant were assigned automatically.

  6. Run the ARIS Server setup.exe file as administrator
    (DVD folder Setups\Windows\ARIS_Server).

    To verify the entries you make in the setup dialogs, the setup program automatically validates your input data. Given that you are using Windows authentication, a database connection is not available and therefore the check would result in errors and the setup would fails. To avoid this, do one of the following:

    To run the setup without validation, type: setup.exe NO_VALIDATION

    To force the setup to report incorrect input data without aborting the setup process, type setup.exe IGNORE_VALIDATION.

  7. Install ARIS on the active computer and use the default agent user credentials. You will change them in one of the following steps. This is to prevent unauthorized access to the system.
  8. Select ARIS Connect/ARIS Design Server to be installed.
  9. Select ARIS Aware. This will activate the dashboarding runnable and provide dashboards in ARIS Connect. If you do not select this option, the runnable will be installed but not activated.
  10. Select the installation directory if required.
  11. Only if you need to specify an external proxy server IP address for incoming requests enter the proxy server computer name or IP.
  12. Change the ARIS Agent user credentials to prevent unauthorized access to your ARIS system. Make sure to store the credentials on a save place. If you forget the credentials, you can no longer update the system or modify the configuration.

    If you change the credentials, you will be further on prompted to enter that password you've chosen whenever you start/stop the ARIS Server or access your ARIS installation using ARIS Cloud Controller.

  13. If the ports 80 or 443 are already in use, specify the load balancer port numbers to be used. If you change the default port numbers users must ad :<this port number> to the URL (see below).
  14. Select the suitable system settings option. You need to take the RAM required and the number of users who will be accessing the ARIS Server into account. For a productive system it is recommended to select the Medium or Large option.

    The Demo scenario option is recommended for demonstration purposes (laptop) only.

    Warning

    If the hardware does not fit the system requirements, a warning is prompted. In this case do not proceed the setup. Otherwise ARIS might not work reliably.

  15. To import the ARIS license file, click Import and navigate to the license archive file. Otherwise licenses must be imported after the installation.

    Make sure this file contains the required ARIS Server license. If you have purchased an ARIS Design Server license (YDS), ARIS Connect components are not available and ARIS document storage provides only basic functionality. ARIS Connect and the full range of ARIS document storage are only available if you are using an ARIS Connect Server License (YCS).

  16. Select MSSQL.
  17. Select the required JDBC driver for the Microsoft SQL database management system.
  18. Enter the connection parameters used in the envset.bat file and exactly the values used by the Microsoft SQL server.

    The values shown are the default values used in the envset.bat file and the default parameters used when setting up the Microsoft SQL server.

  19. Enter the SMTP mail processing parameters of an existing account.

    Warning

    If you don't, ARIS will not send any notifications, due to the missing mailing functionality.

    But you can configure SMTP mail processing at any later point of time. Some parameters can also be managed using the ARIS Administration of this server. Please refer to the online help of ARIS Administration.

  20. Activate Use TLS/SSL encryption to prevent password sniffing.
  21. Only if your mail server requires SMTP authentication, select the option SMTP authentication and enter the user credentials.

    Warning

    If you enter these parameters but your mail server does not require SMTP authentication, the connection will be rejected.

  22. If you are about to use a proxy server, please enter all proxy processing parameters. You can also enter them later, using the ARIS Administration of this server. Please refer to the online help of ARIS Administration.

    You can specify a URL to be used for validating the proxy server settings.

  23. Configure the start option:

    Select Start manually. Otherwise the installation will fail. All runnables remain in the stopped state when the installation is completed.

  24. Start the installation process.

    If you have changed the ARIS Agent's default user credentials during this procedure, you will be prompted for that password you have chosen. Alternatively, you might want to modify the shortcut (Start > All Programs > ARIS > Administration >...). However, that bears the risk of a stolen password.

  25. After the ARIS Server installation has completed, open the ARIS Agent 10.0 Properties dialog.
  26. In the Log on tab select This account.
  27. Click Browse and specify the name of the domain account to be used.
  28. Enter the password and click OK.
  29. Restart the service.
  30. Copy the downloaded sqljdbc_auth.dll file to %windir%\System32.
  31. Click Start > All Programs > ARIS > Administration > Start ARIS Cloud Controller (see ARIS Cloud Controller (ACC) Command-Line Tool.pdf). If you have changed the ARIS Agent's default user credentials during this procedure, you will be prompted for that password you have chosen.
  32. Start the zookeeper runnable to modify the database connection string. Enter, for example:

    start zookeeper_m

  33. Add the integratedSecurity=true parameter to the database service:

    To update an existing service use the following command to edit the URL, for example:

    update external service <service ID> url="jdbc:sqlserver://<database server>:<database port>;DatabaseName=<database name>;integratedSecurity=true"

    If you register a new service the integratedSecurity=true parameter must be added to URL, too, for example:

    register external service db url="jdbc:sqlserver://<database server>:<database port>;DatabaseName=<database name>;integratedSecurity=true" driverClassName="com.microsoft.sqlserver.jdbc.SQLServerDriver" username="<user name>" password="<password>" maxIdle=15 maxActive=300 maxWait=10000 removeAbandoned=false removeAbandonedTimeout=600 logAbandoned=true initialSize=0 testOnBorrow=true validationQuery="select 1" defaultAutoCommit=false rollbackOnReturn=true host=<database server> jmxEnabled=true

  34. If you selected the Start manually option earlier in the setup program, click Start > All Programs > ARIS > Administration > Start ARIS Server. If you have changed the ARIS Agent's default user credentials during this procedure, you will be prompted for that password you have chosen.

This process takes some time. Settings entered during the setup process can be adjusted. Use the reconfigure ACC command (see ARIS Cloud Controller (ACC) Command-Line Tool.pdf document) to change settings. After the ARIS Server installation has completed, you must check the installation and configure the system.