Академический Документы
Профессиональный Документы
Культура Документы
Administration Guide
The guide describes the administration, monitoring and
maintenance of Open Text Archive and Storage Services and
introduces guidelines for troubleshooting.
AR090701-ACN-EN-6
Table of Contents
Introduction
17
i
ii
iii
Part 1
Overview
23
1.1
1.2
1.3
1.4
2.1
2.2
2.3
2.4
2.4.1
2.4.2
2.4.3
2.4.4
2.4.5
2.5
3.1
3.2
3.2.1
3.2.2
3.2.3
AR090701-ACN-EN-6
iii
Table of Contents
iv
3.2.4
System ................................................................................................... 41
Part 2
Configuration
4.1
4.1.1
4.1.2
4.2
4.2.1
4.2.2
4.2.3
4.2.4
4.2.5
4.2.6
4.2.7
4.3
4.3.1
4.3.2
4.3.3
4.3.4
4.3.5
4.4
4.5
4.6
4.6.1
4.6.2
4.6.3
4.6.3.1
4.6.3.2
4.6.4
4.6.4.1
4.6.4.2
4.6.4.3
4.6.4.4
4.7
5.1
5.1.1
5.1.2
5.1.3
5.2
5.2.1
5.2.2
5.2.3
5.2.3.1
5.2.4
43
AR090701-ACN-EN-6
Table of Contents
5.3
5.3.1
5.3.2
5.3.2.1
5.3.2.2
5.3.2.3
5.3.3
5.4
6.1
6.2
6.3
6.4
6.5
6.6
6.7
6.8
7.1
7.2
7.2.1
7.2.1.1
7.2.1.2
7.2.1.3
7.2.2
7.2.2.1
7.2.2.2
7.2.2.3
7.2.3
7.2.4
7.3
7.3.1
7.3.2
7.4
7.4.1
7.4.2
7.5
7.5.1
7.5.2
7.6
7.7
7.8
7.9
7.9.1
7.9.1.1
Overview ................................................................................................ 91
SecKeys / Signed URLs......................................................................... 92
Configuring SecKeys on the Archive Server.......................................... 94
Activating SecKeys ................................................................................ 94
Enabling a Certificate ............................................................................. 95
Granting Privileges for a Certificate ....................................................... 95
Importing and Checking Certificates for Authentication......................... 96
Importing a Global Certificate for All Archives ....................................... 96
Importing a Certificate for a Single Archive ........................................... 97
Checking Certificates of an Archive ....................................................... 97
Using SecKeys from SAP ...................................................................... 98
Using SecKeys from Other Leading Applications and Components ..... 98
Secure HTTP Communication with SSL .............................................. 100
SSL Connection to Document Service................................................. 100
SSL Connection Using Tomcat Web Server........................................ 101
Encrypted Document Storage.............................................................. 101
Creating a System Key for Document Encryption ............................... 101
Activating Encryption for a Logical Archive.......................................... 102
Importing and Checking Encryption Certificates .................................. 102
Importing Encryption Certificates ......................................................... 102
Checking the Encryption Certificates ................................................... 103
Exporting and Importing the Key Store ................................................ 103
Analyzing Security Settings ................................................................. 105
Checksums .......................................................................................... 106
Timestamps.......................................................................................... 107
Importing a Certificate for Timestamp Verification............................... 110
Checking Certificates for Timestamp Verification ................................ 110
AR090701-ACN-EN-6
Administration Guide
Table of Contents
vi
7.9.2
7.9.3
7.9.4
7.9.5
7.10
7.10.1
7.10.2
7.10.2.1
7.10.2.2
7.10.3
7.10.3.1
7.10.3.2
7.10.3.3
7.10.3.4
7.11
7.11.1
7.11.2
7.11.3
7.11.4
7.11.5
7.11.6
8.1
8.2
8.3
8.4
8.4.1
8.4.2
8.4.3
8.5
8.5.1
8.5.2
8.6
8.6.1
8.6.2
8.6.3
8.7
9.1
9.2
9.3
10
10.1
10.2
10.3
AR090701-ACN-EN-6
Table of Contents
10.4
10.5
10.6
10.7
10.8
11
11.1
11.2
11.3
12
12.1
12.1.1
12.1.2
12.2
12.2.1
12.2.2
12.3
12.3.1
12.3.2
Configuring Original Archive Server and Remote Standby Server ...... 162
Configuring the Original Archive Server............................................... 162
Configuring the Remote Standby Server ............................................. 162
Backups on a Remote Standby Server................................................ 165
ISO Volumes ........................................................................................ 165
IXW Volumes ....................................................................................... 166
Restoring of IXW or ISO Volumes ....................................................... 166
Restoring an Original IXW or ISO Volume........................................... 166
Restoring a Replicate of an IXW or ISO Volume ................................. 169
13
13.1
13.2
13.2.1
13.2.2
13.2.3
13.3
13.3.1
13.3.2
13.3.3
13.3.4
Part 3
Maintenance
183
14
14.1
14.1.1
14.1.2
14.1.3
14.1.4
14.1.5
14.2
14.2.1
14.2.2
AR090701-ACN-EN-6
Administration Guide
vii
Table of Contents
viii
14.3
14.4
14.4.1
14.4.2
14.4.3
14.4.4
14.4.5
14.5
14.5.1
14.5.2
14.5.3
14.5.4
14.5.5
14.5.6
14.6
15
15.1
15.1.1
15.1.2
15.2
15.2.1
15.2.1.1
15.2.1.2
15.2.2
15.2.2.1
15.2.2.2
16
16.1
16.1.1
16.1.2
16.2
16.3
16.3.1
16.3.2
17
Utilities....................................................................................221
17.1
17.2
Part 4
Migration
225
18
18.1
18.2
18.3
AR090701-ACN-EN-6
Table of Contents
19
19.1
19.2
20
20.1
20.2
20.3
20.4
21
21.1
21.2
21.3
21.4
22
22.1
22.2
23
23.1
23.2
23.3
23.4
24
24.1
24.2
24.3
24.4
24.5
24.6
24.7
24.8
24.9
Part 5
Monitoring
25
26
26.1
26.1.1
AR090701-ACN-EN-6
Administration Guide
261
ix
Table of Contents
26.1.2
26.2
26.2.1
26.2.2
26.3
27
27.1
27.1.1
27.1.2
27.1.3
27.1.4
27.1.5
27.1.6
27.2
27.2.1
27.2.2
27.2.3
27.2.4
27.2.5
27.2.6
27.2.7
27.2.8
28
28.1
28.1.1
28.1.2
28.2
28.2.1
28.2.2
28.3
Part 6
Troubleshooting
295
29
Basics .....................................................................................297
29.1
29.2
29.3
29.4
29.5
30
30.1
30.2
30.3
AR090701-ACN-EN-6
Table of Contents
30.4
Setting the Operation Mode of Archive and Storage Services ............ 304
31
31.1
31.2
31.3
31.3.1
31.3.2
31.3.3
31.3.4
GLS
Glossary
313
IDX
Index
321
AR090701-ACN-EN-6
Administration Guide
xi
List of tables
AR090701-ACN-EN-6
13
List of Figures
Figure 1-1: Main components of Archive and Storage Services on page 26
Figure 2-1: Content capture and storage on page 30
Figure 2-2: Content retrieval on page 31
Figure 2-3: Logical archives on page 32
Figure 2-4: Pool types and storage systems on page 36
Figure 3-1: Main objects of Archive and Storage Services on page 40
Figure 4-1: Filling the local cache on page 53
Figure 12-1: Remote Standby scenario on page 161
Figure 13-1: Archive Cache Services scenario on page 174
Figure 13-2: Example of subnet assignment of cache servers on page 179
Figure 16-1: Backups relevant areas on page 213
AR090701-ACN-EN-6
15
Preface
Introduction
Open Text Archive and Storage Services (short Archive and Storage Services)
provides a full set of services for content and documents. Archive and Storage
Services can either be used as an integral part of the Enterprise Library Services or
as stand-alone services in various scenarios. A server where Archive and Storage
Services are performed is called archive server.
This manual describes all jobs that are relevant after Archive and Storage Services
are installed on a server:
Overview on page 23
Read this part to get an introduction of Archive and Storage Services, the
architecture, the storage systems and basic concepts like logical archives and
pools. You find also a short introduction to the Administration Client and its
main objects.
Configuration on page 43
This part describes also the preparation of the system and the configuration of
Archive and Storage Services performed on an archive server: logical archives,
pools, jobs, security settings, connections to SAP and scan stations.
Maintenance on page 183
Here you find all tasks to keep the system running: how to prepare and handle
storage media, backups and recovery.
Migration on page 225
Here you find all information to migrate content from one storage platform to
another.
Monitoring on page 261
Read here how to monitor the system, how to simplify the monitoring by
configuration of notifications, how to get auditing, accounting and statistic data
and how to use Monitor Web Client monitoring utility.
Troubleshooting on page 295
This part provides support if problems occur and hints how you can avoid problems. It explains where to find the log files and how to find the cause of the problem. If fatal problems occur, you have to contact Open Text Customer Support.
AR090701-ACN-EN-6
xvii
Introduction
Audience and
knowledge
This document is written for administrators of Archive and Storage Services, and for
the project managers responsible for the introduction of archiving. All readers share
an interest in administration tasks and have to ensure the trouble-free operation of
Archive and Storage Services. These are the issues dealt with in this manual. The
following knowledge is required to take full advantage of this document.
the number and type of documents to be electronically archived each day or each
month
which archived documents are highly sensitive and might have to be updated
(personal files, for example).
On the basis of this information you can decide which scenario you are going to use
for archiving and how many logical archives you need to configure. You can
determine the size of disk buffers and caches in order to guarantee fast access to
archived data.
ii Further Information
This manual
Online help
Other manuals
xviii
This manual is available in PDF format and can be downloaded from the Open Text
Knowledge Center
(https://knowledge.opentext.com/knowledge/llisapi.dll/open/12331031). You can
print the PDF file if you prefer to read longer text on paper.
For all administration clients (Administration Client, Monitor Web Client,
Document Pipeline Info and configuration properties), online help files are
available. You can open the online help via help menu, help button, or F1.
In addition to this Administration Guide, use part 2 "Configuration Reference:
Archive and Storage Services, Document Pipeline, Monitor Server and Monitor Web
Client" in Open Text Administration Help - Runtime and Core Services (ELCS100100-HAGM) for a reference of all configuration properties.
To learn about Document Pipelines and their usage in document import scenarios,
see OpenText Document Pipelines - Overview and Import Interfaces (AR-CDP).
AR090701-ACN-EN-6
Introduction
Open Text Online is a single point of access for the product information provided by
Open Text. Depending on your role, you have access to different scopes of
information (see below for details).
You can access Open Text Online via the Internet at http://online.opentext.com/ or
the support sites at http://support.opentext.com/.
The following information and support sources can be accessed through Open Text
Online:
Knowledge Center
Open Text's corporate extranet and primary site for technical support. It is the
official source for:
Business Users
Tips, help files, and further information from Open Text staff and other users
in one of the Open Text online communities
Administrators/developers
Feedback on
documentation
Documentation
Product information
Discussions
Product previews
AR090701-ACN-EN-6
Administration Guide
xix
Introduction
iii Conventions
Read the following conventions before you use this documentation.
Typography
This format is used for file names, paths, URLs, and commands in the command
line. It is also used for example data, text to be entered in text boxes, and other
literals.
Note: If a guide provides command line examples, these examples may
contain special or hidden characters in the PDF version of the guide (for
technical reasons). To copy commands to your application or command
line, use the HTML version of the guide.
Key names
Key names appear in ALL CAPS, for example:
Press CTRL+V.
<Variable name>
The brackets < > are used to denote a variable or placeholder. Enter the correct
value for your situation, for example: Replace <server_name> with the name of
the relevant server, for example serv01.
Hyperlink
Weblink (e.g. http://www.opentext.com)
These formats are used for hyperlinks. In all document formats, these are active
references to other locations in the documentation (hyperlink) and on the Internet (Weblink), providing further information on the same subject or a related
subject. Click the link to move to the respective target page. (Note: The hyperlink
above points to itself and will therefore produce no result).
Crossreferences
xx
AR090701-ACN-EN-6
Introduction
External cross-references
External cross-references are references to other manuals. For technical reasons,
these external cross-references often do not refer to specific chapters but to an
entire manual. If a document is available in HTML format, external references
can be active links though, that directly lead you to the corresponding section in
the other manual.1
Tip: Tips offer information that make your work more efficient or show
alternative ways of performing a task.
Note: Notes provide information that help you avoid problems.
Important
If this important information is ignored, major problems may be
encountered.
Caution
Cautions contain very important information that, if ignored, may cause
irreversible problems. Read this information carefully and follow all
instructions!
This applies, if target and source document are shipped together, e.g. on a product or documentation CD-ROM.
AR090701-ACN-EN-6
Administration Guide
xxi
Part 1
Overview
Chapter 1
Content lifecycle
Storage virtualization
Retention handling
Disaster recovery
High availability
AR090701-ACN-EN-6
25
26
Document Service (DS), handles the storage and retrieval of documents and
components.
AR090701-ACN-EN-6
1.4
Administration Tools
To administer, configure and monitor the components mentioned above, you can
use the following tools:
Open Text Administration is the tool to create logical archives and to perform
most of the administrative work like user management and monitoring. See also
Important Directories on the Archive Server on page 27.
Storage Devices
Various types of storage devices offered by leading storage vendors can be used by
Archive and Storage Services for long-time archiving. See Storage Devices on
page 33.
AR090701-ACN-EN-6
Administration Guide
27
<OT var>
Directory used for Archive and Storage Services variables.
Windows default: C:\Documents and Settings\All Users\Application
Data\Open Text\var\
28
AR090701-ACN-EN-6
Chapter 2
AR090701-ACN-EN-6
29
2.
3.
Content is copied to the associated storage platform for long-time archiving. The
time scheduling is configured in the Write job. If a cache is used, the content is
copied simultaneously to the cache. This can also be done by the scheduled
purge buffer job.
4.
5.
When at least one copy of the document has successfully been written to the
long-term storage, the document can be deleted from the disk buffer.
30
AR090701-ACN-EN-6
2.4
Logical Archives
Content is requested by a client. For this, the client sends the unique document
ID and archive ID to Archive and Storage Services.
2.
Archive and Storage Services checks whether the content consists of more
components and where the components are stored.
3.
If the content is still stored in the buffer or in the cache, it is delivered directly to
the client.
4.
If the content is already archived on the storage device, Archive and Storage
Services sends a request to the storage device, gets the content and leads it
forward to the application. Content is returned in chunks, so the client does not
have to wait until the complete file is read. That is important for large files or if
the client only reads parts of a file.
Leading application
AR090701-ACN-EN-6
Administration Guide
31
The logical archive does not determine where and the way the content is archived.
The archive settings define the general aspects of data handling during archiving,
retrieval, and at the end of the document lifecycle.
Important settings are:
compression
caching
compliance mode
retention settings
32
Pool(s) to specify the storage platform and to assign the buffer(s) to the
designated storage platform(s), see also Pools and Pool Types on page 35.
AR090701-ACN-EN-6
2.4
Logical Archives
Buffer(s) and disk volumes to store incoming content temporarily, see also Disk
Buffers on page 33.
Storage devices and storage volumes for long-time archiving of content, see also
Installing and Configuring Storage Devices on page 56.
Cache to accelerate content retrieval. Only necessary if slow storage devices are
used, see also Caches on page 37.
Security settings and certificates, see also Configuring the Archive Security
Settings on page 68.
AR090701-ACN-EN-6
Administration Guide
33
Opticals:
Archive and Storage Services primarily supports storage devices that offer WORM
functionality, retention handling, or HSM functionality. Depending on their type,
the storage devices are connected via STORM, VI (vendor interface) or API
(application programming interface).
See also:
Time-consuming migration
ISO images
34
More than one million documents or more than 4 GB data per day
AR090701-ACN-EN-6
2.4
Same lifecycle
Logical Archives
See also:
AR090701-ACN-EN-6
Administration Guide
35
36
AR090701-ACN-EN-6
2.5
Jobs
2.4.5 Caches
Caches are used to speed up the read access to documents. Archive and Storage
Services can use several caches: the disk buffer, the local cache volumes and a cache
server performing Archive Cache Services. The local cache resides on the archive
server and can be configured. The local cache is recommended to accelerate retrieval
actions especially with optical storage devices. A cache server performing Archive
Cache Services is intended to reduce and speed up the data transfer in a WAN. It is
installed on its own host in a separate subnet.
See also:
2.5 Jobs
Jobs are recurrent tasks, which are automatically started according to a time
schedule or when certain conditions are met. This allows, for example, that
temporarily stored content is transferred automatically from the disk buffer to the
storage device. See also Configuring Jobs and Checking Job Protocol on page 83.
AR090701-ACN-EN-6
Administration Guide
37
Chapter 3
configuring server connections (to other archive servers, to cache servers, to SAP
servers, etc.)
inserting volumes
AR090701-ACN-EN-6
39
Chapter 3 Administration Client and the Main Objects of Archive and Storage Services
3.2.1 Infrastructure
Within this object, you configure the required infrastructure objects to enable the
usage with logical archives.
Buffers
Documents are collected in disk buffers before they are finally written to the
storage medium. To create disk buffers, see Configuring Buffers on page 47.
To get more information about buffer types, see Disk Buffers on page 33.
Caches
Caches are used to accelerate the read access to documents. To create caches, see
Configuring Caches on page 52.
Devices
Storage devices are used for long-time archiving. To configure storage devices,
see Installing and Configuring Storage Devices on page 56.
Disk Volumes
Disk volumes are used for buffers and pools. To configure disk volumes, see
Configuring Disk Volumes on page 45.
3.2.2 Archives
Within this object, you create logical archives and pools, you can define replicated
archives for remote standby scenarios and you can see external archives of known
servers.
40
AR090701-ACN-EN-6
3.2
Original Archives
Logical archives of the selected server. To create and modify archives, see
Configuring Archives and Pools on page 63.
Replicated Archives
Shows replicated archives, see Logical Archives on page 63.
External Archives
Shows external archives of known servers, see Logical Archives on page 63.
3.2.3 Environment
Within this object, you configure the environment of an archive server. For example,
cache servers must first be configured in the environment if it should be assigned to
a logical archive.
Cache Servers
Cache servers can be used to accelerate content retrieval in a slow WAN. See
Configuring Archive Cache Services on page 173
Known Servers
Known servers are used for replicating archives in remote standby scenarios. See
Adding and Modifying Known Servers on page 157.
SAP Servers
The configuration of SAP gateways and systems to connect SAP servers to
Archive and Storage Services. See Connecting to SAP Servers on page 143.
Scan Stations
The configuration of scan stations and archive modes to connect scan stations to
Archive and Storage Services. See Configuring Scan Stations on page 149.
3.2.4 System
Within this object, you configure global settings for the archive server. You also find
all jobs and a collection of useful utilities.
Alerts
Displays alerts of the Admin Client Alert type. See Checking Alerts on
page 273. To receive alerts in the Administration Client, configure the events and
notifications appropriately. See, Monitoring with Notifications on page 265.
Events and Notifications
Events and notifications can be configured to get information on predefined
server events. See Monitoring with Notifications on page 265.
Jobs
Jobs are recurrent tasks which are automatically started according to a time
schedule or when certain conditions are met, e.g. to write content from the buffer
to the storage platform. A protocol allows the administrator to watch the
successful execution of jobs. See Configuring Jobs and Checking Job Protocol
on page 83.
AR090701-ACN-EN-6
Administration Guide
41
Chapter 3 Administration Client and the Main Objects of Archive and Storage Services
Key Store
The certification store is used to administer encryption certificates, security keys
and timestamps. See Importing and Checking Encryption Certificates on
page 102.
Policies
Policies are a combination of rights which can be assigned to user groups. See
Checking, Creating and Modifying Policies on page 135.
Storage Tiers
Storage tiers designate different types of storage. See Creating and Modifying
Storage Tiers on page 81.
Users and Groups
Administration of users and groups. See Checking, Creating and Modifying
Users on page 137 and Checking, Creating and Modifying User Groups on
page 139.
Utilities
Utilities are tools which are started interactively by the administrator, see
Utilities on page 221.
42
AR090701-ACN-EN-6
Part 2
Configuration
Chapter 4
Create and configure disk volumes at the operating system level to use it as
buffer, cache or storage device.
2.
Configure the storage device for long-time archiving and set up the connection
to the archive server.
3.
Add prepared disk volumes for various uses as buffers or local storage
devices (HDSK).
Number and size of documents to be archived and accessed, per time unit
AR090701-ACN-EN-6
45
2.
3.
4.
Click New Volume in the action pane. The New Disk Volume window opens.
5.
46
AR090701-ACN-EN-6
4.2
Configuring Buffers
Click Finish.
Create as many hard disk volumes as you need.
Renaming disk
volumes
To rename a disk volume, select it in the result pane and click Rename in the action
pane.
Further steps:
The hard disks must be partitioned at the operating system level and then created in
Administration Client. See Creating and Modifying Disk Volumes on page 46.
2.
3.
AR090701-ACN-EN-6
Administration Guide
47
Modifying a disk
buffer
Deleting a disk
buffer
48
4.
5.
6.
7.
Schedule the Purge_Buffer job. The command and the arguments are entered
automatically and can be modified later. See Setting the Start Mode and
Scheduling of Jobs on page 87.
To modify a disk buffer, select it and click Properties in the action pane. Proceed in
the same way as when creating a disk buffer. The name of the disk buffer and the
Purge_Buffer job cannot be changed.
To delete a disk buffer, select it and click Delete in the action pane. A disk buffer
can only be deleted if it is not assigned to a pool.
AR090701-ACN-EN-6
4.2
Configuring Buffers
2.
Select the designated disk buffer in the top area of the result pane.
3.
Click Attach Volume in the action pane. A window with all available volumes
opens.
4.
Select an existing volume. The volume must have been created previously, see
Creating and Modifying Disk Volumes on page 46.
5.
See also:
2.
Select the designated disk buffer in the top area of the result pane.
3.
Select the volume to be detached in the bottom area of the result pane.
4.
5.
AR090701-ACN-EN-6
Administration Guide
49
2.
Select the designated disk buffer in the top area of the result pane.
3.
4.
5.
Click Next.
6.
7.
Click Finish.
See also:
50
AR090701-ACN-EN-6
4.2
Configuring Buffers
2.
Select the Original Disk Buffers tab or the Replicated Disk Buffers tab,
according to the type of buffer you want to check or modify.
3.
Select the designated disk buffer in the top area of the result pane.
4.
Select the volume you want to check in the bottom area of the result pane.
5.
Click Properties in the action pane. A window with volume information opens.
Volume name
The name of the volume
Type
Original or replicated
Capacity (MB)
Maximum capacity of the volume
Free (MB)
Free capacity of the volume
Last Backup or Last Replication
Date, when the last backup or the last replication was performed. Depends
on the type of the volume.
Host
Specifies the host on which the replicated volume resides if the disk buffer is
replicated
6.
Modify the volume status if necessary. To do this, select or clear the status. The
settings that can be modified depends on the volume type.
Full, Offline
These flags are set by Document Service and cannot be modified.
Write locked
No more data can be copied to the volume. Read access is possible; write
access is protected.
Locked
The volume is locked. Read or write access is not possible.
Modified
Is automatically selected, if the write component (WC) performs a write
access to a HDSK volume. If cleared manually,Modified is selected with the
next write access again.
7.
Click OK.
AR090701-ACN-EN-6
Administration Guide
51
Encryption certificates
Timestamp certificates
System keys
Proceed as follows:
1.
2.
3.
2.
Select the designated disk buffer in the top area of the result pane.
3.
Select the Disk Buffer you want to replicate in the bottom area of the result pane.
4.
5.
6.
Click Finish.
52
AR090701-ACN-EN-6
4.3
Configuring Caches
while documents are written to the final storage medium (Write job),
See also:
AR090701-ACN-EN-6
Administration Guide
53
Create the volumes for the caches on the operating system level.
2.
3.
4.
5.
6.
7.
Click Finish.
Note: If you want to change the priority of assigned hard disk volumes, see
Defining Priorities of Cache Volumes on page 55.
Deleting a cache
To delete a cache, select it and click Delete in the action pane. It is not possible to
delete a cache which is assigned to a logical archive. The global cache cannot be
deleted either.
See also:
Caution
Be aware that your cache content gets invalid if you change the volume
priority.
Proceed as follows:
54
1.
2.
Select the designated cache in the top area of the result pane. In the bottom area
of the result pane, the assigned hard disk volumes are listed.
AR090701-ACN-EN-6
4.3
Configuring Caches
3.
4.
Click Browse to open the directory browser. Select the designated Location of
the hard disk volume and click OK to confirm.
5.
See also:
2.
Select the designated cache in the top area of the result pane. In the bottom area
of the result pane, the assigned hard disk volumes are listed.
3.
4.
5.
Click OK to confirm.
Note: If you want to change the priority of hard disk volumes, see Defining
Priorities of Cache Volumes on page 55.
See also:
Caution
Be aware that your cache content gets invalid if you change the volume
priority.
AR090701-ACN-EN-6
Administration Guide
55
Proceed as follows:
1.
2.
Select the designated cache in the top area of the result pane. In the bottom area
of the result pane the assigned hard disk volumes are listed.
3.
Click Change Volume Priorities in the action pane. A window to change the
priorities of the volumes opens.
4.
Select a volume and click the designated arrow button to increase or decrease
the priority.
5.
Click Finish.
The configuration of storage devices depends on the storage system and the storage
type. If you are not sure how to install your storage device, contact Open Text
Customer Support.
After installation the storage devices are administered in Devices in the
Infrastructure object in the console tree. There are two main types of devices
possible:
56
Storage
Possible pooltypes
Administration
NAS
AR090701-ACN-EN-6
4.5
Storage
CAS
SAN
Opticals
Local hard disk
Possible pooltypes
Administration
Important
Although you can configure most storage systems for container file storage
as well as for single file storage, the configuration is completely different.
2.
Select the designated device in the top area of the result pane.
3.
4.
Enter settings:
Volume name
Unique name of the volume.
Base directory
Base directory, which was defined with storage system with system-specific
tools, during installation.
5.
AR090701-ACN-EN-6
Administration Guide
57
2.
Select the designated device in the top area of the result pane.
3.
2.
Select the designated device in the top area of the result pane.
3.
This device can no longer be accessed and can be turned off. The status is set to
Detached.
58
AR090701-ACN-EN-6
4.6
Proceed as follows:
1.
2.
3.
Select the jukebox where you inserted the medium in the top area of the result
pane.
4.
offline import
2.
Select the jukebox where you inserted the media in the top area of the result
pane.
3.
4.
5.
AR090701-ACN-EN-6
Administration Guide
59
Select Devices in the Infrastructure object in the console tree. All available
devices are listed in the top area of the result pane.
2.
Select the designated jukebox. The attached volumes are listed in the bottom
area of the result pane.
3.
4.
5.
Specifies slot 7
3,6,40
37
2,20-45
Click OK.
A protocol window shows the progress and the result of the slot test. To check
the protocol later on, see Checking Utilities Protocols on page 222.
Caution
Under Windows, writing signatures to media with the Windows Disk
Manager is not allowed. These signatures make the medium unreadable for
the archive.
60
AR090701-ACN-EN-6
4.6
2.
Select the jukebox where you inserted the media in the top area of the result
pane.
3.
Select a volume with the -blank- status in the bottom area of the result pane.
4.
Click Initialize Original in the action pane. The Init Volume window opens.
5.
6.
7.
Assign the volume to the designated pool (see Creating and Modifying Pools
on page 74).
Note: WORM or UDO volumes, which are manually initialized, must be added
to the document service before they can be attached to a pool (see Add
Volume to Document Service on page 62).
AR090701-ACN-EN-6
Administration Guide
61
2.
Select the jukebox where you inserted the media in the top area of the result
pane.
3.
Select a volume with the -blank- status in the bottom area of the result pane.
4.
Click Initialize Backup in the action pane. The Init Backup Volume window
opens.
5.
Select the original volume and click OK to initialize the backup volume.
2.
Select the jukebox where you inserted the media in the top area of the result
pane.
3.
Select a volume that does not have the -blank- status in the bottom area of the
result pane.
4.
62
1.
2.
Select the Unavailable Volumes tab in the result pane to list all unavailable
devices.
AR090701-ACN-EN-6
Chapter 5
When you configure the archive system, you often have to name the configured
element. Make sure that all names follow the naming rule:
Naming rule for archive components
Archive component names must be unique throughout the entire archive
network. No umlauts or special characters may be used for the names of
archive components. This includes names of servers, archives, pools and
volumes. We recommend using only numerals, standard international
letters when assigning names to archive components. Archive and pool
names together may be a maximum of 31 characters in length since the
Document Service forms an internal pool name of the form <Archive
name>_<Pool name>, which may be a maximum of 32 characters in length.
Original Archives
Logical Archives which are created on the actual administered (local) server.
Replicated Archives
Replications of original logical archives. These archives are located and
configured on known servers for remote standby scenarios. Thus, document
retrieval is possible although the access to the original archive is disconnected
(see Configuring Remote Standby Scenarios on page 161).
AR090701-ACN-EN-6
63
External Archives
Logical archives of known servers. These archives are located on known servers
and can be reached for retrieval (see Adding and Modifying Known Servers
on page 157).
For each original archive, you give a name and configure a number of settings:
Signatures, SSL and restrictions for document deletion define the conditions for
document access.
Compliance mode, retention and deletion define the end of the document
lifecycle.
Some of these settings are pure archive settings. Other settings depend on the
storage method, which is defined in the pool type. The most relevant decision
criterion for their definition is single file archiving or container archiving.
Note on IXW pools
Volumes of IXW pools are regarded as container files. Although the documents
are written as single files to the medium, they cannot be deleted individually,
neither from finalized volumes (which are ISO volumes) nor from nonfinalized volumes using the IXW file system information.
Of course, you can use retention also with container archiving. In this case, consider
the delete behavior that depends on the storage method and media (see When the
Retention Period Has Expired on page 188).
All important formats including email and office formats are compressed by default.
You can check the list and add additional formats in Runtime and Core Services >
Configuration > Archive Server >
AS.DS.COMPONENT.COMPRESSION.COMPR_SETUP.COMPR_TYPES.row1
to .rowN.
For pools using a disk buffer, the Write job compresses the data in the disk buffer
and then copies the compressed data to the medium. After compressing a file, the
job deletes the corresponding uncompressed file.
If ISO images are written, the Write job checks whether sufficient compressed data
is available after compression as defined in Minimum amount of data to write. If so,
the ISO image is written. Otherwise, the compressed data is kept in the disk buffer
64
AR090701-ACN-EN-6
5.1
Logical Archives
and the job is finished. The next time the Write job starts, the new data is
compressed and the amount of data is checked again.
HDSK pool
When you create an HDSK pool, the Compress_<Archive name>_<Pool name> job is
created automatically for data compression. This job is activated by default.
If you want to use SIA together with retention periods, consider Retention on page 65.
Be careful when using Single Instance Archiving and ISO images: Emails can consist
of several components, e.g. logo, footer, attachment, which are handling be Single
Instance Archiving. When using ISO images, these components can be distributed
over several images. When reading an email, several ISO images must be accessed
to read all the components in order to recompose the original email. Caching for
frequently used components and proper parameter settings will improve the read
performance.
5.1.3 Retention
Various regulations require the storage of documents for a defined retention period.
During this time, documents must not be modified nor deleted. When the retention
period is expired, documents can be deleted mainly for two reasons:
AR090701-ACN-EN-6
Administration Guide
65
the client of the leading application sends the retention period explicitly
the retention period is set for the logical archive within Archive and Storage
Services
66
Delete the document logically, that means: Delete the information on the
document from the archive database so that retrieval is not possible any longer.
Only the information that the document was deleted is kept. This step is
executed as soon as the delete request arrives.
Delete the document physically from the storage media. The time of this action
depends on the storage method:
Documents that are stored in containers (ISO images, blobs, finalized and
non-finalized IXW volumes) can be deleted physically only when the
retention period of all documents in the container has expired and all
documents are deleted logically. The Delete_Empty_Volumes job checks for
such volumes and removes them, if the underlying storage system does not
prevent it.
AR090701-ACN-EN-6
5.2
Notes:
If you use retention for archives with Single Instance Archiving (SIA), make
sure that documents with identical attachments are archived within a short
timeframe and the documents in one archive have similar retention periods.
See also: Single Instance on page 65.
You cannot export volumes containing at least one document with nonexpired retention, or import volumes that are logically empty.
As regulations may change in the course of time, you can adapt the
retention period of documents by means of a complete document
migration, see Migration on page 225.
See also:
2.
3.
4.
5.
6.
Default value
Caching
Off
Compression
On
Encryption
Off
Timestamps
Off
AR090701-ACN-EN-6
Administration Guide
67
Default value
Blobs
Off
Off
On (possible)
Single instance
Off
Off
On (possible)
Retention
Off
On (possible)
Off (recommended)
2.
Click New Archive in the action pane. The window to create a new logical
archive opens.
3.
4.
5.
68
1.
Select the logical archive in the Original Archives object of the console tree.
2.
Click Properties in the action pane. The property window of the archive opens.
3.
Select the Security tab. Check the settings and modify it, if needed.
AR090701-ACN-EN-6
5.2
May use: The use of SSL for the archive is allowed. The behavior
depends on the clients' configuration parameter HTTP UseSSL (see also
the Livelink Archive Windows Viewer and Livelink DesktopLink Configuration Parameters (CL-RCP) manual).
Open Text Imaging Java Viewer does not support SSL.
Document deletion
Here you decide whether deletion requests from the leading application are
performed for documents in the selected archive, and what information is
given. You can also prohibit deletion of documents for all archives of the
archive server. This central setting has priority over the archive setting.
See also: Setting the Operation Mode of Archive and Storage Services on
page 304.
Deletion is allowed
Documents are deleted on request, if no maintenance mode is set and the
retention period is expired.
Deletion Causes error
Documents are not deleted on request, even if the retention period is
expired. A message informs the administrator about deletion requests.
Deletion is ignored
Documents are not deleted on request, even if the retention period is
expired. No information is given.
AR090701-ACN-EN-6
Administration Guide
69
4.
Click OK to resume.
Select the logical archive in the Original Archives object of the console tree.
2.
Click Properties in the action pane. The property window of the archive opens.
3.
Select the Settings tab. Check the settings and modify it, if needed.
Compression
Activates data compression for the selected archive.
See also: Data Compression on page 64
Encryption
Activates the data encryption to prevent that unauthorized persons can
access archived documents.
See also: Encrypted Document Storage on page 101.
Blobs
Activates the processing of blobs (binary large objects).
Very small documents are gathered in a meta document (the blob) in the disk
buffer and are written to the storage medium together. The method
improves performance. If a document is stored in a blob, it can be destroyed
only when all documents of this blob are deleted. Thus, blobs are not
supported in single file storage scenarios and should not be used together
with retention periods.
Single instance
Enables single instance archiving.
See also: Single Instance on page 65.
Delayed archiving
Select this option, if the documents should remain in the disk buffer until the
leading application allows Archive and Storage Services to store them on
final storage media.
Example: The document arrives in the disk buffer without a retention period
and the leading application will provide the retention period shortly after.
The document must not be written to the storage media before it gets the
retention period. To ensure this processing, enable the Event based
retention option in the Edit Retention dialog box, see Configuring the
Archive Retention Settings on page 72.
Cache enabled
Activates the caching of documents to the DS cache at read access.
70
AR090701-ACN-EN-6
5.2
Cache
Pull down menu to select the cache path. Before you can assign a cache path,
you must create it. (See Creating and Deleting Caches on page 54 and
Configuring Caches on page 52).
ArchiSig Timestamps with strict timestamp verification
The ArchiSig timestamps are verified. If the timestamp is not valid or does
not exist, the administrator is informed and the document is not delivered to
the client.
ArchiSig Timestamps with relaxed timestamp verification
The ArchiSig timestamps are verified. If the timestamp is not valid, the
administrator is informed and the document is delivered in spite of this.
ArchiSig Timestamps with no timestamp verification
No ArchiSig timestamp verification
No use of timestamps (not chooseable after timestamp activation)
Deactivates the assignment of timestamps to documents at all.
Important
To ensure consistent usage of timestamps, you cannot enable this
setting after timestamp verification was enabled. See also:
Timestamps on page 107.
4.
Click OK to resume.
2.
3.
In the Change Server Priorities window, select the server(s) to add from the
Related servers list on the left.
Click the
AR090701-ACN-EN-6
Administration Guide
71
Use the arrows on the right to define the order of the servers: Select a server and
or
to move the server up or down in the list, respectively.
click the
If you want to remove a server from the priorities list, select the server to
button.
remove and click the
5.
Click Finish.
Select the logical archive in the Original Archives object of the console tree.
2.
Click Properties in the action pane. The property window of the archive opens.
3.
Select the Retention tab. Check the settings and modify it, if needed.
No retention
Use this option if the leading application does not support retention, or if
retention is not relevant for documents in the selected archive. Documents
can be deleted at any time if no other settings prevent it.
No retention read only
Like No retention, but documents cannot be changed.
Retention period of x days
Enter the retention period in days. The retention period of the document is
calculated by adding this number of days to the archiving date of the
document. It is stored with the document.
Event based retention
This method is used if a retention period is required but at the time of
archiving, it is unknown when the retention period will start. The leading
application must send the retention information after the archiving request.
When the retention information arrives, the retention period is calculated by
adding the given period to the event date. Until the document gets it
calculated retention period it is secured with maximum (infinite) retention.
You can use the option in two ways:
Together with the Delayed archiving option
The leading application sends the retention period separately from and
shortly after the archiving request (for example, in Extended ECM for
SAP Solutions). The documents should remain in the disk buffer until
they get their retention period. They are written to final storage media
72
AR090701-ACN-EN-6
5.2
AR090701-ACN-EN-6
Click OK to resume.
Administration Guide
73
Important
Documents with expired retention period are only deleted, if:
See also:
Retention on page 65
Usage of a disk buffer. All pool types, except the HDSK (write through) pools,
require a buffer.
Settings of the Write job. The Write job writes the data from the buffer to the
final storage media. For all pool types, except the HDSK pool, a Write job must
be configured.
Note: Consider that the component types of a pool (known as application
types in former archive server versions) are displayed for information, but
cannot be changed (read only).
To determine the pool type that suits the scenario and the storage system in use,
read the Hardware Release Notes (see Open Text Knowledge Center
(https://knowledge.opentext.com/knowledge/llisapi.dll/fetch/2001/744073/3551
166/customview.html?func=ll&objId=3551166)).
For more information on pools and pool types, see Pools and Pool Types on
page 35.
74
AR090701-ACN-EN-6
5.3
Note: HDSK pools are not intended for use in productive archive systems, but
for test purposes and special requirements. Use not more than one HSDK pool.
Proceed as follows:
1.
2.
3.
Click New Pool in the action pane. The window to create a new pool opens.
4.
Enter a unique, descriptive Pool name. Consider the naming conventions, see
Naming rule for archive components on page 63.
5.
6.
Select a Storage tier (see Creating and Modifying Storage Tiers on page 81).
The name of the associated compression job is created automatically.
7.
8.
Select the pool in the top area of the result pane and click Attach Volume. A
window with all available hard disk volumes opens (see Creating and
Modifying Disk Volumes on page 46).
9.
Scheduling the
compression job
To schedule the associated compression job, select the pool and click Edit Compress
Job in the action pane. Configure the scheduling as described in Configuring Jobs
and Checking Job Protocol on page 83.
Modifying a
HDSK pool
To modify pool settings, select the pool and click Properties in the action pane. Only
the assignment of the storage tier can be changed.
2.
3.
Click New Pool in the action pane. The window to create a new pool opens.
4.
Enter a unique (per archive), descriptive Pool name. Consider the naming
conventions, see Naming rule for archive components on page 63
5.
AR090701-ACN-EN-6
Administration Guide
75
6.
7.
8.
Select the pool in the top area of the result pane and click Attach Volume. A
window with all available hard disk volumes opens (see Creating and
Modifying Disk Volumes on page 46).
9.
10. Schedule the Write job, see Configuring Jobs and Checking Job Protocol on
page 83.
Modifying a pool
To modify pool settings, select the pool and click Properties in the action pane.
Depending on the pool type you can modify settings or assign another buffer.
Important
You can assign another buffer to the pool. If you do so, make sure that:
all data from the old buffer is written to the storage media,
Data that remains in the buffer will be lost after the buffer change.
76
AR090701-ACN-EN-6
5.3
Writing
Write job
The name of the associated Write job is created automatically. The name can
only be changed during creation, but not modified later. To schedule the Write
job, see Configuring Jobs and Checking Job Protocol on page 83.
Original jukebox
Select the original jukebox.
Volume Name Pattern
Defines the pattern for creating volume names.
$(PREF)_$(ARCHIVE)_$(POOL)_$(SEQ) is set by default. $(ARCHIVE) is the
placeholder for the archive name, $(POOL) for the pool name and $(SEQ) for an
automatic serial number. The prefix $(PREF) is defined in Runtime and Core
Services > Configuration > Archive Server >
AS.ADMS.JOBS.AUTOINIT.ADMS_PART_PREFIX. You can define any
pattern, only the placeholder $(SEQ) is mandatory. You can also insert a fixed
text. The initialization of the medium is started by the Write job.
Click Test Pattern to view the name planned for the next volume based on this
pattern.
Allowed media type
Here you specify the permitted media type. ISO pools support:
DVD-R
Which DVD-R types are supported you find in the Hardware Release
Notes (see Open Text Knowledge Center
(https://knowledge.opentext.com/knowledge/llisapi.dll/fetch/2001/744
073/3551166/customview.html?func=ll&objId=3551166)).
WORM
Which WORM types are supported you find in the Hardware Release
Notes (see Open Text Knowledge Center
(https://knowledge.opentext.com/knowledge/llisapi.dll/fetch/2001/744
073/3551166/customview.html?func=ll&objId=3551166)).
HD-WO
HD-WO is the media type supported with many storage systems. An HD-WO
medium combines the characteristics of a hard disk and WORM: fast access to documents and secure document storage. Enter also the maximum
size of an ISO image in MB, separated by a colon:
For some storage systems, the maximum size is not required, refer to the
documentation of your storage system (see Open Text Knowledge Center
(https://knowledge.opentext.com/knowledge/llisapi.dll/fetch/2001/744
073/3551166/customview.html?func=ll&objId=3551166)).
Number of volumes
Number of ISO volumes to be written in the original jukebox. This number
consists of the original and the backup copies in the same jukebox. For virtual
jukeboxes (HD-WO media), the number of volumes must always be 1, as
backups must not be written to the same medium in the same storage system.
AR090701-ACN-EN-6
Administration Guide
77
78
AR090701-ACN-EN-6
5.3
Buffering
Used disk buffer
Select the designated buffer (see Configuring Buffers on page 47).
Initializing
Auto initialization
Select this option if you want to initialize the IXW media in this pool
automatically, see also Initializing Storage Volumes on page 60.
Original jukebox
Select the original jukebox.
Volume Name Pattern
Defines the pattern for creating volume names.
$(PREF)_$(ARCHIVE)_$(POOL)_$(SEQ) is set by default. $(ARCHIVE) is the
placeholder for the archive name, $(POOL for the pool name and $(SEQ) for an
automatic serial number. The prefix $(PREF) is defined in Runtime and Core
Services > Configuration > Archive Server >
AS.ADMS.JOBS.AUTOINIT.ADMS_PART_PREFIX. You can define any
pattern, only the placeholder $(SEQ) is mandatory. You can also insert a fixed
text. The initialization of the medium is started by the Write job.
Click Test Pattern to view the name planned for the next volume based on this
pattern.
Allowed media type
The media type is always WORM, for both WORM and UDO media.
Writing
Write job
The name of the associated Write job is created automatically. The name can
only be changed during creation, but not modified later. To schedule the Write
job, see Configuring Jobs and Checking Job Protocol on page 83.
Number of drives
Number of write drives that are available on the original jukebox.
Auto finalization
Select this option if you want to finalize the IXW media in this pool
automatically, see also Finalizing Storage Volumes on page 185.
Filling level of volume: ... %
Defines the filling level in percent at which the volume should be finalized. The
Storage Manager automatically calculates and reserves the storage space
required for the ISO file system. The filling level therefore refers to the space
remaining on the volume.
and last write process: ... days
Defines the number of days since the last write access.
AR090701-ACN-EN-6
Administration Guide
79
Backup
Backup enabled
Enable this option if the volumes of a pool are to be backed up locally in a
second jukebox of this archive server. During the backup operation, the
Local_Backup jobs only considers the pools for which backup has been enabled.
Backup jukebox
Select the backup jukebox.
Number of backups
Number of backup media that is written in the backup jukebox.
Number of drives
Number of write drives that are available on the backup jukebox. The setting is
only relevant or physical jukeboxes.
See also:
80
AR090701-ACN-EN-6
5.4
2.
3.
Select the pool, which should be the default pool, in the top area of the result
pane.
4.
Click Set as Default Pool in the action pane and click OK to confirm.
Business-critical
Description: Important to the enterprise, reasonable performance, good
availability
Nearline Data
Description: Rare access, large volumes
Proceed as follows:
1.
Select Storage Tiers in the System object. The present storage tiers are listed in
the result pane.
2.
3.
4.
Click Finish.
AR090701-ACN-EN-6
Administration Guide
81
Modifying
storage tiers
To modify a storage tier, select it and click Properties in the action pane. Proceed in
the same way as when creating a storage tier.
See also:
82
AR090701-ACN-EN-6
Chapter 6
Command
Description
SYS_EXPIRE_ALERTS
Alert_Cleanup
SYS_CLEANUP_ADMAUDIT
Audit_Sweeper
Local_Backup
backup
Writes the backup of a volume to a local backup jukebox, for all pools where the
Backup option is enabled.
Compress_Storm_Statistics
compress_storm_stati
stics
AR090701-ACN-EN-6
83
Name
Command
Description
Organize_Accounting_Data
organizeAccData
SYS_CLEANUP_PROTOCOL
Protocol_Sweeper
Delete_Empty_Volumes
delete_empty_volumes
SYS_REFRESH_ARCHIVE
Refresh_Archive_Info
Save_Storm_Files
save_storm_files
Synchronize_Replicates
synchronize
Purge_Expired
purge_expired
84
Command
Description
Write_CD
Writes data from disk buffer to storage media as ISO images, belongs
to ISO pools.
Write_WORM
Writes data incrementally from disk buffer to WORM and UDO, belongs to IXW pools.
Write_GS
Writes single files from disk buffer to a storage system through the
interface of the storage system (vendor interface), belongs to Single
File (VI) pools.
Write_HDSK
Writes single files from disk buffer to the file system of an external
storage system, belongs to Single File (FS) pools.
AR090701-ACN-EN-6
6.2
Command
Description
Purge_Buffer
backup_pool
Compress_HDSK
Description
Copy_Back
Migrate_Volumes
compare_backup_
worms
Checks one or more backup IXW volumes. Enter the volume name(s)
as argument. You can use the * wildcard. If no argument is set, all
backup IXW volumes in all jukeboxes are compared.
hashtree
Builds the hash trees for ArchiSig timestamps, see ArchiSig timestamps on page 107.
pagelist
start<DPname>
AR090701-ACN-EN-6
Administration Guide
85
1.
2.
Depending on the actual status of the scheduler click Start Scheduler or Stop
Scheduler in the action pane to change the status. The actual status is displayed
in the first line of the jobs tab.
2.
Select the Jobs tab in the top area of the result pane. The jobs are listed.
3.
4.
Depending on the actual status of the job, click Start or Stop in the action pane
to change the status of the job.
2.
Select the Jobs tab in the top area of the result pane. The jobs are listed.
3.
4.
Click Enable or Disable in the action pane to change the status of the job.
86
1.
To check, create, modify and delete jobs, select Jobs in the System object in the
console tree.
2.
Select the Jobs tab in the top area of the result pane. The jobs are listed.
3.
Select the job you want to check. The latest message of this job is listed in the
bottom area of the result pane.
4.
Click Edit to check details of the job. See also Creating and Modifying Jobs on
page 87.
AR090701-ACN-EN-6
6.6
2.
Select the Jobs tab in the top area of the result pane.
3.
Click New Job in the action pane. The wizard to create a new job opens.
4.
Enter a name for the new job. Select the command and enter the arguments
depending on the job.
Name
Unique name of the job that describes its function so that you can distinguish
between jobs having the same command. Do not use blanks and special
characters. You cannot modify the name later.
Command
Select the job command to be executed. See also Important Jobs and
Commands on page 83.
Argument
Entries can expand the selected command. The entries in the Arguments
field are limited to 250 characters. See also Important Jobs and Commands
on page 83.
Modifying jobs
5.
6.
Depending on the start mode, define the scheduling settings or the previous job.
See also Setting the Start Mode and Scheduling of Jobs on page 87.
7.
To modify a job, select it and click Edit in the action pane. Proceed in the same way
as when creating a job.
at a certain time,
AR090701-ACN-EN-6
Administration Guide
87
Start Mode
Specification of the start mode. Check the mode to define specific settings.
Scheduled
If you use this start mode, you can define the start time of the job, specified
by month, day, hour and minute. Thus, you can define daily, weekly and
monthly jobs or define the repetition of jobs by setting a frequency (hours or
minutes).
After previous job finished
If you use this start mode, you can specify the type of action that is to be
performed before the job is started. You can select between successfully
starting of the Administration Server and other jobs.
The return value indicates the result of a job run. If an job finishes
successfully, it usually returns the value 0. To start a job only when the
previous job finished successfully, enter 0 into the Return Value field.
If you use the Time Frame option, you can specify a time period within the
execution of the job is allowed.
General recommendations for job scheduling
Jobs accessing the database on the same server must not collide, for example, the
Write jobs, Local_Backup job and Purge_Buffer jobs.
Monitor the job messages and check the time period the jobs take. Adapt the job
scheduling accordingly.
Jobs accessing jukebox drives must not collide: different Write jobs,
Local_Backup, Synchronize_Replicates (Remote Standby Server) and
Save_Storm_Files.
Only one drive is used for Write jobs on WORM/UDO. Therefore, only one
WORM/UDO can be written at a time. That means, only one logical archive can
be served at a time.
Backup jobs need two drives, one for the original, one for the backup media.
88
AR090701-ACN-EN-6
6.8
The entries in the job protocol are regularly deleted by the SYS_CLEANUP_PROTOCOL
job that usually runs weekly. You can modify the maximum age and number of
protocol entries in
Runtime and Core Services > Configuration > Archive Server >
AS.ADMS.JOBS.ADMS_PROTOCOL_MAX_AGE and
AS.ADMS.JOBS.ADMS_PROTOCOL_MAX_SIZE.
Checking the last message of a job
Proceed as follows:
1.
2.
Select the Jobs tab in the top area of the result pane.
3.
2.
Select the Protocol tab in the top area of the result pane. All protocol entries are
listed. Protocol entries with a red icon are terminated with an error. Green icons
identify jobs that have run successfully.
3.
Select a protocol entry to see detailed messages in the bottom area of the result
pane.
4.
5.
6.
Name
ID
Execution identification of the job instance. The number appears on job initialization and is repeated on job execution.
Status
Command
AR090701-ACN-EN-6
Administration Guide
89
Message
Message generated by Archive and Storage Services. It provides more detailed information about how the job was terminated in case of an error.
2.
Select the Protocol tab in the top area of the result pane. All protocol entries are
listed.
3.
90
AR090701-ACN-EN-6
Chapter 7
SecKeys / Signed URLs, for verification of URL requests (see SecKeys / Signed
URLs on page 92).
Secure HTTP communication with SSL (see Secure HTTP Communication with
SSL on page 100).
The administration of the encryption certificates, the system keys and the
timestamps is done in the Key Store in the System object of the console tree.
More information
You can find more information on security topics in the Security folder in the
Knowledge Center
(https://knowledge.opentext.com/knowledge/llisapi.dll/open/15491557).
Configuration settings concerning security topics are described in more detail in
part 2 "Configuration Reference: Archive and Storage Services, Document Pipeline,
Monitor Server and Monitor Web Client" in Open Text Administration Help - Runtime
and Core Services (ELCS100100-H-AGM) under Document Service, Key Store
backup/restore tool and Timestamp Server.
AR090701-ACN-EN-6
91
Important
You can define the name of the application and configure the certificate
correspondingly (For example, if you set up a whole new system).
You can gather the application ID (name of the application) from the certificate;
see the procedure below.
2.
In the console tree, expand Archiving and Storage and log on to the archive
server.
3.
Select the Archives > Original Archives > <archive to connect> node.
4.
In the result pane, from the Certificates tab, select the imported certificate.
5.
6.
From the Subject entry, note or copy the value after CN=
Use this value as the application ID when creating the application type
(Libraries > <Library Server> > Customization > Applications).
92
AR090701-ACN-EN-6
7.2
access. It contains a digital signature and a signature time and date. The requesting
system creates a signature for the relevant parameters in the URL and the expiration
time and signs it with a private key. Archive and Storage Services verifies the
signature with the public key and only accepts requests with a valid signature and if
the SecKey's expiration time is not expired.
Certificates
The certificates with public keys are related to the logical archives. You can use
different keys for different archives if you have more than one leading application
or document types with different security requirements. You can also use one
certificate for several or all archives.
Remote Standby
Protection levels
Caution
Do not use the Ignore Document Protection setting on a working server!
Take care to enable the Signature required to settings for the archives.
Otherwise, protected documents can be used without a valid SecKey.
Main tasks
The administrator must send or import the certificate with the public key to the
archive server. This procedure depends on the requesting leading application or
component. On the archive server, the administrator must configure the usage of
SecKeys:
AR090701-ACN-EN-6
Administration Guide
93
Configure the security settings for the logical archives (see Configuring the
Archive Security Settings on page 68).
94
1.
Select Configuration > Archive and Storage Services in the Runtime and Core
Services object in the console tree.
2.
Select AS.DS.SECURITY.GLOBAL_HTTP.SEC_ARCHIVESECURITYMODE
and click Set in the action pane.
3.
AR090701-ACN-EN-6
7.2
Proceed as follows:
1.
2.
3.
Check the fingerprint and view the certificate you have imported or sent (see
Checking the Encryption Certificates on page 103).
4.
b.
c.
Click Properties in the action pane and select the Security tab.
Select the encryption certificate and click Enable in the action pane.
2.
AR090701-ACN-EN-6
Administration Guide
95
3.
Select the Certificates tab in the result pane. All imported certificates are listed.
4.
Select the designated certificate and click Change Privileges in the action pane.
5.
Select the privileges you want to assign to the certificate. The following
privileges are available:
Read documents
Create documents
Update documents
Delete documents
Pass by
This privilege is only evaluated in Enterprise Library Services scenarios. Pass
by must be set for the certificate of the
Pass by must not be set for all other kinds of client certificates, e.g. SAP.
6.
96
1.
2.
3.
4.
Click Browse to open the file browser for the archive server filesystem and
select the designated Certificate. Click OK to resume.
5.
AR090701-ACN-EN-6
7.2
A protocol window shows the progress and the result of the import. To check
the protocol later on, see Checking Utilities Protocols on page 222.
6.
Select a logical archive in the console tree and select the Certificates tab in the
result pane. All available certificates are listed.
7.
8.
Select the imported global certificate and click enable in the action pane. The
global certificate is activated for all archives.
2.
Select the designate logical archive in the console tree and click Import
Certificate for Authentication in the action pane. A window to specify the
certificate opens.
3.
4.
Click Browse to open the file browser for the archive server filesystem and
select the designated Certificate. Click OK to resume.
5.
6.
Select the Certificates tab in the result pane. All certificates or the logical archive
are listed.
7.
8.
Select the imported certificate and click enable in the action pane to activate the
certificate.
AR090701-ACN-EN-6
Select the designated archive in Original Archives in the Archives object in the
console tree.
Administration Guide
97
2.
Select the Certificates tab in the result pane. All certificates or the logical archive
are listed.
3.
Select the designated certificate and click View Certificate in the action pane.
4.
98
AR090701-ACN-EN-6
7.2
Proceed as follows:
1.
Create a certificate with the certtool utility (command line), or create the
request and send it to a trust center. The <key>.pem file contains the private key
and is used to sign the URL. <cert>.pem contains the public key that the
archive server uses to verify the signatures.
2.
Store the certificate and the private key on the server of your leading application
(see the corresponding Administration Guide for details).
For Enterprise Scan and client programs of Archive and Storage Services, store
the certificates in the directories defined in the file <OT config>\Pipeline\config\setup\common.setup. The entry Client Private Key File defines the
directory for the key.pem file and the entry Client Certificate File for the
cert.pem file. The directory <OT config AS>\seckey\ is entered by default.
Correct the path, if necessary, and add the file names.
By storing the certificates in the file system, they are recognized by Enterprise
Scan and the client programs.
Important
For security reasons, limit the read permission for these directories to
the system user (Windows) or the archive user (UNIX).
3.
To import the certificate with the utility, see Importing and Checking
Certificates for Authentication on page 96.
Repeat this step, if you want to use the certificate for several archives.
4.
Open a command line, enter the following command and press ENTER:
C:\>dsh -h <host>
For the <archive> variable, enter the logical archive on the archive server for
which the certificate is relevant. Replace the <file> variable with the name of
the certificate, i.e. cert.pem.
If you need the certificate for several archives, call the command again for
each archive.
d. Quit the program with exit.
AR090701-ACN-EN-6
Administration Guide
99
5.
Create a certificate or request for certificate with the certtool utility (command
line).
You find a description in the certtool utility folder in the Knowledge Center
(https://knowledge.opentext.com/knowledge/llisapi.dll/open/15491558).
2.
Caution
Do not overwrite the ixoscert.pem file; otherwise, the server will not
be able to decrypt encrypted documents anymore!
3.
4.
100
Activate SSL communication for the logical archives (see Configuring the
Archive Security Settings on page 68).
AR090701-ACN-EN-6
7.4
Caution
Be sure to store this key securely, so that you can re-import it if necessary.
If the key gets lost, the documents that were encrypted with it can no
longer be read!
Do not delete any key if you set a newer one as current. It is still used for
decryption.
1.
2.
3.
Click Generate System Key in the action pane. A new key is generated.
AR090701-ACN-EN-6
Administration Guide
101
4.
Export the new system key with the recIO command line tool and store it at a
safe place (see Exporting and Importing the Key Store on page 103).
5.
6.
Select the created system key and click Set as current key. A key can only be set
as current key if it is successfully exported.
New documents are encrypted now with the current key, while decryption
always uses the appropriate key.
The Synchronize_Replicates job updates the keys and certificates first, before it
synchronizes the documents. The system keys are transmitted encrypted.
If you do not want to transmit the system keys through the network, you can also
export them from the original server to an external data medium and re-import
them on the backup server (see Exporting and Importing the Key Store on
page 103).
2.
3.
4.
Select the Settings tab in the properties window (see also Configuring the
Archive Settings on page 70).
5.
102
AR090701-ACN-EN-6
7.6
Proceed as follows:
1.
2.
Select the Encryption Certificates tab in the result pane. All available certificates
are listed.
3.
4.
Enter the path and the complete file name of the certificate or click Browse to
open the file browser. Select the designated Certificate and click OK to confirm.
5.
6.
2.
3.
Select the certificate to check and click View Certificate in the action pane.
4.
AR090701-ACN-EN-6
Administration Guide
103
E
Exports the contents of the key store. Use the export in particular to store the
system keys for document encryption.
The user must log on and specify a path for the export files. The option -t NN:MM
splits the contents of the key store into several different files (MM; maximum 8).
At least NN files must be reimported in order to restore the complete key store.
Example:
sunny:~> /usr/ixos-archive/bin/recIO E -t 3:5
recIO 5.0 (C) 2001 IXOS Software AG built May 14 2001
Please authenticate!
User
:dsadmin
Password :
Writing keystore with 3 system-keys to 5 token-files (3 required to restore)
Token[1/5] (default = /floppy/ixoskey.pem )
File (CR to accept above) : p1.pem
Token[2/5] (default = /floppy/ixoskey.pem )
File (CR to accept above) : p2.pem
Token[3/5] (default = /floppy/ixoskey.pem )
File (CR to accept above) : p3.pem
Token[4/5] (default = /floppy/ixoskey.pem )
File (CR to accept above) : p4.pem
Token[5/5] (default = /floppy/ixoskey.pem )
File (CR to accept above) : p5.pem
V
Verifies the contents of the key store against the exported files.
The user must log on and specify the path for the exported data. Then the
exported data is compared with the key store on the archive server.
Example:
sunny:~> /usr/ixos-archive/bin/recIO V
recIO 5.0 (C) 2001 IXOS Software AG built May 14 2001
Please authenticate!
User
:dsadmin
Password :
Token[1/?] (default = /floppy/ixoskey.pem)
File (CR to accept above) : p1.pem
Token[2/3] (default = /floppy/ixoskey.pem)
File (CR to accept above) : p2.pem
Token[3/3] (default = /floppy/ixoskey.pem)
104
AR090701-ACN-EN-6
7.7
D
Displays the information on the exported files. The information is shown in a
table.
Example:
sunny:~> /usr/ixos-archive/bin/recIO D
recIO 5.0 (C) 2001 IXOS Software AG built May 14 2001
Token[1/?] (default = /floppy/ixoskey.pem)
File (CR to accept above) : p1.pem
Token[2/3] (default = /floppy/ixoskey.pem)
File (CR to accept above) : p2.pem
Token[3/3] (default = /floppy/ixoskey.pem)
File (CR to accept above) : p3.pem
created
origin
idx ID
--------------------------------------------------1 EA03BDAF9ABB85A1 2001/01/18 17:26:01 sunny
2 1EE312C064A27F73 2000/11/03 14:28:08 hausse
3 BEEB5213EF5FFABF 2000/11/08 09:26:36 emma
I
Imports the saved key store.
The user must log on and specify the path for the exported data. The data in the
key store is restored, encrypted with the archive server's public key and sent to
the administration server. The results are displayed. Keys already contained in
the archive server's store are not overwritten.
Example:
sunny:~> /usr/ixos-archive/bin/recIO V
recIO 5.0 (C) 2001 IXOS Software AG built May 14 2001
Please authenticate!
User
:dsadmin
Password :
Token[1/?] (default = /floppy/ixoskey.pem)
File (CR to accept above) : p1.pem
Token[2/3] (default = /floppy/ixoskey.pem)
File (CR to accept above) : p2.pem
Token[3/3] (default = /floppy/ixoskey.pem)
File (CR to accept above) : p3.pem
ID:BEEB5213EF5FFABF created:2000/11/08 09:26:36 origin:emma
Key already exists
ID:276CBED602BDFC25 created:2001/01/18 12:09:32 origin:arthomasa
Key successfully imported
AR090701-ACN-EN-6
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
Administration Guide
105
2.
Select the Analyze Security Settings utility in the result pane and click Run in
the action pane.
3.
4.
Click Run.
7.8 Checksums
Checksums are used to recognize and reveal unwanted modifications to the
documents on their way through the archive. The checksums are not signed, as the
methods used to reveal modifications are directed towards technical failures and not
malicious attacks.
The Enterprise Scan generates checksums for all scanned documents and passes
them on to the Document Service. The Document Service verifies the checksums and
reports errors that occur (see Monitoring with Notifications on page 265). On the
way from the Document Service to the STORM, the documents are provided with
checksums as well, in order to recognize errors when writing to the media.
The leading application, or some client, can also send a timestamp instead of the
checksum. The verification can check timestamps as well as checksums. The
certificates for those timestamps must be known to the archive server and enabled,
before the timestamp checksums can be verified (see Importing a Certificate for
Timestamp Verification on page 110).
You can activate the use of checksums for Document Pipelines on the local server,
defined in the file <OT config>\Pipeline\config\setup\common.setup. Set the
entry Use checksum in DS communication to on.
106
AR090701-ACN-EN-6
7.9
Timestamps
7.9 Timestamps
Timestamps
Using timestamps, you can verify that documents have not been altered since
archiving time. An additional Timestamp Server is required for this (see
Configuring the Archive Settings on page 70). Creating a timestamp means: The
computer calculates a unique number - a cryptographic checksum or hash value from the content of the document. The timestamp server adds the time and signs the
checksum with the private key. The signature is stored together with the document
component. When a document is requested, Archive and Storage Services verifies
whether the component was modified after storage by looking at the signature. It
needs the public key of the timestamp server certificate for verification. The
Windows Viewer and Java Viewer can display the verification result. Archive and
Storage Services can use timestamps in two ways:
ArchiSig timestamps
Document
timestamps
Each document component gets a timestamp when it arrives in the archive - more
precisely, when it arrives in the disk buffer and is known to the DS. This (old)
method requires a huge amount of timestamps and can be very expensive,
depending on the number of documents. Thus, it is available only for archives that
used timestamps in former archive server versions. You can migrate these
timestamps to ArchiSig timestamps.
ArchiSig
timestamps
With ArchiSig timestamps, the timestamps are not added per document, but for
containers of documents represented by hash trees:
AR090701-ACN-EN-6
Administration Guide
107
A job builds the hash tree that consists of hash values of as many documents as
configured, and signs with the timestamp. Thus, you can collect, for example, all
documents of a day in one hash tree. Only one timestamp per hash tree is required.
The verification process needs only the document and the hash chain leading from
the document to the timestamp but not the whole hash tree:
ArchiSig timestamps are less expensive and can be easily renewed. Open Text
recommends to use this method.
Renewal of
timestamps
108
Electronically signed documents can loose their validity in the course of time,
because the availability and verifiability of certificates is limited (depend on the
regional laws) and the key lengths, certificates as well as cryptographic and hash
algorithms may become unsafe. Therefore, you can renew the timestamps for longterm stored documents. You should renew the timestamps, before:
AR090701-ACN-EN-6
7.9
Timestamps
You need only one new timestamp per hash tree. No access to the documents is
necessary. At the current standard of knowledge, the timestamp should be updated
every 5 years.
Renewal of hash
tree
Configuration
If documents must be retained a very long time (more than 20 years), the hash
algorithm that is used to calculate the hash values may become unsafe. In this rare
case, the hash tree must be renewed: The system reads the documents and calculates
new hash values and a new hash tree with a new hash algorithm, and signs the new
tree with a time stamp. This procedure is very time-consuming (see Renewing
Hash Trees on page 113).
You can set up signing documents with timestamps and the verification of
timestamps including the response behavior for each archive (see Configuring the
Archive Settings on page 70). Consider the recommendations given above.
Important
Once you have decided to use ArchiSig timestamps, you cannot go back to
document timestamps.
If you use both methods in parallel, the document timestamp secures the document
until the hash tree is built and signed. As this time period is short, an inexpensive
timestamp is sufficient for the documents, while the hash tree gets a timestamp
created with a certificate of an accredited provider. This trusted certificate is used
for verification.
Certificates
An archive server gets the certificates required for verification on different ways:
Timeproof timestamp server and IXOS timestamps
The certificate is automatically stored on the Administration Server during the
first signing process. Thus, the certificates are only shown in the Security tab
after several documents have been signed. If you want the certificates to be
shown before the signing starts, enter in the command line:
For Document timestamps: dsSign -t
For ArchiSig timestamps: dsHashTree -T
Other timestamp servers like AuthentiDate
You import the certificate with the Import Certificate for Timestamp
Verification utility.
See Importing a Certificate for Timestamp Verification on page 110.
After import, check the fingerprint and enable the certificate.
Remote Standby
AR090701-ACN-EN-6
Administration Guide
109
2.
Select the Timestamps Certificates tab in the result pane. The current available
timestamps are listed.
3.
4.
5.
Click Browse to open the file browser and select the designated Certificate.
Click OK to resume.
6.
7.
8.
Select the certificate in the result pane. Click Enable in the action pane to
activate the certificate.
2.
3.
Select the certificate to check and click View Certificate in the action pane.
4.
110
AR090701-ACN-EN-6
7.9
Timestamps
shows the complete derivation chain. You can also view the parent certificate
information from here.
Select Configuration in the Runtime and Core Services object in the console
tree.
2.
3.
Enter settings:
Minimum number of components per hash tree:
AS.DS.COMPONENT.ARCHISIG.TS_MINCNT
The number of document components that are required to build a new hash
tree. In other words, this is the minimum number of document components
signed with one timestamp. For a rough rule of thumb, you can enter 2/3 of
your daily average number of document components to get one hash tree
per day.
Port / Hostname of the timestamp server:
AS.DS.COMPONENT.ARCHISIG.TS_HOST
AS.DS.COMPONENT.ARCHISIG.TS_PORT
Enter the name and the port of your timestamp server.
4.
Check the other values. Usually, you can use the default values.
5.
Select the Timestamp Certificates Tab in Key Store in the System object of the
console tree.
6.
Select the Timestamp Certificates you want to use and click Enable in the action
pane.
7.
In the Archives object of the console tree. Create a new archive with the name
ATS and a pool to define where the hash trees are stored.
8.
9.
a.
b.
c.
In Jobs in the System object of the console tree, create jobs to build the hash
trees. You need one job for each archive that uses timestamps.
See also: Configuring Jobs and Checking Job Protocol on page 83.
Command
hashtree
AR090701-ACN-EN-6
Administration Guide
111
Arguments
Archive name
Scheduling
If you use ArchiSig timestamps, schedule a nightly job. If the hash trees are
written to a storage system, make sure that the job is finished before the
Write job starts.
Proceed as follows:
1.
2.
In a command line, call the timestamp migration tool for each pool to be
migrated:
dsReSign p <pool name>
3.
Call the hash tree creation tool for each archive with migrated timestamps:
dsHashTree <archive name>
The tools calculate hash values from the existing timestamps, build hash trees and
get a timestamp for each tree.
2.
112
AR090701-ACN-EN-6
7.9
Timestamps
3.
In the resulting list, find the distinguished subject name(s) of your timestamp
service (subject of the service's certificate).
4.
The process finds all timestamps that were created with the certificate indicated in
the command. It calculates hash values for the timestamps and builds new hash
trees. Each hash tree is signed with a new timestamp.
To create the hash trees for the new documents, open a command line and
execute the command
> dsHashTree -m 1 [archive] for each logical archive using ArchiSig.
2.
Select Configuration in the Runtime and Core Services object in the console
tree.
3.
4.
5.
6.
In the Archives object of the console tree, create a new archive with the name
ATSC and a pool (HDSK).
7.
The process reads and re-hashes all documents in the specified archive and creates
new hash trees in the ATS archive. It writes the information required for verification
to the attrib.atr files of the documents and stores the updated files in the ATSC
archive. Both archives are necessary to verify the timestamps.
AR090701-ACN-EN-6
Administration Guide
113
114
AR090701-ACN-EN-6
opens. Changes made in this window will not be used until Timestamp Server is
restarted.
AR090701-ACN-EN-6
Administration Guide
115
2.
Location
Every timestamp must contain information about the document and the
current time. Timestamps in the SigI-A4 format must also contain
information about Timestamp Server's geographic location. Supply your
location in a suitable format like <city>, <country>. The minimum length of
this string is 3 characters.
Server
This is the hostname of the computer on which Timestamp Server runs.
Port
The one and only communication interface of Timestamp Server is a TCP
port. Timestamp requests sent to this address will be processed if Timestamp
Server is running and configured. Therefore, you must specify the port
number. The default value is 32001; any number between 1 and 32767 might
work unless another process is using that port. Ports up to 1024 can only be
used if Timestamp Server runs with root privileges. When in doubt, contact
your system administrator.
Warning
A notification will be sent a given number of hours before the timeout is
reached. The status of the Timestamp service icon in Monitor Web Client
will change to warning. A setting of 0 disables this feature. See also
Creating and Modifying Notifications on page 269.
Time display
The main dialog retrieves the time from Timestamp Server and displays it
permanently. It can show the time as GMT (Greenwich Mean Time), or as a
local time representation, or both formats at the same time.
Signature Key File
For a full configuration, you can leave this entry empty for now. If you want
to do a quick start, select the file <OT config AS>/timestamp/stampkey.pem. The passphrase for this key file is ixos.
Change Passphrase
You can change the passphrase, which protects the signature key. If you
change the passphrase, the key file will be re-written.
Note: Any older copy of that file will still be usable with the old
passphrase.
116
AR090701-ACN-EN-6
Timeout
Because the internal clock of a computer has limited precision, this setting
provides a possibility to set a timeout period in hours after which
Timestamp Server refuses to timestamp incoming requests. The timeout
counter is reset every time you transmit the signing key as described in
Timestamp Server Administration on page 126. A timeout setting of 0 will
disable this feature and leave the server running unlimited.
Administration
If Timestamp Server is installed on a windows platform, Timestamp Server
Administration can be installed on the same machine. Otherwise, it can be
installed on a remote computer to do the administration via remote access.
Configuration requests will only be accepted by Timestamp Server if the
remote host is specified in this line. Multiple hostnames and IP addresses
must be separated by semicolons (;). If no host is supplied, only local
administration is possible.
Allow remote administration from any host
This is not recommended! Selecting this check box causes Timestamp Server
to accept configuration requests from any host. Only use this for debugging
or experimental purposes!
Timestamp Policy
Timestamps in the PKIX format (RFC 3161) contain an object identifier
(OID), which defines a timestamp policy. Leave the default value
(1.3.6.1.5.7.7.2) unless you know exactly what you need.
Notification
A given time in days before the first of all certificates expires, Timestamp
Server starts sending one notification a day to remind the administrator.
Passphrase(!)
This entry is needed for auto-initialization. If you enter a passphrase here, it
will be stored in Timestamp Server's configuration in an encrypted format.
At startup time, Timestamp Server can read and decrypt this passphrase and
use it to decode the signature key and initialize itself.
AR090701-ACN-EN-6
Administration Guide
117
Hash Algorithm
If a certain hash algorithm is specified here, Timestamp Server will use that
algorithm to create the signatures. The default setting is same as in TS
request which causes Timestamp Server to use the same hash algorithm for
the signature as the one specified in the timestamp request it receives from
Archive and Storage Services.
Protocol file location
The path of the protocol file location.
Note: The path for the protocol file must exist or no protocol file will be
written. When starting up, Timestamp Server reads the last serial
number issued and continues timestamping with the next serial
number. If no logfile exists, Timestamp Server would begin with serial
number 1 to assign timestamps after each startup.
Maximum size
A maximum file size in kilobytes can be specified here. The protocol file will
be renamed to <filename>.old if its size exceeds the given value. A
previous old-file will be overwritten. If a size of 0 is specified, the protocol
file will grow infinitely.
2.
Select Configuration in the Runtime and Core Services object in the console
tree.
3.
4.
118
AR090701-ACN-EN-6
AR090701-ACN-EN-6
Administration Guide
119
120
AR090701-ACN-EN-6
2.
3.
4.
5.
Import the certificate in the Key Store to use it (see Importing a Certificate for
Timestamp Verification on page 110).
AR090701-ACN-EN-6
Administration Guide
121
Proceed as follows:
1.
2.
Click Generate keys. The Generate new key pair window opens.
3.
Enter settings:
Passphrase
Enter the passphrase twice. This passphrase will be used to encrypt the keypair before storing it in a file.
122
AR090701-ACN-EN-6
Caution
The program can decrypt the key-pair only if you supply the
passphrase, so do not forget it. Timestamp Server cannot create
timestamps without it. The usual good advice for password selection
and handling applies: use a difficult password, do not write it down!
Key length
At least 1024 bits are recommended. Longer keys increase security and
validity time of the issued timestamps, but they also increase the time
needed to sign and verify those timestamps.
RSA/DSA
Selects the signature algorithm for which the key will be generated. RSA is
recommended since not all trust centers support DSA.
4.
Click Start to generate the key. This may take several minutes depending on the
key length and your machine's computing power. Generating a 2048 bit DSA
key on a P133 can take almost one hour!
After key generation, you will be asked where to store the key. You are basically free
to select the location. Two locations make special sense:
Auto-initialization
In the <OT config AS>/timestamp/ directory. Easy to find but also readable by
an attacker.
On a memory stick or a floppy disk. The floppy disk can be removed and stored
in a secure place. However, it is needed every time the key-pair is sent to Timestamp Server, i.e. every time you start Timestamp Server and every time the
timeout expires.
If your Timestamp Server runs in on a machine different from the one where you
run Timestamp Server Administration, you must copy the file containing the key to
a directory on the machine where Timestamp Server runs. This is typically the <OT
config AS>/timestamp/ directory. Then you can configure Timestamp Server to
use the signature key from that file in the configuration as described in
Configuration for Autostart on page 120.
AR090701-ACN-EN-6
Administration Guide
123
2.
3.
Enter settings. The fields Country, Organization and Common Name are
mandatory. Common Name should be the fully qualified hostname of
Timestamp Server. Organizational Unit, State / Province, Location and Email
are optional.
4.
5.
Enter a filename and save the file. The contents of the file should look
something like this:
-----BEGIN CERTIFICATE REQUEST----MIICaDCCAiQCAQEwYzELMAkGA1UEBhMCREUxGTAXBgNVBAoTEElYT1MgU09GVFdB
UkUgQUcxDjAMBgNVBAsTBVRTMDAxMQ8wDQYDVQQHEwZNdW5pY2gxGDAWBgNVBAMT
...
I/ofikRvFV+fnw/kkddqr7VdNMH2oOHlozmgADALBgcqhkjOOAQDBQADMQAwLgIV
AJPkQtYi7uSSA3II6xeG6ucxJNz0AhUAh3acSLKnILYwnqdR7Vz8/R0b53s=
-----END CERTIFICATE REQUEST-----
6.
124
Use the request in the file to apply for a certificate at a trust center in a PEM file
format.
AR090701-ACN-EN-6
2.
3.
4.
or
Proceed as follows:
1.
2.
Select the old certificates and click Remove Certificate. Click Yes to confirm.
3.
AR090701-ACN-EN-6
Administration Guide
125
4.
Add certificates. Start with the self-signed root certificate (either issued by the
trust center for itself or issued by the root authority for itself). The program will
complain if the order is not correct. A dialog displays the properties of each
certificate you are about to install.
5.
Verify this information thoroughly, especially the Valid not before and Valid
not after items.
6.
Click Yes to confirm that you want to use this certificate. The certificate will be
copied to the application directory.
Note: The program checks the certificate's Valid not before and Valid not
after specifications and rejects it if it is not valid.
126
AR090701-ACN-EN-6
Note: If Timestamp Server for some reason does not grant you access for
configuration requests, the server's system time is displayed but the status
values for Signature key, Certificates, Location, and Time only show a
question mark.
If you are performing remote administration (i.e. with Timestamp Server
Administration on your local host and Timestamp Server on another
computer), make sure that the correct hostname for the administration host is
entered on the computer that runs Timestamp Server (see Configuring Basic
Settings with Timestamp Server Administration on page 114).
The following steps are recommended:
1.
2.
3.
If you still cannot get Timestamp Server to run, open a command prompt
window, go to the <OT install>/bin directory and type
>> ixTkernel -debug
The debug output should give you a hint, why Timestamp Server refuses to
start.
Checking the
status via Web
browser
The general status of Timestamp Server together with some details about its
configuration can also be retrieved and displayed with a standard Web browser.
Use the following URL:
http://<servername>:<port>
As <servername> use the machine name of Timestamp Server and as <port> use
the configured port. (The default port is 32001.)
AR090701-ACN-EN-6
Administration Guide
127
Note: The status can only be retrieved on machines that are configured as
Administration hosts in Timestamp Server setup. If Allow remote
administration from any host is selected, the Web status can be used on any
host, of course.
There is a link to Timestamp Server's logfile. Following this link may take some time
if the logfile is large. Your browser may even hang or crash if the logfile is too large.
This is not a bug in the server software!
2.
Check the displayed time whether it is correct. If not, you must cancel this
dialog and adjust the time for Timestamp Server first (see Checking and
Adjusting the Time on page 129).
3.
128
AR090701-ACN-EN-6
2.
2.
3.
4.
Click Adjust Time and correct Timestamp Server's time if necessary. The time
can be entered in either GMT or the local time representation.
AR090701-ACN-EN-6
Administration Guide
129
5.
6.
Click Transmit Parameters again and provide your passphrase when asked (see
Transmit Parameters on page 128).
Certificates
130
1.
2.
Make sure that Timestamp Server is running and can be contacted. The Status
must be running (see Checking the Status and Restarting Timestamp Server
on page 127).
3.
AR090701-ACN-EN-6
Ensure that all certificates are valid (not expired) and the server has the correct
time.
4.
First, the program compares the server's public key with the public key in
the server's certificate. The two should match, otherwise the error message
Signature key could not be verified is displayed.
Second, it is verified that every certificate is currently valid and has not
expired. A certificate has expired is displayed otherwise.
Finally all certificates are verified with the issuer's public keys (taken from
the issuer's certificates). If this fails, the error message Verification of
certification path failed is displayed.
5.
If you receive errors, check whether the signature keys, the certificates, the
location and the time settings are configured correctly (see Configuring
Certificates and Signature Keys on page 121, Checking the Location on
page 131, Checking and Adjusting the Time on page 129).
6.
Click Transmit Parameters again and provide your passphrase when asked (see
Transmit Parameters on page 128).
If no error occurs and you see the message Certification path verified
successfully, the configuration is correct and can be used to run Timestamp
Server.
2.
Make sure that Timestamp Server is running and can be connected. The Status
must be running. If not, see Checking the Status and Restarting Timestamp
Server on page 127.
3.
4.
Click Transmit Parameters and provide your passphrase when asked (see
Transmit Parameters on page 128).
AR090701-ACN-EN-6
Administration Guide
131
Chapter 8
You want to change the password of the dsadmin administrator of the archive
server.
Important
See Password Security and Settings below for additional information
on passwords.
The productive users of the leading application are managed in other user
management systems.
Password
settings
Minimum length
for passwords
Change the password for the administrative users after installation, e.g. dsadmin
and dp*, if pipelines are in use.
In case the administrator password has been lost: Contact Open Text Customer
Support to create an initial password for the archive administrator.
You can specify a minimum length for passwords, if a user is locked out after
several unsuccessful logons and how long the lockout is to be.
You can define a minimum character length for passwords. If you do not set this
property, the default value is eight.
Proceed as follows:
1.
AR090701-ACN-EN-6
From the <OT config AS>\setup directory, open the DS.Setup file in a text
editor.
133
2.
3.
4.
You can define that a user is locked out after a specified number of failed attempts
to log on; default is 0 (no lockout).
Note: The dsadmin user will never be locked out.
Proceed as follows:
1.
From the <OT config AS>\setup directory, open the DS.Setup file in a text
editor.
2.
Unlock after
failed logons
3.
4.
You can define how long a user is locked out after a failed attempt; default is zero
seconds.
Note: The dsadmin user will never be locked out.
Proceed as follows:
1.
From the <OT config AS>\setup directory, open the DS.Setup file in a text
editor.
2.
3.
4.
8.2 Concept
Modules
To keep administrative effort as low as possible, the rights are combined in policies
and users are combined in user groups. The concept consists of three modules:
User groups
A user group is a set of users who have been granted the same rights. Users are
assigned to a user group as members. Policies are also assigned to a user group.
The rights defined in the policy apply to every member of the user group.
134
AR090701-ACN-EN-6
8.3
Users
A user is assigned to one or more user groups, and he is allowed to perform the
functions that are defined in the policies of these groups. It is not possible to
assign individual rights to individual users.
Policies
A policy is a set of rights, i.e. actions that a user with this policy is allowed to
carry out. You can define your own policies in addition to using predefined and
unmodifiable policies.
Standard users
During the installation of Archive and Storage Services, some standard users, user
groups and policies are preconfigured:
dsadmin in aradmins group
This is the administrator of the archive system. The group has the ALL_ADMS
policy and can perform all administration tasks, view accounting information,
and start/stop the Spawner. After installation, the password is empty, change it
as soon as possible, see Creating and Modifying Users on page 138.
dpuser in dpusers group
This user controls the DocTools of the Document Pipelines. The group has the
DPinfoDocToolAdministration policy. The password is set by the dsadmin
user, see Creating and Modifying Users on page 138.
dpadmin in dpadmins group
This user controls the DocTools of the Document Pipelines and the documents in
the queues. The group has the ALL_DPINFO policy. The password is set by
the dsadmin user, see Creating and Modifying Users on page 138.
Create and configure the policy, see Creating and Modifying Policies on
page 137.
2.
Create the user, see Checking, Creating and Modifying Users on page 137.
3.
Create and configure the user group and add the users and the policies, see
Checking, Creating and Modifying User Groups on page 139.
AR090701-ACN-EN-6
Administration Guide
135
Note: The standard policies are write-protected (read only) and cannot be
modified or deleted.
Description
Archive Administration
Archive Users
Summary of rights to control creation, configuration and deletion of users and groups and their associated policies.
Notifications
Summary of rights to control creation, configuration and deletion of notifications and events.
Policies
Important
Rights out of the following policy groups should no longer be used. These
rights are still available to ensure compatibility to policies created for former
versions of Archive and Storage Services (Archive Server).
Accounting
Administration Server
DPinfo
Scanning Client
Spawner
136
1.
Select Policies in the System object in the console tree to check, create, modify
and delete policies. All available policies are listed in the top area of the result
pane. In the bottom area the assigned rights are shown as a tree view.
2.
To check a policy, select it in the top area of the result pane. The assigned rights
are listed in the bottom area.
3.
AR090701-ACN-EN-6
8.5
Select Policies in the System object in the console tree. All available policies are
listed in the top area of the result pane.
2.
Click New Policy in the action pane. The window to create a new policy opens.
3.
4.
The Available Rights tree view shows all rights that are currently not associated
with the policy. Select a single right or a group of rights that should be assigned
to the policy and click Add >>.
5.
To remove a right or a group of rights, select it in the Assigned Rights tree view
and click << Remove.
Modifying a
policy
To modify a self-defined policy, select the policy in the top area of the result pane
and click Edit Policy in the action pane. Proceed in the same way as when creating a
new policy. The name of the policy cannot be changed.
Deleting a policy
To delete a self-defined policy, select the policy in the top area of the result pane and
click Delete in the action pane. The rights themselves are not lost, only the set of
them that makes up the policy. Pre-defined policies cannot be deleted.
See also:
Select Users and Groups in the System object in the console tree to check,
create, modify and delete users.
2.
Select the Users tab in the top area of the result pane to list all users.
AR090701-ACN-EN-6
Administration Guide
137
3.
To check a user, select the entry in the top area of the result pane. The groups
which the user is assigned to are listed in the bottom area.
4.
To create and modify a user, see Creating and Modifying Users on page 138.
Select Users and Groups in the System object in the console tree.
2.
Select the Users tab in the result pane. All available users are listed in the top
area of the result pane.
3.
Click New User in the action pane. The window to create a new user opens.
4.
Enter the user name and the password and check Global if the user should be
assigned to Global Users.
Username
User name for Archive and Storage Services. The name may be a maximum
of 14 characters in length. Spaces are not permitted. This name cannot be
changed subsequently.
Password
Password for the specified user.
Confirm password
Enter exactly the same input as you have already entered under Password.
Global
Select this check box to replicate the user to all known servers.
5.
6.
Select the groups the user should be assigned to. Click Finish.
Modifying user
settings
To modify a user's settings, select the user and click Properties in the action pane.
Proceed in the same way as when creating a new user. The name of the user cannot
be changed.
Deleting users
To delete a user, select the user and click Delete in the action pane.
See also:
138
AR090701-ACN-EN-6
8.6
Select Users and Groups in the System object in the console tree to check,
create, modify and delete user groups.
2.
Select the Groups tab in the top area of the result pane to list all groups.
3.
To check a user group, select the entry in the top area of the result pane.
Depending on the tab you selected, additional information is listed in the
bottom area:
Members tab
List of users who are members of the selected group.
Policies tab
List of policies which are assigned to the selected group.
4.
To create and modify a user group, see Creating and Modifying User Groups
on page 139.
Select Users and Groups in the System object in the console tree.
2.
Select the Groups tab in the top area of the result pane. All available groups are
listed in the top area of the result pane.
3.
Click New Group in the action pane. The window to create a new group opens.
4.
Enter the name of the group and select Global if the members of the group
should be assigned to Global Users.
Name
A name that clearly identifies each user group. The name may be a
maximum of 14 characters in length. Spaces are not permitted.
Global
Select this check box to replicate the users of this group to all known servers.
Implicit
Implicit groups are used for the central administration of clients. If a group is
configured as implicit, all users are automatically members. If users who
have not been explicitly assigned to a user group log on to a client, they are
considered to be members of the implicit group and the client configuration
corresponding to the implicit group is used. If several implicit groups are
defined, the user at the client can select which profile is to be used.
AR090701-ACN-EN-6
Administration Guide
139
5.
Click Finish.
Modifying group
settings
To modify the settings of a group, select it and click Properties in the action pane.
Proceed in the same way as when creating a user group.
Deleting a user
group
To delete a user group, select it and click Delete in the action pane. Neither users
nor policies are lost, only the assignments are deleted.
See also:
Removing users
and policies
1.
Select the user group in the top area of the result pane for which users and
policies should be added.
2.
Select the Members tab in the bottom area. Click Add User in the action pane. A
window with available users opens.
3.
Select the users which should be added to the group and click OK.
4.
Select the Policies tab in the bottom area. Click Add Policy in the action pane. A
window with available policies opens.
5.
Select the policies which should be added to the group and click OK.
To remove a user or a policy, select it in the bottom area and click Remove in the
action pane.
140
1.
Select Users and Groups in the System object of the console tree.
2.
Select the Users tab in the top area of the result pane and select the user. Note
the groups listed under Members in the bottom area.
3.
Select the Groups tab in the top area of the result pane and select Policies in the
bottom area of the result pane.
AR090701-ACN-EN-6
8.7
4.
Select one of the groups you noted and note also the assigned policies listed in
the bottom area.
5.
6.
Select one of the policies you noted. The associated groups of rights and
individual rights appear in the bottom area. Make a note of these.
7.
Repeat step 6 for all policies that you noted for the user group.
8.
Repeat steps 4 to 7 for the other user groups which the user is a member of.
AR090701-ACN-EN-6
Administration Guide
141
Chapter 9
2.
3.
Click New SAP System in the action pane. A window to configure the SAP
system opens.
4.
AR090701-ACN-EN-6
143
Feedback user
Feedback user in the SAP system. The cfbx process sends a notification
message back to this SAP user after a document has been archived using
asynchronous archiving. A separate feedback user (CPIC type) should be set
up in the SAP system for this purpose.
Password
Password for the SAP R/3 feedback user. This is entered, but not displayed,
when the SAP system is configured. The password for the feedback user
must be identical in the SAP system and in Archive Administration.
Instance number
Two-digit instance number for the SAP system. The value 00 is usually used
here. It is required for the sapdpxx service on the gateway server in order to
determine the number of the TCP/IP port (xx = instance number) being
used.
Codepage
Relevant only for languages which require a 16-bit character set for display
purposes or when different character set standards are employed in different
computer environments. A four-digit number specifies the type of character
set which is used by the RFCs. The default is 1100 for the 8-bit character set.
To determine the codepage of the SAP system, log into the SAPGUI and
select System > Status. If the SAP system uses another codepage, two
conversion files must be generated in SAP transaction sm59, one from the
SAP codepage to 1100 and the other in the opposite direction. Copy these
files to the Archive and Storage Services directory <OT config
AS>/r3config and declare the codepage number here in Archive
Administration. The cfbx DocTool reads these files.
Language
Language of the SAP system; default is English. If the SAP system is
installed exclusively in another language, enter the SAP language code here.
Description
Here you can enter an optional description (restricted to 255 characters).
Test Connection
Click this button to test the connection to the SAP system. A window opens
and shows the test result.
5.
Modifying SAP
systems
Deleting SAP
systems
Testing a SAP
connection
144
Click Finish.
To modify a SAP system, select it in the SAP Systems tab and click Properties in the
action pane. Proceed in the same way as when creating a SAP system.
To delete a SAP system, select it in the SAP Systems tab and click Delete in the
action pane.
To test a SAP connection, select it in the SAP Systems tab and click Test SAP
Connection in the action pane. A window opens and shows the test result.
AR090701-ACN-EN-6
9.2
2.
3.
Click New SAP Gateway in the action pane. A window to configure the SAP
gateway opens.
4.
AR090701-ACN-EN-6
Administration Guide
145
Gateway number
Two-digit instance number for the SAP system. The value 00 is usually used
here. It is required for the sapgwxx service on the gateway server in order to
determine the number of the TCP/IP port (xx = instance number; e.g.
instance number = 00, sapgw00, port 3300).
5.
Modifying SAP
gateways
Deleting SAP
gateways
Click Finish.
To modify a SAP gateway, select it in the SAP Gateways tab and click Properties in
the action pane. Proceed in the same way as when creating a SAP gateway.
To delete a SAP gateway, select it in the SAP Gateways tab and click Delete in the
action pane.
The gateway to the SAP system is created and configured, see Creating and
Modifying SAP Gateways on page 145.
The SAP system is created and configured, see Creating and Modifying SAP
Systems on page 143.
Proceed as follows:
1.
2.
Select the Archive Assignments tab in the result pane. All archives are listed in
the top area of the result pane.
3.
Select the archive to which a SAP system should be assigned. Keep in mind, that
SAP system can be assigned only to original archives.
4.
Click Add SAP system in the action pane. A window to configure the SAP
archive assignment opens.
5.
146
AR090701-ACN-EN-6
9.3
Protocol
Communication protocol between the SAP application and Archive and
Storage Services. Fully configured protocols, which can be transported in the
SAP system, are supplied with the SAP products of Open Text.
Use as default SID
Selects the SAP system to which the return message with the barcode and
document ID is sent in the Late Storing with Barcode scenario. This setting
is only relevant if the archive is configured on multiple SAP applications, e.g.
on a test and a production system.
6.
Modifying
archive
assignments
Deleting archive
assignments
Click Finish.
To modify an archive assignment, select it in the bottom area of the result pane and
click Properties in the action pane. Proceed in the same way as when assigning a
SAP system.
To delete an archive assignment, select it in the bottom area of the result pane and
click Delete in the action pane.
AR090701-ACN-EN-6
Administration Guide
147
Chapter 10
Archive in which the documents are stored, scenario and conditions, workflow:
see Adding and Modifying Archive Modes on page 151.
Scan station to which an archive mode applies: see Adding a New Scan Host
and Assigning Archive Modes on page 154.
If SAP is the leading application: the SAP system to which the barcode and the
document ID are sent, the communication protocol and version of the
ArchiveLink interface: see Assigning a SAP System to a Logical Archive on
page 146.
For more information on archiving scenarios, see Scenarios and Archive Modes
on page 149.
Conditions
Workflow
Extended Conditions
AR090701-ACN-EN-6
149
Scenario (Opcode)
Conditions
Workflow
Extended Conditions
Late_Archiving
BARCODE
n/a
n/a
Specific scenarios
Early_Archiving
n/a
Late_R3_Indexing
n/a
Early_R3_Indexing
n/a
DirectDS_R3
n/a
Conditions
Workflow
Extended Conditions
Pre-indexing
Documents are indexed in Enterprise Scan first. The archiving process archives the document to the Transactional Content Processing Servers.
DMS_Indexing
n/a
n/a
n/a
n/a
<processname>
PS_MODE LEA_9_7_0
PS_ENCODING_BASE64_UTF8N 1
n/a
n/a
BIZ_ENCODING_BASE64_UTF8N
BIZ_APPLICATION<name>
User:
key = BIZ_DOC_RT_USER
value = <domain>\<name>
User group:
key = BIZ_DOC_RT_GROUP
value = <domain>\<name>
Late indexing to Process Inbox of TCP GUI
Archives the document to the Transactional Content Processing Servers and starts a process
with the document in the TCP GUI inbox. Documents are indexed in TCP.
DMS_Indexing
n/a
<processname>
PS_MODE LEA_9_7_0
PS_ENCODING_BASE64_UTF8N 1
150
AR090701-ACN-EN-6
Scenario
(Opcode)
Conditions
Workflow
Extended Conditions
PILE_INDEX
n/a
BIZ_ENCODING_BASE64_UTF8N
BIZ_REG_INDEXING
PILE_INDEX
n/a
BIZ_ENCODING_BASE64_UTF8N
BIZ_APPLICATION<name>
User:
key = BIZ_DOC_RT_USER
value = <domain>\<name>
User group:
key = BIZ_DOC_RT_GROUP
value = <domain>\<group>
Late indexing for plug-in event
Archives the document to the Transactional Content Processing Servers and calls a plug-in
event in the TCP Application Server. Documents are indexed in TCP.
DMS_Indexing
PILE_INDEX
n/a
BIZ_ENCODING_BASE64_UTF8N
BIZ_APPLICATION<name>
BIZ_PLG_EVENT=<plugin>:<event>
2.
3.
4.
AR090701-ACN-EN-6
Administration Guide
151
5.
Click Finish.
Thus you can create several archive modes, e.g. if you want to assign document
types to different archives.
Modifying an
archive mode
To modify the settings of an archive mode, select it in the Archive Modes tab in the
result pane and click Properties in the action pane. Proceed in the same way as
when adding an archive mode. Details: Archive Mode Settings on page 152
Deleting an
archive mode
To delete an archive mode, select it in the Archive Modes tab in the result pane.
Click Delete in the action pane. If the archive mode is assigned to a scan host, it
must be removed first, see Removing Assigned Archive Modes on page 156.
See also:
Adding a New Scan Host and Assigning Archive Modes on page 154
152
AR090701-ACN-EN-6
Protocol
Protocol that is used for the communication with the pipeline host. For security
reasons, HTTPS is recommended.
Pipeline host
The computer where the Document Pipeline is installed.
Port
Port that is used for the communication with the pipeline host. Use 8080 for
HTTP or 8090 for HTTPS.
Advanced tab
Workflow
Name of the workflow that will be started in BPM Server when the document is
archived. For details concerning the creation of workflows, see the BPM Server
documentation.
Conditions
These archiving conditions are available:
R3EARLY
Early archiving with SAP.
BARCODE
If this option is activated, the document can only be archived if a barcode was
recognized. For Late Archiving, this is mandatory. For Early Archiving, the
behavior depends on your business process:
PILE_INDEX
Sorts the archived documents into piles for indexing according to certain
criteria. For example, the pile can be assigned to a document group, and the
access to a document pile in a leading application like Transactional Content
Processing can be restricted to a certain user group.
INDEXING
Indexing is done manually.
ENDORSER
Special setting for certain scanners. Only documents with a stamp are stored.
Extended Conditions
This table is used to hand over archiving conditions to the COMMANDS file, for
example, to provide the user name so that the information is sent to the correct
task inbox. The extended conditions are key-value pairs. Click Add to enter a
AR090701-ACN-EN-6
Administration Guide
153
new condition. To modify a extended condition select it and click Edit. Click
Remove to delete the selected condition.
See also:
Adding a New Scan Host and Assigning Archive Modes on page 154
2.
3.
4.
Click Add Scan Host in the action pane. A window with available scan hosts
opens.
5.
See also:
Adding a New Scan Host and Assigning Archive Modes on page 154
154
1.
2.
3.
4.
AR090701-ACN-EN-6
Deleting an
archive mode
5.
Click Finish.
6.
To delete an archive mode, select it in the Archive Mode tab in the result pane. Click
Delete in the action pane. If the archive mode is assigned to a scan host, it must be
removed first, see Adding a New Scan Host and Assigning Archive Modes on
page 154.
See also:
2.
3.
4.
Click Add Archive Mode in the action pane. A window with available archive
modes opens.
5.
See also:
AR090701-ACN-EN-6
Administration Guide
155
2.
3.
4.
5.
156
1.
2.
3.
Select the scan host in the top area of the result pane.
4.
Select the archive mode which you want to remove in the bottom area of the
result pane.
5.
6.
Click OK to confirm.
AR090701-ACN-EN-6
Chapter 11
2.
3.
Example:
<host> = host03100
<port> = 8080
<secure port> = 8090
<context> = /archive
http://host03100:8080/archive?...
https://host03100:8090/archive?...
AR090701-ACN-EN-6
157
4.
2.
3.
4.
To modify the settings of a known server, proceed in the same way as when
adding a known server. Additional to the New known server window, you get
more information of the known server:
Version
The version number of the known server.
Startup time
The date and time when the known server was started last.
Build Information
Detailed information of the software build and revision of the known server.
Description
Shows the short description of the known server, if available.
5.
Modifying known
server settings
Click OK.
To modify the settings of a known server, select it in the top area of the result pane
and click Properties in the action pane. Proceed in the same way as when adding a
known server.
Encryption certificates
Timestamp certificates
System keys
Proceed as follows:
158
AR090701-ACN-EN-6
1.
2.
3.
AR090701-ACN-EN-6
Administration Guide
159
Chapter 12
Increased availability of the archive, since the Remote Standby Server is accessed
when the original server in not available.
Backup media are located in greater distance from the original archive server,
providing security in case of fire, earthquake, and other catastrophes.
AR090701-ACN-EN-6
161
A document may have been stored or modified on the original server, but not
yet transmitted to the Remote Standby Server.
2.
Add the Remote Standby Server as known server (see Adding Known Servers
on page 157). Ensure that Remote server is allowed to replicate from this host
is set.
3.
Click OK. The Remote Standby Server is listed in Known Servers in the
Environment object of the console tree.
162
AR090701-ACN-EN-6
See also:
2.
Add the original server as known server (see Adding Known Servers on
page 157). Remote server is allowed to replicate from this host must not be set.
Unless the two servers replicate each others archives over cross.
3.
Click OK.
4.
5.
Select External Archives in the Archives object in the console tree. All logical
archives of the known servers are listed.
6.
Select the archive which should be replicated in the result pane and click
Replicate in the action pane.
The archive is moved to Replicated Archives. A message is shown, that the
pools of the replicated archive must be configured (see Backups on a Remote
Standby Server on page 165).
7.
Select the replicated archive and select the Server Priorities tab in the result
pane.
8.
Click Change Server Priorities in the action pane. A wizard to assign the
sequence of server priorities opens; for details, see Configuring the Server
Priorities on page 71.
9.
Assign the server priorities. The order should be: first the Remote Standby
Server, then the original server(s).
Select the replicated archive and select the Pools tab in the result pane.
2.
Select the first pool in the top area. In the bottom area, the assigned volumes are
listed. Volumes that are not configured are labeled with the missing type.
3.
AR090701-ACN-EN-6
Select the first missing volume and click Attach or Create Missing
Volume in the action pane.
Administration Guide
163
b.
Enter Mount Path and Device Type and click OK. Repeat this for every
missing volume.
ISO volumes
ISO volumes will be replicated by the asynchronously running
Synchronize_Replicates job (see also ISO Volumes on page 165).
a.
Select Replicated Archives in the console tree and select the designated
archive.
b.
Select a replicated pool in the console tree and click Properties in the
action pane.
c.
Enter settings (see Write At-once Pool (ISO) Settings on page 76) for
Number of Backups to n (n>0, for volumes on HDWO: n=1) and select
the Backup Jukebox.
Select Replicated Archives in the console tree and select the designated
archive.
b.
Select a replicated pool in the console tree and click Properties in the
action pane.
c.
Enter settings (see Write Incremental (IXW) Pool Settings on page 78)
for Number of Backups to n (n>0) and select the Backup Jukebox.
164
1.
2.
Select the known server which disk buffer needs to be replicated in the top area
of the result pane. The assigned disk buffers are listen in the bottom area of the
result pane.
3.
Select the disk buffer which needs to be replicated and click Replicate in the
action pane.
4.
AR090701-ACN-EN-6
A message is shown, that the disk buffer gets replicated and a volume has to be
attached to this disk buffer.
5.
6.
Select the Replicated Disk Buffers tab in the result pane. The replicated buffers
are listed in the top area.
7.
Select the replicated buffer in the top area. In the bottom area, the assigned
volumes are listed. Volumes which are not configured are labeled with the
missing type.
8.
Select the first missing volume and click Attach or Create Missing Volume in
the action pane.
9.
Enter Mount Path and click OK. Repeat this for every missing volume.
2.
Select Replicated Archives in the console tree and select the designated archive.
3.
Select a replicated pool in the console tree and click Properties in the action
pane.
4.
Enter settings (see Write At-once Pool (ISO) Settings on page 76) for Number
of Backups to n (n>0, for volumes on HDWO: n=1) and select the Backup
Jukebox.
5.
AR090701-ACN-EN-6
Administration Guide
165
2.
Select Replicated Archives in the console tree and select the designated archive.
3.
Select a replicated pool in the console tree and click Properties in the action
pane.
4.
Enter settings (see Write Incremental (IXW) Pool Settings on page 78) for
Number of Backups to n (n>0) and select the Backup Jukebox.
5.
166
1.
Write lock the original volume to avoid write access, see To write lock the
original volume: on page 167.
2.
3.
Export and remove the replicated volume, see To export and remove the
replicated volume: on page 167.
4.
In case of IXW: insert a new volume for replication, see To export and remove
the replicated volume: on page 167.
5.
Remove the original volume and insert the replicate volume, see To remove the
defective original volume and insert the replicate volume: on page 168.
AR090701-ACN-EN-6
6.
Update the new replicated volume, see To update the new replicated volume:
on page 169.
Note: For double-sided media, you have to execute the following steps for both
sides!
2.
Select the original archive in the console tree and the designated pool in result
pane.
3.
Select the volume to be restored in the bottom area of the result pane and click
Properties in the action pane.
4.
Select Write locked to avoid write access. Perform this step also for the second
side of a double-sided medium.
2.
3.
Select the Synchronize_Replicates job in the result pane and click Start in the
action pane.
This starts the job, and the Remote Standby Server requests the data that has not
been backed up from the original server.
Important
If this job is executed during office times, make sure there is enough
bandwidth between the original and remote standby server for the
replicated data available.
4.
Check whether the job run successfully (see Checking the Execution of Jobs
on page 88). If it was not possible to back up all data, break off here and contact
Open Text Customer Support.
2.
Select the replicated archive in the console tree and the designated pool in result
pane.
3.
4.
Open a command line and determine the ID of the IXW (ISO) medium
(<WORM_ID>):
AR090701-ACN-EN-6
Administration Guide
167
5.
Select the jukebox in Devices in the Infrastructure object in the console tree.
6.
Select the designated volume and click Eject Volume in the action pane.
7.
8.
Export also the IXW (ISO) volume(s) from the STORM configuration.
a.
b.
c.
Insert the new media in the jukebox of the Remote Standby Server.
2.
Select the jukebox in Devices in the Infrastructure object in the console tree and
click Insert Volume in the action pane.
3.
Select the new volume (status blank) and click Initialize Backup in the action
pane. A window with original volumes opens.
4.
To remove the defective original volume and insert the replicate volume:
1.
2.
Select the jukebox in Devices in the Infrastructure object in the console tree.
3.
Select the defective volume in the bottom area of the result pane and click Eject
Volume in the action pane.
4.
5.
6.
168
a.
Insert the replicate IXW (ISO) medium in the jukebox of the original archive
server.
b.
Select the jukebox in Devices in the Infrastructure object in the console tree
and click Insert Volume in the action pane.
c.
Select the medium (status bak) and select Restore in the action pane.
This makes the backup volume available as the original volume.
Select the designate archive in the console tree and the designated pool in the
result pane.
AR090701-ACN-EN-6
7.
Select the backup volume in the bottom area of the result pane and select Clear
Backup Status in the action pane.
2.
3.
Select the Synchronize_Replicates job in the result pane and click Start in the
action pane.
This starts the job, and the Remote Standby Server requests the data that has not
been backed up from the original server.
Important
If this job is executed during office times, make sure there is enough
bandwidth between the original and remote standby server for the
replicated data available.
4.
Check whether the job run successfully (see Checking the Execution of Jobs
on page 88). If it was not possible to back up the data, break off here and contact
Open Text Customer Support.
Export and remove the replicated volume, see To export and remove the
replicated volume: on page 169.
2.
In case of IXW: insert a new volume for replication, see In case of IXW: insert
and initialize a new volume for replication on page 170.
3.
Update the new replicated volume, see To update the new replicated volume:
on page 170.
Note: For double sided media, you have to execute the following steps for both
sides!
2.
Select the replicated archive in the console tree and the designated pool in result
pane.
AR090701-ACN-EN-6
Administration Guide
169
3.
4.
Open a command line and determine the ID of the IXW (ISO) medium
(<WORM_ID>):
cdadm survey v +sodi o=<ixwName>
Note: vid (option +i) is required later
5.
Select the jukebox in Devices in the Infrastructure object in the console tree.
6.
Select the designated volume and click Eject Volume in the action pane.
7.
8.
Export also the IXW (ISO) volume(s) from the STORM configuration.
a.
b.
c.
Insert the new media in the jukebox of the Remote Standby Server.
2.
Select the jukebox in Devices in the Infrastructure object in the console tree and
click Insert Volume in the action pane.
3.
Select the new volume (status blank) and click Initialize Backup in the action
pane. A window with original volumes opens.
4.
2.
3.
Select the Synchronize_Replicates job in the result pane and click Start in the
action pane.
This starts the job, and the Remote Standby Server requests the data that has not
been backed up from the original server.
Important
If this job is executed during office times, make sure there is enough
bandwidth between the original and remote standby server for the
replicated data available.
170
AR090701-ACN-EN-6
4.
AR090701-ACN-EN-6
Check whether the job run successfully (see Checking the Execution of Jobs
on page 88). If it was not possible to back up the data, break off here and contact
Open Text Customer Support.
Administration Guide
171
Chapter 13
AR090701-ACN-EN-6
173
174
AR090701-ACN-EN-6
Description
Attribute Search
VerifySig
Deletion behavior
Audit
There are no audit trails for documents as long as they are not
transferred to the related archive server.
Update Document
migrateDocument
Versioning of components
AR090701-ACN-EN-6
Administration Guide
175
Topic
Description
Application type
Maintenance mode
Disabled archives
1.
4.
5.
6.
7.
176
Timestamp verification
A mandatory signature check before reading can be configured for each archive. This setting is ignored for cached documents.
Encryption, Compression,
Single Instance, Blobs
Content on the cache server gets neither encrypted nor compressed, regardless of the archive setting.
Destroy
AR090701-ACN-EN-6
2.
3.
Example:
<host> = csrv03100
<port> = 8080
AR090701-ACN-EN-6
Administration Guide
177
4.
Click Finish.
5.
Configure the Copy_Back job. See also Configuring Jobs and Checking Job
Protocol on page 83 and Table 6-3 on page 85.
Note: Be aware that this job is disabled by default. In case you intend to
use the "write back" mode, enable this job.
6.
Next step:
2.
Select the cache server you want to modify and click Properties in the action
pane.
3.
Modify the cache server parameters. See also Adding a Cache Server to the
Environment on page 177.
4.
Click Finish.
178
1.
Detach the cache server from all logical archives it is attached to. See Deleting
an Assigned Cache Server on page 182.
2.
3.
Select the Copy_Back job which is assigned to the cache server and click Start in
the action pane. The cached documents are transferred to the related archive
server. A window to watch the transfer status opens.
AR090701-ACN-EN-6
Caution
This step ensures that pending write-back documents are transferred to
the related archive server. If this step fails, the cache server must not be
deleted before the problem is solved.
4.
5.
6.
7.
Click Yes to confirm. The cache server is deleted from the environment.
AR090701-ACN-EN-6
Administration Guide
179
Important
The subnet configuration will only be evaluated by our intelligent clients.
Note: Archive Cache Services keeps track of any relevant changes to the
archive settings and is synchronized automatically.
2.
Select the logical archive which a the cache server should get access to.
3.
Select the Cache Servers tab in the top area of the result pane and click Assign
Cache Server.
4.
Enter settings:
Cache server
The name of the cache server assigned to this archive.
Caching enabled
If caching is enabled, one of the following modes can be set.
Write through
The cache server will operate in write through mode for this logical
archive.
Write back
The cache server will operate in write back mode for this logical
archive.
Note: If caching is disabled, the cache server does not cache any new
documents for this logical archive. Instead, it acts as a proxy and forwards
all requests to Archive and Storage Services. Outstanding write back
documents can still be retrieved.
5.
Click Next and enter settings for subnet address and subnet mask/length.
The combination of subnet mask and subnet address specifies a subnet. Clients
residing in this subnet will use the selected cache server. Typically, the cache
server resides in the same subnet. It is possible to add more than one subnet
definition to a cache server, see also Subnet Assignment of a Cache Server on
page 179.
180
AR090701-ACN-EN-6
Several subnets
If a client belongs to more than one subnet, it will use the cache server that
is assigned to the best matching subnet.
Subnet address
Specifies the address for the subnet in which a cache server is located. At
least the first part of the address (e.g. NNN.0.0.0 in case of IPv4) must be
specified. A gateway must be established for each subnet.
IPv6
If you use IPv6, do not enclose the IPv6 address with square brackets.
Subnet mask / Length
Specifies the sections of the IP address that are evaluated. You can restrict
the evaluation to individual bits of the subnet address.
IPv4
Enter a subnet mask, for example 255.255.255.0.
IPv6
Enter the address length, i.e. the number of relevant bits, for example 64.
6.
Modifying cache
server settings
To modify the settings of a cache server, select it in the top area of the result pane
and click Properties in the action pane. Proceed in the same way as when
configuring a cache server.
Modifying subnet
definitions of a
cache server
1.
2.
Select the logical archive which the cache server is assigned to.
3.
Select the Cache Servers tab in the top area of the result pane and select the
cache server. In the bottom area, the subnet definitions are listed.
4.
Click New Subnet Definition in the action pane and enter settings for subnet
mask and subnet address. See also Configuring Archive Access Via a Cache
Server on page 180
5.
Click Finish.
To modify the subnet definitions of a cache server, select it in the bottom area and
click Properties in the action pane. Proceed in the same way as when adding a
subnet definition.
AR090701-ACN-EN-6
Administration Guide
181
182
1.
2.
Select the logical archive which the cache server is assigned to.
3.
Select the Cache Servers tab in the top area of the result pane and select the
cache server you want to delete.
4.
5.
Deselect enabled to stop caching. See also Configuring Archive Access Via a
Cache Server on page 180.
6.
7.
Select the Copy_Back job which is assigned to the cache server you want to
delete and click Start. The cached documents are transferred to the related
archive server. A window to watch the transfer status opens.
8.
Select the cache server you want to delete again and click Delete in the action
pane.
9.
Click Yes to confirm. The cache server is no longer assigned to the logical
archive.
AR090701-ACN-EN-6
Part 3
Maintenance
Chapter 14
Export and
import
After the IXW volume is successfully converted to an ISO 9660 volume the
corresponding inodes are deleted from inode and hash files. So the size of the inode
and hash files can be kept small while providing fast access to the volume. If you
plan to use finalization consequently from the beginning, you may configure smaller
inode and hash files at installation time. It is not possible to reduce the size of inode
and hash files at a later time except by re-importing all volumes.
Regarding export and import, finalized volumes are handled like other ISO 9660
volumes. No export from and time-consuming import to the IXW file system
information is required.
Flags
Backups
AR090701-ACN-EN-6
185
You can enable automatic finalization and set the conditions either when creating
the pool or at a later time.
See also:
2.
Select the original archive with the IXW pool the volume is assigned to.
3.
Select the designated IXW pool in the top area and the volume to be finalized in
the bottom area of the result pane.
4.
5.
Click OK.
A protocol window shows the progress and the result of the finalization. To
check the protocol later on, see Checking Utilities Protocols on page 222.
To check the volume status, see Checking the Finalization Status on page 187.
See also:
186
1.
2.
Select the original archive with the IXW pool that should be finalized.
3.
Select the designated IXW pool in the top area of the result pane.
4.
AR090701-ACN-EN-6
5.
Enter settings:
Last write access
Defines the number of days since the last write access.
Filling level of volume
Defines the filling level in percent at which an IXW volume should be
finalized. For IXW volumes, the Storage Manager automatically calculates
and reserves the storage space required for the ISO file system. The filling
level therefore refers to the space remaining on the IXW volume.
6.
Click OK.
A protocol window shows the progress and the result of the finalization. To
check the protocol later on, see Checking Utilities Protocols on page 222.
To check the status of the volumes, see Checking the Finalization Status on
page 187.
See also:
Select Devices in the Infrastructure object in the console tree. All available
devices are listed in the top area of the result pane.
2.
Select the designated jukebox device. The attached volumes are listed in the
bottom area of the result pane.
3.
Check the entry in the Final State column of the finalized volume(s), it must be
fin. The entry in the File System column of the volume must be ISO.
See also:
AR090701-ACN-EN-6
Administration Guide
187
Select Devices in the Infrastructure object in the console tree. All available
devices are listed in the top area of the result pane.
2.
Select the designated device. The attached volumes are listed in the bottom area
of the result pane.
3.
4.
5.
Click OK.
The Final state of the volume is set to fin_err.
Note: The failure of the finalization does not affect the security of the data on
the medium!
See also:
188
AR090701-ACN-EN-6
Document
deletion
When the leading application sends the delete request for a document, the archive
system works as follows:
Single files (from HDSK, FS, VI pools)
1.
Archive and Storage Services deletes the index information of the document
from the archive database. The document cannot be retrieved any longer, the
document is logically deleted.2
2.
Archive and Storage Services propagates the delete request to the storage
system.
3.
The storage system deletes the document physically and the client gets a
success message. Not all storage systems release the free space after deletion
for new documents (see documentation for your storage system). If deletion
is not possible for technical reasons, the information with the storage
location of the document is written into the TO_BE_DELETED.log file. The
administrator can configure a notification.
Note: If the state of an FS volume (NetApp or NASFiler) is set to write
locked, components will not be removed from this volume when one
tries to delete them from Document Service. The case will be handled as
if the removal was prevented by the hardware (entry in
TO_BE_DELETED.log, notification, additional delete from archive
database if the request was a docDelete).
Archive and Storage Services deletes the index information of the document
from the archive database. The document cannot be retrieved any longer.
2.
The delete request is not propagated to the storage system and the content
remains in the storage. Only logically empty volumes can be removed in a
separate step.
Note on IXW pools
Volumes of IXW pools are regarded as container files. Although the documents
are written as single files to the medium, they cannot be deleted individually,
neither from finalized volumes (which are ISO volumes) nor from nonfinalized volumes using the IXW file system information.
Delete empty
partitions
If documents with retention periods are stored in container files, the container
volume gets the retention period of the document with the longest retention. The
retention period of the volume is propagated to the storage subsystem if possible.
The volume and the content of all its documents can be deleted only if all
documents are deleted from the archive database. The volume is purged by the
Delete_Empty_Volumes job. It checks for logically empty volumes meeting the
conditions defined in Runtime and Core Services > Configuration > Archive
Server:
AS.ADMS.JOBS.DEL_VOL_NOT_MODIFIED_SINCE_DAYS
Deletion of components works differently: If the storage system cannot delete a component physically, the component
remains, it is not deleted logically.
AR090701-ACN-EN-6
Administration Guide
189
AS.ADMS.JOBS.DEL_VOL_AT_LEAST_FULL
and deletes these volumes automatically. IXW volumes are only considered if they
are physically full at the given level and logically empty. You can schedule the job
and run it automatically, or use the List Empty Volumes/Images utility to display
the empty volumes first and then start the deletion job manually (see Checking for
Empty Volumes and Deleting Them Manually on page 190).
Important
To ensure correct deletion, you must synchronize the clocks of the archive
server and the storage subsystem, including the devices for replication.
Summary
Pool type
Delete from
archive DB
Destroy content
Single file
storage
HDSK
x (Destroy unrecoverable)
FS and VI
ISO, IXW
on optical
media
x (destroy media)
ISO on
storage
system
Container
file storage
Notes:
Not all storage systems release the space of the deleted volumes (see
documentation for your storage system).
190
1.
2.
Click List Empty Volumes in the action pane. A window to start the utility
opens.
AR090701-ACN-EN-6
3.
Enter settings.
Not modified since xx days
Number of days since the last modification. The parameter prevents that the
volume or image can be deleted very soon after the last document is deleted.
More than xx percent full
Only relevant for non-finalized IXW volumes. The parameter ensures that
the volume is filled with data at the given percentage (but logically, it is
empty).
4.
5.
6.
Select the Delete_Empty_Volumes job and click Start in the action pane.
7.
2.
Select Devices in the Infrastructure object in the console tree. In the Servers
tab, open the Devices directory and check the jukeboxes for volumes with
the name XXXX. These are the deleted volumes.
Important
On double-sided media, check that both volumes are deleted.
AR090701-ACN-EN-6
Administration Guide
191
b.
Select the designated jukebox in the top area of the console tree. Check the
volume list in the bottom area of the result pane for volumes with the name
XXXX.
c.
Select the XXXX volume and click Eject Volume in the action pane.
During export, the entries about documents and their components on the volume
are deleted from the archive database. The volume gets the internal status exported
and is treated as nonexistent. After that, you remove the optical medium together
with its local backups from the jukebox. The database entries can be restored by
importing the volume.
For IXW media (WORM or UDO), consider the finalization status. When nonfinalized IXW volumes are exported, the document information is deleted from the
database but the file system information (inode and hashfiles) are not updated.
Therefore, we recommend finalizing IXW volumes before export.
Important
Do not use the Export utility for volumes belonging to archives that are
configured for single instance archiving (SIA). A SIA reference to a
document may be created long after the document itself has been stored;
the reference is stored on a newer medium than the document. SIA
documents can be exported only when all references are outdated but the
Export utility does not analyze references to the documents.
Proceed as follows:
192
1.
2.
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
AR090701-ACN-EN-6
3.
4.
5.
6.
Click Run. A protocol window shows the progress and the result of the export.
The export process may take some time.
7.
If the medium is a double-sided optical one, export the second volume in the
same way.
8.
See also:
AR090701-ACN-EN-6
Administration Guide
193
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
Select the Import ISO Volume utility in the result pane and click Run in the
action pane.
3.
Enter settings:
Volume name
Name of the volume(s) to be imported.
STORM server
Name of the STORM server by which the imported volume is managed.
Backup
The volume is imported as a backup volume and entered in the list of
volumes as a backup type. Not available for ISO volumes.
Arguments
Additional arguments. Not required for normal import, only for special tasks
like moving documents to another logical archive. Contact Open Text
Customer Support.
4.
Click Run.
The import process may take some time. A message box shows the progress of
the import.
5.
6.
7.
8.
9.
See also:
194
AR090701-ACN-EN-6
Proceed as follows:
1.
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
Select the Import IXW Or Finalized Volume(s) utility in the result pane and
click Run in the action pane.
3.
Enter settings:
Volume name(s)
Name of the volume(s) to be imported.
STORM server
Name of the STORM server by which the imported volume is managed.
Import original volumes
The volumes are imported as original volumes.
Import backup partitions (for use in replicate archives only!)
The volumes are imported as backup volumes and entered in the list of
volumes as backup type.
Set read-only flag after import
The volume is imported as a write-protected volume.
Arguments
Additional Arguments. Not required for normal import, only for special
tasks like moving documents to another logical archive. Contact Open Text
Customer Support.
4.
Click Run.
The import process may take some time. A message box shows the progress of
the import.
5.
6.
7.
8.
9.
See also:
AR090701-ACN-EN-6
Administration Guide
195
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
Select the Import HD Volume utility in the result pane and click Run in the
action pane.
3.
Enter settings:
Volume name
Name of the hard disk volume to be imported.
Base directory
Mount path of the volume.
Backup
The volume is imported as a backup volume and entered in the list of
volumes as a backup type.
Read-only
The volume is imported as a write-protected volume.
Arguments
Additional Arguments. Not required for normal import, only for special
tasks like moving documents to another logical archive. Contact Open Text
Customer Support.
4.
Click Run.
The import process may take some time. A message box shows the progress of
the import.
196
5.
6.
7.
8.
9.
AR090701-ACN-EN-6
See also:
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
Select the Import GS Volume utility in the result pane and click Run in the
action pane.
3.
Enter settings:
Volume name
Name of the hard disk volume to be imported.
Base directory
Mount path of the volume.
Read-only
The volume is imported as a write-protected volume.
Arguments
Additional arguments. Not required for normal import, only for special tasks
like moving documents to another logical archive. Contact Open Text
Customer Support.
4.
Click Run.
The import process may take some time. A message box shows the progress of
the import.
5.
6.
7.
8.
9.
See also:
AR090701-ACN-EN-6
Administration Guide
197
Checking volumes
You can start the utilities in the System object in the console tree. When the utility is
started, a message window shows the progress of the utility.
after restoring an original volume from the backup, in particular, after restoring
IXW volumes,
The volume to be checked must be online. You can only check the volume, or try to
repair inconsistencies.
Proceed as follows:
1.
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
3.
4.
Type the volume name and specify how inconsistencies are to be handled.
Volume
Name of the volume that is to be checked.
copy document/component from other partition
The utility attempts to find the missing component on another volume. If the
component is found, it is copied to the checked volume. If not, the
component entry is deleted from the database, i.e. the component is
exported.
198
AR090701-ACN-EN-6
export component
The database entry for the missing component on the checked volume is
deleted.
Repair, if needed
Check this box if you really want to repair the inconsistencies.
If the option is deactivated, the test is performed and the result is displayed.
Nothing is copied and no changes are made to the database.
Important
Use this repair option only if you are sure that you do not need the
missing documents any longer! You may lose references to
document components that are still stored somewhere in the archive.
If in doubt, contact Open Text Customer Support.
5.
Click Run.
A protocol window shows the progress and the result of the check.
See also:
The volume to be checked must be online. You can only check the volume, or try to
repair inconsistencies.
Proceed as follows:
1.
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
3.
4.
Type the volume name and specify how documents missing in the database are
to be handled.
AR090701-ACN-EN-6
Administration Guide
199
Volume
Name of the volume that is to be checked.
Import documents if they are not in the database
Missing document or component entries are imported into the database.
5.
Click Run.
A protocol window shows the progress and the result of the check.
See also:
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
3.
4.
Enter the document ID, the type and select whether the document should be
repaired.
DocID
Type the document ID accordingly to the Type setting.
You can determine the string form of the document ID by searching for the
document in the application (e.g. on document type and object type) and
displaying the document information in Windows Viewer or in Java Viewer.
Type
Select the type of document ID. The ID can be entered in numerical (Number)
or string (String) form.
Repair document, if needed
Check this box if you want to repair defective documents. The utility attempts to copy the document from another volume. If this option is deactivated, the utility simply performs the test and displays the result.
200
AR090701-ACN-EN-6
Important
Use this repair option only if you are sure that you do not need the
missing documents any longer! You may lose references to
document components that are still stored somewhere in the archive.
If in doubt, contact Open Text Customer Support.
5.
Click Run.
A protocol window shows the progress and the result of the check.
See also:
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
3.
4.
5.
Click Run.
A protocol window shows the progress and the result of the counting.
See also:
AR090701-ACN-EN-6
Administration Guide
201
suspect any problem with a storage medium. The medium must be online and is
only tested, no repair option is available.
Proceed as follows:
1.
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
3.
4.
5.
Click Run.
A protocol window shows the progress and the result of the check.
See also:
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
3.
4.
Enter the Backup volume to be compared. You can specify multiple volumes
separated by spaces. You can also use the * character as a wildcard.
5.
Click Run.
A protocol window shows the progress and the result of the comparison.
See also:
202
AR090701-ACN-EN-6
Number of Backups
Backup Jukebox
Backup
AR090701-ACN-EN-6
Administration Guide
203
Chapter 15
2.
Select the ISO jukebox in the top area of the result pane.
3.
Check whether new ISO media have been added to the list in the bottom area of
the result pane. You can click the column title Name to sort by names. The ISO
volumes in each pool are numbered sequentially.
4.
Select the new ISO volume and click Eject Volume in the action pane.
5.
6.
Remove and label all the new ISO media in this way.
7.
Re-insert one of each set of identically named ISO media. To do this, select the
ISO jukebox in the top area of the result pane and click Insert Volume in the
action pane.
8.
Remove all defective ISO media with the name --bad--. Label these as
defective. They must not be re-used.
9.
AR090701-ACN-EN-6
205
Note: Perform these tasks also for the jukeboxes of the remote standby server.
2.
Select the jukebox from which you want to remove a volume in the top area of
the result pane.
3.
Select the volume in the bottom area of the result pane and click Eject Volume
in the action pane.
4.
206
Data must always be stored simultaneously on two media at least. This means
also the mirroring of the disk buffer.
The original and backup optical media must possess identical capacities and
sector sizes.
AR090701-ACN-EN-6
Regarding optical media, backup media must have the same name as the original. Make sure that the identification of backups is clear on volume labels.
Important
You can also use a Remote Standby Server for backing up data. For details
refer to Configuring Remote Standby Scenarios on page 161.
Remove the backup media from the jukebox and store them in a safe place
(see Handling Storage Volumes on page 185).
For supported optical ISO media, see the Hardware Release Notes (Open
Text Knowledge Center
(https://knowledge.opentext.com/knowledge/llisapi.dll/fetch/2001/7440
73/3551166/customview.html?func=ll&objId=3551166)).
AR090701-ACN-EN-6
Number of
Backups
n>1
Administration Guide
Job configuration
Backup
Schedule Write job
207
Pool configuration
Number of
Partitions
Job configuration
Number of
Backups
Backup
n>0
select
Backup
Jukebox
On
n>0
select
Backup
Jukebox
Schedule
Local_Backup job
Notes:
The Local_Backup job considers all pools, for which the Backup option is
set. The backup_pool job considers only the pool for which it is created.
You can schedule additional backups of a pool by configuring both jobs, or
configure the pool backup separately.
If problems occur, have a look in the protocol of the relevant job (see
Checking the Execution of Jobs on page 88).
208
1.
2.
Select the jukebox where the damaged volume is located in the top area of the
result pane.
3.
Select the damaged volume in the bottom area of the result pane and click Eject
Volume in the action pane.
4.
Insert the backup copy in the jukebox and click Insert Volume in the action
pane. It is now used as the original ISO volume without any further
configuration.
5.
6.
7.
Select the pool in the top area and the volume in the bottom area of the result
pane.
AR090701-ACN-EN-6
8.
9.
2.
3.
Select the designated pool in the top area of the result pane and click Properties
(see Write Incremental (IXW) Pool Settings on page 78).
4.
5.
Set the value for Number of Backups to n>0 and select the required Backup
Jukebox.
AR090701-ACN-EN-6
Administration Guide
209
6.
7.
Schedule the Local_Backup job according to your needs (see Setting the Start
Mode and Scheduling of Jobs on page 87).
According to the scheduling, the Local_Backup job updates the oldest backup
volume. The job writes only one backup volume per instance.
Note: If problems occur, have a look in the protocol of the Local_Backup
job (see Checking the Execution of Jobs on page 88).
Semi-automatic backup
With this method, you initialize the original and backup volumes manually in
the corresponding jukebox devices. The backup volume must have the same
name as the original one. To initialize the volume, proceed as described in
Manual Initialization of Original Volumes on page 61. The configuration
procedure is the same as for automatic backup except for steps 5 and 6 which
are here: No Auto Initialization, no Number of Backups and no Backup
Jukebox selection. The backup job finds the backup volumes by their names.
2.
Select the jukebox where you inserted the media in the top area of the result
pane.
3.
Select a volume with the -blank- status in the bottom area of the result pane.
4.
Click Initialize Backup in the action pane. The Init Backup Volume window
opens.
5.
Select the original volume and click OK to initialize the backup volume.
6.
For double-sided media, initialize the second side of the medium in the same
way.
7.
8.
9.
Select the pool in the top area and the original volume in the bottom area of the
result pane.
210
AR090701-ACN-EN-6
A protocol window shows the progress and the result of the backup. To check
the protocol later on, see Checking Utilities Protocols on page 222.
The volume list now contains a volume of the backup type and the same name
as the original volume.
12. Check the columns Unsaved (MB) and Last Backup/Replication:
The Unsaved (MB) column should now be blank, indicating that there is no
more data on the original volume that has not been backed up. The Last
Backup/Replication column shows the date and time of the last backup. The
Host column indicates the server where the backup resides.
13. For double-sided media, backup the second side of the medium in the same
way.
2.
Select the jukebox where the damaged volume is located in the top area of the
result pane.
3.
Select the damaged volume in the bottom area of the result pane and click Eject
Volume in the action pane. Label it clearly as defective.
4.
Select the backup volume of the damaged volume the bottom area of the result
pane.
5.
Click Restore Volume in the action pane. This makes the backup volume
available as original. If a volume has already been written to the second side of
the defective IXW medium, restore it in exactly the same way.
6.
AR090701-ACN-EN-6
Administration Guide
211
Chapter 16
AR090701-ACN-EN-6
213
Database
The database with the configuration for logical archives, pools, jobs and relations
to other archive servers and leading applications has to be protected against data
loss. The process depends on the type of database you are using (see Backup of
the Database on page 214).
Optical media
Optical storage media have to be protected against data loss. The process differs
if you use ISO or IXW media (see Backup and Recovery of Optical Media on
page 206).
Storage Manager configuration
The IXW file system information and the configuration of the Storage Manager
must be saved, see Backup and Restoring of the Storage Manager
Configuration on page 216.
Data in storage systems
Data that is archived on storage systems like HSM, NAS, CAS needs also a
backup, either by means of the storage system or with archive server tools, see
Backup for Storage Systems on page 203.
Cache Server
If write back mode is enabled, the cache server locally stores newly created
documents without saving them immediately to the destination. It is
recommended to perform regular backups of the cache server data, seeBackup
and Recovery of a Cache Server on page 216.
214
AR090701-ACN-EN-6
Important
If you have installed BPM Server and/or Transactional Content Processing,
database backups are required for all databases of the system: Archive and
Storage Services, the Context Server and the User Management Server. Note
that storage media does neither contain any data of the Context Server
database and the User Management Server database, i.e. you cannot restore
these databases by importing from media. The database backup procedures
are very similar.
The database can be set up as an Oracle database, or as an MS SQL Server database.
The procedure adopted for backups depends on which of these database systems is
used.
The database must be backed up at regular intervals. However, because its data
contents are constantly changing, all database operations are written to special files
(online and archived redo logs under Oracle, transaction logs for Microsoft SQL). As
a result, the database can always be restored in full on the basis of the backup and
these files.
Important
During the configuration phase of installation, you can either select default
values for the database configuration or configure all relevant values. To
make sure that this user guide remains easy to follow, the default values are
used below. If you configured the database with non-default values, replace
these defaults with your values.
Changing the password of the database user
The login DBLOGIN and password DBPASSWORD of the database user is stored
encrypted in the setup file DBS.Setup. If you change the password of the database
user, you must change it in the corresponding entry, too.
Proceed as follows:
1.
Encrypt the new password with the command line tool enc:
dsClient
enc <decrypted password>
2.
AR090701-ACN-EN-6
Administration Guide
215
http://download.oracle.com/docs/cd/B19306_01/server.102/b14196/backrest
001.htm#sthref606
http://download.oracle.com/docs/cd/B19306_01/backup.102/b14192/toc.htm
http://www.oracle.com/technology/obe/10gr2_db_single/ha/ob/ob_otn.htm
216
AR090701-ACN-EN-6
cache server acts like a proxy and routes all requests directly to the cache
server. Operations with write back items are not possible during this time.
To find out whether maintenance mode is active, start a command line and
enter
cscommand c isOnline
or
cscommand c getStatistics
With the cache server installation comes a small utility (cscommand), which allows to
activate or deactivate the maintenance mode. The commands to activate and
deactivate maintenance mode may be called from any script or batch file. Usually
the commands are added to the script that controls your backup. You can find
cscommand in the contentservice subdirectory of the <Web configuration
directory> (filestore).
Proceed as follows:
1.
2.
3.
Start your backup. Be sure that all relevant directories are included.
4.
Directories to be backed up
Note: The directories used by Archive Cache Services are configured during
the installation.
Cache volumes
One or more cache volumes to be used for write through caching. Not
highly critical but useful for reducing time to rebuild cached data.
Write back
volume
One single cache volume to be used for write back caching. This
volume contains the following subdirectories:
dat
Components are stored here.
idx
Per document, additional information is stored, which contains all
necessary information to reconstruct the data in case of a crash.
log
Special protocol files (one per day) are stored here. Containing
relevant info when a document is transferred to and committed by
the Document Service.
Important: Protocol files are not deleted automatically. Ensure
regular deletion of protocol files to avoid storage problems.
AR090701-ACN-EN-6
Administration Guide
217
The absolute path to the volume where the cache server stores its
metadata for the cached documents. Necessary to recover.
Path to store
database files
2.
3.
4.
2.
If the write back volume is still available, rename the root directory of the write
back volume (see step 5, <location of write back data>).
3.
Copy your backup of the data to the correct location to replace the corrupt one.
If you have also a partial loss of data volumes, copy the lost data from your
backup to the correct location.
4.
5.
218
AR090701-ACN-EN-6
Important
Each successfully recovered document is listed on the command line
and removed from <location of write back data>. This means that
the recover operation can just be processed once.
6.
If you do not get any error messages, the renamed directory (<location of
write back data>) can be deleted. Any data left in this subtree is no longer
needed for operation.
Important
If you get error messages, do not delete any data. If you cannot fix the
problem, contact Open Text Customer Support.
7.
AR090701-ACN-EN-6
Administration Guide
219
Chapter 17
Utilities
Utilities are tools that are started interactively by the administrator. The following
table provides an overview of all utilities that can be reached in Utilities in the
System object in the console tree. Cross references are leading to detailed
descriptions in the relevant chapters. You also find a description of how to start
utilities and how to check the utility protocol in this chapter.
Some utilities are assigned directly to objects and can be reached in the action pane.
Protocols of these utilities can also be reached in Utilities in the System object in the
console tree
Note: Some utilities need to enter the name of the STORM server. To
determine the name, select Devices in the Infrastructure object in the console
tree. The name of the STORM server is displayed in brackets behind the device
name; for example:
WORM(STORM1)
Link
Check Document
Check Volume
Count Documents/Components
Export Volumes(s)
Import GS Volume
Import HD Volume
AR090701-ACN-EN-6
221
Chapter 17 Utilities
Utility
Link
Creating a Local Fast Migration Job for ISO Volumes on page 244
VolMig Status
2.
Select the Utilities tab in the top area of the result pane. All available utilities are
listed in the top area of the result pane.
3.
4.
5.
6.
222
AR090701-ACN-EN-6
1.
2.
Select the Utilities tab in the top area of the result pane. All available utilities are
listed in the top area of the result pane.
3.
4.
Select the Results tab in the bottom area of the result pane to check whether the
execution of the utility was successful
or
select the Message tab in the bottom area of the result pane to check the
messages created during execution of the utility.
2.
Select the Protocol tab in the top area of the result pane.
3.
To clear protocols
Proceed as follows:
1.
2.
Select the Protocol tab in the top area of the result pane.
3.
To reread scripts
Utilities and jobs are read by Archive and Storage Services during the startup of the
server. If utilities or jobs are added or modified they can be reread. Thus avoids a
restart of Archive and Storage Services.
Proceed as follows:
1.
2.
Select the Protocol tab in the top area of the result pane.
AR090701-ACN-EN-6
Administration Guide
223
Chapter 17 Utilities
3.
224
AR090701-ACN-EN-6
Part 4
Migration
Chapter 18
About Migration
The very dynamic IT market makes it difficult to provide long-term archiving of
documents. Although currently known storage media have an expected life time of
up to 50 years, after such a long time there will be no devices that still can read these
storage media. Therefore, it is recommended to migrate all data periodically from
old to new storage media. Open Text delivers a reliable, secure, comfortable and
efficient solution for this challenge of volume migration.
You handle volume migration with two components:
The vmclient program, which supplies an interface for other components that
need to interact with volume migration. See Volume Migration Utilities on
page 257.
Remote migration
Migration of documents from ISO or IXW volumes on a known server to the
local server via a network connection.
Filters
Selecting of documents within creation date ranges.
AR090701-ACN-EN-6
227
Compression, encryption
Compression and/or encryption of documents before they are written to new
media.
Retention
Setting of a retention period for documents during the migration process.
Automatic Verification
Verifying of all migrated documents. A verification strategy can be defined for
each volume, specifying the verification procedure. Timestamps or different
checksums can be selected as well as a binary comparison.
18.2 Restrictions
The following restrictions are valid for the volume migration features:
Remote single-file
Remote migration is only possible for volumes that are handled by STORM and
that can be mounted via NFS. Single-File volumes like HSM or HD volumes
cannot be migrated from a remote archive server.
DBMS provider
Remote migration is only possible if the remote archive server uses the same
DBMS provider as the local archive server. For a cross-provider migration setup,
contact Open Text Services.
Compression, encryption
You cannot compress encrypted data. Decompression and decryption of
documents is not supported by the migration suite.
Caution
Consider that replication and backup settings are not transferred to the
target archive during migration. Therefore, the configuration for backup and
replicated archives must be performed for the migrated archive again. See
Configuring Remote Standby Scenarios on page 161 and Creating and
Modifying Pools on page 74.
228
AR090701-ACN-EN-6
2.
3.
AR090701-ACN-EN-6
Administration Guide
229
Chapter 19
Select Configuration > Archive Server in the Runtime and Core Services object
in the console tree.
2.
AR090701-ACN-EN-6
231
232
AR090701-ACN-EN-6
Select Configuration > Archive Server in the Runtime and Core Services object
in the console tree.
2.
Specify the logging parameters for the volume migration, all under
AS.VMIG.LOGGING.*:
Entry, Info, Debug, User-Error, Result, Database, Warning, RPC Relative times,
Use Eventlog, Maxlogsize
AR090701-ACN-EN-6
Administration Guide
233
Chapter 20
If the target pool has a jukebox with optical media, ensure that there are enough
empty media in it.
2.
Start the Archive Administration, select the dedicated logical archive and create
a new pool for the migration. See Creating and Modifying Pools on page 74.
3.
4.
Proceed as follows:
1.
AR090701-ACN-EN-6
235
newarchive.
Modify the configuration file: <OT config AS>/storm/server.cfg
Add newarchive to the hosts { } section
2.
3.
For Oracle only: On the local server, extend the $TNS_ADMIN/tnsnames.ora file
to contain a section for the remote computer.
4.
The actual read access of the media is done via NFSSERVERs. To add access to
oldarchive media, create this configuration in Runtime and Core Services >
Configuration > Archive Server >
AS.DS.STORM.NFSSERVER.EXTRA_NFSSERVER.NFSSERVER3 and
.NFSSERVER4 (on the local server newarchive). Add an entry for each
NFSSERVER on the remote computer (at least for those that you intend to read
from). This will create access to the media on oldarchive.
Example 20-1: NFSSERVER mapping on UNIX platforms
On the remote computer (oldarchive), there are two NFSSERVER entries
NFSSERVER1 = WORM,localhost,4027,/views_hs
NFSSERVER2 = CDROM,localhost,4027,/views_hs
5.
For the newarchive, select Configuration > Archive Server in the Runtime and
Core Services object in the console tree.
7.
236
AR090701-ACN-EN-6
The entrylocal is fixed syntax; it is not the name of the local server!
8.
If the target pool has a jukebox with optical media, make sure that there are
enough empty media in it.
2.
2.
On the remote server (old archive), modify the DS configuration (<OT config
AS>/DS.Setup).
If the version is older than 9.7.0, you have to change the registry entry on
Windows: HKEY_LOCAL_MACHINE\SOFTWARE\IXOS\IXOS_ARCHIVE\DS.
Add the variable
BACKUPSERVER1 = BKCD,<newarchive>,0
<newarchive> is the hostname of the target archive server. Do not use blanks and
do not type the angle brackets in the value!
3.
AR090701-ACN-EN-6
Administration Guide
237
238
AR090701-ACN-EN-6
Chapter 21
2.
3.
Select the Pools tab in the top area of the result pane. The attached volumes are
listed in the bottom area of the result pane.
4.
Select the volume to be write locked and click Properties in the action pane.
5.
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
3.
4.
Enter appropriate settings to all fields (see Settings for local migration on
page 239). Click Run.
the scheduler of the Administration Server calls the job Migrate_Volumes and
AR090701-ACN-EN-6
239
Character
Description
Is used to escape wildcards (*, ?), if they are used as real characters in
volume names.
[]
Target archive
Enter the target archive name.
Target pool
Enter the target pool name.
Migrate only components that were archived: On date or after
You can restrict the migration operation to components that were archived after
or on a given date. Specify the date here. The specified day is included.
Migrate only components that were archived: Before date
You can restrict the migration operation to components that were archived
before a given date. Specify the date here. The specified day is excluded.
Set retention in days
Enter the retention period in days. With this entry, you can change the retention
period that was set during archiving. The new retention period is added to the
archiving date of the document. The following settings are possible:
>0 (days)
0 (none)
-1 (infinite)
-6 (archive default)
-9 (event)
Note: The retention date of migrated documents can only be kept or extended.
The following table provides allowed settings:
240
AR090701-ACN-EN-6
no retention
any
retention date
infinite, event
no change
Verification mode
Select the verification mode that should be applied for volume migration. The
following settings are possible:
None
Timestamp
Checksum
Binary Compare
Timestamp or Checksum
Additional arguments
-e
Export source volumes after successful migration.
-k
Keep exported volume (export only the document entries, allow dsPurgeVol
to destroy this medium).
-i
Migrate only latest version, ignore older versions.
-A <archive>
Migrate components only from a certain archive.
AR090701-ACN-EN-6
Administration Guide
241
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
3.
4.
Enter appropriate settings to all fields (see Settings for remote migration on
page 242). Click Run.
the scheduler of the Administration Server calls the Migrate_Volumes job and
242
Character
Description
Is used to escape wildcards (*, ?), if they are used as real characters in
volume names.
AR090701-ACN-EN-6
Character
Description
[]
> 0 (days)
0 (none)
-1 (infinite)
-6 (archive default)
-9 (event)
Note: The retention date of migrated documents can only be kept or extended.
The following table provides allowed settings:
AR090701-ACN-EN-6
no retention
any
retention date
infinite, event
no change
Administration Guide
243
Verification mode
Select the verification mode that should be applied for volume migration. The
following settings are possible:
None
Timestamp
Checksum
Binary Compare
Timestamp or Checksum
Additional arguments
-i
Migrates only latest version, ignores older versions.
-A <archive>
Migrates components only from a certain archive.
244
1.
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
3.
4.
AR090701-ACN-EN-6
Description
Is used to escape wildcards (*, ?), if they are used as real characters in volume names.
[]
the scheduler of the Administration Server calls the Migrate_Volumes job and
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
3.
AR090701-ACN-EN-6
Administration Guide
245
4.
Enter appropriate settings to all fields (see Settings for remote fast migration
on page 246). Click Run.
the scheduler of the Administration Server calls the Migrate_Volumes job and
Description
Is used to escape wildcards (*, ?), if they are used as real characters in
volume names.
[]
246
AR090701-ACN-EN-6
Verification mode
Select the verification mode which should be applied for volume migration. The
following settings are possible:
None
Timestamp
Checksum
Binary Compare
Timestamp or Checksum
Additional arguments
-d (dumb mode)
Import of document/component entries into local DB by dsTools instead of
reading directly from the remote DB. The dumb mode disables automatic
verification. Archive- and retention settings cannot be changed.
-A <archive>
Migrates components only from a certain archive. Does not work with dumb
mode (d ).
AR090701-ACN-EN-6
Administration Guide
247
Chapter 22
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
3.
4.
5.
AR090701-ACN-EN-6
New
In progress
Finished
Cancelled
Error
Click Run.
An overview of migration jobs with the demanded job status opens.
249
New (enqueued)
VolMig has not yet started to process this migration job.
250
AR090701-ACN-EN-6
AR090701-ACN-EN-6
Administration Guide
251
Chapter 23
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
Determine the ID of the migration job you want to pause via the VolMig Status
utility, see Monitoring the Migration Progress on page 249.
3.
4.
5.
Enter the ID of the migration job that you want to pause in the Migration Job
ID(s) field.
6.
Click Run.
The migration job is set to the Paus status.
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
Determine the ID of the migration job you want to continue via the VolMig
Status utility, see Monitoring the Migration Progress on page 249.
3.
4.
AR090701-ACN-EN-6
253
5.
Enter the ID of the migration job that you want to continue in the Migration Job
ID(s) field.
6.
Click Run.
A protocol window shows the progress and the result of the migration. The
migration job is set back to the status before it has been paused or the error
occurred.
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
Determine the ID of the migration job you want to cancel via the VolMig Status
utility. See Monitoring the Migration Progress on page 249.
3.
4.
5.
Enter the ID of the migration job that you want to cancel in the Migration Job
ID(s) field.
6.
Click Run.
A protocol window shows the progress and the result. The migration job is set
to the Canc status. All copy jobs for this migration job are deleted.
254
1.
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
Determine the ID of the migration job you want to renew via the VolMig Status
utility. See Monitoring the Migration Progress on page 249.
3.
4.
AR090701-ACN-EN-6
5.
Enter the ID of the migration job that you want to renew in the Migration Job
ID(s) field.
6.
Click Run.
A protocol window shows the progress and the result of the migration. The
migration job is set to the New status and is started from the beginning.
AR090701-ACN-EN-6
Administration Guide
255
Chapter 24
2.
2.
jobID
The ID of the migration job to be deleted.
jobID
The ID of the migration job to be finished.
AR090701-ACN-EN-6
257
jobID
The ID of the migration job to be modified.
attribute
Note: Attributes with one hyphen (-) will be added/updated.
Attributes with two hyphens (--) will be removed.
-e (export)
Export source volumes after successful migration.
-k (keep)
Do not set the exported flag for the volume (so dsPurgeVol can destroy it).
-i (ignore old versions)
Migrate only the latest version of each component, ignore older versions.
-A <archive>
Migrate components only from a certain archive.
-r <value> (retention)
Set a new value for the retention of the migrated documents.
-v <value> (verification level)
Define how components should be verified by VolMig.
Example 24-1: Modifying attributes of a migration job
To add the export flag, execute
> vmclient updateJobFlags <jobID> -e
258
AR090701-ACN-EN-6
become the new default pool. To have the documents that are archived during the
migration written into the target pool rather than the source pool, you can use this
command to update the Write jobs.
> vmclient updateDsJob <old poolname> <new poolname> -d|-v
old poolname
Is constructed by concatenating the source archive name, an underscore
character and the source pool name, e.g. H4_worm.
new poolname
Is constructed by concatenating the target archive name, an underscore character
and the target pool name, e.g. H4_iso.
-d
Update pools in ds_job only.
-v
Update pools in both, ds_job and vmig_jobs.
Note: This works only for local migration scenarios. Write jobs in a remote
migration environment remain on the remote server and cannot be moved to
the local machine.
jobID
The ID of the migration job which components should be listed.
max results
How many components should be listed at most.
archive
The archive name.
pool 1
Name of the first pool.
AR090701-ACN-EN-6
Administration Guide
259
pool 2
Name of the second pool.
archive
The archive name.
pool
The pool name.
sequence number
New number of the sequence.
sequence letter
New letter (for ISO pools only).
volume name
Name of the primary volume.
output file
File to write the output to instead of stdout.
260
AR090701-ACN-EN-6
Part 5
Monitoring
Chapter 25
checking the success of jobs, in particular of the Write and Backup jobs
checking the Storage Manager, for example, the filling level of storage devices
or empty media in jukeboxes
locating problems
For detailed information about the Document Pipeline Info, see the guide
OpenText Document Pipelines - Overview and Import Interfaces (AR-CDP).
AR090701-ACN-EN-6
263
Chapter 26
Define the events filter to which the system should respond, see Creating and
Modifying Event Filters on page 265.
2.
Create the type and settings of the notifications and assign them specific event
filters, see Creating and Modifying Notifications on page 269.
Select Events and Notifications in the System object in the console tree.
2.
Select the Event Filters tab. All available event filters are listed in the top area of
the result pane.
3.
Click New Event Filter in the action pane. The window to create a new event
filter opens.
4.
Enter the conditions for the new event filter. See Conditions for Events Filters
on page 266.
5.
Click Finish.
AR090701-ACN-EN-6
265
Modifying event
filters
Deleting event
filters
To modify an event filter, select it in the top area of the result pane and click
Properties in the action pane. Proceed in the same way as when creating a new
event filter. The name of the event filter cannot be changed.
To delete an event filter, select it in the top area of the result pane and click Delete in
the action pane.
See also:
Component
Specifies the software component that issues the message. If nothing is specified
here, all components are recorded (Any). The most important components are:
266
Storage Manager: Reports errors that occur when writing to storage media.
AR090701-ACN-EN-6
Severity
Specifies the importance.
Fatal Error
Error
Warning
Important
Information
Message codes
Specifies which message codes should be considered by the event filter. The
codes are used to filter out concrete events and are usually defined in a message
catalog, which belongs to a component. For each component, the catalog is
installed in
<OT config>\msgcat\<COMPNAME>_<lang>.cat
Example: ADMS_us.cat is the English message catalog for the Administration
Server component.
It is possible to enter the code number directly, but it is recommended and more
comfortable to use the select button. This offers a window with current available
message codes and associated descriptions.
Select message codes
1.
2.
Click Select. A window with current available message codes opens. The
available message codes depend on the selected combination of message
class, component and severity.
3.
Select the designated message code and click OK to resume. If you define a
range, select the first and the last message code (from to).
See also:
AR090701-ACN-EN-6
Administration Guide
267
A number of preconfigured events are delivered with the installation of Archive and
Storage Services. To use them, configure the notifications and assign the appropriate
notifications to each event. You can use these events:
Any Fatal Error
Includes all events of the Fatal Error type of all currently recorded event
classes and components.
Any Message from Admin Server
Includes all events on the Administration Server.
Any Message from Document Service
Includes all events occurring in the Document Service.
Any Message from Monitor Server
Includes all status changes in Monitor Web Client.
Any Message from Storage Manager
Includes all status changes in the Storage Manager.
Any Non-Fatal Error
Includes all events of the type Error of all currently recorded event classes and
components.
ISO volume has been written
This event occurs when an ISO volume has been written successfully.
IXW volume has been initialized
This event occurs when automatic initialization of an IXW volume has finished
successfully.
Jukebox error: Jukebox detached
This event occurs when the STORM cannot access the jukebox.
More blank media required in jukebox
This event occurs when new optical media have to be inserted in a jukebox.
User-defined
events
In addition, you can define other events to get notifications if they occur. Useful
events are:
Job Error
This event records errors that are listed in the job protocol and notifies you with
a particular message. Use this configuration:
Severity:
Message class:
Component:
Message code:
268
Error
Server or <any>
Administration Server
1
AR090701-ACN-EN-6
Error
Server or <any>
Monitor Server
-
Warning
Server or <any>
Monitor Server
-
See also:
Alert, passive notification type, alerts must be checked by the administrator. See
Checking Alerts on page 273.
Mail Message, active notification type, when the assigned event occurs, a
message is sent.
TCL Script, active notification type, when the assigned event occurs, a tcl script
is executed.
Message File, passive notification type, notifications are written in a specific file.
Proceed as follows:
1.
Select Events and Notifications in the System object in the console tree.
2.
Select the Notifications tab. All available notifications are listed in the top area
of the result pane.
AR090701-ACN-EN-6
Administration Guide
269
Testing
notifications
3.
Click New Notification in the action pane. The wizard to create a new
notification opens.
4.
Enter the name and the type of the notification and click Next. Enter the
additional settings for the new notification event. See Notification Settings on
page 270.
5.
6.
Select the new notification in the top area of the result pane.
7.
Click Add Event Filter in the action pane. A window with available event filters
opens.
8.
Select the event filters which should be assigned to the notification and click
OK.
Select the new notification in the top area of the result pane and click Test in the
action pane.
Click the Test button in the notification window while creating or modifying notifications.
Modifying
notifications
settings
To modify the notification settings, select the notification in the top area of the result
pane and click Edit in the action pane. Proceed in the same way as when creating a
new notification. The name of the notification cannot be changed.
Deleting
notifications
To delete a notification, select the notification in the top area of the result pane and
click Delete in the action pane.
Adding event
filters
Remove an
event filter
To add event filters, select the notification in the top area of the result pane. Click
Add Event Filter in the action pane. Proceed in the same way as when creating a
new notification.
To remove an event filter, select it in the bottom area of the result pane and click
Remove in the action pane. The notification events are not lost, only the assignments
is deleted.
See also:
270
AR090701-ACN-EN-6
Name
The name should be unique and meaningful.
Notification Type
Select the type of notification and enter the specific settings. The following
notification types and settings are possible:
Alert
Alerts are notifications, which can be checked by using Administration
Client. They are displayed in Alerts in the System object in the console tree
(see Checking Alerts on page 273).
Mail Message
E-mails can be sent to respond immediately to an event or in standby time. If
you want to send it via SMS, consider that the length of SMS text (includes
Subject and Additional text) is limited by most providers. Enter the following
additional settings:
Sender address: E-mail address of the sender. It appears in the from field
in the inbox of the recipient. The entry is mandatory.
Mail host: Name of the target mail server. The mail server is connected
via SMTP. The entry is mandatory.
Max. Length of mail message text: Use this setting to restrict the number
of characters in the email body. If you send notifications as SMS, thus you
can enter a value according to the limitation of your provider.
TCL Sript
Enter the name and the path of the tcl script. It will be executed if the event
occurs.
Message File
The notification is written to a file. Enter name and path of the target file or
click Browse to open the file browser. Select the designated message file and
click OK to confirm.
Enter also the maximum size of the message file in bytes.
AR090701-ACN-EN-6
Administration Guide
271
SNMP Trap
Provides an interface to an external monitoring system that supports the
SNMP protocol. Enter the information on the target system.
Active Period
Weekdays and time of the day at which the notification is to be sent.
Text
Free text field with the maximum length of 255 characters. $-variables can be
used (see Using Variables in Notifications on page 272).
See also:
272
AR090701-ACN-EN-6
See also:
Marking
messages as
read
1.
Select Alerts in the System object in the console tree. All notifications of the alert
type are listed in the top area of the result pane.
2.
Select the alert to be checked in the top area of the result pane. Alert details are
displayed in the bottom area of the result pane. The yellow icon of the alert
entry turns to grey if read.
To mark all messages as read click Mark All as Read in the action pane. The yellow
icons of the alert entries turn to grey.
AR090701-ACN-EN-6
Administration Guide
273
Chapter 27
You use Monitor Web Client to monitor the availability of system resources and the
jobs of individual archive components. The most important functions are:
checking the jobs of the Document Service and access to unavailable volumes,
Monitor Web Client is used solely to observe the global system and to identify
problem areas. The Monitor components gather information about the status of the
various archive system components at regular intervals.
The Monitor cannot be used to eliminate errors, modify the configuration or start
and stop processes. Viewer clients are not monitored.
Monitor Web Client can be started as a Web application from any host.
Warning and
error messages
Security
With Administration Client, you can configure warning and error messages that are
sent when the status of archive server component changes. You can also use external
system management tools within the scope of special project solutions.
HTTPS can be used to ensure data confidentiality and integrity. External access
should be restricted by means of a firewall.
AR090701-ACN-EN-6
275
Variable
Description
Example
prot
Protocol
http or https
server
alpha
domain
.opentext.com
port
http:8080 or
https:8081
subdir
w3monc
cmd
Command
index.html
276
AR090701-ACN-EN-6
Button bar
The button bar contains buttons to configure Monitor Web Client. All these
settings apply only to the current browser session. If you want to reuse your
settings, pass them as parameters when you start the program (see Customizing
Monitor Web Client on page 279).
Left column: Monitored servers
Here you find a list of the monitored archive servers. Click a name. The current
status of this archive server is displayed in the other two columns. If you click
the name again, the status is checked at Monitor Server and the display in
Monitor Web Client is updated if needed.
Otherwise, the status of the components is updated after the specified refresh
interval (see Setting the Refresh Interval on page 278). If it is not possible to
icon is displayed in front of
establish a connection to a Web server, then the
the server name.
Tip: If you want to compare the status of different servers, open Monitor
Web Client for each of them and use the task bar to switch between the
different instances.
Middle column: Components
In a hierarchical structure, you see the groups of components that run on the
interrogated host. Below each component group, you see the associated
components. Click a component to display its current status in the right column.
icon to display the status of the component group on the right. For
Click the
information on the components and the possible messages, refer to Component
Status Display on page 280.
The icon in front of the component group name represents a summary of the
individual statuses of the components in the group. If you move the mouse
pointer to an icon in front of a component, abbreviated status information is
displayed in a tool tip even if the detailed information is not displayed in the
third column. In this way, you can compare the statuses of two components.
Right column: Detailed information and status
This column contains detailed status information on the selected components or
component groups. If the right column is too narrow to display the information,
move the mouse pointer to the icon to display the status information in a tooltip.
Status line
Provides information on the status of the initiated processes.
Status icons
The icons identify the system status at a glance. To configure the icons, see
Configuring the Icon Type on page 279. The possible statuses are:
Warning, storage space problems are imminent. You can continue working for
the present but the problem must be resolved soon.
AR090701-ACN-EN-6
Administration Guide
277
The configuration of Monitor Web Client is saved in the *.monitor files that are
located in the directory <OT install AS>\config\monitor.
2.
Define the period (in seconds) between two requests to the host. Short periods
increase the network load.
Note: To refresh the display of the host status manually, click the name of the
host in the left column. In the Internet Explorer, you can also refresh the
display with F5 or CRTL+R.
2.
3.
Click OK. The selected archive server is entered in the list of hosts.
To remove a host
Proceed as follows:
278
AR090701-ACN-EN-6
1.
2.
Select one or more archive servers that you no longer want to monitor.
3.
Click OK. The selected archive server is removed from the host list.
2.
Select the icon type. You can select between bulbs, LEDs, faces, signs, and traffic
lights.
3.
Click OK.
Save this URL as a bookmark. So you can always start your personal configuration.
If you do not pass any parameters with the URL, Monitor Web Client starts with the
default settings: LEDs, refresh interval 120 seconds and no additional hosts.
AR090701-ACN-EN-6
Administration Guide
279
27.2.1 DP Space
Monitors the storage space for the Document Pipelines that are used for the
temporary storage of documents during the archiving process. A special directory
on the hard disk is reserved for the Document Pipelines. You can determine its
location in Administration Client (Core Services > Configuration > Document
Pipeline).
During archiving, the documents are temporarily copied to this directory and are
then deleted once they have been successfully saved. The directory must be large
enough to accommodate the largest documents, e.g. print lists generated by SAP.
The status can be Ok,Warning and Error.
In Details you can see the free storage space in MB, the total storage space in MB
and the proportion of free storage space in percent. The values refer to the hard disk
volume in which the DPDIR directory was installed. A warning or error message is
issued if insufficient free storage space is available. Possible causes are:
Error during the processing of documents in the Document Pipeline
Normally, the documents are processed rapidly and deleted immediately. If
problems occur, the documents may remain in the pipeline and storage space
may become scarce. Check the status of the DocTools (DP Tools group in the
Monitor) and the status of the Document Pipelines in Document Pipeline Info.
Document is larger than the available storage space
If no separate volume is reserved for the Document Pipeline, the storage space
may be occupied by other data and processes. In this case, the volume should be
cleaned up to create space for the pipeline. To avoid this problem, reconfigure
the Document Pipeline and locate it in a separate volume. The volume must be
larger than the largest document that is to be archived.
Displays the status of the Storage Manager. The status is Active, if the server is
running. A status of either Can't call server, Can't connect to server or Not
active indicates that the server is either not reachable or not running. Check the
280
AR090701-ACN-EN-6
jbd.log log file for errors. If necessary, solve the problem and start the Storage
Manager again.
inodes
Displays how full the inode files are. Either the status OK or Error is displayed.
In Details, you can see filling level in percent as well as the number of
configured and used inodes. If an error is displayed, the storage space for the file
system information must be increased.
<jukebox_name>
Provides an overview of the volumes for each attached jukebox. The possible
status specifications are Ok, Warning or Error. Warning means that there are no
writeable volumes or no empty slots in the jukebox. Error is displayed if at least
one corrupt medium is found in a jukebox (display -bad- in Devices in Archive
Administration).
The following information is displayed in Details:
Empty
Bad
Blank
Written
27.2.4 DS Pools
The Monitor checks the free storage space which is available to the pools (and
therefore the logical archives). The pools and buffers are listed. The availability of
AR090701-ACN-EN-6
Administration Guide
281
the components depends on two factors. Volumes must be assigned and there must
be sufficient free storage space in the individual volumes.
The Ok status specifies that volumes are present and sufficient storage space is
available.
The Error status together with the No volumes present message means that a
volume (WORM or hard disk) needs to be assigned to this buffer or pool.
The Error status with the No writable partitions message refers to WORM
volumes and means that the available volumes are full or write-protected.
Initialize and assign a new volume and/or remove the write-protection.
The Full status refers to disk buffers or hard disk pools and means that there is
no free storage space on the volume. In the case of a hard disk pool, create a new
volume and assign it to this pool.
In the case of a disk buffer, check whether the Purge_Buffer job has been
processed successfully and whether the parameters for this job are set correctly.
Monitors the Document Service DocTools queues and specifies the number of
documents in each of them. Normally, the documents are processed very quickly
and the queues are empty.
DS DP Error Queues
Monitors the Document Service DocTools error queues and specifies the number
of documents in each of them.
282
AR090701-ACN-EN-6
The DocTool has been locked. To check this status, start Document Pipeline Info.
Here, all the queues that are associated with a locked DocTool are identified by
the locked symbol. In general, a DocTool is only locked if an error has occurred.
Once the problem has been analyzed and eliminated, restart the DocTool in
Document Pipeline Info.
Not registered
AR090701-ACN-EN-6
Administration Guide
283
Archive and Storage Services cannot supply a document to the SAP host.
Check that there is sufficient free storage space in the exchange directory.
...cpfile
A document cannot be copied from the SAP host to the archive server.
Problems with the exchange directory (shared file transfer directory that
must be available before the SAP host can be accessed).
...caracut
284
AR090701-ACN-EN-6
...doctods
The connection to the SAP system is not established. Check the cbfx.log log
file for information on the possible error causes.
...docrm
The temporary data in the pipeline are not be deleted following the correct
execution of all the preceding DocTools. Start Document Pipeline Info and
remove the documents in the corresponding error queue. You require special
access rights to do this.
AR090701-ACN-EN-6
Administration Guide
285
Chapter 28
The auditing data is collected in separate database tables and can be extracted from
there with the exportAudit command to files, which can be evaluated in different
ways.
AR090701-ACN-EN-6
287
Description
Output format
-s date
YYYY/MM/DD:HH:MM:SS
-e date
YYYY/MM/DD:HH:MM:SS
-S
-A
The resulting file is ADM-<begin date><end date>.txt in csv format, and the
data is separated by semicolons if no
other options a
With further optional options, you can adept the output to your needs.
Option
Description
-a
Only relevant for document lifecycle information (-S is set). Extracts data
about all document related jobs on the given timeframe. The generated file
name reflects this option with the ALL indicator: STR-<begin date>-<end
date>-ALL.<ext>.
-x
Deletes data from the database after successful extraction. This option is not
supported if -a is set, so only information on deleted documents can be removed from the database after extraction.
-o ext
Defines the file format. For example, with -o csv you get a .csv file for
evaluation in Excel, independently of the extracted data.
-h
-c sepchar
288
AR090701-ACN-EN-6
28.1 Auditing
Event
Description
EVENT_CREATE_DOC
Document created
EVENT_CREATE_COMP
EVENT_UPDATE_ATTR
Attributes updated
EVENT_TIMESTAMPED
EVENT_TIMESTAMP_VERIFIED
EVENT_TIMESTAMP_VERIF_FAILED
EVENT_COMP_MOVED
EVENT_COMP_COPIED
EVENT_COMP_PURGED
EVENT_COMP_DELETED
EVENT_COMP_DELETE_FAILED
EVENT_COMP_DESTROYED
EVENT_DOC_DELETED
Document deleted
EVENT_DOC_MIGRATED
Document migrated
EVENT_DOC_SET_EVENT
EVENT_DOC_SECURITY
The result of an extraction of document related audit information in Excel may look
like shown in the graphic.
The options -S -o csv -a -h were set, which results in a filename like this:
STR-2005_07_04_12_00_00-2005_07_19_08_00_00-ALL.csv
AR090701-ACN-EN-6
Administration Guide
289
28.2 Accounting
Archive and Storage Services allows collecting of accounting data for further
analysis and billing.
Proceed as follows:
1.
Enable the Accounting option and configure accounting in Runtime and Core
Services > Configuration, see Settings for Accounting on page 290.
The Document Service writes the accounting information into accounting files.
2.
Evaluate the accounting data, see Evaluating Accounting Data on page 290.
3.
290
AR090701-ACN-EN-6
28.2 Accounting
Description
Example
TimeStamp
10/08/2001 10:15:14
JobNumber
24
RequestTime
422
Client Address
127.0.0.1
ContentServer
DD
UserId
<User name>
or something like
149.235.35.28.20010912.10.44.54
ApplicationId
dsh
DocumentId
E429B8ED8FA6D511A0630050
DA78D510
NumComponents
ComponentId
data
ContentLength
Job number
GETCOMP
PUTCOMP
CREATCOMP
UPDCOMP
APPCOMP
INFO
PUT
CREATE
UPDATE
10
AR090701-ACN-EN-6
Administration Guide
291
Job name
Job number
LOCK
11
UNLOCK
12
SEARCHATTR
13
SEARCH
14
SEARCHFREE
15
DGET
16
GETATTR
17
SETATT
18
DELATTR
19
DELETE
20
MCREATE
23
PUTCERT
24
ADMINFO
25
SRVINFO
26
CSRVINFO
27
VALIDUSER
28
VERIFYSIG
29
SIGNURL
31
GETCERT
32
ANALYZE_SEC
34
RESERVEID
35
SETDOCFLAG
36
ADS_GETATS
37
ADS_VERIFYATS
38
ADS_MIGRATE
39
ADS_DOCHISTORY
40
ADS_CREPLACEH
41
ADS_CSRVINFO2
42
If you archive the old accounting data, you can also access the archived files. The
Organize_Accounting_Data job writes the DocIDs of the archived accounting files
into the ACC_STORE.CNT file which is located in the accounting directory (defined in
Path to accounting data files).
To restore archived accounting files, you can use the command
292
AR090701-ACN-EN-6
The tool saves the files in the <target directory> where you can use them as usual.
AR090701-ACN-EN-6
Administration Guide
293
Part 6
Troubleshooting
Chapter 29
Basics
This part is written as an introduction to troubleshooting and error analysis. It presents
tools and methods which can help you to find out the cause of a problem. It does not
explain solutions for a single problem or error. This kind of information and a lot of
useful hints and tips can be found in the KC
(https://knowledge.opentext.com/knowledge/llisapi.dll/Open/12331031) and the
Knowledge Base
(https://knowledge.opentext.com/knowledge/llisapi.dll/Open/Knowledge).
Backup the storage media, the database, and the STORM configuration files
regularly.
Use the Monitor Web Client to monitor Archive and Storage Services. So you can
react quickly if a problem occurs.
Make sure that there is enough space available (storage media, disk buffers,
database, exchange directory...)
AR090701-ACN-EN-6
297
Chapter 29 Basics
packages.
This list is useful when you contact the Open Text Customer Support.
Proceed as follows:
1.
Select Utilities in the System object in the console tree. All available utilities are
listed in the top area of the result pane.
2.
3.
4.
In the field View patches for packages enter the package whose patches you
want to list. Leave the field empty to view all packages.
5.
Create the two correct directories in the file system and make sure that they are
owned and writeable by the Archive Spawner user.
2.
b.
In the console tree, expand Runtime and Core Services > Configuration >
Archive and Storage Services.
c.
298
AR090701-ACN-EN-6
Click OK.
3.
Restart the Archive Spawner processes (for details, see Starting and Stopping
of Archive and Storage Services on page 301).
The Archive Administration Utilities are the Monitor Web Client, the Document
Pipeline Info and Administration Client. You can find a short summary of their use
in Everyday Monitoring of the Archive System on page 263.
The most important error messages are also displayed in the Windows Event
Viewer or in the UNIX syslog. This information is a subset of the information
generated in the log files. Use these tools to see the error messages for all
components at one place.
You can prevent the transfer of error messages to the system tools in general or for
single components with the setting Write error messages to Event Log / syslog, see
Log Settings for Archive and Storage Services Components (Except STORM) on
page 310.
To start the Windows Event Viewer, click
Start > Control Planel > Administrative Tools > Event Viewer.
The syslog file for UNIX is configured in the file /etc/syslog.conf.
AR090701-ACN-EN-6
Administration Guide
299
Chapter 29 Basics
UNIX
$ORACLE_HOME/network/log/listener.log (log file)
$ORACLE_HOME/network/trace (trace file)
$ORACLE_HOME/rdbms/log/*.trc/* (trace files)
300
AR090701-ACN-EN-6
Chapter 30
To start Archive and Storage Services using the Windows Services, proceed as
follows:
1.
2.
AR090701-ACN-EN-6
Open the Control Panel, select Administrative Tools and then Services.
Right-click the following entries in the given order and select Start:
301
Command line
To start Archive and Storage Services from the command line, enter the following
commands in this order:
net start OracleServiceECR (Oracle database) or net start mssqlserver (MS
SQL database)
Stopping
Windows
Services
Command line
To stop Archive and Storage Services components using the Windows Services,
proceed as follows:
1.
2.
3.
Right-click the following entries in the given order and select Stop:
To stop Archive and Storage Services components from the command line, enter the
following commands in this order:
net stop spawner (archive components)
net stop Oracle<ORA_HOME>TNSListener (Oracle database)
net stop OracleServiceECR (Oracle database) or net stop mssqlserver (MS SQL
database)
302
Log on as root.
AR090701-ACN-EN-6
2.
Start the archive system including the corresponding database instance with:
HP-UX
/sbin/rc3.d/S910spawner start
AIX
/etc/rc.spawner start
Solaris
/etc/rc3.d/S910spawner start
LINUX
/etc/init.d/spawner start
Stopping
Enter the commands below to terminate Archive and Storage Services manually.
Proceed as follows:
1.
Log on as root.
2.
/sbin/rc3.d/S910spawner stop
AIX
/etc/rc.spawner stop
Solaris
/etc/rc3.d/S910spawner stop
LINUX
/etc/init.d/spawner stop
Under UNIX, load Archive and Storage Services environment first: <OT config
AS>/setup/profile.
2.
Check the status of the process with spawncmd status (see Analyzing
Processes with spawncmd on page 307).
AR090701-ACN-EN-6
Administration Guide
303
3.
Description of parameters:
{start|stop}
The process you want to start or stop. The name appears in the first column of
the output generated by spawncmd status.
Important
You cannot simply restart a process if it was stopped, regardless of the
reason. This is especially true for Document Service, since its processes must
be started in a defined sequence. If a Document Service process was
stopped, it is best to stop all the processes and then restart them in the
defined sequence. Inconsistencies may also occur when you start and stop
the monitor program or the Document Pipelines this way.
Example 30-1: Start the Notification Server
spawncmd start notifSrvr
From the Archive and Storage Services object in the console tree, select System.
2.
304
AR090701-ACN-EN-6
AR090701-ACN-EN-6
Click OK.
Administration Guide
305
Chapter 31
Analyzing Problems
Note: The following commands and paths for log files are not valid for
installations in cluster environments.
Under UNIX, load Archive and Storage Services environment first: <OT config
AS>/setup/profile. Under all environments, open a command line and move to
the directory where the spawner resides:
exit
reread
start <service>
status
stop <service>
startall
AR090701-ACN-EN-6
307
stopall
You can execute the commands startall, stopall, exit and status in the Archive
Administration, with the corresponding commands in the File > Spawner menu.
Process status
In the Archive Administration, on the File menu, select Spawner > Status.
Clnt_ds
admsrv
Administration Server
dscache<1...4>>
dsrc
dswc
ixmonsvc
notifSrvr
dp
Document Pipelines
jbd
STORM daemon
tomcat
Web Server
timestamp
Timestamp Server
purgefiles
various DocTools
process status:
R means the process is running. All processes should have the this status with
the exception of chkw (checkWorms), stockist and dsstockist; and under
Windows, additionally db and testport.
T means the process was terminated. This is the normal status of the
processes chkw (check worms), stockist, and dsstockist; and under
Windows, additionally db and testport. If any other process has the status
T, it indicates a possible problem.
308
AR090701-ACN-EN-6
All log files of Archive and Storage Services components - including the STORM are located in the same directory:
Check in the Monitor Web Client in which component of Archive and Storage
Services the problem has occurred.
2.
The message class - that is the error type - is shown at the beginning of a log
entry.
AR090701-ACN-EN-6
Administration Guide
309
Note: In jbd.log, old messages are overwritten if the file size limit is
reached. In this case, check the date and time to find the latest messages.
Messages with identical time label normally belong to the same incident.
The final error message denotes which action has failed. The messages before
often show the reason of the failure.
The following incidents are always written to the log files, and usually also to the
Event Viewer or Syslog. You cannot switch off the corresponding log levels.
Fatal errors indicate fatal application errors that mostly lead to server crashes
(message type FTL).
The following log levels are relevant for troubleshooting. You can change them in
the Server Configuration, see Setting Log Levels on page 310.
Important
Higher log levels can generate a large amount of data and even can slow
down the archive system. Reset the log levels to the default values as soon as
you have solved the problem. Delete the log files only after you have
stopped the spawner.
310
AR090701-ACN-EN-6
Default
Description
100000
off
INF
LOG_INFO
off
DB
LOG_DB
off
no type,
no time
label
LOG_HTTP
on
ERR
LOG_ERROR
on
WRN
LOG_WARN
off
Debug informations
Caution: High amount
of logging information,
huge log files, performance loss!
DBG
LOG_DEBUG
off
RPC Calls
RPC
LOG_RPC
off
Messages if a function is
entered or left
ENT
LOG_ENTRY
Time setting
Message
type
Variable
MAXLOGSIZE
Additionally to the log levels, you can define the time label in the log file for each
component. Normally, the time is given in hours:minutes:seconds. If you select
Log using relative time, the time elapsed between one log entry and the next is
given in milliseconds instead of the date, additionally to the normal time label. This
is used for debugging and fine tuning.
AR090701-ACN-EN-6
Administration Guide
311
312
AR090701-ACN-EN-6
Glossary
Administration Client (former Archiving and Storage Administration)
Administration tool for setup and maintenance of servers, logical archives,
devices, pools, disk buffers, archive modes and security settings.
Frontend interface for customizing and administering Archive and Storage
Services.
Annotation
The set of all graphical additions assigned to individual pages of an archived
document (e.g. coloured marking). These annotations can be removed again.
They simulate hand-written comments on paper documents. There are two
groups of annotations: simple annotations (lines, arrows, highlighting etc.) and
OLE annotations (documents or parts of documents which can be copied from
other applications via the clipboard).
See also: Notes.
Archive Cache Services
See: Cache Server
Archive ID
Unique name of the logical archive.
Archive mode
Specifies the different scenarios for the scan client (such as late archiving with
barcode, preindexing).
ArchiveLink
The interface between SAP system and the archive system.
Buffer
Also known as disk buffer. It is an area on hard disk where archived
documents are temporarily stored until they are written to the the final storage
media.
Burn buffer
A special burn buffer is required for ISO pools in addition to a disk buffer. The
burn buffer is required to physically write an ISO image. When the specified
amount of data has accumulated in the disk buffer, the data is prepared and
AR090701-ACN-EN-6
313
Glossary
transferred to the burn buffer in the special format of an ISO image. From the
burn buffer, the image is transferred to the storage medium in a single,
continuous, uninterruptible process referred to burning an ISO image. The
burn buffer is transparent for the administration.
Cache
Memory area which buffers frequently accessed documents.
The archive server stores frequently accessed documents in a hard disk volume
called the Document Service cache. The client stores frequently accessed
documents in the local cache on the hard disk of the client.
Cache Server
Separate machine, on which documents are stored temporarily. That way the
network traffic in WAN will be reduced. On a cache server Archive Cache
Services are running.
Device
Short term for storage device in the archive server environment. A device is a
physical unit that contains at least storage media, but can also contain additional
software and/or hardware to manage the storage media. Devices are:
Digital Signature
Digital signature means an electronic signature based upon cryptographic
methods of originator authentication, computed by using a set of rules and a set
of parameters such that the identity of the signer and the integrity of the data can
be verified. (21 CFR Part 11)
Disk buffer
See: Buffer
DocID
See: Document ID (DocID)
DocTools
Programs that perform single, discrete actions on the documents within a
Document Pipeline.
314
AR090701-ACN-EN-6
Glossary
Document ID (DocID)
Unique string assigned to each document with which the archive system can
identify it and trace its location.
Document Pipeline (DP)
Mechanism that controls the transfer of documents to the Document Service at a
high security level.
Document Pipeline Info
Graphical user interface for monitoring the Document Pipeline.
Document Service (DS)
The kernel of the archive system. It receives and processes documents to be
archived and provides them at the client's request and controls writing processes
to storage media.
It consists of a read component (RC) and a write component (WC) which archives
documents.
DP
See: Document Pipeline (DP)
DPDIR
The directory in which the documents are stored that are being currently
processed by a document pipeline.
DS
See: Document Service (DS)
Hard disk volume
Used as an archive medium, it supports incremental writing as well as deletion
of documents with a strictly limited lifetime, such as paperwork of applicants
not taken on by a company. Hard disk volumes must be created and assigned a
mount path on the operating system level before they can be referred to in the
Archive Administration.
Hot Standby
High-availability archive server setup, comprising two identical archive servers
tightly connected to each other and holding the same data. Whenever the first
server becomes out of order, the second one immediately takes over, thus
enabling (nearly) uninterrupted archive system operation.
ISO image
An ISO image is a container file containing documents and their file system
structure according to ISO 9660. It is written at once and fills one volume.
AR090701-ACN-EN-6
Administration Guide
315
Glossary
Job
A job is an administrative task that you schedule in the Archive Administration
to run automatically at regular intervals. It has a unique name and starts
command which executes along with any argument required by the command.
Known server
A known server is an archive server whose archives and disk buffers are known
to another archive server. Making servers known to each other provides access to
all documents archived in all known servers. Read-write access is provided to
other known servers. Read-only access is provided to replicate archives. When a
request is made to view a document that is archived on another server and the
server is known, the inquired archive server is capable of displaying the
requested document.
Log file
Files generated by the different components of Archive and Storage Services to
report on their operations providing diagnostic information.
Log level
Adjustable diagnostic level of detail on which the log files are generated.
Logical archive
Logical area on the archive server in which documents are stored. The archive
server may contain many logical archives. Each logical archive may be
configured to represent a different archiving strategy appropriate to the types of
documents archived exclusively there. An archive can consist of one or more
pools. Each pool is assigned its own exclusive set of volumes which make up the
actual storage capacity of that archive.
Media
Short term for long term storage media in the archive server environment. A
media is a physical object: optical storage media (CD, DVD, WORM, UDO), hard
disks and hard disk storage systems with or without WORM feature. Optical
storage media are single-sided or double-sided. Each side of an optical media
contains a volume.
Monitor Server (MONS)
Obtains status information about archives, pools, hard disk and database space
on the archive server. MONS is the configuration parameter name for the
Monitor Server.
Monitor Web Client
Web based administration tool for monitoring the state of the processes, storage
areas, Document Pipeline and database space of the archive server.
316
AR090701-ACN-EN-6
Glossary
MONS
See: Monitor Server (MONS)
Notes
The list of all notes (textual additions) assigned to a document. An individual
item of this list should be designated as note. A note is a text that is stored
together with the document. This text has the same function as a note clipped to
a paper document.
Open Text Monitor Web Client
See: Monitor Web Client
Pool
A pool is a logical unit, a set of volumes of the same type that are written in the
same way, using the same storage concept. Pools are assigned to logical archives.
RC
See: Read Component (RC)
Read Component (RC)
Part of the Document Service that provides documents by reading them from the
archive.
Remote Standby
Archive server setup scenario including two (ore more) associated archive
servers. Archived data is replicated periodically from one server to the other in
order to increase security against data loss. Moreover, network load due to
document display actions can be reduced since replicated data can be accessed
directly on the replication server.
Replication
Refers to the duplication of an archive or buffer resident on an original server on
a remote standby server. Replication is enabled when you add a known server to
the connected server and indicate that replication is to be allowed. That means,
the known server is permitted to pull data from the original server for the
purpose of replication.
Scan station
Workstation for high volume scanning on which the Enterprise Scan client is
installed and to which a scanner is connected. Incoming documents are scanned
here and then transferred to Archive and Storage Services.
AR090701-ACN-EN-6
Administration Guide
317
Glossary
Slot
In physical jukeboxes with optical media, a slot is a socket inside the jukebox
where the media are located. In virtual jukeboxes of storage systems, a slot is
virtually assigned to a volume.
Spawner
Service program which starts and terminates the processes of the archive system.
Storage Manager
Component that controls jukeboxes and manages storage subsystems.
Timestamp Server
A timestamp server signs documents by adding the time and signing the
cryptographic checksum of the document. To ensure evidence of documents, use
an external timestamp server like Timeproof or AuthentiDate. Open Text
Timestamp Server is a software that generates timestamps.
Timestamp Server Administration
Configuration tool for Open Text Timestamp Server.
Volume
WC
See: Write Component (WC)
Windows Viewer
Component for displaying, occasional scanning with Twain scanners and
archiving documents. The Windows Viewer can attach annotations and notes to
the documents.
318
AR090701-ACN-EN-6
Glossary
WORM
WORM means Write Once Read Multiple. An optical WORM disk has two
volumes. A WORM disk supports incremental writing. On storage systems, a
WORM flag is set to prevent changes in documents. UDO media are handled like
optical WORMs.
Write Component (WC)
Component of the Document Service carries out all possible modifications. It is
used to archive incoming documents (store them in the buffer), modify and
delete existing documents, set, modify, and delete attributes, and manage pools
and volumes.
Write job
Scheduled administrative task which regularly writes the documents stored in a
disk buffer to appropriate storage media.
AR090701-ACN-EN-6
Administration Guide
319
Index
A
Accounting 290
Administration
Archive and Storage Services 39
Archive Server 39
Administration Client 39
Alerts 270
ArchiSig
configuration 111
job 111
migrating document timestamps 112
renewing timestamps 112
ArchiSig timestamps 107
Archive
logical 31
Archive Access 68
Archive and Storage Services
connection to SAP 143
main components 26
starting (manually) 301
stopping (manually) 301
Archive and Storage Services components
log settings (except STORM) 310
processes 308
Archive Cache Server 173
configuring 179
Archive Cache Services 173
Configuring 179
main components 26
Archive database
MS SQL Server (Backup) 216
Oracle 216
Archive mode 149
adding and modifying 151
assigning to a 154
scan host assignment 154
scenarios 149
settings 152
AR090701-ACN-EN-6
Archive Server
connection to SAP 143
Archives
(See also Logical archives)
access restriction 68
configuration settings 70
retention settings 72
security 68
B
Backup
database 214
Backups 213
Cache Server 216
data on storage system 203
IXW volumes 209
MS SQL Server 216
optical media 206
Oracle 216
Storage Manager configuration 216
Blobs 70
Buffer 33
C
Cache
local 52
Cache Server 173
configuring 179
Caches 37
Certificate For Authentication 96
Certificates
importing certificate for authentication 96
importing certificate for Timestamp
Verification 110
key store, export and import 103
re-encrypt key store 102
verifying 103
Checking
finalization status 187
Checksums 106
Commands
spawncmd 307
321
Index
Components 29
Conditions in archive mode 153
Configuration
certificates 125
Configuring
Archive Cache Server 179
Archive Cache Services 179
caches 37
Connection to SAP 143
Container file storage 34
Content 29
Conventions
Conventions in this documentation 20
cscommand utility 217
D
Data compression 64
Database
backup 214
change password 215
Devices
attaching 58
detaching 58
storage 56
Disk buffer 33, 47
DocService
See Document Service
Document Pipeline Info 263
Document protection level 93
Document Service 281
Documents 29
encryption 101
DP error queues 283
DP Queues 283
DP space 280
DP Tools 283
DS DP Error Queues 282
DS DP Queues 282
DS DP Tools 282
DS pools 281
dsHashTree 112
dsReHashTree 113
dsReSign 112
E
Edit
policy 137
Edit Configuration 70
Email notification 270
322
Encryption 101
Enterprise scan
assigning archive mode 154
Error queues 283
Event Filters 265
Events 265
examples 268
Events and Notifications 265
Exporting
volumes 192
F
Fast migration 227
Feedback 19
Finalization
automatic 185
error 188
volume, manually 186
FS pool 36
creating 75
G
Groups 134
GS 36
H
HDSK pool 36
creating 74
I
Illustrations 15
Implicit user 139
import Certificate for Timestamp
Verification 110
Importing
damaged media 196
volumes 193
Installation directories 27
Intializing
automatic 61
manual 61
ISO media
backups 207
ISO pool 35
creating 75
ISO volumes
recovery 208
ixoscert.pem 100
AR090701-ACN-EN-6
Index
IXW pool 35
creating 75
IXW volume
restore 211
IXW volumes
backups 209
J
Job
typs 83
Job protocol 83
Jobs 37
checking 86
configuring 83
protocol 88
Jukeboxes
attaching 58
detaching 58
L
Local cache 52
Log files
location 309
STORM 312
Log levels
where and how 310
Log settings
Archive and Storage Services except
STORM 310
Logical archive 31
Logical archives 63
naming conventions 63
Lost&Found 196
M
Media
migration 227
Migration 227
fast 227
media 227
remote 227
Monitor Web Client 263, 275
add host 278
customizing 279
program window 276
refresh view 278
Starting 275
AR090701-ACN-EN-6
Monitoring
accounting 290
configuring notifications 265
Document Service 281
N
Name
STORM server 58, 221
Naming conventions 63
Notifications 265
configuring 269
event examples 268
event specification 265
events 265
types and settings 270
variables 272
O
Offline import 59
Open Text Administration 39
Open Text Online 19
Optical media
backups 206
removing from jukebox 206
Overview
Archive and Storage Services 26
Archive Cache Services 26
Timestamp Server 114
P
Password
database 215
Passwords 133
Lockout 134
Lost 133
Minimum length 133
Security 133
Settings 133
Unlock 134
Policies 135
Policy
checking 136
creating and modifying 137
overview 135
Pool 35
types 74
Pool types
HDSK 36
Administration Guide
323
Index
ISO 35
IXW 35
single file (FS) 36
single file (VI) 36
Problem analysis 309
Processes
important processes 308
start and stop 303
status 308
Protection levels 93
Protocol
Jobs 88
Purge Buffer job 33
putcert 99
Q
Queues
monitor display 283
R
recIO 103
Recover
IXW volume 211
Recovery 213
Cache Server 216
ISO volumes 208
Remote migration 227
Remote Standby Server 161
Restore
ISO volumes 208
IXW volume 211
Restoring
See Recovery
Retention 65
Retention settings 72
RSS
See Remote Standby Server
S
SAP as leading application
configuring connection 143
Scan
scenarios 149
Scan hosts
configuring 149
Scan station
archive mode 151
324
Scan stations
configuring 149
Scheduled
jobs 37
SecKeys 92
from other applications 98
from SAP 98
importing certificates 98
Security
analyzing settings 105
checksums 91, 106
encrypted document storage 91
encryption 101
importing certificate for authentication 96
importing certificate for Timestamp
Verification 110
key store encryption 102
overview 91
SecKeys 92
SecKeys/Signed URL 91, 92
SSL 91, 100
timestamps 91
Timestamps 107
verifying certificate 103
Set Encryption Certificates 102
Signature renewal
configuring 111
renewing hash tree 113
Single file (FS) 36
Single file (VI) 36
Single file storage 34
Single instance 65
spawncmd 307
Spawner
commands 307
SSL 100
Standard users 135
Start
utilities 222
Starting
Archive and Storage Services (UNIX) 302
Archive and Storage Services (Windows)
301
Statistics
Storage Manager 293
Status
finalization 187
Status checks
location 131
AR090701-ACN-EN-6
Index
status 127
Stopping
Archive and Storage Services (UNIX) 302
Archive and Storage Services (Windows)
301
Storage devices 56
Storage Manager
monitor display 280
Storage Manager configuration
backup 216
Storage media
checking 198
offline import 59
Storage scenarios 34
Storage system
dependency on pool type 35
Storage systems
backups 203
Storage type 34
STORM
log files 312
STORM server
name 58, 221
System key 101
T
Timestamp renewal 108
Timestamps 107
Troubleshooting
avoid problems 297
problem analysis 309
Typography 20
overview 221
Set Encryption Certificates 102
start 222
V
Variables
in notifications 272
VI pool 36
creating 75
Virus protection 92
vmclient 227
VolMig 227
Volume
finalization 185
Volumes
unavailable 62
W
Web Monitor
See Monitor Web Client
Workflow in archive mode 153
WORM
damaged 196
Write at once 35
Write files incrementally 35
Write job 33
Write through 36
U
Unavailable volumes 62
User
adding 138
new 138
User groups 134
add policy 139
add user 139
setting up 139
Users 135
setting up groups 139
standard 135
Utilities
import Certificate for Timestamp
Verification 110
importing Certificate for Authentication 96
AR090701-ACN-EN-6
Administration Guide
325