Configuration
7 minute read
Click the button in the title bar to open the configuration dialog for the Docusnap Server.
Server Start Settings
Select the startup type Manual or Automatic for the service in the Server Start Settings step.
In addition, you can turn on the debug mode for the Docusnap Server here.
By default the service runs under the system local account. To ensure the connection to the database, it is recommended to provide a SQL Server Authentication in the wizard step Server Database.
It is also possible to specify a user, who is used for the execution of the service.
In order to execute a correct inventory, the local security policies Replace a process level token and Log on as service must be set for the specified user, if a specified user is defined.
Check the checkbox Execute Inventory in Own Process to confirm that the security policy has been set.
If a user is entered, but the local security policy has not been set or the checkbox has not been checked, than several inventory processes might not be executed correctly.
Server Database
The Docusnap database is the key element for performing the jobs. It holds the jobs to be processed by the Docusnap Server.
Only one Docusnap server is defined for each database. If an active Docusnap server of another system is already registered in the database, the Docusnap server will not be started at the end of the wizard. In this case only the defined settings are saved.
By default, the timeout for database queries is 30 seconds. For large databases, however, it may happen that database queries take longer. To execute these queries nonetheless, the query timeout can be increased.
Server Mail Settings
Docusnap provides notifications for particular occasions, e.g. when a contract has expired. These notifications are sent out by e-mail.
In the SMTP Settings group, you can enter the SMTP server data and select additional options for authentication and SSL encryption. If the SMTP server requires authentication, the User and Password text fields will be enabled so that you can enter the required information.
If the Simple Authentication check box is activated, no separate domain information is used in the credentials. This setting is necessary for external email providers because the domain information is not required for user authentication with external providers. For specific Exchange configurations, domain information may also not be required. If checking the settings for Exchange fails, it may be that sending emails work by activating the Simple Authentication.
After you have entered a value in the SMTP Server or User field, click the Check Settings button to send an e-mail to a test recipient to verify the e-mail settings specified here. Only if this test was successful, the Next button will be enabled so that you can go to the next step.
If you do not want to use the e-mail settings, leave the corresponding text fields blank or disable this step by removing the checkmark from the Configure Email Settings checkbox.
Server API
Use Discovery Service and Docusnap Web
- Scheme: The authentication scheme only applies to the authentication using an web browser. If https (self-signed certificate) is selected, its own certificate will be created. If https (select from certificate store) is activated, a certificate that exists on the system can be selected using the Select Certificate button. For the secure connection with https, the Docusnap Server uses the cipher suite of the operating system on which the Docusnap Server is running. The certificate must contain both public and private keys.
- External Hostname (optional) and port: These are required for accessing the Docusnap Server API within the organization. The host name is used for connecting both to the Docusnap Discovery Services and to the Web Client.
- Proxy: Inventory of Azure requires an Internet connection. If the inventory is carried out with the Docusnap Server and a proxy server should be used, the desired settings can be entered via the Proxy button.
- Activate X-Frame Security Header: To optimize security, the HTTP security headers (HSTS, X-XSS-Protection, CSP, X-Content-Type-Options), except for X-Frames-Options, have been permanently enabled for Docusnap Server. The HTTP security header X-Frames-Options can be additionally enabled in the Docusnap server settings. With this option enabled, maps and reports are no longer displayed in Docusnap Web.
Authentication Scheme (only relevant if user management is enabled)
- Basic Authentication: With this method, you can to grant users outside your own domain access to Docusnap Web. In productive use, however, it is strongly recommended, to use HTTPS for the access to Docusnap Web to make sure that the password is encrypted before transmission.
- Integrated Windows Authentication: This method is recommended to grant users within your own domain access to Docusnap Web. ADS security groups and users as well as local users (not recommended) can be granted access directly in Docusnap. In contrast to the Basic Authentication method, Integrated Windows Authentication uses the ADS for user account management.
- Anonymous Authentication: If you select Anonymous Authentication, all other authentication methods are disabled automatically. There will be no permission checks, i.e. every user has unlimited access to Docusnap Web. Anonymous Authentication can only be used if user management is not active.
Docusnap User Permissions
Specifying a dedicated domain controller is useful when the domain controllers are spread across multiple sites. By specifying the local domain controller the response time to query the Active Directory can be reduced significantly.
Debugging Docusnap Web
In addition, the logging can be activated for Docusnap Web, which logs web requests. A path must be specified in which the logging file will be saved.
Server Settings
Use the Documentation Path field to specify the location where the documents (overviews and datasheets) will be stored by the Docusnap Server. Click the button to select the folder for storing the documents.
When creating the documentation, Docusnap uses the system account permissions for executing the service. For this reason, make sure that the system account has a write permission to the selected documentation path. Alternatively, you can specify a user or service account with sufficient permissions for the Docusnap Server Windows service.
The files and templates used by Docusnap may either be stored on the local hard disk, on a server or on another computer in the network. To obtain consistent results, the same team settings path is used for the Docusnap client and Docusnap Server. If the path is changed in the options dialog, it will be changed for the Docusnap Server and vice versa, when both are connected to the same database. If no path was selected for the Team Settings or if that path no longer exists, the path specified for the Local Settings will be used.
When creating the documentation, Docusnap relies on templates. During the configuration, Docusnap loads these templates into the local or team settings directory. If neither path is available at the time when the job is processed, Docusnap will use the templates from the program directory.
Click the Finish button to apply the settings and start the Docusnap Server.